From fce5e11ea53c44978fc9baf31e45314f00c32416 Mon Sep 17 00:00:00 2001 From: YAMAMOTO Takashi Date: Thu, 15 Aug 2024 05:01:47 +0900 Subject: [PATCH] runtimes/native: toywasm: limit memory usage for better sandboxing --- runtimes/native/src/backend/wasm_toywasm.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/runtimes/native/src/backend/wasm_toywasm.c b/runtimes/native/src/backend/wasm_toywasm.c index 983f46e1..b515ef3e 100644 --- a/runtimes/native/src/backend/wasm_toywasm.c +++ b/runtimes/native/src/backend/wasm_toywasm.c @@ -265,6 +265,16 @@ static const struct host_module host_modules[] = {{ uint8_t *w4_wasmInit() { int ret; mem_context_init(&mctx); + /* + * set an arbitrary limit. + * this includes the 64KB linear memory. + * REVISIT: how much operand stack etc typical carts can consume? + */ + ret = mem_context_setlimit(&mctx, 128 * 1024); + if (ret != 0) { + fprintf(stderr, "failed to set memory limit with %d\n", ret); + exit(1); + } ret = memory_instance_create(&mctx, &meminst, &memtype); if (ret != 0) { fprintf(stderr, "memory_instance_create failed with %d\n", ret);