Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Backport] CVE-2021-21224: Type Confusion in V8
Cherry-pick of patch originally reviewed on https://chromium-review.googlesource.com/c/v8/v8/+/2838235: M86-LTS: [compiler] Fix bug in RepresentationChanger::GetWord32RepresentationFor We have to respect the TypeCheckKind. (cherry picked from commit fd29e246f65a7cee130e72cd10f618f3b82af232) No-Try: true No-Presubmit: true No-Tree-Checks: true Bug: chromium:1195777 Change-Id: If1eed719fef79b7c61d99c29ba869ddd7985c413 Commit-Queue: Georg Neis <[email protected]> Reviewed-by: Nico Hartmann <[email protected]> Cr-Original-Commit-Position: refs/heads/master@{#73909} Owners-Override: Achuith Bhandarkar <[email protected]> Reviewed-by: Artem Sumaneev <[email protected]> Commit-Queue: Achuith Bhandarkar <[email protected]> Cr-Commit-Position: refs/branch-heads/8.6@{#79} Cr-Branched-From: a64aed2333abf49e494d2a5ce24bbd14fff19f60-refs/heads/8.6.395@{#1} Cr-Branched-From: a626bc036236c9bf92ac7b87dc40c9e538b087e3-refs/heads/master@{#69472} Reviewed-by: Allan Sandfeld Jensen <[email protected]>
- Loading branch information
