From cd96f0aba8fcec2be2274ff56af767c1f16e7f50 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Wed, 10 Apr 2013 15:25:40 +0200
Subject: src: don't SetInternalField() in ObjectWrap dtor

Call SetPointerInInternalField(0, NULL) rather than
SetInternalField(0, Undefined()).

Fixes the following spurious NULL pointer dereference in debug builds:

  #0  0x03ad2821 in v8::internal::FixedArrayBase::length ()
  #1  0x03ad1dfc in v8::internal::FixedArray::get ()
  #2  0x03ae05dd in v8::internal::Context::global_object ()
  #3  0x03b6b87d in v8::internal::Context::builtins ()
  #4  0x03ae1871 in v8::internal::Isolate::js_builtins_object ()
  #5  0x03ab4fab in v8::CallV8HeapFunction ()
  #6  0x03ab4d4a in v8::Value::Equals ()
  #7  0x03b4f38b in CheckEqualsHelper ()
  #8  0x03ac0f4b in v8::Object::SetInternalField ()
  #9  0x06a99ddd in node::ObjectWrap::~ObjectWrap ()
  #10 0x06a8b051 in node::Buffer::~Buffer ()
  #11 0x06a8afbb in node::Buffer::~Buffer ()
  #12 0x06a8af5e in node::Buffer::~Buffer ()
  #13 0x06a9e569 in node::ObjectWrap::WeakCallback ()
---
 src/node_object_wrap.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/node_object_wrap.h')

diff --git a/src/node_object_wrap.h b/src/node_object_wrap.h
index c7fa3eb9ba..43d311e433 100644
--- a/src/node_object_wrap.h
+++ b/src/node_object_wrap.h
@@ -48,7 +48,7 @@ class NODE_EXTERN ObjectWrap {
     if (!handle_.IsEmpty()) {
       assert(handle_.IsNearDeath());
       handle_.ClearWeak();
-      handle_->SetInternalField(0, v8::Undefined());
+      handle_->SetPointerInInternalField(0, 0);
       handle_.Dispose();
       handle_.Clear();
     }
-- 
cgit v1.2.3