n30m1nd · December 31, 2019 02:06
diff --git a/build_v8_issue_1710.bat b/build_v8_issue_1710.bat
 REM  =========================================================================
 REM | THIS SCRIPT IS TOTALLY UNSAFE TO USE IF YOU'RE PLANNING TO COMPILE V8!! |
 REM  =========================================================================

 REM Script to build a vulnerable v8 version on Windows (produces d8.exe)
 REM This script is a variation from: http://www.lfdm.net/development/5-how-to-compile-v8-on-windows.html
 REM https://bugs.chromium.org/p/project-zero/issues/detail?id=1710
 REM It is important to compile a release build (debug=false) and to 
 REM disable v8_untrusted_code_mitigations to prevent unwanted boundary checks :)
 REM   https://twitter.com/NeomindMusic/status/1210536157815148544
 REM   https://v8.dev/docs/untrusted-code-mitigations

 REM You'll need VS2017 and depot tools amongst others. This is not a magic .BAT!

 set "VSCMD_START_DIR=%CD%"
 call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
 set PATH=%DEPO_TOOLS%;%PATH%
 set DEPOT_TOOLS_WIN_TOOLCHAIN=0
 set GYP_MSVS_VERSION=2017
 call fetch v8
 cd v8
 git checkout 9680338c622d4693f984b49fb24d101acd2d8112

 REM The next commands should be executed on a different file (build_pt2.bat), as the git checkout "borks" the execution
 cd v8
 call gclient sync
 call gn gen out.gn/library --args="is_debug=false is_component_build=true v8_enable_i18n_support=false v8_untrusted_code_mitigations=false"
 call ninja -C out.gn/library d8.exe
 dir /b /s d8.exe
	REM =========================================================================
	REM \| THIS SCRIPT IS TOTALLY UNSAFE TO USE IF YOU'RE PLANNING TO COMPILE V8!! \|
	REM =========================================================================

	REM Script to build a vulnerable v8 version on Windows (produces d8.exe)
	REM This script is a variation from: http://www.lfdm.net/development/5-how-to-compile-v8-on-windows.html
	REM https://bugs.chromium.org/p/project-zero/issues/detail?id=1710
	REM It is important to compile a release build (debug=false) and to
	REM disable v8_untrusted_code_mitigations to prevent unwanted boundary checks :)
	REM https://twitter.com/NeomindMusic/status/1210536157815148544
	REM https://v8.dev/docs/untrusted-code-mitigations

	REM You'll need VS2017 and depot tools amongst others. This is not a magic .BAT!

	set "VSCMD_START_DIR=%CD%"
	call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat"
	set PATH=%DEPO_TOOLS%;%PATH%
	set DEPOT_TOOLS_WIN_TOOLCHAIN=0
	set GYP_MSVS_VERSION=2017
	call fetch v8
	cd v8
	git checkout 9680338c622d4693f984b49fb24d101acd2d8112

	REM The next commands should be executed on a different file (build_pt2.bat), as the git checkout "borks" the execution
	cd v8
	call gclient sync
	call gn gen out.gn/library --args="is_debug=false is_component_build=true v8_enable_i18n_support=false v8_untrusted_code_mitigations=false"
	call ninja -C out.gn/library d8.exe
	dir /b /s d8.exe