Memory Safety Preservation for WebAssembly

Vassena, Marco and Patrignani, Marco
(2019) Memory Safety Preservation for WebAssembly.
arxiv
.

[img]
Preview
 Text
prisc-cleaned.pdf
Download (325kB) | Preview

Abstract

WebAssembly (Wasm) is a next-generation portable compilation target for deploying applications written in high-level languages on the web. In order to protect their memory from untrusted code, web browser engines confine the execution of compiled Wasm programs in a memory-safe sandbox. Unfortunately, classic memory-safety vulnerabilities (e.g., buffer overflows and use-after-free) can still corrupt the memory within the sandbox and allow Wasm code to mount severe attacks. To prevent these attacks, we study a class of secure compilers that eliminate (different kinds of) of memory safety violations. Following a rigorous approach, we discuss memory safety in terms of hypersafety properties, which let us identify suitable secure compilation criteria for memory-safety-preserving compilers. We conjecture that, barring some restrictions at module boundaries, the existing security mechanisms of Wasm may suffice to enforce memory-safety preservation, in the short term. In the long term, we observe that certain features proposed in the design of a memory-safe variant of Wasm could allow compilers to lift these restrictions and enforce relaxed forms of memory safety.

Item Type: Other
Depositing User: Marco Patrignani
Date Deposited: 14 Dec 2020 10:01
Last Modified: 14 Dec 2020 10:01
Primary Research Area: NRA1: Trustworthy Information Processing
URI: https://publications.cispa.saarland/id/eprint/3331

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.