Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
deps: backport 3a9bfec from v8 upstream
Some of the logic from `zone.cc` is found in `zone-inl.h` in this release stream. Original commit message: Fix overflow issue in Zone::New When requesting a large allocation near the end of the address space, the computation could overflow and erroneously *not* grow the Zone as required. BUG=chromium:606115 LOG=y Review-Url: https://codereview.chromium.org/1930873002 Cr-Commit-Position: refs/heads/master@{#35903} PR-URL: nodejs-private/node-private#43 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Rod Vagg <rod@vagg.org>
- Loading branch information
fcb9145
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@spotrh I understand you maintain a branch of V8 3.14? You probably want to pick up this fix for CVE-2016-1669. 5a60e0d might be nice to have too but is not critical.
cc @jeroenooms
fcb9145
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! I'll add both fixes.
fcb9145
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you, both patches are also backported to v8-314: https://github.com/v8-314/v8/