Bug 1167489 and bug 1153672. Clamp the resolution of performance.now() calls to 5us, because otherwise we allow various timing attacks that depend on high accuracy timers. r=froydnj
authorBoris Zbarsky <bzbarsky@mit.edu>
Tue, 07 Jul 2015 17:37:50 -0400
changeset 251799 48ae8b5e62ab
parent 251798 007f1cea86fb
child 251800 e3a5dbe2d697
push id61956
push userbzbarsky@mozilla.com
push dateTue, 07 Jul 2015 21:38:28 +0000
treeherdermozilla-inbound@e3a5dbe2d697 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfroydnj
bugs1167489, 1153672
milestone42.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1167489 and bug 1153672. Clamp the resolution of performance.now() calls to 5us, because otherwise we allow various timing attacks that depend on high accuracy timers. r=froydnj
dom/base/nsPerformance.cpp
--- a/dom/base/nsPerformance.cpp
+++ b/dom/base/nsPerformance.cpp
@@ -496,17 +496,21 @@ nsPerformance::Navigation()
     mNavigation = new nsPerformanceNavigation(this);
   }
   return mNavigation;
 }
 
 DOMHighResTimeStamp
 nsPerformance::Now() const
 {
-  return GetDOMTiming()->TimeStampToDOMHighRes(TimeStamp::Now());
+  double nowTimeMs = GetDOMTiming()->TimeStampToDOMHighRes(TimeStamp::Now());
+  // Round down to the nearest 0.005ms (5us), because if the timer is too
+  // accurate people can do nasty timing attacks with it.
+  const double maxResolutionMs = 0.005;
+  return floor(nowTimeMs / maxResolutionMs) * maxResolutionMs;
 }
 
 JSObject*
 nsPerformance::WrapObject(JSContext *cx, JS::Handle<JSObject*> aGivenProto)
 {
   return PerformanceBinding::Wrap(cx, this, aGivenProto);
 }