File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -1872,6 +1872,12 @@ ThreadContext::PushEntryExitRecord(Js::ScriptEntryExitRecord * record)
18721872 Assert (lastRecord->leaveForHost || lastRecord->leaveForAsyncHostOperation );
18731873 lastRecord->hasReentered = true ;
18741874 record->next = lastRecord;
1875+
1876+ // these are on stack, which grows down. if this condition doesn't hold, then the list somehow got messed up
1877+ if ((uintptr_t )record > (uintptr_t )lastRecord)
1878+ {
1879+ RaiseFailFastException (nullptr , nullptr , 0 );
1880+ }
18751881 }
18761882
18771883 this ->entryExitRecord = record;
@@ -1881,6 +1887,12 @@ void ThreadContext::PopEntryExitRecord(Js::ScriptEntryExitRecord * record)
18811887{
18821888 AssertMsg (record && record == this ->entryExitRecord , " Mismatch script entry/exit"
18831889
1890+ // these are on stack, which grows down. if this condition doesn't hold, then the list somehow got messed up
1891+ if (this ->entryExitRecord ->next && (uintptr_t )this ->entryExitRecord > (uintptr_t )this ->entryExitRecord ->next )
1892+ {
1893+ RaiseFailFastException (nullptr , nullptr , 0 );
1894+ }
1895+
18841896 this ->entryExitRecord = this ->entryExitRecord ->next ;
18851897}
18861898
Original file line number Diff line number Diff line change @@ -645,7 +645,7 @@ namespace Js
645645 exceptionInfo;
646646
647647 // ensure that hosts are not doing SEH across Chakra frames, as that can lead to bad state (e.g. destructors not being called)
648- RaiseFailFastException (NULL , NULL , NULL );
648+ RaiseFailFastException (nullptr , nullptr , 0 );
649649 }
650650 }
651651 // ret should never be null here
You can’t perform that action at this time.
0 commit comments