• jbroman's avatar
    ValueDeserializer: Only allow valid keys when deserializing object properties. · 8990399d
    jbroman authored
    The serializer won't ever write a more complex object. Not validating this
    allows other things to be used as keys, and converted to string when the
    property set actually occurs. It turns out this gives an opportunity to trigger
    OOM by giving an object a key which is a very large sparse array (whose string
    representation is very large).
    
    This case is now rejected by the deserializer.
    
    BUG=chromium:686511
    
    Review-Url: https://codereview.chromium.org/2697023002
    Cr-Commit-Position: refs/heads/master@{#43249}
    8990399d
Name
Last commit
Last update
benchmarks Loading commit data...
build_overrides Loading commit data...
docs Loading commit data...
gni Loading commit data...
gypfiles Loading commit data...
include Loading commit data...
infra Loading commit data...
samples Loading commit data...
src Loading commit data...
test Loading commit data...
testing Loading commit data...
third_party Loading commit data...
tools Loading commit data...
.clang-format Loading commit data...
.gitignore Loading commit data...
.gn Loading commit data...
.ycm_extra_conf.py Loading commit data...
AUTHORS Loading commit data...
BUILD.gn Loading commit data...
CODE_OF_CONDUCT.md Loading commit data...
ChangeLog Loading commit data...
DEPS Loading commit data...
LICENSE Loading commit data...
LICENSE.fdlibm Loading commit data...
LICENSE.strongtalk Loading commit data...
LICENSE.v8 Loading commit data...
LICENSE.valgrind Loading commit data...
Makefile Loading commit data...
Makefile.android Loading commit data...
OWNERS Loading commit data...
PRESUBMIT.py Loading commit data...
README.md Loading commit data...
WATCHLISTS Loading commit data...
codereview.settings Loading commit data...
snapshot_toolchain.gni Loading commit data...