[Webkit-unassigned] [Bug 148439] cryptographicallyRandomValuesFromOS should use CCRandomCopyBytes when available.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 26 11:14:01 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=148439
--- Comment #15 from Keith Miller <keith_miller at apple.com> ---
> > Regardless, if in the future CCRandomCopyBytes can fail I would rather avoid a potential security risk and crash.
>
> Yes, we should have a RELEASE_ASSERT here. Adding as much code as you did
> just for this case doesn't seem worth it to me.
>
> If you still think that a more detailed message would be useful here, please
> send an e-mail to webkit-dev, so that everyone could discuss the best way to
> do this. Personally, I would do RELEASE_ASSERT_WITH_MESSAGE, so that we
> wouldn't need two lines of code at call sites.
Based on conversations I have had with others it seems like having the ability to add debug information to crash logs seems desired. However, I can create an email chain to figure out the exact functionality/implementation we want. It is also unfortunate that currently os_trace does not allow non-scalar format strings so perhaps we should wait until that is added before moving forward.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150826/3262a1ff/attachment.html>
More information about the webkit-unassigned
mailing list