- From: Bernard Aboba via GitHub <sysbot+gh@w3.org>
- Date: Wed, 29 Jun 2022 01:04:08 +0000
- To: public-webrtc-logs@w3.org
If `CropTarget()` is vulnerable to resource exhaustion attacks wouldn't that imply that`CropTarget()' could fail (e.g. due to lack of resources)? Moving some or all resource allocation to `CropTo()` could result in the resource allocation arising later (in `CropTo()` instead of `CropTarget()`). So depending on where the resource allocation is done, couldn't either or both of `CropTarget()` and `cropTo()` fail, for similar reasons? Recently I was asked to investigate a bug in a sync API that is supposed to always return immediately. In the most common use cases, it did return immediately (< .1 ms), no matter how much load was placed on it. However, in a particular (reproducible) set of circumstances, it blocks for 30-50 ms. The cause appears to be a mixture of resource (de)-allocation and blocking IPC. It's probably a bug not a feature, but sometimes sync APIs block for unanticipated reasons. -- GitHub Notification of comment by aboba Please view or discuss this issue at https://github.com/w3c/mediacapture-region/issues/17#issuecomment-1169428098 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Wednesday, 29 June 2022 01:04:09 UTC