alexcrichton opened PR #3343 from run-cwasm
to main
:
This was accidentally broken when
Module::deserialize
was split out of
Module::new
long ago, so this adds the detection in the CLI to call
the appropriate method to load the module.Closes #3338
<!--
Please ensure that the following steps are all taken care of before submitting
the PR.
[ ] This has been discussed in issue #..., or if not, please tell us why
here.[ ] A short description of what this does, why it is needed; if the
description becomes long, the matter should probably be discussed in an issue
first.[ ] This PR contains test cases, if meaningful.
- [ ] A reviewer from the core maintainer team has been assigned for this PR.
If you don't know who could review this, please indicate so. The list of
suggested reviewers on the right can help you.Please ensure all communication adheres to the code of conduct.
-->
pchickey submitted PR review.
pchickey submitted PR review.
pchickey created PR review comment:
The versioning check does give us a small amount of additional safety, since that has to pass before we bincode::deserialize. Maybe worth mentioning?
peterhuene submitted PR review.
peterhuene created PR review comment:
Thoughts on peeking at the file and using
Module::deserialize_file
if ELF?
peterhuene submitted PR review.
alexcrichton submitted PR review.
alexcrichton created PR review comment:
Yeah the main thing we're worried about with
Module::deserialize
is that it's not safe to pass user-defined input into it because it's easy to construct an ELF file which executes arbitrary things but passes our deserialization. I do think, though, that we have enough checks in place to catch accidental usage without segfaulting.
alexcrichton updated PR #3343 from run-cwasm
to main
.
alexcrichton requested peterhuene for a review on PR #3343.
peterhuene submitted PR review.
alexcrichton updated PR #3343 from run-cwasm
to main
.
alexcrichton merged PR #3343.
Last updated: Dec 23 2024 at 12:05 UTC