LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Gnash, Lightspark, and Shumway

Gnash, Lightspark, and Shumway

Posted Dec 3, 2012 0:33 UTC (Mon) by HelloWorld (guest, #56129)
In reply to: Gnash, Lightspark, and Shumway by cmccabe
Parent article: Gnash, Lightspark, and Shumway

> Do you have g++ installed on your production servers? I sure don't.
That doesn't alter the fact that it's just as possible to generate code at run-time in C as it is in JavaScript. And besides, there are libraries to facilitate just that, such as libjit, Lightning or Orc.

> Incidentally, have fun searching every Javascript library that you use to make sure none of them happen to use eval().
Yeah, "grep '\beval\b' **/*.js" is a really hard command to run.

> Here's another piece of advice: "simply avoid writing buffer overflow exploits."
Buffer overflows happen by accident. It's pretty much impossible to use eval by accident. Why do I even have to mention this?

> Hmm. Perhaps you can't "simply avoid" a fundamental feature of the language just by pretending it doesn't exist.
eval isn't a fundamental language feature any more than libjit/Lightning/Orc are.

(Log in to post comments)

Gnash, Lightspark, and Shumway

Posted Dec 9, 2012 16:24 UTC (Sun) by oak (subscriber, #2786) [Link]

>> Hmm. Perhaps you can't "simply avoid" a fundamental feature of the language just by pretending it doesn't exist.
>
> eval isn't a fundamental language feature any more than libjit/Lightning/Orc are.

Do Gnash or Lightspark use libjit/Lightning/Orc?

Nowadays browsers run the Flash plugins in separate processes. Is Shumway stuff run in a separate process or within the same browser process?

If latter, HTML interaction with JS may also needs to be considered for security, not just JS in isolation.

PS. One difference between compiled C/C++ code and JS is that latter is JITted for performance reasons, and also for performance reasons, the JITted code is typically memory mapped both as executable and writable. Whereas the compiled C/C++ code isn't mapped as writable in to memory.

While the JIT compiler probably is safe, I would expect the huge amounts of extra write/execute mapped memory to make injected code execution attacks elsewhere in Browser easier...?

Gnash, Lightspark, and Shumway

Posted Dec 9, 2012 18:03 UTC (Sun) by cortana (subscriber, #24596) [Link]

The pages that store the result of the JIT compilation can have their mode changed once the compilation is complete, no?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds