[jsc-dev] Protect against modifying contents of `ArrayBuffer` in `JavaScriptCore`

Karol Szafranski karolszafranski at gmail.com
Sat Oct 20 04:48:18 PDT 2018 

Hi Saam,

Right now I am using JavaScriptCore which is built into iOS devices. Generally, I use Objective-C and sometimes switch to C APIs if something cannot be done in Objective-C, like creating ArrayBuffer.

I would like to be able to use workers in JavaScript. Since they are not available out of the box I try to implement that API myself. I would like them to behave like in a web browser, but I’m not able to implement “transferList”. That is the second argument of `postMessage` method.

> On 19. Oct 2018, at 21:00, Saam barati <sbarati at apple.com> wrote:
> 
> Hi Karol,
> 
> What context are you running JavaScript code in?
> 
> Are you using the JavaScriptCore ObjC or C APIs? Something else?
> 
> - Saam
> 
>> On Oct 19, 2018, at 1:56 AM, Karol Szafranski <karolszafranski at gmail.com> wrote:
>> 
>> `ArrayBuffer` is created in JavaScript engine, and reference is passed to the "native side":
>> 
>> 
>>   var myBuffer = new ArrayBuffer(32);
>>   protectBufferMemory(myBuffer);
>> 
>> 
>> Now I would like to hide the contents of the `ArrayBuffer` from the JavaScript engine. It would be best if `ArrayBuffer` could suddenly return 0 for `byteLength`, stay empty and nonresizable when looking at it with any `TypedArray`.
>> 
>> In the same time, I need to keep the contents of the `ArrayBuffer` in memory in the same place as it was. I do not want to copy those bytes.
>> 
>> Note: this is exactly how `ArrayBuffer` behaves in Chrome when you `postMessage` to a `Worker` with `ArrayBuffer` instance in the "transfer" array.
>> 
>> If there is no way of doing this, the following alternatives would also be acceptable:
>> 
>> 1. Removing the `ArrayBuffer` instance from the JavaScript engine, so that all variables pointing to it will return `undefined` would also be acceptable. As long as data will not be removed from memory.
>> 
>> 2. Keeping `ArrayBuffer` data visible inside JavaScript engine but disallow modification.
>> 
>> Thank you very much in advance.
>> 
>> Karol Szafrański
>> 
>> _______________________________________________
>> jsc-dev mailing list
>> jsc-dev at lists.webkit.org
>> https://lists.webkit.org/mailman/listinfo/jsc-dev
> 


Karol Szafrański

More information about the jsc-dev mailing list