WasmCFuzz: Structure-aware Fuzzing for Wasm Compilers
Xiangwei Zhang1, Junjie Wang1,3, Xiaoning Du2, Shuang Liu1. 1: College of Intelligence and Computing, Tianjin University, China; 2: Monash University, Australia; 3: Nanyang technological university, Singapore.
Abstract:
WebAssembly (Wasm) has emerged as a pivotal technology for web applications, offering near-native execution speeds and bolstered security through sandboxed execution. Despite its widespread adoption in major browsers, the rapid evolution of Wasm introduces novel attack surfaces, particularly in Wasm compilers. The challenge of Wasm compiler testing lies in producing semi-valid Wasm samples that are structurally sound enough to bypass initial checks yet sufficiently unique to probe for vulnerabilities. In response, we introduce WasmCFuzz, an innovative fuzzing approach that utilizes AFL-generated random bytes to create semi-valid Wasm formats. This method effectively balances structural validity with the potential to uncover compiler corner cases. Our comprehensive evaluation demonstrates that WasmCFuzz not only outperforms existing methods likeWasm-smith andWAfuzzer but also uncovers 13 previously unidentified bugs in mainstream browsers within just a week. These findings highlight WasmCFuzz’s capability in enhancing the security of Wasm compilers, marking a significant step forward in Wasm compiler testing.
Mon 15 AprDisplayed time zone: Lisbon change
09:00 - 10:30 | Developing secure softwareEnCyCriS/SVM at Amadeo de Souza-Cardoso Chair(s): Awais Rashid University of Bristol, UK | ||
09:00 5mDay opening | Wokshop opening EnCyCriS/SVM | ||
09:05 45mKeynote | Keynote: If you build it, they (probably) won’t come EnCyCriS/SVM | ||
09:50 20mFull-paper | WasmCFuzz: Structure-aware Fuzzing for Wasm Compilers EnCyCriS/SVM A: Xiangwei Zhang College of Intelligence and Computing, Tianjin University, A: Junjie Wang College of Intelligence and Computing, Tianjin University, A: Xiaoning Du Monash University, Australia, A: Shuang Liu Tianjin University | ||
10:10 20mFull-paper | Mitigating Security Issues in GitHub Actions EnCyCriS/SVM |