It makes me nervous to try to make the overflow behavior the same across
engines, because it could end up restricting implementation choices. But
making things roughly the same without trying to make them too much the
same seems reasonable. And it does sound like there are situations where
we just outright fail where other browser render *something*, at least,
and those seem worth improving.
On 05/02/2016 10:51 AM, L. David Baron wrote:
So I think ideally we should try to do as much of this as possible
in a standardizable way -- but we'll still probably want a backstop
dynamic stack depth check. (Can stack overflow crashes be
security-sensitive, or do modern OSes reliably guarantee that
there's a chunk of unmapped memory past the end of the stack? Then
again, I feel like I've seen description of exploits that relied on
that chunk of unmapped memory not being very large, and just jumping
across it with a function that had a large stack buffer.)
OSes can guarantee that you'll have a single unmapped page, no more.
OSes differ on what guarantees they'll give you for the rest of the
space up to the theoretical max stack size. It's messy. See bug 909094
<https://bugzilla.mozilla.org/show_bug.cgi?id=909094>
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
