Reorganize sandbox operator new, add a comment.

Now that NT_PAGE is gone, rewrite the function to be single-return and add
a comment pointing out that what the function is doing is incomplete.

No intended behavior change, should fix 2 clang warnings of the form
..\..\sandbox\win\src\sandbox_nt_util.cc(560,3) :  warning(clang): 'operator new' should not return a null pointer unless it is declared 'throw()' or 'noexcept' [-Wnew-returns-null]
  return NULL;
  ^
BUG=82385
R=rvargas@chromium.org

Review URL: https://codereview.chromium.org/556293002

Cr-Commit-Position: refs/heads/master@{#294246}

1 files changed, 14 insertions, 8 deletions

diff --git a/sandbox/win/src/sandbox_nt_util.cc b/sandbox/win/src/sandbox_nt_util.cc
index ed1d908..28ddd47 100644
--- a/sandbox/win/src/sandbox_nt_util.cc
+++ b/sandbox/win/src/sandbox_nt_util.cc
@@ -547,17 +547,23 @@ void* operator new(size_t size, sandbox::AllocationType type,
                    void* near_to) {
   using namespace sandbox;
 
+  void* result = NULL;
   if (NT_ALLOC == type) {
-    if (!InitHeap())
-      return NULL;
-
-    // Use default flags for the allocation.
-    return g_nt.RtlAllocateHeap(sandbox::g_heap, 0, size);
+    if (InitHeap()) {
+      // Use default flags for the allocation.
+      result = g_nt.RtlAllocateHeap(sandbox::g_heap, 0, size);
+    }
   } else if (NT_PAGE == type) {
-    return AllocateNearTo(near_to, size);
+    result = AllocateNearTo(near_to, size);
+  } else {
+    NOTREACHED_NT();
   }
-  NOTREACHED_NT();
-  return NULL;
+
+  // TODO: Returning NULL from operator new has undefined behavior, but
+  // the Allocate() functions called above can return NULL. Consider checking
+  // for NULL here and crashing or throwing.
+
+  return result;
 }
 
 void operator delete(void* memory, sandbox::AllocationType type) {