Wasmati: An efficient static vulnerability scanner for WebAssembly

WebAssembly is a new binary instruction format that allows targeted compiled code written in high-level languages to be executed with near-native speed by the browser’s JavaScript engine. However, given binaries can from unsafe like C/C++, classical vulnerabilities such as buffer overflows or strings transferred over original programs down cross-compiled binaries. As result, this possibility of incorporating modules has widened attack surface modern web applications. This paper presents Wasmati, static analysis tool for finding security It based on generation property graph (CPG), program representation previously adopted detecting various but hitherto unapplied WebAssembly. We formalize definition CPG WebAssembly, introduce techniques generate complex and present four different query specification traversing program’s CPG. implemented ten queries capturing vulnerability types extensively tested Wasmati heterogeneous datasets. show scale CPGs large real-world applications efficiently find all our types. have also collected wild identified several potential vulnerabilities, some which we manually confirmed exist unless enclosing application properly sanitizes interaction affected