yagehu opened issue #7051:
Test Case
(module (type (;0;) (func (param i32 i64 i64) (result i32))) (type (;1;) (func)) (type (;2;) (func (param i32))) (import "wasi_snapshot_preview1" "fd_fdstat_set_rights" (func $fd_fdstat_set_rights (type 0))) (import "wasi_snapshot_preview1" "proc_exit" (func $proc_exit (type 2))) (func $_start (type 1) i32.const 0 i64.const 3 i64.const 3 call $fd_fdstat_set_rights call $proc_exit ) (memory (;0;) 1) (export "memory" (memory 0)) (export "_start" (func $_start)) )
Steps to Reproduce
Run the above WAT code with Wasmtime and print the error code. For example:
wasmtime a.wat; echo $?
Expected Results
stdin
(fd value 0) starts with a fs_rights_base value of 2 (read). The above WAT snippet attempts to add a right to it by setting it to 3 (read + seek).According the preview1 spec for
fd_fdstat_set_rights
:Adjust the rights associated with a file descriptor. This can only be used to remove rights, and returns
errno::notcapable
if called in a way that would attempt to add rightsSo the expected exit status is 76 (notcapable).
Actual Results
The snippet exits with errno 0.
Versions and Environment
Wasmtime version or commit: v12.0.2
Operating system: Mac OSX Ventura 13.5.2
Architecture: amd64
Extra Info
This is not a security vulnerability because, in my limited testing, the right does not actually get updated.
yagehu added the bug label to Issue #7051.
alexcrichton commented on issue #7051:
Thanks for the report! The rights system has been removed from Wasmtime however in preparation of the removal of rights in WASI preview 2. That means that the documentation of preview1 is probably a bit out of date since it theoretically should be updated to mention this, but development work is centered around preview2 at this time instead of preview1.
Since this is intended behavior though I'm going to go ahead and close this, but I can reopen if there are other questions.
alexcrichton closed issue #7051:
Test Case
(module (type (;0;) (func (param i32 i64 i64) (result i32))) (type (;1;) (func)) (type (;2;) (func (param i32))) (import "wasi_snapshot_preview1" "fd_fdstat_set_rights" (func $fd_fdstat_set_rights (type 0))) (import "wasi_snapshot_preview1" "proc_exit" (func $proc_exit (type 2))) (func $_start (type 1) i32.const 0 i64.const 3 i64.const 3 call $fd_fdstat_set_rights call $proc_exit ) (memory (;0;) 1) (export "memory" (memory 0)) (export "_start" (func $_start)) )
Steps to Reproduce
Run the above WAT code with Wasmtime and print the error code. For example:
wasmtime a.wat; echo $?
Expected Results
stdin
(fd value 0) starts with a fs_rights_base value of 2 (read). The above WAT snippet attempts to add a right to it by setting it to 3 (read + seek).According the preview1 spec for
fd_fdstat_set_rights
:Adjust the rights associated with a file descriptor. This can only be used to remove rights, and returns
errno::notcapable
if called in a way that would attempt to add rightsSo the expected exit status is 76 (notcapable).
Actual Results
The snippet exits with errno 0.
Versions and Environment
Wasmtime version or commit: v12.0.2
Operating system: Mac OSX Ventura 13.5.2
Architecture: amd64
Extra Info
This is not a security vulnerability because, in my limited testing, the right does not actually get updated.
Last updated: Dec 23 2024 at 12:05 UTC