diff options
| -rw-r--r-- | chrome/app/DEPS | 1 | ||||
| -rw-r--r-- | chrome/app/chrome_dll_main.cc | 7 | ||||
| -rw-r--r-- | skia/corecg/SkMemory_stdlib.cpp | 12 | ||||
| -rw-r--r-- | skia/include/corecg/SkTypes.h | 5 |
4 files changed, 25 insertions, 0 deletions
diff --git a/chrome/app/DEPS b/chrome/app/DEPS index 8f26006..4b3b7c1 100644 --- a/chrome/app/DEPS +++ b/chrome/app/DEPS @@ -4,5 +4,6 @@ include_rules = [ "+chrome/installer", "+chrome/personalization", "+sandbox", + "+skia/include/corecg", "+tools/memory_watcher", ] diff --git a/chrome/app/chrome_dll_main.cc b/chrome/app/chrome_dll_main.cc index e77eddd..481f334 100644 --- a/chrome/app/chrome_dll_main.cc +++ b/chrome/app/chrome_dll_main.cc @@ -60,6 +60,7 @@ #if defined(OS_MACOSX) #include "third_party/WebKit/WebKit/mac/WebCoreSupport/WebSystemInterface.h" #endif +#include "skia/include/corecg/SkTypes.h" extern int BrowserMain(const MainFunctionParams&); extern int RendererMain(const MainFunctionParams&); @@ -110,6 +111,12 @@ void PureCall() { } void OnNoMemory() { + // Skia indicates that it can safely handle some NULL allocs by clearing + // this flag. In this case, we'll ignore the new_handler and won't crash. + if (!sk_malloc_will_throw()) { + return; + } + // Kill the process. This is important for security, since WebKit doesn't // NULL-check many memory allocations. If a malloc fails, returns NULL, and // the buffer is then used, it provides a handy mapping of memory starting at diff --git a/skia/corecg/SkMemory_stdlib.cpp b/skia/corecg/SkMemory_stdlib.cpp index befcda6..81c7ba3 100644 --- a/skia/corecg/SkMemory_stdlib.cpp +++ b/skia/corecg/SkMemory_stdlib.cpp @@ -25,6 +25,8 @@ // #define SK_CHECK_TAGS // enable to double-check debugging link list #endif +static bool g_sk_malloc_will_throw = true; + #ifdef SK_TAG_BLOCKS #include "SkThread.h" @@ -257,7 +259,13 @@ void* sk_malloc_flags(size_t size, unsigned flags) size += sizeof(SkBlockHeader); #endif + if (!(flags & SK_MALLOC_THROW)) { + g_sk_malloc_will_throw = false; + } void* p = malloc(size); + if (!(flags & SK_MALLOC_THROW)) { + g_sk_malloc_will_throw = true; + } if (p == NULL) { if (flags & SK_MALLOC_THROW) @@ -278,3 +286,7 @@ void* sk_malloc_flags(size_t size, unsigned flags) return p; } +bool sk_malloc_will_throw() +{ + return g_sk_malloc_will_throw; +} diff --git a/skia/include/corecg/SkTypes.h b/skia/include/corecg/SkTypes.h index 0554c73..ed2cca8 100644 --- a/skia/include/corecg/SkTypes.h +++ b/skia/include/corecg/SkTypes.h @@ -65,6 +65,11 @@ extern void* sk_realloc_throw(void* buffer, size_t size); */ extern void sk_free(void*); +/** Returns whether sk_malloc() will currently throw. Only false during + a call to sk_malloc_flags() with SK_MALLOC_THROW not set. This is + useful to mallocs that would otherwise abort on NULL themselves. + false indicates that skia will safely handle NULL checking. **/ +extern bool sk_malloc_will_throw(); /////////////////////////////////////////////////////////////////////// #define SK_INIT_TO_AVOID_WARNING = 0 |