Search
j0ke.net Open Build Service
>
Projects
>
home:jg
:
http-testing
>
v8
> v8-3.14.5.10-CVE-2013-2882.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File v8-3.14.5.10-CVE-2013-2882.patch of Package v8
From 18e43f925d5d502b7531f40e4a1becba56089303 Mon Sep 17 00:00:00 2001 From: "mstarzinger@chromium.org" <mstarzinger@chromium.org> Date: Mon, 15 Jul 2013 11:41:41 +0000 Subject: [PATCH] Use internal array as API function cache. R=yangguo@chromium.org BUG=chromium:260106 TEST=cctest/test-api/Regress260106 Review URL: https://codereview.chromium.org/19159003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@15665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- src/apinatives.js | 2 +- test/cctest/test-api.cc | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/apinatives.js b/src/apinatives.js index 79b41dd..adefab6 100644 --- a/src/apinatives.js +++ b/src/apinatives.js @@ -37,7 +37,7 @@ function CreateDate(time) { } -var kApiFunctionCache = {}; +var kApiFunctionCache = new InternalArray(); var functionCache = kApiFunctionCache; diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc index 728a8f7..bcd28bd 100644 --- a/test/cctest/test-api.cc +++ b/test/cctest/test-api.cc @@ -17707,6 +17707,17 @@ THREADED_TEST(Regress157124) { } +THREADED_TEST(Regress260106) { + LocalContext context; + v8::HandleScope scope(context->GetIsolate()); + Local<FunctionTemplate> templ = FunctionTemplate::New(DummyCallHandler); + CompileRun("for (var i = 0; i < 128; i++) Object.prototype[i] = 0;"); + Local<Function> function = templ->GetFunction(); + CHECK(!function.IsEmpty()); + CHECK(function->IsFunction()); +} + + #ifndef WIN32 class ThreadInterruptTest { public: -- 1.8.3.1