rpms / v8314-v8

Clone
Source Code
GIT

Blame SOURCES/v8-3.14.5.10-CVE-2013-2882.patch

c7
  1.   c7
  2.   SOURCES
  3.   v8-3.14.5.10-CVE-2013-2882.patch
Blob History Raw
f7210c 
From 18e43f925d5d502b7531f40e4a1becba56089303 Mon Sep 17 00:00:00 2001
f7210c 
From: "mstarzinger@chromium.org" <mstarzinger@chromium.org>
f7210c 
Date: Mon, 15 Jul 2013 11:41:41 +0000
f7210c 
Subject: [PATCH] Use internal array as API function cache.
f7210c
f7210c 
R=yangguo@chromium.org
f7210c 
BUG=chromium:260106
f7210c 
TEST=cctest/test-api/Regress260106
f7210c
f7210c 
Review URL: https://codereview.chromium.org/19159003
f7210c
f7210c 
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@15665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
f7210c 
---
f7210c 
 src/apinatives.js       |  2 +-
f7210c 
 test/cctest/test-api.cc | 11 +++++++++++
f7210c 
 2 files changed, 12 insertions(+), 1 deletion(-)
f7210c
f7210c 
diff --git a/src/apinatives.js b/src/apinatives.js
f7210c 
index 79b41dd..adefab6 100644
f7210c 
--- a/src/apinatives.js
f7210c 
+++ b/src/apinatives.js
f7210c 
@@ -37,7 +37,7 @@ function CreateDate(time) {
f7210c 
 }
f7210c
f7210c
f7210c 
-var kApiFunctionCache = {};
f7210c 
+var kApiFunctionCache = new InternalArray();
f7210c 
 var functionCache = kApiFunctionCache;
f7210c
f7210c
f7210c 
diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
f7210c 
index 728a8f7..bcd28bd 100644
f7210c 
--- a/test/cctest/test-api.cc
f7210c 
+++ b/test/cctest/test-api.cc
f7210c 
@@ -17707,6 +17707,17 @@ THREADED_TEST(Regress157124) {
f7210c 
 }
f7210c
f7210c
f7210c 
+THREADED_TEST(Regress260106) {
f7210c 
+  LocalContext context;
f7210c 
+  v8::HandleScope scope;
f7210c 
+  Local<FunctionTemplate> templ = FunctionTemplate::New(DummyCallHandler);
f7210c 
+  CompileRun("for (var i = 0; i < 128; i++) Object.prototype[i] = 0;");
f7210c 
+  Local<Function> function = templ->GetFunction();
f7210c 
+  CHECK(!function.IsEmpty());
f7210c 
+  CHECK(function->IsFunction());
f7210c 
+}
f7210c 
+
f7210c 
+
f7210c 
 #ifndef WIN32
f7210c 
 class ThreadInterruptTest {
f7210c 
  public:
f7210c 
--
f7210c 
1.8.3.1
f7210c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation