node icon indicating copy to clipboard operation
node copied to clipboard

Published 20 hours ago verified publisher icon nodejs

[v18.x] deps: cherry-pick 27fa951 from V8 upstream

Open XadillaX opened this issue 1 year ago • 5 comments 

[parser] Fix eval tracking

Due to mismatch in strictness we otherwise invalidly mark scopes as
calling sloppy eval.

Bug: chromium:1394403
Change-Id: Iece45df87f171616a2917c2aba5540636880a7c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4066044
Reviewed-by: Igor Sheludko <[email protected]>
Commit-Queue: Toon Verwaest <[email protected]>
Cr-Commit-Position: refs/heads/main@{#84575}

Refs: https://chromium-review.googlesource.com/c/v8/v8/+/4066044

XadillaX avatar Dec 27 '22 04:12 XadillaX

Review requested:

  • [ ] @nodejs/v8-update

nodejs-github-bot avatar Dec 27 '22 04:12 nodejs-github-bot

Due to the V8 bug is not public (https://bugs.chromium.org/p/chromium/issues/detail?id=1394403), I think we should cherry-pick this PR to any influenced versions of Node.js, not only for v18.x.

XadillaX avatar Dec 27 '22 04:12 XadillaX

I don't think I'm spilling state secrets when I say it's the fix for CVE-2022-4262. That was a high prio bug for chromium but for us, not so much; different threat model.

bnoordhuis avatar Dec 27 '22 21:12 bnoordhuis

LGTM, but I propose an alternative, which contains the official V8 cherry-pick (https://github.com/v8/v8/commit/45e33e25713161cf67a6389880590848fdeed99f): https://github.com/nodejs/node/pull/45997

targos avatar Dec 28 '22 08:12 targos

Since https://github.com/nodejs/node/pull/45997 was landed in v18.x, should this be closed?

danielleadams avatar Dec 30 '22 19:12 danielleadams

I'll go ahead and close this one since the alternative from @targos have already landed.

ruyadorno avatar Aug 11 '23 21:08 ruyadorno