Bug 1288907 - Free dst after failed call to JS_NewUCString. r=bholley
authorNoitidart <noitidart@gmail.com>
Fri, 29 Jul 2016 05:53:00 -0400
changeset 347410 b2cb02275182fa7edb8afa479575ee25746336e1
parent 347409 4760f549a0209f827af565c9e1515e09552837fa
child 347411 d539c846b609c990aab2a9f489330b2da81df53a
push id6389
push userraliiev@mozilla.com
push dateMon, 19 Sep 2016 13:38:22 +0000
treeherdermozilla-beta@01d67bfe6c81 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1288907
milestone50.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1288907 - Free dst after failed call to JS_NewUCString. r=bholley
js/src/ctypes/CTypes.cpp
--- a/js/src/ctypes/CTypes.cpp
+++ b/js/src/ctypes/CTypes.cpp
@@ -7884,16 +7884,21 @@ ReadStringCommon(JSContext* cx, InflateU
     size_t length = strnlen(bytes, maxLength);
 
     // Determine the length.
     char16_t* dst = inflateUTF8(cx, JS::UTF8Chars(bytes, length), &length).get();
     if (!dst)
       return false;
 
     result = JS_NewUCString(cx, dst, length);
+    if (!result) {
+      js_free(dst);
+      return false;
+    }
+
     break;
   }
   case TYPE_int16_t:
   case TYPE_uint16_t:
   case TYPE_short:
   case TYPE_unsigned_short:
   case TYPE_char16_t: {
     char16_t* chars = static_cast<char16_t*>(data);