Memory Safety Preservation for WebAssembly
WebAssembly (Wasm) is a next-generation portable compi- lation target for deploying applications written in high-level languages on the web. In order to protect their memory from untrusted code, web browser engines confine the execution of compiled Wasm programs in a memory-safe sand- box. Unfortunately, classic memory-safety vulnerabilities (e.g., buffer overflows and use-after-free) can still corrupt the memory within the sandbox and allow Wasm code to mount severe attacks. To prevent these attacks, we study a class of secure compilers that eliminate (different kinds of) memory safety violations. Following a rigorous approach, we discuss memory safety in terms of hypersafety properties, which let us identify suitable secure compilation critera for memory-safety-preserving compilers. We conjecture that, barring some restrictions at module boundaries, the existing security mechanisms of Wasm may suffice to enforce memory-safety preservation, in the short term. In the long term, we observe that certain features proposed in the design of a memory-safe variant of Wasm could allow compilers to lift these restrictions and enforce relaxed forms of memory safety.
Memory Safety Preservation for WebAssembly (Memory Safety Preservation for WebAssembly.pdf) | 14.50MiB |
Sat 25 Jan Times are displayed in time zone: Saskatchewan, Central America change
15:35 - 17:45: Compartmentalization, memory safety, and isolationPriSC at Rosalie Chair(s): Marco PatrignaniStanford University & CISPA , Jonathan ProtzenkoMicrosoft Research, Redmond | |||
15:35 - 15:59 Talk | Flexible Tag-based Policies for Compartmentalized C PriSC Sean AndersonPortland State University, Andrew TolmachPortland State University, CHR ChhakPortland State University Media Attached File Attached | ||
15:59 - 16:23 Talk | Mechanized Reasoning about a Capability Machine PriSC Media Attached | ||
16:23 - 16:47 Talk | Securing Interruptible Enclaves PriSC Matteo BusiUniversità di Pisa - Dipartimento di Informatica, Job Noormanimec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium, Jo Van Bulckimec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium, Letterio GallettaIMT School for Advanced Studies, Pierpaolo DeganoUniversità di Pisa - Dipartimento di Informatica, Jan Tobias Mühlbergimec-DistriNet, Dept. of Computer Science, KU Leuven, Belgium, Frank PiessensKU Leuven Media Attached File Attached | ||
16:47 - 16:57 Break | Mini-break PriSC | ||
16:57 - 17:21 Talk | WebAssembly as an Intermediate Language for Provably-Safe Software Sandboxing PriSC Jay BosamiyaCarnegie Mellon University, Benjamin LimCarnegie Mellon University, Bryan ParnoCarnegie Mellon University Media Attached File Attached | ||
17:21 - 17:45 Talk | Memory Safety Preservation for WebAssembly PriSC Marco VassenaCISPA Helmholtz Center for Information Security, Marco PatrignaniStanford University & CISPA Link to publication Media Attached File Attached |