|
Revision tags: dev, v36.0.9, v44.0.1, v43.0.2, v36.0.8, v24.0.8, v44.0.0, v43.0.1, v42.0.2, v36.0.7, v24.0.7, v43.0.0, v42.0.1 |
|
| #
301dc716 |
| 24-Feb-2026 |
Alex Crichton <[email protected]> |
Fix two security advisories. (#12652)
* Fix two security advisories.
This commit contains merged fixes for two security advisories in
Wasmtime:
* GHSA-852m-cvvp-9p4w
* GHSA-243v-98vx-264h
This in
Fix two security advisories. (#12652)
* Fix two security advisories.
This commit contains merged fixes for two security advisories in
Wasmtime:
* GHSA-852m-cvvp-9p4w
* GHSA-243v-98vx-264h
This introduces new knobs to Wasmtime to limit the scope of resources
that WASI implementations will allocate on behalf of guests. Unlike
backports to 41.0.x-and-prior these knobs all have default values which
are considered reasonable for hosts if they don't further tune them. The
following CLI knobs have been added:
* `-Smax-resources` - limits the total component-model resources a guest
can allocate in a table
* `-Shostcall-fuel` - a broad limit which enforces that at most this
amount of data will be copied from the guest to the host in any one
API call (e.g. `string` values can't be too big, `list<string>` can't
be quadratic, etc). This fuel is reset on each host function call.
* `-Smax-random-size` - the maximal size of the return value of the
`get-random-bytes` and `get-insecure-random-bytes` WASI functions.
* `-Smax-http-fields-size` - a limit on the size of `wasi:http` `fields`
values to avoid infinitely buffering data within the host.
The `http` crate has additionally been updated to avoid a panic when
adding too many headers to a `fields` object.
Co-authored-by: Mark Bundschuh <[email protected]>
Co-authored-by: Pat Hickey <[email protected]>
Co-authored-by: Joel Dice <[email protected]>
* CI fixes
* Run rustfmt
* Fix wasi-common build
* Fix tests on 32-bit
* Fix nightly test expectations
prtest:full
---------
Co-authored-by: Mark Bundschuh <[email protected]>
Co-authored-by: Pat Hickey <[email protected]>
Co-authored-by: Joel Dice <[email protected]>
show more ...
|
|
Revision tags: v41.0.4, v42.0.0, v40.0.4, v36.0.6, v24.0.6, v41.0.3, v41.0.2, v41.0.1, v36.0.5, v40.0.3, v41.0.0, v36.0.4, v39.0.2, v40.0.2, v40.0.1, v40.0.0, v39.0.1, v39.0.0, v38.0.4, v37.0.3, v36.0.3, v24.0.5, v38.0.3, v38.0.2, v38.0.1 |
|
| #
b315a0a8 |
| 14-Oct-2025 |
Yosh <[email protected]> |
Rename test programs (#11828)
* exclude DS_Store files from git diffs
* "preview" -> "p" prefix in test programs
* fix test building
* prefix http tests as p2_http
* rename more tests
* rename
Rename test programs (#11828)
* exclude DS_Store files from git diffs
* "preview" -> "p" prefix in test programs
* fix test building
* prefix http tests as p2_http
* rename more tests
* rename another file
* get more tests to pass
* fix build.rs
* finish renaming tests
* undo DS_Store addition
* fix remaining naming issues
* debug print on failing test
* debug again
* again
* remove debug annotations
* prefix cli_serve_sleep
* final touches
show more ...
|