piecrust icon indicating copy to clipboard operation
piecrust copied to clipboard

Published 20 hours ago verified publisher icon dusk-network

Prevent JIT bomb attacks

Open HDauven opened this issue 10 months ago • 1 comments

Summary

With Cranelift, it is currently possible for a malicious actor to do a JIT bomb. Wasmtime currently provides a single-pass compiler that should prevent this called Winch.

Possible solution design or implementation

Switch from Cranelift to Winch to prevent potential JIT bombs.

HDauven avatar Apr 08 '24 15:04 HDauven