multi-memory
wai
Our great sponsors
multi-memory | wai | |
---|---|---|
6 | 2 | |
115 | 111 | |
7.0% | 0.0% | |
3.7 | 0.0 | |
10 months ago | 5 months ago | |
WebAssembly | Rust | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
multi-memory
-
Top 8 Recent V8 Updates
Support for multi-memory to deal with multiple memories in Wasm.
-
WASI Support in Go
> You can do attacks that most people haven't been able to do for 20+ years.
This is a bad and roundabout way to say that vulnerabilities in WebAssembly modules may cause a corruption in their linear memory. Which is absolutely true, but those attacks still matter today (not everyone turns ASLR on) and similar defences also apply. In the future multiple memories [1] should make it much easier to guard against remaining issues. WebAssembly is a lucrative target only because it is so widespread, not because it has horrible security (you don't know what the actually horrible security looks like).
[1] https://github.com/WebAssembly/multi-memory/blob/main/propos...
-
WASI: WebAssembly System Interface
Thanks! These claims are really interesting.
- WASM has no ASLR.
So I guess if a buffer overrun lets you modify a function pointer, you could replace that function pointer with another pointer to execute different code. As you say, this is hard in native linux programs because ASLR and NX. You need a pointer to some code thats loaded in memory and you need to know where it is. In wasm, the "pointer" isn't a pointer at all. indirect_call takes an index into the jump table. Yes, this makes it easier to find other valid function pointers. But wasm also has some advantages here. Unlike in native code, you can't "call" arbitrary locations in memory. And indirect_call is also runtime typechecked. So you can't call functions with an unexpected type signature. Also (I think) the jump table itself can't be edited by the running wasm module. So there's no way to inject code into the module and run it.
I could be wrong, but I wouldn't be surprised if on balance wasm still ends up safer than native code here. I'm sure there will be more than zero wasm sandbox escapes made by abusing this, but I haven't heard of any so far.
Docs: https://developer.mozilla.org/en-US/docs/WebAssembly/Underst...
- WASM allows writing to 0x0.
You're probably right about this. To be clear, it means if pointers are set to 0 then dereferenced, the program might continue before crashing. And the memory around 0 may be overwritten by an attacker. How bad this is in practice depends on the prevelance of use-after-free bugs (common in C / C++) and what ends up near 0 in memory. In rust, these sort of software bugs seem incredibly rare. And I wouldn't be surprised if wasm compilers for C/C++ start making a memory deadzone here - if they aren't doing that already.
- wasm can easily overflow buffers
Sure, but so can native C code. And unlike native code, wasm can't overflow buffers outside of the data section. So you can't overwrite methods or modify the memory of any other loaded modules. So on net, wasm is still marginally safer than native code here. If you're worried about buffer overflows, use a safer language.
- wasm doesn't have the concept of read-only memory
Interesting! I can see this definitely being useful for system libraries like mmap. This would definitely be nice to have, and it looks like the wasm authors agree with you.
https://github.com/WebAssembly/multi-memory/issues/15
-
Accessing WebAssembly reference-typed arrays from C++
There are stray references to the concept of multiple address spaces (or 'memories') in the wasm spec at present, and I recall at one point you may have always been passing 'memory #0' to your load/store opcodes. It looks like people are still working on that as the solution.
https://github.com/WebAssembly/multi-memory
-
WebAssembly and C++
It's not segmented, so no... or rather, not yet.
The wasm spec already accommodates to some extent the notion of multiple "memories" (i.e. distinct flat heaps), although it only allows for one in practice:
https://webassembly.github.io/spec/core/syntax/modules.html#...
And there's an active proposal to allow for multiple memories:
https://github.com/WebAssembly/multi-memory/blob/main/propos...
In an environment like that, you'd need full-fledged pointers to carry both the memory index and the offset; and then you might want a non-fat "pointer to same memory" alternative for perf. Might as well call them far and near.
- WebAssembly 2.0 Working Draft
wai
-
Wasmer takes WebAssembly libraries mainstream with WAI
Decimal values are not currently represented as a first-class type by WAI (as int, floats or string types are) but I believe it would be a great idea to do so.
Would you mind opening an issue in the WAI repository [1] so we can follow up there? Thanks!
[1] https://github.com/wasmerio/wai
-
WebAssembly 2.0 Working Draft
wit-bingen is great. For those that want to use wit-bindgen with Wasmer (tl;dr I work at Wasmer) here's the repo:
https://github.com/wasmerio/wit-bindgen
What are some alternatives?
wajic - WebAssembly JavaScript Interface Creator
reference-crdts - Simple, tiny spec-compliant reference implementations of Yjs and Automerge's list types.
memory-control - A proposal to introduce finer grained control of WebAssembly memory.
uwm-masters-thesis - My thesis for my Master's in Computer Science degree from the University of Wisconsin - Milwaukee.
component-model - Repository for design and specification of the Component Model
vscode-wasm - WebAssembly extension for VSCode
sdk - The Dart SDK, including the VM, dart2js, core libraries, and more.
proposal-decimal - Built-in decimal datatype in JavaScript
proposals - Tracking WebAssembly proposals
wit-bindgen - A language binding generator for WebAssembly interface types