daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,687 Commits
52 Branches
862 Tags
1.9 GiB
Commit Graph

1134 Commits (b922b5e90d2c14dd332b95827c2533e083df7e55)

Author SHA1 Message Date
isaacs 7f82faee30 npm: Upgrade to v1.3.22 2013-12-25 19:15:23 -08:00
Timothy J Fontaine 9371be0aa1 uv: Upgrade to v0.10.21 2013-12-18 15:42:46 -08:00
Ben Noordhuis 2eaef9f6da cluster, v8: fix --logfile=%p.log 
The %p is replaced with the current PID.  This used to work in node.js
v0.9.7 but it seems to have been lost somewhere along the way.

This commit makes the fix from 6b713b52 ("cluster: make --prof work for
workers") work again.  Without it, all log data ends up in a single
file and is unusable because the addresses are all wrong.
 2013-12-18 15:36:12 -08:00
isaacs 2a741f2d12 npm: upgrade to 1.3.21 2013-12-17 14:33:52 -08:00
isaacs e10c223eb6 npm: upgrade to 1.3.20 
The 1.3.19 release had a critical bug: any packages published with it
could not be installed, because the shasum would be incorrect.

Thankfully, 1.3.19 was published using 1.3.19, so could not be installed
by any users!  However, if it goes out as part of a Node.js release,
then obviously that would be a problem.
 2013-12-17 09:04:30 -08:00
isaacs 97738994e0 npm: Upgrade to 1.3.19 2013-12-16 23:09:16 -08:00
jkummerow@chromium.org 39e2426b20 v8: backport fix for CVE-2013-{6639|6640} 
Quoting CVE-2013-6639:

    The DehoistArrayIndex function in hydrogen-dehoist.cc in Google V8
    before 3.22.24.7, as used in Google Chrome before 31.0.1650.63,
    allows remote attackers to cause a denial of service (out-of-bounds
    write) or possibly have unspecified other impact via JavaScript code
    that sets the value of an array element with a crafted index.

Quoting CVE-2013-6640:

    The DehoistArrayIndex function in hydrogen-dehoist.cc in Google V8
    before 3.22.24.7, as used in Google Chrome before 31.0.1650.63,
    allows remote attackers to cause a denial of service (out-of-bounds
    read) via JavaScript code that sets a variable to the value of an
    array element with a crafted index.

Like 6b92a7, this is unlikely to affect node.js because it only runs
local, trusted code.  However, if there exists some module somewhere
that populates an array index with remotely provided data this could
very well be used to crash a remote server running node.  Defense in
depth and all.

This is a backport of upstream commit r17801. Original commit log:

    Limit size of dehoistable array indices

    LOG=Y
    BUG=chromium:319835,chromium:319860
    R=dslomov@chromium.org

    Review URL: https://codereview.chromium.org/74113002
 2013-12-14 02:55:29 +04:00
Timothy J Fontaine 910bc3c02d uv: Upgrade v0.10.20 2013-12-11 20:24:36 -08:00
isaacs a22de4f7ee npm: Upgrade to 1.3.17 2013-12-11 10:20:26 -08:00
isaacs c1452f4c6f npm: Upgrade to v1.3.15 2013-11-20 11:08:52 -08:00
Timothy J Fontaine ac799ba0af uv: Upgrade to v0.10.19 2013-11-12 10:57:57 -08:00
yangguo@chromium.org 007393a09d v8: use correct timezone information on Solaris 
`timezone` variable contains the difference, in seconds, between UTC and
local standard time (see `man 3 localtime` on Solaris).

Call to `tzset` is required to apply contents of `TZ` variable to
`timezone` variable.

BUG=v8:2064

Review URL: https://chromiumcodereview.appspot.com/10967066
Patch from Maciej Małecki <me@mmalecki.com>.

This is a back-port of upstream commit r12802 and a forward port of
commit 9fa953d from the v0.8 branch.  V8 3.22 in the master branch
contains the patch so no further forward-porting is necessary.
 2013-11-12 15:15:32 +01:00
Ben Noordhuis 3dcc9b93e1 v8: unbreak `make native` build 
The security fix from commit 6b92a713 also back-ported the test case.
Said test case relies on API that is only available in newer versions
of V8 and, as a result, broke the `make native` and `make <arch.mode>`
builds.  This commit reverts that part of the back-port.  Fixes the
following build error:

  ../test/cctest/test-api.cc: In function ‘void TestRegress260106()’:
  ../test/cctest/test-api.cc:17712:34: error: ‘class v8::Context’ has
  no member named ‘GetIsolate’
 2013-11-09 22:27:22 +01:00
isaacs 8f221bc43d npm: Upgrade to 1.3.14 2013-11-08 13:41:24 -08:00
isaacs 4b5e6a38df npm@1.3.13 2013-10-28 14:10:47 -07:00
isaacs f6f176e108 npm@1.3.12 2013-10-24 09:22:13 -07:00
Timothy J Fontaine 8fc48bcf4c uv: Upgrade to v0.10.18 2013-10-18 13:52:15 -07:00
Timothy J Fontaine 55546f55d4 uv: Upgrade to v0.10.17 2013-09-24 13:46:19 -07:00
isaacs ebeae2df51 npm: upgrade to 1.3.11 2013-09-07 14:31:04 -05:00
isaacs 1be09dfc25 npm: upgrade to v1.3.10 2013-09-05 17:13:50 -07:00
Bert Belder 6301613ff5 uv: upgrade to v0.10.16 2013-09-05 16:50:47 +02:00
Bert Belder 5508236c49 uv: update to v0.10.15 2013-08-23 19:02:14 +02:00
Timothy J Fontaine e445fbda1f uv: Upgrade v0.10.14 2013-08-21 14:44:20 -07:00
Ben Noordhuis 8d42c6344b deps: upgrade http_parser to 303c4e4 
Upgrade to joyent/http-parser@303c4e4. Changes:

  * Do not accept PUN/GEM methods as PUT/GET.
  * Further request method check strengthening.
 2013-08-21 03:40:43 +02:00
isaacs 5abdef790c npm: Upgrade to 1.3.8 2013-08-16 08:19:31 -07:00
mstarzinger@chromium.org 6b92a71321 v8: back-port fix for CVE-2013-2882 
Quoting the CVE:

    Google V8, as used in Google Chrome before 28.0.1500.95, allows
    remote attackers to cause a denial of service or possibly have
    unspecified other impact via vectors that leverage "type confusion."

Likely has zero impact on node.js because it only runs local, trusted
code but let's apply it anyway.

This is a back-port of upstream commit r15665. Original commit log:

    Use internal array as API function cache.

    R=yangguo@chromium.org
    BUG=chromium:260106
    TEST=cctest/test-api/Regress260106

    Review URL: https://codereview.chromium.org/19159003

Fixes #5973.
 2013-08-05 18:17:24 +02:00
isaacs bea9dfa14c npm: Upgrade to 1.3.7 2013-08-02 14:55:22 -07:00
Timothy J Fontaine 5c81f41e70 uv: Upgrade to v0.10.13 2013-07-25 10:48:29 -07:00
isaacs ff0de45929 npm: Upgrade to v1.3.5 2013-07-24 13:23:44 -07:00
isaacs 5e86519199 npm: Upgrade to 1.3.4 2013-07-12 13:14:50 -07:00
isaacs ff8a4058bf npm: Upgrade to 1.3.3 2013-07-12 08:56:26 -07:00
isaacs 8bac8857f5 uv: Upgrade to v0.10.12 2013-07-09 13:20:38 -07:00
isaacs f5602bda18 npm: Upgrade to 1.3.2 2013-07-09 13:09:02 -07:00
isaacs 9195455637 npm: Upgrade to 1.2.32 2013-06-18 09:42:42 -07:00
Ben Noordhuis 41fc46e52f v8: add setVariableValue debugger command 
Issue 2399 part 1: In debugger allow modifying local variable values
Issue 2399 part 2: In debugger allow modifying local variable values

Review URL: https://codereview.chromium.org/11415042
Review URL: https://codereview.chromium.org/11412310

This is a back-port of upstream svn commits r13122 and r13202.
 2013-06-17 15:24:45 +02:00
Andrei Sedoi cc517497e6 v8: fix build for mips32r2 architecture 
This is a floating patch as a backport from v8 3.15.0
Committed: https://code.google.com/p/v8/source/detail?r=12833
 2013-06-14 17:48:33 +02:00
Andrei Sedoi 884b25356f openssl: add missing configuration pieces for MIPS 2013-06-13 13:27:58 +02:00
Ben Noordhuis 48476273eb uv: upgrade to 0.10.11 2013-06-12 22:10:39 +02:00
isaacs 49d9ad9d81 npm: Upgrade to 1.2.30 2013-06-12 10:59:44 -07:00
Trevor Norris 5d4ac272c7 v8: fix pointer arithmetic undefined behavior 
Clang branch release_33 would optimize out a != NULL check because of
some undefined behavior. This is a floating patch as a backport of that
fix.

Committed: http://code.google.com/p/v8/source/detail?r=13570
 2013-06-11 14:39:25 -07:00
isaacs 4d13fcf481 npm: Upgrade to 1.2.27 2013-06-06 14:44:48 -07:00
isaacs 96c30df10c uv: Upgrade to 0.10.10 2013-06-04 12:11:03 -07:00
isaacs f28f67cf75 npm: Upgrade to 1.2.25 2013-06-04 11:42:32 -07:00
isaacs c86afa5d2e npm: Upgrade to 1.2.24 2013-05-30 10:19:45 -07:00
isaacs f523f7041d uv: Upgrade to v0.10.9 2013-05-28 12:10:14 -07:00
isaacs 074e823a81 npm: Upgrade to 1.2.23 2013-05-24 14:41:43 -07:00
isaacs 1314c4aeeb uv: upgrade to 0.10.8 2013-05-24 14:41:00 -07:00
Timothy J Fontaine e2385839d7 v8: re-apply floating patches 2013-05-23 14:00:20 -07:00
Timothy J Fontaine dbe142c4ed v8: fix GetLocalizedMessage usage 
As is the backport of the abort on uncaught exception wouldn't compile
because we it was passing in `this` when it was unnecessary.
 2013-05-23 14:00:19 -07:00
Timothy J Fontaine 279361b277 v8: update to 3.14.5.9 2013-05-23 13:39:12 -07:00