Bug 156444 (CVE-2016-4624) - Allocation sinking SSA Defs are allowed to have replacements
Summary: Allocation sinking SSA Defs are allowed to have replacements
Status: RESOLVED FIXED
Alias: CVE-2016-4624
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Local Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Saam Barati
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-04-09 13:48 PDT by Saam Barati
Modified: 2016-07-19 17:27 PDT (History)
11 users (show)

See Also:


Attachments
patch (3.45 KB, patch)
2016-04-09 14:02 PDT, Saam Barati
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Saam Barati 2016-04-09 13:48:51 PDT
...
Comment 1 Saam Barati 2016-04-09 14:02:52 PDT
Created attachment 276095 [details]
patch
Comment 2 Filip Pizlo 2016-04-09 16:07:15 PDT
R=me. 

For some reason it's not letting me set the R+ flag
Comment 3 Saam Barati 2016-04-09 17:26:59 PDT
Thanks for the review.

landed in:
http://trac.webkit.org/changeset/199277