[Webkit-unassigned] [Bug 22049] WebKit should have a cryptographic RNG

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Feb 4 19:56:40 PST 2011


--- Comment #8 from Adam Barth <abarth at webkit.org>  2011-02-04 19:56:40 PST ---
> Should there also be null-checks? Or if the allocation is fatal-on-failure, isn't this a DoS vector?

Allocation in WebKit is fatal-on-failure.  It probably make sense to cap the number of random bytes you can request in one go.  In general, we don't protect against memory exhaustion DoS though.

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list