dc3eb44971
The V8InspectorSessionImpl constructor accepts a state, as either text or CBOR encoded, and generally ignores all invalid inputs, except for the case where it's a valid value, but not a dictionary value, in which case it'll leak the value and crash upon casting to a `DictionaryValue`. This is purely an issue with the test driver, so no security impact on Chromium in the wild. Fixed: chromium:1281031 Change-Id: I7b4d0aea83370499b1274d3fa214a14dc098d2f2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3361838 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/main@{#78490}
10 lines
437 B
JavaScript
10 lines
437 B
JavaScript
// Copyright 2021 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
const contextGroupId = utils.createContextGroup();
|
|
const sessionId = utils.connectSession(contextGroupId, '0', () => {});
|
|
utils.disconnectSession(sessionId);
|
|
utils.print('Did not crash upon invalid non-dictionary state passed to utils.connectSession()');
|
|
utils.quit();
|