review.tizen.org Git - platform/upstream/nodejs.git/commit

author	mstarzinger@chromium.org <mstarzinger@chromium.org>
	Mon, 15 Jul 2013 11:41:41 +0000 (11:41 +0000)
committer	Ben Noordhuis <info@bnoordhuis.nl>
	Mon, 5 Aug 2013 16:17:24 +0000 (18:17 +0200)
commit	6b92a7132141909eef8ebbf5283627e8e5a26786
tree	a2f1df41b2419f0a2587b2cb59ad608007b2697d	tree \| snapshot
parent	231092d236de590a7448ed4257e121f308875326	commit \| diff

v8: back-port fix for CVE-2013-2882

Quoting the CVE:

    Google V8, as used in Google Chrome before 28.0.1500.95, allows
    remote attackers to cause a denial of service or possibly have
    unspecified other impact via vectors that leverage "type confusion."

Likely has zero impact on node.js because it only runs local, trusted
code but let's apply it anyway.

This is a back-port of upstream commit r15665. Original commit log:

    Use internal array as API function cache.

    R=yangguo@chromium.org
    BUG=chromium:260106
    TEST=cctest/test-api/Regress260106

    Review URL: https://codereview.chromium.org/19159003

Fixes #5973.

deps/v8/src/apinatives.js		diff \| blob \| history
deps/v8/test/cctest/test-api.cc		diff \| blob \| history