On Wednesday, January 18, 2017 at 2:21:40 PM UTC-6, Michael Layzell wrote: > Security & Privacy Concerns: none
Do we normally allow 1GB allocations? (I think the answer is 'we try and maybe crash if we can't' right?) Allocating a continuous 1GB in a completely fresh process sounds like a great way to make a heap spray significantly more reliable. In a 32 bit process you'd have pretty good odds of hitting. Even in a 64 bit process, I believe ASLR entropy on some platforms (older Windows perhaps) leaves something to be desired, in the 40-bit range or something. 1GB cuts that down pretty significantly. So I'd definitely add this to the concerns, and probably a bit more serious than 'DOS'. -tom _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
