Ask HN: Does Compiling to WebAssembly Prevent Issues with Unsafe Languages?

2 pointsdevtailz2y ago5 comments

5 comments

Compiling to WebAssembly can mitigate certain issues, specificaly with memory safety in unsafe languages like C.

Take this C function: void write_to_buffer(char *buffer, unsigned int size, char value) { for (unsigned int i = 0; i <= size; ++i) { buffer[i] = value; // Unsafe: can write past the buffer if size is too large } }

Compiled to native code, an incorect size can lead to a buffer overflow. However, if you compile this to WebAssembly, the out-of-bounds write would be caught by the WebAssembly runtime, preventing a potential security flaw. But it doesn't eliminate the need for good coding practices, it does add a layer of protection against some kinds of memory-related errors

fwsgonzo2y ago

This is wrong. WebAssembly doesn't care where you write inside the arena.

See: https://gist.github.com/fwsGonzo/8d8d0d27847c2d5804bc2d8af2b...

.. but it is safe to write anywhere in the arena!

averageValentin2y ago

Appreciate the clarification. You're right that WebAssembly doesn't enforce bounds checking within its linear memory, allowing for out-of-bounds writes within the allocated space. While it does enhance security at the host boundary, it doesn't absolve the need for careful memory management within the WebAssembly module itself

syrusakbary2y ago

It does solve many of the issues, namely:

  * Memory isolation (memory can't be executable, and thus you reduce injection attacks).
  * Sandboxing: by default Wasm has no access to the outer universe where is being called, this makes quite trivial to properly sandbox almost any kind of program (on the systemcall layer)

And it does so without requiring hardware virtualization

fwsgonzo2y ago

Yes, so can any type of userspace sandboxing with speculation safe emulators. Virtualization also prevents these issues.

So, you can safely use C from your gameboy emulator, RISC-V emulator, or WebAssembly emulator. The quality of the emulator determines how much information you get back when something happens.

j / k navigate · click thread line to collapse

5 comments

averageValentin2y ago

Compiling to WebAssembly can mitigate certain issues, specificaly with memory safety in unsafe languages like C.

fwsgonzo2y ago

This is wrong. WebAssembly doesn't care where you write inside the arena.

See: https://gist.github.com/fwsGonzo/8d8d0d27847c2d5804bc2d8af2b...

.. but it is safe to write anywhere in the arena!

averageValentin2y ago

syrusakbary2y ago

It does solve many of the issues, namely:

  * Memory isolation (memory can't be executable, and thus you reduce injection attacks).
  * Sandboxing: by default Wasm has no access to the outer universe where is being called, this makes quite trivial to properly sandbox almost any kind of program (on the systemcall layer)

And it does so without requiring hardware virtualization

fwsgonzo2y ago

Yes, so can any type of userspace sandboxing with speculation safe emulators. Virtualization also prevents these issues.

So, you can safely use C from your gameboy emulator, RISC-V emulator, or WebAssembly emulator. The quality of the emulator determines how much information you get back when something happens.

j / k navigate · click thread line to collapse