components/metrics/leak_detector/call_stack_manager.cc - Issue 1471623003: components/metrics: Fix use-after-free in CallStackManager

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/metrics/leak_detector/call_stack_manager.cc

Issue 1471623003: components/metrics: Fix use-after-free in CallStackManager (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Remove call stacks from container one at a time and free them after Created 5 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/metrics/leak_detector/call_stack_manager.cc

diff --git a/components/metrics/leak_detector/call_stack_manager.cc b/components/metrics/leak_detector/call_stack_manager.cc

index de9fcd825aca246b786c5ee7bef9902c1c9ef105..dfebd3c7251dc19da6271f570ee28cb963a0e271 100644

--- a/components/metrics/leak_detector/call_stack_manager.cc

+++ b/components/metrics/leak_detector/call_stack_manager.cc

@@ -16,7 +16,13 @@ namespace leak_detector {

CallStackManager::CallStackManager() {}

CallStackManager::~CallStackManager() {

- for (CallStack* call_stack : call_stacks_) {

+ // Free all call stack objects and clear |call_stacks_|. Make sure to save the

+ // CallStack object pointer and remove it from the container before freeing

+ // the CallStack memory.

+ while (!call_stacks_.empty()) {

+ CallStack* call_stack = *call_stacks_.begin();

+ call_stacks_.erase(call_stacks_.begin());

CustomAllocator::Free(call_stack->stack,

call_stack->depth * sizeof(*call_stack->stack));

call_stack->stack = nullptr;

@@ -24,7 +30,6 @@ CallStackManager::~CallStackManager() {

CustomAllocator::Free(call_stack, sizeof(CallStack));

}

- call_stacks_.clear();

}

const CallStack* CallStackManager::GetCallStack(size_t depth,

« no previous file with comments | « no previous file | no next file » | no next file with comments »