diff options
| author | Magnus Hallqvist <magnus.hallqvist@sonyericsson.com> | 2012-01-17 09:58:24 +0100 |
|---|---|---|
| committer | Kenneth Andersson <kenneth.andersson@sonymobile.com> | 2012-09-05 09:34:59 +0200 |
| commit | a7f1721675b8b6e0389732f1e25788012f7c20b7 (patch) | |
| tree | bdb2eef591889d3387014a656b346a188486eb86 | |
| parent | f4aee7bd601621d648044a0f918247fd81b6190a (diff) | |
| download | external_chromium-a7f1721675b8b6e0389732f1e25788012f7c20b7.zip external_chromium-a7f1721675b8b6e0389732f1e25788012f7c20b7.tar.gz external_chromium-a7f1721675b8b6e0389732f1e25788012f7c20b7.tar.bz2 | |
Null pointer check missing in chromium
When clearing a struct a null pointer check is missing in one
location in chromium.
The null check is present in another similar use cases.
When the backend cache is reset a member of the struct data_
is set to zero before data_ itself is set to null. If the
backend cache previously has been reset data_ will already
be null and the member cannot be accessed
(or uses undefined memory). The added null check will prevent
the clearing of the member variable when data_ is already null.
Change-Id: I475fea7436c871c2e82b841a93874e13a05161f4
| -rw-r--r-- | net/disk_cache/backend_impl.cc | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/net/disk_cache/backend_impl.cc b/net/disk_cache/backend_impl.cc index 117f20b..81c44d5 100644 --- a/net/disk_cache/backend_impl.cc +++ b/net/disk_cache/backend_impl.cc @@ -1484,7 +1484,13 @@ void BackendImpl::PrepareForRestart() { new_eviction_ = false; disabled_ = true; - data_->header.crash = 0; +#ifdef ANDROID + if (data_) { +#endif + data_->header.crash = 0; +#ifdef ANDROID + } +#endif index_ = NULL; data_ = NULL; block_files_.CloseFiles(); |