https://codereview.chromium.org/924453002/diff/60001/src/zone.cc
File src/zone.cc (right):
https://codereview.chromium.org/924453002/diff/60001/src/zone.cc#newcode108
src/zone.cc:108: if (limit_ < position_ + size_with_redzone) {
This is not just a cosmetic change! The addition can overflow
(crbug.com/606115), the old code used subtraction intentionally!
https://codereview.chromium.org/924453002/
--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
