commit | e3b988edf9cdfb318ba7aa1d8e3c0ddea53892de | [log] [tgz] |
---|---|---|
author | Bryan Ferris <bferris@google.com> | Tue Mar 05 18:06:51 2019 -0800 |
committer | android-build-team Robot <android-build-team-robot@google.com> | Wed Mar 13 18:01:18 2019 +0000 |
tree | 9765621ed4a6a37cc22eb92aeff1c7f2e15c8c8e | |
parent | 8279c47df01ac6dc28d67c411dfa36c61a068c62 [diff] |
Fix Integer Overflow in libpac From the upstream patch (https://chromium.googlesource.com/v8/v8.git/+/7b27040e66c8a83006aebc90fe97d21bb42156a7%5E%21/#F0): """ Harden JSFunction::CalculateInstanceSizeHelper(...) """ Bug: 117556220 Test: /data/local/nativetest/proxy_resolver_v8_unittest/proxy_resolver_v8_unittest Test: gts-tradefed run gts --test \ com.google.android.gts.devicepolicy.DeviceOwnerTest#testProxyPacProxyTest \ --module GtsGmscoreHostTestCases Test: PoC from bug report Merged-In: I2e02d994f107e64e4f465b4d8a02d4159a95240e Change-Id: I72321236f4d4cf8da993addc3ef7a1dc018c434b (cherry picked from commit cc15c8f69c835e5c1fcfd4992cb21adbda41bd03)
V8 is Google's open source JavaScript engine.
V8 implements ECMAScript as specified in ECMA-262.
V8 is written in C++ and is used in Google Chrome, the open source browser from Google.
V8 can run standalone, or can be embedded into any C++ application.
V8 Project page: https://github.com/v8/v8/wiki
Checkout depot tools, and run
fetch v8
This will checkout V8 into the directory v8
and fetch all of its dependencies. To stay up to date, run
git pull origin gclient sync
For fetching all branches, add the following into your remote configuration in .git/config
:
fetch = +refs/branch-heads/*:refs/remotes/branch-heads/* fetch = +refs/tags/*:refs/tags/*
Please follow the instructions mentioned on the V8 wiki.