Proposal: add the ability to declare read only memories #1398
Comments
dbezhetskov
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
dbezhetskov
changed the title
The story begins from this article https://www.usenix.org/conference/usenixsecurity20/presentation/lehmann
Daniel Lehmann and the company show the example of how to use undefined behavior in C/C++ to call any js function from the browser.
Of course, wasm is safe and sound but when you emulate unsafe languages like C/C++ inside wasm memory you can obviously spoil that memory. For example, Emscripten emulates C++ stack pointer and stores return addresses inside wasm memory so with a simple buffer overflow you can spoil some valuable data. Things become more dramatic when you import
evalfunction from js and give wasm access to it.The suggestion from the article is to implement the same protection mechanisms as for native software - stack canaries and read-only memory pages.
Stack canaries can be implemented without any support from the language, but the ability to declare read-only memory pages looks promising.
I want to propose the new flag:
new WebAssembly.Memory({initial:10, maximum:100, read-only: true});This change actually is easy to implement and it doesn't break any binary interfaces.
With the multiple memory proposal, it will help to represent constant data inside wasm memories.
The text was updated successfully, but these errors were encountered: