From 9472136272f01b858412f2d9d7854d2daa82496f Mon Sep 17 00:00:00 2001
From: Jan de Mooij <jdemooij@mozilla.com>
Date: Tue, 10 Apr 2018 15:00:49 +0200
Subject: Bug 1444668 - Avoid allocating large AssemblerBuffers. r=luke,
 r=bbouvier, a=RyanVM

---
 js/src/jit/ProcessExecutableMemory.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'js/src/jit/ProcessExecutableMemory.h')

diff --git a/js/src/jit/ProcessExecutableMemory.h b/js/src/jit/ProcessExecutableMemory.h
index 078ce7cb7..a0e2fab98 100644
--- a/js/src/jit/ProcessExecutableMemory.h
+++ b/js/src/jit/ProcessExecutableMemory.h
@@ -17,6 +17,14 @@ namespace jit {
 // alignment though.
 static const size_t ExecutableCodePageSize = 64 * 1024;
 
+// Limit on the number of bytes of executable memory to prevent JIT spraying
+// attacks.
+#if JS_BITS_PER_WORD == 32
+static const size_t MaxCodeBytesPerProcess = 128 * 1024 * 1024;
+#else
+static const size_t MaxCodeBytesPerProcess = 1 * 1024 * 1024 * 1024;
+#endif
+
 enum class ProtectionSetting {
     Protected, // Not readable, writable, or executable.
     Writable,
-- 
cgit v1.2.3