canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Platform/GFX/WebGL-Security-2011-10-28: Difference between revisions
Platform/GFX/WebGL-Security-2011-10-28 (view source)
Revision as of 17:20, 28 October 2011
, 28 October 2011no edit summary
(Created page with "* Patterns of WebGL exploits so far (Benoit) ** More details have been sent to security-group on June 29 and October 28. ** Pattern A (Relying on a particular GL state, forgettin...") |
mNo edit summary |
||
| Line 2: | Line 2: | ||
** More details have been sent to security-group on June 29 and October 28. | ** More details have been sent to security-group on June 29 and October 28. | ||
** Pattern A (Relying on a particular GL state, forgetting that scripts can change it) | ** Pattern A (Relying on a particular GL state, forgetting that scripts can change it) | ||
*** June 29 review: Bug 659349 | *** June 29 review: {{Bug|659349}} | ||
*** October 28 review: no new bugs in this category | *** October 28 review: no new bugs in this category | ||
** Pattern B (Mistake when keeping track of GL state) | ** Pattern B (Mistake when keeping track of GL state) | ||
*** June 29 review: Bug 656752, Bug 665070 | *** June 29 review: {{Bug|656752}}, {{Bug|665070}} | ||
*** October 28 review: Bug 665070 | *** October 28 review: {{Bug|665070}} | ||
** Pattern C (Timing attacks) | ** Pattern C (Timing attacks) | ||
*** June 29 review: Bug 656277 | *** June 29 review: {{Bug|656277}} | ||
*** October 28 review: no new bugs in this category | *** October 28 review: no new bugs in this category | ||
** Pattern D (Driver bugs) | ** Pattern D (Driver bugs) | ||
*** Type 1: Can be worked around. | *** Type 1: Can be worked around. | ||
**** June 29 review: Bug 631420, Bug 657201 | **** June 29 review: {{Bug|631420}}, {{Bug|657201}} | ||
**** October 28 review: Bug 665578, Bug 658826, Bug 684882, Bug 675625, Bug 674042 | **** October 28 review: {{Bug|665578}}, {{Bug|658826}}, {{Bug|684882}}, {{Bug 675625}}, {{Bug|674042}} | ||
*** Type 2: Can be blacklisted. [[Blocklisting/Blocked_Graphics_Drivers|Tons of examples]]. | *** Type 2: Can be blacklisted. [[Blocklisting/Blocked_Graphics_Drivers|Tons of examples]]. | ||
*** Type 3: Ones we ignore for now because extensive DOS mitigations not available | *** Type 3: Ones we ignore for now because extensive DOS mitigations not available | ||
** Pattern E (Implementation Bugs that are not at all GL-specific) | ** Pattern E (Implementation Bugs that are not at all GL-specific) | ||
*** June 29 review: Bug 648705 in our WebGL implementation; Bug 665934 in ANGLE. | *** June 29 review: {{Bug|648705}} in our WebGL implementation; {{Bug|665934}} in ANGLE. | ||
*** October 28 review: Bug 686398, Bug 685793, Bug 682335 in our WebGL implementation; Bug 680840, Bug 665936 in ANGLE. | *** October 28 review: {{Bug|686398}}, {{Bug|685793}}, {{Bug|682335}} in our WebGL implementation; {{Bug|680840}}, {{Bug|665936}} in ANGLE. | ||