WASM Support

Synopsis

WASM is relatively new to V8 and is very actively evolving, so it acts as an interesting attack vector with no CVEs ever.

Fuzzilli is built around JavaScript, but we want to adapt it to support this new surface area.

We'd probably be focusing around the places where JavaScript and WASM interoperate, as that seems to be where the most interesting CVEs/bugs are (says who??).

Progress

None so far.

Prior/External Work

(Built-in) Fuzzili Wasm

They just (Febuary) merged some preliminary WASM support, but there's still some missing stuff

Fuzzilli4Wasm

3 years old, unsure of how far they got in it, but apparently it can run.

(e.g. https://github.com/googleprojectzero/fuzzilli/issues/525)

V8 WASM "Fuzzing"

There's existing functionality in GenerateRandomWasmModule to generate random modules and seeing what happens.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

WASM Support

Synopsis

Progress

Prior/External Work

(Built-in) Fuzzili Wasm

Fuzzilli4Wasm

V8 WASM "Fuzzing"

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally