DescriptionWebkit bug https://bugs.webkit.org/show_bug.cgi?id=141878 is that
throwing a frozen object unfreezes it in a way that creates an
opportunity for a capability leak. This CL adds a repair to make us safe from this bug on Safari.
Note: The first snapshot does none of this, but just merges the
outstanding changes from https://codereview.appspot.com/202030043/ and
https://codereview.appspot.com/202040043/ . The actual content of this
CL will be the differential from those.
Patch Set 1 #Patch Set 2 : Repair Safari Throw-Thaw Vulnerability #Patch Set 3 : Repair Safari Throw-Thaw Vulnerability #
Total comments: 10
Patch Set 4 : Repair Safari Throw-Thaw Vulnerability #Patch Set 5 : Repair Safari Throw-Thaw Vulnerability #
MessagesTotal messages: 14
|