http://codereview.chromium.org/3169050/diff/15001/16001 File src/ia32/codegen-ia32.cc (right):
http://codereview.chromium.org/3169050/diff/15001/16001#newcode157 src/ia32/codegen-ia32.cc:157: jit_cookie_ = V8::Random(); Is the platform random function good enough? The attacker has read access to the current time and may find a way to predict the cookie value. Style nit: the cookie field should be set in the initializer list like the other fields. http://codereview.chromium.org/3169050/diff/15001/16001#newcode5333 src/ia32/codegen-ia32.cc:5333: __ push(Immediate(bits ^ jit_cookie_)); We should prevent dependency of the instruction encoding length on the size of the immediates. Otherwise, different cookie values will produce significantly different code and will make debugging hard. http://codereview.chromium.org/3169050/show -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
