I am all for aborting if there is an argc mismatch, especially for the "real" inline functions where "returning" a fixed result (typically some definition of no-success) seems a bit strange and pollutes the code somewhat. Fuzzing of %_ functions should then only be for the expected argc.
I will finalize this. /Søren On Mon, Feb 8, 2010 at 20:27, <[email protected]> wrote: > I think this is a very good idea and definitely worth doing for the other > architectures too. Perhaps we should just abort the VM if the arg count > mismatches? As long as we get a reasonable stack trace that seems safer > than > continuing after an attacker has attempted to subvert the %_ natives. > > > http://codereview.chromium.org/573056/diff/1/2 > File src/ia32/codegen-ia32.cc (right): > > http://codereview.chromium.org/573056/diff/1/2#newcode4969 > src/ia32/codegen-ia32.cc:4969: frame_->Push(Factory::undefined_value()); > This and the similar cases below should have a comment to the effect > that we never expect this to happen. Alternatively we could define some > macro called RETURN_UNDEFINED_ON_ARGC_MISMATCH and use it throughout. > Then we could put the comment on the macro definition. > > http://codereview.chromium.org/573056 > -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
