MozillaWiki

Security/Reviews/Firefox4/WebGL Security Review

< Security‎ | Reviews‎ | Firefox4
Revision as of 23:14, 23 February 2011 by Bsterne (talk | contribs) (Created page with "= Brandon's Notes = == General == * potential DoS by sending large job to shader * user-space version of the driver compiles the shader and passes to the GPU * jeff: if you own t...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Brandon's Notes

General

  • potential DoS by sending large job to shader
  • user-space version of the driver compiles the shader and passes to the GPU
  • jeff: if you own the firefox process you could make the compiler do things it doesn't expect
  • vlad: when you're on the GPU, you're fairly limited as to what you can do
  • driver supplies the compiler (runs as user)
  • driver implements OpenGL (not OS)
  • all GL calls are pipelined, very few have a return value
  • vlad: it would be a good idea to create a GL context noop to do more robust OOVM testing
  • GL context tied only to canvas element, NOT the document

Top threats

  • GLSL compiler bugs
  • DoS bugs, e.g. on Mac
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Reviews/Firefox4/WebGL_Security_Review&oldid=286605"