summaryrefslogtreecommitdiff
path: root/deps/v8/test
Commit message (Collapse)AuthorAgeFilesLines
* v8: backport fix for CVE-2013-{6639|6640}jkummerow@chromium.org2013-12-142-0/+98
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Quoting CVE-2013-6639: The DehoistArrayIndex function in hydrogen-dehoist.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. Quoting CVE-2013-6640: The DehoistArrayIndex function in hydrogen-dehoist.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index. Like 6b92a7, this is unlikely to affect node.js because it only runs local, trusted code. However, if there exists some module somewhere that populates an array index with remotely provided data this could very well be used to crash a remote server running node. Defense in depth and all. This is a backport of upstream commit r17801. Original commit log: Limit size of dehoistable array indices LOG=Y BUG=chromium:319835,chromium:319860 R=dslomov@chromium.org Review URL: https://codereview.chromium.org/74113002
* v8: unbreak `make native` buildBen Noordhuis2013-11-091-11/+0
| | | | | | | | | | | | The security fix from commit 6b92a713 also back-ported the test case. Said test case relies on API that is only available in newer versions of V8 and, as a result, broke the `make native` and `make <arch.mode>` builds. This commit reverts that part of the back-port. Fixes the following build error: ../test/cctest/test-api.cc: In function ‘void TestRegress260106()’: ../test/cctest/test-api.cc:17712:34: error: ‘class v8::Context’ has no member named ‘GetIsolate’
* v8: back-port fix for CVE-2013-2882mstarzinger@chromium.org2013-08-051-0/+11
| | | | | | | | | | | | | | | | | | | | | | | Quoting the CVE: Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Likely has zero impact on node.js because it only runs local, trusted code but let's apply it anyway. This is a back-port of upstream commit r15665. Original commit log: Use internal array as API function cache. R=yangguo@chromium.org BUG=chromium:260106 TEST=cctest/test-api/Regress260106 Review URL: https://codereview.chromium.org/19159003 Fixes #5973.
* v8: add setVariableValue debugger commandBen Noordhuis2013-06-171-0/+276
| | | | | | | | | | Issue 2399 part 1: In debugger allow modifying local variable values Issue 2399 part 2: In debugger allow modifying local variable values Review URL: https://codereview.chromium.org/11415042 Review URL: https://codereview.chromium.org/11412310 This is a back-port of upstream svn commits r13122 and r13202.
* V8: Upgrade to 3.14.5.8isaacs2013-03-068-8/+269
|
* deps: downgrade v8 to 3.14.5Ben Noordhuis2013-02-2593-5708/+404
| | | | | V8 3.15 and newer have stability and performance issues. Roll back to a known-good version.
* V8: Upgrade to 3.15.11.15isaacs2013-02-084-0/+279
|
* V8: Upgrade to 3.15.11.10isaacs2013-01-241-0/+50
|
* deps: update v8 to 3.15.11.7Fedor Indutny2013-01-121-0/+33
|
* v8: update to 3.15.11.5Fedor Indutny2013-01-042-0/+69
|
* deps: update v8 to 3.15.11Fedor Indutny2013-01-01169-15242/+19096
|
* build: make python executable configurableBen Noordhuis2012-11-201-1/+1
| | | | | | Upstreamed in https://codereview.chromium.org/11418101/ Fixes #4287.
* V8: Upgrade to 3.13.7.4isaacs2012-10-235-2/+167
|
* V8: Upgrade to 3.13.7.1isaacs2012-09-21120-636/+6074
|
* v8: fix semaphore on MacOSFedor Indutny2012-09-061-0/+70
| | | | Landed upstream: https://chromiumcodereview.appspot.com/10867009/
* v8: upgrade to 3.11.10.22Bert Belder2012-09-063-16/+320
|
* v8: upgrade to v3.11.10.19Bert Belder2012-08-211-0/+36
|
* V8: Upgrade to 3.11.10.17isaacs2012-07-242-0/+95
|
* v8: upgrade to 3.11.10.15isaacs2012-07-171-0/+43
|
* v8: Upgrade to 3.11.10.14isaacs2012-07-072-1/+41
|
* v8: upgrade to version 3.11.10.12Bert Belder2012-06-261-0/+63
|
* v8: upgrade to v3.11.10.10Bert Belder2012-06-213-0/+110
|
* Revert part of 11727 as it sometimes tanked V8 benchmark (raytrace) ↵erik.corry@gmail.com2012-06-192-8/+5
| | | | | | performance for reasons that are not obvious. Now we make objects into fast-case objects when they are made prototypes for other objects, but we do not mark objects that are already fast case with a bit that helps keep them in fast case. Review URL: https://chromiumcodereview.appspot.com/10556004 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@11831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
* Fix assertion for map code cache of shared maps.mstarzinger@chromium.org2012-06-151-0/+69
| | | | | | | | | R=danno@chromium.org TEST=mjsunit/compare-known-objects-slow Review URL: https://chromiumcodereview.appspot.com/10548046 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@11815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
* Fix performance regression caused by r11202.mstarzinger@chromium.org2012-06-141-0/+39
| | | | | | | | | | R=erik.corry@gmail.com BUG=v8:2156,v8:2034 TEST=mjsunit/regress/regress-2156,mjsunit/regress/regress-2034 Review URL: https://chromiumcodereview.appspot.com/10539131 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@11800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
* v8: upgrade to v3.11.10Bert Belder2012-06-14109-753/+15146
|
* Roll V8 back to 3.9.24.31isaacs2012-06-0960-12741/+428
|
* Roll V8 back to 3.10.8.13isaacs2012-06-0737-943/+181
|
* Upgrade v8 to 3.11.7isaacs2012-06-0127-130/+676
|
* Upgrade V8 to 3.11.1isaacs2012-05-1676-475/+13664
|
* Merge remote-tracking branch 'ry/v0.6' into v0.6-mergeisaacs2012-05-041-0/+30
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: ChangeLog Makefile deps/npm/AUTHORS deps/npm/html/api/bin.html deps/npm/html/api/bugs.html deps/npm/html/api/commands.html deps/npm/html/api/config.html deps/npm/html/api/deprecate.html deps/npm/html/api/docs.html deps/npm/html/api/edit.html deps/npm/html/api/explore.html deps/npm/html/api/help-search.html deps/npm/html/api/init.html deps/npm/html/api/install.html deps/npm/html/api/link.html deps/npm/html/api/load.html deps/npm/html/api/ls.html deps/npm/html/api/npm.html deps/npm/html/api/outdated.html deps/npm/html/api/owner.html deps/npm/html/api/pack.html deps/npm/html/api/prefix.html deps/npm/html/api/prune.html deps/npm/html/api/publish.html deps/npm/html/api/rebuild.html deps/npm/html/api/restart.html deps/npm/html/api/root.html deps/npm/html/api/run-script.html deps/npm/html/api/search.html deps/npm/html/api/shrinkwrap.html deps/npm/html/api/start.html deps/npm/html/api/stop.html deps/npm/html/api/submodule.html deps/npm/html/api/tag.html deps/npm/html/api/test.html deps/npm/html/api/uninstall.html deps/npm/html/api/unpublish.html deps/npm/html/api/update.html deps/npm/html/api/version.html deps/npm/html/api/view.html deps/npm/html/api/whoami.html deps/npm/html/doc/README.html deps/npm/html/doc/adduser.html deps/npm/html/doc/bin.html deps/npm/html/doc/bugs.html deps/npm/html/doc/build.html deps/npm/html/doc/bundle.html deps/npm/html/doc/cache.html deps/npm/html/doc/changelog.html deps/npm/html/doc/coding-style.html deps/npm/html/doc/completion.html deps/npm/html/doc/config.html deps/npm/html/doc/deprecate.html deps/npm/html/doc/developers.html deps/npm/html/doc/disputes.html deps/npm/html/doc/docs.html deps/npm/html/doc/edit.html deps/npm/html/doc/explore.html deps/npm/html/doc/faq.html deps/npm/html/doc/folders.html deps/npm/html/doc/help-search.html deps/npm/html/doc/help.html deps/npm/html/doc/index.html deps/npm/html/doc/init.html deps/npm/html/doc/install.html deps/npm/html/doc/json.html deps/npm/html/doc/link.html deps/npm/html/doc/list.html deps/npm/html/doc/npm.html deps/npm/html/doc/outdated.html deps/npm/html/doc/owner.html deps/npm/html/doc/pack.html deps/npm/html/doc/prefix.html deps/npm/html/doc/prune.html deps/npm/html/doc/publish.html deps/npm/html/doc/rebuild.html deps/npm/html/doc/registry.html deps/npm/html/doc/removing-npm.html deps/npm/html/doc/restart.html deps/npm/html/doc/root.html deps/npm/html/doc/run-script.html deps/npm/html/doc/scripts.html deps/npm/html/doc/search.html deps/npm/html/doc/semver.html deps/npm/html/doc/shrinkwrap.html deps/npm/html/doc/star.html deps/npm/html/doc/start.html deps/npm/html/doc/stop.html deps/npm/html/doc/submodule.html deps/npm/html/doc/tag.html deps/npm/html/doc/test.html deps/npm/html/doc/uninstall.html deps/npm/html/doc/unpublish.html deps/npm/html/doc/update.html deps/npm/html/doc/version.html deps/npm/html/doc/view.html deps/npm/html/doc/whoami.html deps/npm/man/man1/npm.1 deps/npm/man/man3/npm.3 deps/npm/package.json doc/api/url.markdown lib/http.js src/node_version.h test/simple/test-fs-sync-fd-leak.js
| * Fix bug in x64 RegExp detecting start of string.lrn@chromium.org2012-04-161-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | Also add missing MIPS case in regexp tracer. Fixes issues v8:1748 and v8:1746 BUG=v8:1748, v8:1746 TEST=mjsunit/regress/regress-1748.js Review URL: http://codereview.chromium.org/8116001 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@9504 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
| * Upgrade V8 to 3.6.6.25Bert Belder2012-04-161-0/+30
| |
| * Upgrade V8 to 3.6.6.19isaacs2012-01-192-3/+56
| |
| * Land number collision fix for v8 3.6 by Erik CorryFedor Indutny2012-01-171-0/+88
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - If V8 snapshots are enabled then the hash is only randomized at build time. --- backport @10366, @10367 and @10402 to 3.6 Add seed to hash of numeric keyed properties. Minor cleanups of numeric seeded hashing patch. Split NumberDictionary into a randomly seeded and an unseeded version. We don't want to randomize the stub cache. Review URL: http://codereview.chromium.org/9190001/
| * Land hash collision fix for V8 3.6 by Erik Corry.Bert Belder2012-01-064-9/+186
| | | | | | | | | | | | | | | | | | | | | | | | - If V8 snapshots are enabled then the hash is only randomized at build time. - Breaks MIPS --- Backport hash collision workaround to 3.6. This is made up of 9956, 10351, 10338 and 10330. This change bakes the string hash key into the snapshot, so it is determined at build time for shapshot configs. Review URL: http://codereview.chromium.org/9124004
| * Upgrade V8 to 3.6.6.14Ryan Dahl2011-12-143-0/+264
| |
* | Upgrade V8 to 3.9.24.9isaacs2012-04-181-0/+37
| |
* | Upgrade V8 to 3.9.24.6isaacs2012-03-2824-114/+1346
| |
* | Upgrade v8 to 3.9.17isaacs2012-03-1233-93/+1802
| |
* | Upgrade v8 to 3.9.11isaacs2012-02-2713-55/+5122
| |
* | Update v8 to 3.9.9isaacs2012-02-2731-304/+1272
| |
* | Upgrade V8 to 3.9.5isaacs2012-02-1314-48/+755
| |
* | Upgrade V8 to 3.9.2isaacs2012-02-0612-36/+354
| |
* | Update v8 to 3.8.9isaacs2012-01-3110-239/+399
| |
* | Upgrade V8 to 3.8.8isaacs2012-01-236-12/+261
| |
* | Upgrade V8 to 3.8.6Ryan Dahl2012-01-1620-100/+566
| |
* | Upgrade V8 to 3.8.5Ryan Dahl2012-01-064-10/+143
| |
* | Upgrade V8 to 3.8.4Ryan Dahl2012-01-033-1/+74
| |
* | Upgrade V8 to 3.8.3Ryan Dahl2011-12-282-1/+135
| |
View Lorry Controller Status