Reorganize sandbox operator new, add a comment.

sandbox/win/src/sandbox_nt_util.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/win/src/sandbox_nt_util.h"
 
 #include "base/win/pe_image.h"
 #include "sandbox/win/src/sandbox_factory.h"
 #include "sandbox/win/src/target_services.h"
 
@@ skipping 529 matching lines @@
 
   return true;
 }
 
 }  // namespace sandbox
 
 void* operator new(size_t size, sandbox::AllocationType type,
                    void* near_to) {
   using namespace sandbox;
 
+  void* result = NULL;
   if (NT_ALLOC == type) {
-    if (!InitHeap())
-      return NULL;
+    if (InitHeap()) {
+      // Use default flags for the allocation.
+      result = g_nt.RtlAllocateHeap(sandbox::g_heap, 0, size);
+    }
+  } else if (NT_PAGE == type) {
+    result = AllocateNearTo(near_to, size);
+  } else {
+    NOTREACHED_NT();
+  }
 
-    // Use default flags for the allocation.
-    return g_nt.RtlAllocateHeap(sandbox::g_heap, 0, size);
-  } else if (NT_PAGE == type) {
-    return AllocateNearTo(near_to, size);
-  }
-  NOTREACHED_NT();
-  return NULL;
+  // TODO: Returning NULL from operator new has undefined behavior, but
+  // the Allocate() functions called above can return NULL. Consider checking
+  // for NULL here and crashing or throwing.
+
+  return result;
 }
 
 void operator delete(void* memory, sandbox::AllocationType type) {
   using namespace sandbox;
 
   if (NT_ALLOC == type) {
     // Use default flags.
     VERIFY(g_nt.RtlFreeHeap(sandbox::g_heap, 0, memory));
   } else if (NT_PAGE == type) {
     void* base = memory;
@@ skipping 17 matching lines @@
   UNREFERENCED_PARAMETER(type);
   return buffer;
 }
 
 void __cdecl operator delete(void* memory, void* buffer,
                              sandbox::AllocationType type) {
   UNREFERENCED_PARAMETER(memory);
   UNREFERENCED_PARAMETER(buffer);
   UNREFERENCED_PARAMETER(type);
 }