deps: V8: cherry-pick 501482cbc704 (!38121) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/cjihrig/cp into master Apr 07, 2021

Original commit message:

Fix ValueDeserializer::ReadDouble() bounds check

If end_ is smaller than sizeof(double), the result would wrap
around, and lead to an invalid memory access.

Refs: https://github.com/nodejs/node/issues/37978
Change-Id: Ibc8ddcb0c090358789a6a02f550538f91d431c1d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2801353
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73800}

Refs: https://github.com/v8/v8/commit/501482cbc704 Fixes: https://github.com/nodejs/node/issues/37978

Admin message

Admin message

deps: V8: cherry-pick 501482cbc704

Merge request reports