Our great sponsors
-
This seems to be the discussion thread related to this.
-
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
design-principles
A small-but-growing set of design principles collected by the TAG while reviewing specifications
I don't agree with your representation that sanitisation of isolated surrogates constitutes "corruption". As a high-level point, when passing a string from your component to an external one, the external component receives a sanitised copy of your string - the original string is not modified in-place. So you still have access to your original string if you're relying on the presence of isolated surrogates for some reason.
For fairness, I will link below to your concrete example of "corruption", noting that you claim it will render Wasm "the biggest security disaster man ever created for everything". The fundamental bug is in splitting a string at a point which happens to be between two code points which make up an emoji. This kind of mistake can already cause logic and display errors in other parts of the code (e.g. for languages with non-BMP characters) independent of whether components are involved.
Related posts
- Creation Story
- [AskJS] How big is AssemblyScript 3rd party libraries ecosystem?
- Integrated a full WebAssembly VM into the engine (potentially as blueprint alt). Here's an example of hot reloading with AssemblyScript. Programming language agnostic scripting.
- Is WebAssembly magic performance pixie dust?
- JavaScript vs JavaScript. Fight!