mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 764165 - Poison freed IonCode buffers. r=dvander
This commit is contained in:
parent
23314d5daa
commit
4fa2da6b26
@ -343,6 +343,12 @@ void
|
||||
IonCode::finalize(FreeOp *fop)
|
||||
{
|
||||
JS_ASSERT(!fop->onBackgroundThread());
|
||||
|
||||
// Buffer can be freed at any time hereafter. Catch use-after-free bugs.
|
||||
JS_POISON(code_, JS_FREE_PATTERN, bufferSize_);
|
||||
|
||||
// Code buffers are stored inside JSC pools.
|
||||
// Pools are refcounted. Releasing the pool may free it.
|
||||
if (pool_)
|
||||
pool_->release();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user