Comment # 39 on bug 75279 from 
(In reply to comment #38)
> I wasn't clear enough in comment 34, let me explain better :-)
> 
> The Mozilla change that exposed this,
> https://bugzilla.mozilla.org/show_bug.cgi?id=860254, is exactly about having
> memory overwritten immediately on free(). So this is _exactly_ what is
> happening here :-)

Ah, I missed that little bit, sorry! You're almost certainly right then.

You are receiving this mail because: