Delete conversion from Objective-C block to folly::Function

Summary: Objective-C blocks are stack allocated, and unless there is a proper assignment it isn't retained and the memory is freed. Because folly::Function used to move, it would hold a reference, but after switch to a constructor by-value, it no longer does this and we see a use-after-free.

Reviewed By: yfeldblum, ericniebler

Differential Revision: D5888606

fbshipit-source-id: fe4cabb2f2ae289cce0e7429e0af3935ba314720

diff --git a/folly/Function.h b/folly/Function.h
index 55d7024ccae0cc26026e3b66c867c9487971c7f4..a73a8b7a4484203bf4927634b3d01edc9427ddb6 100644 (file)
--- a/folly/Function.h
+++ b/folly/Function.h
@@ -491,6 +491,12 @@ class Function final : private detail::function::FunctionTraits<FunctionType> {
   // not copyable
   Function(const Function&) = delete;
 
+#if __OBJC__
+  // Delete conversion from Objective-C blocks
+  template <class ReturnType, class... Args>
+  Function(ReturnType (^)(Args...)) = delete;
+#endif
+
   /**
    * Move constructor
    */
@@ -570,6 +576,12 @@ class Function final : private detail::function::FunctionTraits<FunctionType> {
 
   Function& operator=(const Function&) = delete;
 
+#if __OBJC__
+  // Delete conversion from Objective-C blocks
+  template <class ReturnType, class... Args>
+  Function& operator=(ReturnType (^)(Args...)) = delete;
+#endif
+
   /**
    * Move assignment operator
    *