Bug 1288907 - Free dst after failed call to JS_NewUCString. r=bholley
authorNoitidart <noitidart@gmail.com>
Fri, 29 Jul 2016 05:53:00 -0400
changeset 307341 b2cb02275182fa7edb8afa479575ee25746336e1
parent 307340 4760f549a0209f827af565c9e1515e09552837fa
child 307342 d539c846b609c990aab2a9f489330b2da81df53a
push id80084
push userryanvm@gmail.com
push dateFri, 29 Jul 2016 23:55:21 +0000
treeherdermozilla-inbound@b2cb02275182 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1288907
milestone50.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1288907 - Free dst after failed call to JS_NewUCString. r=bholley
js/src/ctypes/CTypes.cpp
--- a/js/src/ctypes/CTypes.cpp
+++ b/js/src/ctypes/CTypes.cpp
@@ -7884,16 +7884,21 @@ ReadStringCommon(JSContext* cx, InflateU
     size_t length = strnlen(bytes, maxLength);
 
     // Determine the length.
     char16_t* dst = inflateUTF8(cx, JS::UTF8Chars(bytes, length), &length).get();
     if (!dst)
       return false;
 
     result = JS_NewUCString(cx, dst, length);
+    if (!result) {
+      js_free(dst);
+      return false;
+    }
+
     break;
   }
   case TYPE_int16_t:
   case TYPE_uint16_t:
   case TYPE_short:
   case TYPE_unsigned_short:
   case TYPE_char16_t: {
     char16_t* chars = static_cast<char16_t*>(data);