From 481047c074eb0edf7956d27ce53f6400818e42c0 Mon Sep 17 00:00:00 2001
From: "brettw@chromium.org"
 <brettw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 23 Apr 2009 16:50:10 +0000
Subject: Add a warning about why we kill the process when it's out of memory.
 Review URL: http://codereview.chromium.org/95002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@14318 0039d316-1c4b-4281-b951-d872f2087c98
---
 chrome/app/chrome_dll_main.cc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/chrome/app/chrome_dll_main.cc b/chrome/app/chrome_dll_main.cc
index ba078ab..4868034 100644
--- a/chrome/app/chrome_dll_main.cc
+++ b/chrome/app/chrome_dll_main.cc
@@ -110,7 +110,12 @@ void PureCall() {
 }
 
 int OnNoMemory(size_t memory_size) {
+  // Kill the process. This is important for security, since WebKit doesn't
+  // NULL-check many memory allocations. If a malloc fails, returns NULL, and
+  // the buffer is then used, it provides a handy mapping of memory starting at
+  // address 0 for an attacker to utilize.
   __debugbreak();
+
   // Return memory_size so it is not optimized out. Make sure the return value
   // is at least 1 so malloc/new is retried, especially useful when under a
   // debugger.
-- 
cgit v1.1