|
|
|
|
|
|
by nanidin
720 days ago
|
|
|
In this case someone generated malicious bytecode that the JIT compiler would not generate. I would argue JIT is dangerous because it requires dynamic memory without the NX bit set, so if you manage to smash the stack (find an exploit) you can execute arbitrary code easily (leverage the exploit). That's a different dangerous than running malicious bytecode. |
|
|
https://developer.apple.com/documentation/browserenginekit/p...
On top of that they're working on (I haven't checked in a bit) having the JIT compiler be entirely Out-Of-Process. I don't think a lot has been written about that publicly but there's a few breadcrumbs like https://developer.apple.com/documentation/kernel/oop_jit_con...