Bug 128437

Summary: [ASan] Use new/delete in PODFreeListArena
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: Tools / TestsAssignee: David Kilzer (:ddkilzer) <ddkilzer>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, ayao, commit-queue, dfarler, ggaren, jeffrey+webkit, kling, oliver, sam
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch v1 none

David Kilzer (:ddkilzer)
Reported 2014-02-07 20:26:19 PST
The PODFreeListArena class doesn't actually deallocate objects when they're freed, so address sanitizer builds of WebKit won't catch use-after-free issues with objects that use it.
Attachments
Patch v1 (1.92 KB, patch)
2014-02-07 20:45 PST, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2014-02-07 20:45:48 PST
Created attachment 223542 [details] Patch v1
WebKit Commit Bot
Comment 2 2014-02-07 21:28:10 PST
Comment on attachment 223542 [details] Patch v1 Clearing flags on attachment: 223542 Committed r163693: <http://trac.webkit.org/changeset/163693>
WebKit Commit Bot
Comment 3 2014-02-07 21:28:12 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.