Sandbox: Verify that members of TargetProcess are valid before freeing them.

SpawnCleanup may trigger the destruction of a partially created TargetProcess.

BUG=139898
TEST=none
Review URL: https://chromiumcodereview.appspot.com/10831133

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149763 0039d316-1c4b-4281-b951-d872f2087c98

sandbox/win/src/target_process.cc

@@ -106,17 +106,20 @@ TargetProcess::~TargetProcess() {
   // it. http://b/893891
   // For now, this wait is there only to do a best effort to prevent some leaks
   // from showing up in purify.
+  if (sandbox_process_info_.IsValid()) {
     ::WaitForSingleObject(sandbox_process_info_.process_handle(), 50);
     if (!::GetExitCodeProcess(sandbox_process_info_.process_handle(),
                               &exit_code) || (STILL_ACTIVE == exit_code)) {
       // It is an error to destroy this object while the target process is still
       // alive because we need to destroy the IPC subsystem and cannot risk to
       // have an IPC reach us after this point.
+      if (shared_section_.IsValid())
         shared_section_.Take();
       SharedMemIPCServer* server = ipc_server_.release();
       sandbox_process_info_.TakeProcessHandle();
       return;
     }
+  }
 
   // ipc_server_ references our process handle, so make sure the former is shut
   // down before the latter is closed (by ScopedProcessInformation).