[Webkit-unassigned] [Bug 22049] WebKit should have a cryptographic RNG
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 4 19:56:40 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=22049
--- Comment #8 from Adam Barth <abarth at webkit.org> 2011-02-04 19:56:40 PST ---
> Should there also be null-checks? Or if the allocation is fatal-on-failure, isn't this a DoS vector?
Allocation in WebKit is fatal-on-failure. It probably make sense to cap the number of random bytes you can request in one go. In general, we don't protect against memory exhaustion DoS though.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list