http://codereview.chromium.org/3169050/diff/15001/16001 File src/ia32/codegen-ia32.cc (right):
http://codereview.chromium.org/3169050/diff/15001/16001#newcode157 src/ia32/codegen-ia32.cc:157: jit_cookie_ = V8::Random(); No, the platform random probably isn't good enough but implementing a cryptographically secure random number generator for use in things like this (and the manual executable memory randomizer) is on the to-do list. That's probably a separate change. Perhaps a // TODO ? On 2010/08/26 14:40:35, Vitaly wrote:
Is the platform random function good enough? The attacker has read
access to the
current time and may find a way to predict the cookie value.
Style nit: the cookie field should be set in the initializer list like
the other
fields.
http://codereview.chromium.org/3169050/diff/15001/16001#newcode5333 src/ia32/codegen-ia32.cc:5333: __ push(Immediate(bits ^ jit_cookie_)); I'm not quite sure what you mean here. Are you referring to the threshold at which values are encoded (kMaxSmiInlinedBits = 7)? Or are you suggesting something along the lines of #ifndef DEBUG encode #else value splitting ? On 2010/08/26 14:40:35, Vitaly wrote:
We should prevent dependency of the instruction encoding length on the
size of
the immediates. Otherwise, different cookie values will produce
significantly
different code and will make debugging hard.
http://codereview.chromium.org/3169050/show -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
