Bug 1263292 - Handle calling realloc(0) (r=jld)
authorBill McCloskey <billm@mozilla.com>
Wed, 13 Apr 2016 18:43:36 -0700
changeset 331194 d1c487cc4ef287f33f6e92779dcf8c2247197226
parent 331193 526423ac534375444a91f738338dea94d5793003
child 331195 4f1cef92aec487f83ee1abbb119c6fac950aa989
push id6048
push userkmoir@mozilla.com
push dateMon, 06 Jun 2016 19:02:08 +0000
treeherdermozilla-beta@46d72a56c57d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjld
bugs1263292
milestone48.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1263292 - Handle calling realloc(0) (r=jld)
ipc/chromium/src/base/buffer.cc
--- a/ipc/chromium/src/base/buffer.cc
+++ b/ipc/chromium/src/base/buffer.cc
@@ -46,17 +46,17 @@ Buffer::clear()
   mSize = 0;
   mReserved = 0;
 }
 
 void
 Buffer::try_realloc(size_t newlength)
 {
   char* buffer = (char*)realloc(mBuffer, newlength);
-  if (buffer) {
+  if (buffer || !newlength) {
     mBuffer = buffer;
     mReserved = newlength;
     return;
   }
 
   // If we're growing the buffer, crash. If we're shrinking, then we continue to
   // use the old (larger) buffer.
   MOZ_RELEASE_ASSERT(newlength <= mReserved);
@@ -102,16 +102,18 @@ Buffer::reserve(size_t size)
   if (mReserved < size) {
     try_realloc(size);
   }
 }
 
 char*
 Buffer::trade_bytes(size_t count)
 {
+  MOZ_RELEASE_ASSERT(count);
+
   char* result = mBuffer;
   mSize = mReserved = mSize - count;
   mBuffer = mReserved ? (char*)malloc(mReserved) : nullptr;
   MOZ_RELEASE_ASSERT(!mReserved || mBuffer);
   if (mSize) {
     memcpy(mBuffer, result + count, mSize);
   }