pogmommy/zellij
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(plugins): address potential security issue (#2830)

Browse source 
* set static_memory_bound to 0
* add explanatory comment
This commit is contained in:
Thomas Linford 2023-10-02 10:42:30 +02:00 committed by GitHub
parent 7ccefc0d6c
commit 9f130a3ef9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
zellij-server/src/lib.rs
View file

@ -910,8 +910,17 @@ fn init_session(
#[cfg(not(feature = "singlepass"))] #[cfg(not(feature = "singlepass"))]
fn get_store() -> Store { fn get_store() -> Store {
use wasmer::{BaseTunables, Cranelift, Engine, Pages, Target};
log::info!("Compiling plugins using Cranelift"); log::info!("Compiling plugins using Cranelift");
Store::new(wasmer::Cranelift::default())
// workaround for https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ff4p-7xrq-q5r8
let mut tunables = BaseTunables::for_target(&Target::default());
tunables.static_memory_bound = Pages(0);
let compiler = Cranelift::default();
let mut engine: Engine = compiler.into();
engine.set_tunables(tunables);
Store::new(engine)
} }
#[cfg(feature = "singlepass")] #[cfg(feature = "singlepass")]