1246157 - [Static Analysis][Resource Leak] In functions ModuleObject::createNamespace and ModuleObject::create

Status: RESOLVED FIXED

(Core :: JavaScript Engine, defect)

Description

[Andi-Bogdan Postelnicu [:andi]]

The Static Analysis tool Coverity added that memory is leaked on variable bindings if bindings->init() fails. The behavior is identical in both function so i will stick only to createNamespace:
>>    IndirectBindingMap* bindings = zone->new_<IndirectBindingMap>(zone);
>>    if (!bindings || !bindings->init()) {
>>        ReportOutOfMemory(cx);
>>        return nullptr;
>>    }

bindings gets memory allocated by by path pod_malloc<uint8_t>()->maybe_pod_malloc<T>()->js_pod_malloc<T>()->js_malloc()->malloc()

If allocation is successful and bindings->init() fails, most likely due to oom when the table for the hash is created:

>>        table = createTable(*this, newCapacity);
>>        if (!table)
>>            return false; 

There will be a memory leak since since the memory previously allocated is not freed

Comment 1

[Andi-Bogdan Postelnicu [:andi]]

Attachment: avoid memory leak when bindings->init fails

Comment 2

[Jon Coppeard (:jonco)]

Comment on attachment 8716302 [details] [diff] [review]
avoid memory leak when bindings->init fails

Review of attachment 8716302 [details] [diff] [review]:
-----------------------------------------------------------------

This looks good, but for an even simpler change I think you can just add |js_delete(bindings);| to the existing if blocks, since deleting a null pointer does nothing.

Thanks for fixing this!

Comment 3

[Andi-Bogdan Postelnicu [:andi]]

Attachment: Bug 1246157.diff

Comment 4

[Pulsebot]

https://hg.mozilla.org/integration/mozilla-inbound/rev/5253aba43949

Comment 5

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/5253aba43949