diff options
| author | Brendon Tiszka <btiszka@gmail.com> | 2022-03-18 01:32:54 -0400 |
|---|---|---|
| committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2022-05-03 20:16:10 +0000 |
| commit | bb229ddaea7a6a42ea7136fe436fb1946be5e875 (patch) | |
| tree | fc5789b353eaca86cf4d53621bc7666fc05e99f8 /chromium/ppapi/cpp/resource.cc | |
| parent | e4f633c8c12d445316417b6b8e378d4eee9b7dd6 (diff) | |
| download | qtwebengine-chromium-bb229ddaea7a6a42ea7136fe436fb1946be5e875.tar.gz | |
[Backport] CVE-2022-1310: Use after free in regular expressions
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/3548819:
Update write barrier when storing HeapNumber to last index.
(cherry picked from commit bdc4f54a50293507d9ef51573bab537883560cc8)
Bug: chromium:1307610
No-Try: true
No-Presubmit: true
No-Tree-Checks: true
Change-Id: I60aaa0e58e13b705b5eff4b57411a0ad4a2e9b3f
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#79538}
Reviewed-by: Artem Sumaneev <asumaneev@google.com>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Roger Felipe Zanoni da Silva <rzanoni@google.com>
Cr-Commit-Position: refs/branch-heads/9.6@{#64}
Cr-Branched-From: 0b7bda016178bf438f09b3c93da572ae3663a1f7-refs/heads/9.6.180@{#1}
Cr-Branched-From: 41a5a247d9430b953e38631e88d17790306f7a4c-refs/heads/main@{#77244}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Diffstat (limited to 'chromium/ppapi/cpp/resource.cc')
0 files changed, 0 insertions, 0 deletions