The Security Risk of Lacking Compiler Protection in WebAssembly
Quentin Sti\'evenart, Coen De Roover, Mohammad Ghafari
TL;DR
This paper reveals that WebAssembly's lack of built-in security protections like stack canaries can lead to security vulnerabilities when compiling C programs, as buffer overflows may not cause crashes as they do in x86 code.
Contribution
It provides an empirical analysis showing WebAssembly's security risks due to missing compiler-enforced protections in real-world C programs.
Findings
WebAssembly often continues execution despite buffer overflows
1,088 out of 4,469 programs behaved differently in WebAssembly
Lack of security measures like stack canaries in WebAssembly
Abstract
WebAssembly is increasingly used as the compilation target for cross-platform applications. In this paper, we investigate whether one can rely on the security measures enforced by existing C compilers when compiling C programs to WebAssembly. We compiled 4,469 C programs with known buffer overflow vulnerabilities to x86 code and to WebAssembly, and observed the outcome of the execution of the generated code to differ for 1,088 programs. Through manual inspection, we identified that the root cause for these is the lack of security measures such as stack canaries in the generated WebAssembly: while x86 code crashes upon a stack-based buffer overflow, the corresponding WebAssembly continues to be executed. We conclude that compiling an existing C program to WebAssembly without additional precautions may hamper its security, and we encourage more research in this direction.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.