Defending Buffer Overflows in WebAssembly: A Transpiler Approach
It addresses the growing need for security in WebAssembly applications by retrofitting protection against buffer overflows, a common vulnerability class.
The paper proposes a transpiler that adds stack canaries and ASLR to WebAssembly binaries to prevent buffer overflows in unmanaged memory. The approach aims to mitigate vulnerabilities inherited from source languages.
WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a WebAssembly transpiler to prevent buffer overflows in the unmanaged memory of the WebAssembly runtime. The transpiler accepts a WebAssembly binary and adds stack canaries and Address Space Layout Randomization (ASLR) to protect against buffer overflows.