Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent undefined behavior when some Node Buffer objects are destroyed #7452

Merged
merged 1 commit into from Oct 3, 2016

Conversation

Projects
None yet
2 participants
@enlight
Copy link
Contributor

enlight commented Oct 2, 2016

If node::Buffer::New() is used to wrap an existing chunk of memory without providing a custom callback to release that memory then Node will just use free(). In a couple of places Node buffer objects were constructed from chunks of memory that were allocated with new[], but a custom callback to release that memory was omitted, this resulted in undefined behavior when those buffers were destroyed because free() was used to release memory allocated with new[].

To avoid undefined behavior the aforementioned buffer objects are now constructed with a custom callback that safely releases the underlying chunk of memory.

@enlight

This comment has been minimized.

Copy link
Contributor Author

enlight commented Oct 2, 2016

Oops, maybe using malloc isn't such a great idea since it means you have to check if it returned nullptr. Will revise this in the morning.

Prevent undefined behavior when some Node Buffer objects are destroyed
If node::Buffer::New() is used to wrap an existing chunk of memory
without providing a custom callback to release that memory then Node
will just use `free()`. In a couple of places Node buffer objects were
constructed from chunks of memory that were allocated with `new[]`, but
a custom callback to release that memory was omitted, this resulted in
undefined behavior when those buffers were destroyed because `free()`
was used to release memory allocated with `new[]`.

To avoid undefined behavior the aforementioned buffer objects are now
constructed with a custom callback that safely releases the underlying
chunk of memory.

@enlight enlight force-pushed the enlight:node-buffer-safe-free branch from 4332b61 to 7c5d329 Oct 3, 2016

@enlight

This comment has been minimized.

Copy link
Contributor Author

enlight commented Oct 3, 2016

OK back to using new[], which means Electron will just crash if there isn't sufficient memory to allocate any of the buffers.

@zcbenz

This comment has been minimized.

Copy link
Member

zcbenz commented Oct 3, 2016

👍

@zcbenz zcbenz merged commit 9833304 into electron:master Oct 3, 2016

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.