- From: Robert O'Callahan <robert@ocallahan.org>
- Date: Fri, 26 Jul 2013 12:23:32 +1200
- To: Ehsan Akhgari <ehsan.akhgari@gmail.com>
- Cc: Olivier Thereaux <Olivier.Thereaux@bbc.co.uk>, WG <public-audio@w3.org>
- Message-ID: <CAOp6jLbwyLpEQAFDYOrye+hgWv5Yc63YHTR8xn16Aeto9VYwLA@mail.gmail.com>
On Fri, Jul 26, 2013 at 6:29 AM, Ehsan Akhgari <ehsan.akhgari@gmail.com>wrote: > The severity issue here I think is rather clear and non-controversial. > For content which is affected by this, you'll get corrupted audio playback > in case the AudioBuffer is modified on the main thread, or you'll get > corrupted audio playback and probably the ability to read memory content > that does not belong to you in the case where the ArrayBuffers are neutered > by content. Robert already wrote a very simple test case to demonstrate > the first issue. It would be very interesting to see how easily one could > write a test case for the second issue, but I think it will work by > basically allocating a large AudioBuffer, neuter the ArrayBuffers by > sending them to a worker, connect the AudioBufferSourceNode to a > ScriptProcessorNode and examine the contents of inputBuffer. > I already posted a testcase for the second issue. Chris has informally proposed to fix it by introducing the concept of "non-neuterable ArrayBuffers". I don't think that solution will get past the editors of the Typed Array spec (or the TAG, it looks like), but at least we agree the issue must be fixed one way or another. Rob -- Jtehsauts tshaei dS,o n" Wohfy Mdaon yhoaus eanuttehrotraiitny eovni le atrhtohu gthot sf oirng iyvoeu rs ihnesa.r"t sS?o Whhei csha iids teoa stiheer :p atroa lsyazye,d 'mYaonu,r "sGients uapr,e tfaokreg iyvoeunr, 'm aotr atnod sgaoy ,h o'mGee.t" uTph eann dt hwea lmka'n? gBoutt uIp waanndt wyeonut thoo mken.o w * *
Received on Friday, 26 July 2013 00:23:58 UTC