Le 27/03/2013 15:52, Brendan Eich a écrit :
Please read the "memory safety and weak references" thread.
The issue is not just SES, which might remove an iterator in preparing
the environment. Stock JS must not be vulnerable to jit-spray attacks
due to enumerable weak maps.
From what I understand of the attack, JS isn't vulnerable. Only current
implementations are. I admit it carries some weight, but let's not
confuse the 2.
David
_______________________________________________
es-discuss mailing list
[email protected]
https://mail.mozilla.org/listinfo/es-discuss
