From 75548be5e04bbd0937f3ba909e117c0a7accccb3 Mon Sep 17 00:00:00 2001
From: Hannes Verschore <hv1989@gmail.com>
Date: Thu, 17 Sep 2015 09:21:42 +0200
Subject: [PATCH] Bug 1204725 - IonMonkey: Check result when copying frame iter
 data, r=nbp

---
 js/src/vm/Stack.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/js/src/vm/Stack.cpp b/js/src/vm/Stack.cpp
index 09b6532621db..57efd8f4487e 100644
--- a/js/src/vm/Stack.cpp
+++ b/js/src/vm/Stack.cpp
@@ -752,6 +752,9 @@ FrameIter::Data*
 FrameIter::copyData() const
 {
     Data* data = data_.cx_->new_<Data>(data_);
+    if (!data)
+        return nullptr;
+
     MOZ_ASSERT(data_.state_ != ASMJS);
     if (data && data_.jitFrames_.isIonScripted())
         data->ionInlineFrameNo_ = ionInlineFrames_.frameNo();