|
|
|
|
|
|
by averageValentin
956 days ago
|
|
|
Compiling to WebAssembly can mitigate certain issues, specificaly with memory safety in unsafe languages like C. Take this C function:
void write_to_buffer(char *buffer, unsigned int size, char value) {
for (unsigned int i = 0; i <= size; ++i) {
buffer[i] = value; // Unsafe: can write past the buffer if size is too large
}
} Compiled to native code, an incorect size can lead to a buffer overflow. However, if you compile this to WebAssembly, the out-of-bounds write would be caught by the WebAssembly runtime, preventing a potential security flaw. But it doesn't eliminate the need for good coding practices, it does add a layer of protection against some kinds of memory-related errors |
|
|
See: https://gist.github.com/fwsGonzo/8d8d0d27847c2d5804bc2d8af2b...
.. but it is safe to write anywhere in the arena!