[sandbox] Sandboxify JSExternalObject external pointer

Bug: v8:10391 Change-Id: I6075a8fe3c201f9221149e0c54edf4fb191088da Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3757342 Commit-Queue: Samuel Groß <saelo@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#81924}
2022-07-25 12:17:00 +02:00 · 2022-07-25 12:17:00 +02:00 · efac35f3b8
commit efac35f3b8
parent 588fa294ef
1 changed files with 1 additions and 1 deletions
--- a/include/v8-internal.h
+++ b/include/v8-internal.h
@ -374,7 +374,7 @@ constexpr uint64_t kAllExternalPointerTypeTags[] = {
  V(kNativeContextMicrotaskQueueTag,      unsandboxed, TAG(11)) \
  V(kEmbedderDataSlotPayloadTag,          unsandboxed, TAG(12)) \
  V(kCodeEntryPointTag,                   unsandboxed, TAG(13)) \
-  V(kExternalObjectValueTag,              unsandboxed, TAG(14)) \
+  V(kExternalObjectValueTag,                sandboxed, TAG(14)) \
  V(kCallHandlerInfoCallbackTag,          unsandboxed, TAG(15)) \
  V(kCallHandlerInfoJsCallbackTag,        unsandboxed, TAG(16)) \
  V(kAccessorInfoGetterTag,               unsandboxed, TAG(17)) \