From 681013223f926378b3e18d43cc7f60b8ab3187b2 Mon Sep 17 00:00:00 2001 From: Trevor Norris Date: Fri, 23 May 2014 03:42:46 -0700 Subject: [PATCH] smalloc: prevent double free on dispose() dispose() free's the memory when executed and sets the external array data to NULL and length to zero. To prevent the same memory from being free'd twice when the object is garbage collected we first check if the object's external array data length == 0. Since alloc() passes NULL to SetIndexedPropertiesToExternalArrayData() if length == 0 there's no opportunity for memory leak. --- src/smalloc.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/smalloc.cc b/src/smalloc.cc index 7b8b3e4473..918e897813 100644 --- a/src/smalloc.cc +++ b/src/smalloc.cc @@ -157,8 +157,9 @@ Free::Free(char* data) : data_(data) { void Free::WeakCallback(Isolate* isolate, Local object, CallbackInfo* info) { - free(data_); size_t length = object->GetIndexedPropertiesExternalArrayDataLength(); + if (length > 0) + free(data_); enum ExternalArrayType array_type = object->GetIndexedPropertiesExternalArrayDataType(); size_t array_size = ExternalArraySize(array_type);