-
Peter Marshall authored
The callsite in ConstructByArrayBuffer could have a length that is above Smi range if the buffer had such a length. Check this before calling. Add a test too. BUG=v8:5977, chromium:698201 Change-Id: Ic22046a31607f1f85642c8caf7f5ed064edb3110 Reviewed-on: https://chromium-review.googlesource.com/449813 Commit-Queue: Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43589}
5f79c923
