projects / platform / upstream / v8.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a5f910e) | patch
MIPS: Fixed crashes exposed though fuzzing.
authorplind44@gmail.com <plind44@gmail.com@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Tue, 19 Nov 2013 22:23:41 +0000 (22:23 +0000)
committerplind44@gmail.com <plind44@gmail.com@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Tue, 19 Nov 2013 22:23:41 +0000 (22:23 +0000)
commit79de22a56a9572b519a5aefbc8039949b3f48546
tree587d6439fb90646326fbe7d8fde1ad59f103d541tree | snapshot
parenta5f910eb2ba8877f8bbfdba57a4d3f8012ef8736commit | diff
MIPS: Fixed crashes exposed though fuzzing.

Port r17886 (e2fb3ed)

Original commit message:
The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set.

R=plind44@gmail.com, yangguo@chromium.org
TEST=test/mjsunit/regress/regress-320948.js
BUG=chromium:320948
LOG=Y

Review URL: https://codereview.chromium.org/68793008

Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
src/mips/full-codegen-mips.cc diff | blob | history
src/mips/lithium-codegen-mips.cc diff | blob | history
src/mips/lithium-mips.cc diff | blob | history
src/mips/lithium-mips.h diff | blob | history
src/mips/macro-assembler-mips.cc diff | blob | history
src/mips/macro-assembler-mips.h diff | blob | history
Domain: Web Framework / Web Engine;