smalloc: prevent double free on dispose()

dispose() free's the memory when executed and sets the external array data to NULL and length to zero. To prevent the same memory from being free'd twice when the object is garbage collected we first check if the object's external array data length == 0. Since alloc() passes NULL to SetIndexedPropertiesToExternalArrayData() if length == 0 there's no opportunity for memory leak.
nodejs · May 23, 2014 · 6810132 · 6810132
1 parent 32b4563
commit 6810132
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/smalloc.cc b/src/smalloc.cc
@@ -157,8 +157,9 @@ Free::Free(char* data) : data_(data) {
 void Free::WeakCallback(Isolate* isolate,
                         Local<Object> object,
                         CallbackInfo<Free>* info) {
-  free(data_);
   size_t length = object->GetIndexedPropertiesExternalArrayDataLength();
+  if (length > 0)
+    free(data_);
   enum ExternalArrayType array_type =
       object->GetIndexedPropertiesExternalArrayDataType();
   size_t array_size = ExternalArraySize(array_type);