| #
a1a74d3a |
| 17-Mar-2026 |
Bailey Hayes <[email protected]> |
WASIP3 HTTP return error for TooManyFields/TotalSizeTooBig (#12788)
* WASIP3 HTTP return error for TooManyFields/TotalSizeTooBig
Return new error from
* WASIP3 HTTP split tests between p2/p3
p2 c
WASIP3 HTTP return error for TooManyFields/TotalSizeTooBig (#12788)
* WASIP3 HTTP return error for TooManyFields/TotalSizeTooBig
Return new error from
* WASIP3 HTTP split tests between p2/p3
p2 cases unchanged (they trap before break is reached).
p3 cases assert the guest exited successfully and
that it printed "error received", confirming the limit was actually enforced.
show more ...
|
| #
511638f5 |
| 10-Mar-2026 |
Alex Crichton <[email protected]> |
Refactor `wasi:http` headers' host representation (#12754)
* Refactor `wasi:http` headers' host representation
This commit is a follow-on/extension of #12748 and extends the changes
made for WASIp2
Refactor `wasi:http` headers' host representation (#12754)
* Refactor `wasi:http` headers' host representation
This commit is a follow-on/extension of #12748 and extends the changes
made for WASIp2 headers in #12652 to the WASIp3 implementation as well.
This is done through a number of refactorings to make the WASIp2 and
WASIp3 implementations more similar in terms of how they represent
headers. Changes here are:
* `FieldMap` now has its own dedicated module at the crate root instead
of intermingling with other WASIp2 types.
* `FieldMap` is now internally-`Arc`'d and is cheaply clonable.
`FieldMap` itself now tracks whether it's mutable or immutable (WASI
semantics) and doesn't need different wrappers in WASIp2 and WASIp3.
* Creation of an immutable `FieldMap` can be done without needing a size
limit. Flagging a `FieldMap` as mutable, however, requires a size limit.
* `FieldMap::set` was added to be a bit more efficient w.r.t. clones.
* `FieldMapError` is a new error type that covers all of the possible
error modes of operating with a `FieldMap`. Conversions from this to
WASIp{2,3} `header-error` types are now implemented as well.
* WASIp2 now flags `header-error` as a trappable-error-type, allowing
the use of `?` in implementing header functions (like WASIp3).
* Much of WASIp2's header implementation was refactored with `?`, moving
methods around, shuffling where headers are made vs `FieldMap`, some
minor idioms, etc.
* WASIp3 no longer uses `MaybeMutable` for headers and instead uses
`FieldMap` directly.
cc #12674
* Clippy warnings
show more ...
|
| #
301dc716 |
| 24-Feb-2026 |
Alex Crichton <[email protected]> |
Fix two security advisories. (#12652)
* Fix two security advisories.
This commit contains merged fixes for two security advisories in
Wasmtime:
* GHSA-852m-cvvp-9p4w
* GHSA-243v-98vx-264h
This in
Fix two security advisories. (#12652)
* Fix two security advisories.
This commit contains merged fixes for two security advisories in
Wasmtime:
* GHSA-852m-cvvp-9p4w
* GHSA-243v-98vx-264h
This introduces new knobs to Wasmtime to limit the scope of resources
that WASI implementations will allocate on behalf of guests. Unlike
backports to 41.0.x-and-prior these knobs all have default values which
are considered reasonable for hosts if they don't further tune them. The
following CLI knobs have been added:
* `-Smax-resources` - limits the total component-model resources a guest
can allocate in a table
* `-Shostcall-fuel` - a broad limit which enforces that at most this
amount of data will be copied from the guest to the host in any one
API call (e.g. `string` values can't be too big, `list<string>` can't
be quadratic, etc). This fuel is reset on each host function call.
* `-Smax-random-size` - the maximal size of the return value of the
`get-random-bytes` and `get-insecure-random-bytes` WASI functions.
* `-Smax-http-fields-size` - a limit on the size of `wasi:http` `fields`
values to avoid infinitely buffering data within the host.
The `http` crate has additionally been updated to avoid a panic when
adding too many headers to a `fields` object.
Co-authored-by: Mark Bundschuh <[email protected]>
Co-authored-by: Pat Hickey <[email protected]>
Co-authored-by: Joel Dice <[email protected]>
* CI fixes
* Run rustfmt
* Fix wasi-common build
* Fix tests on 32-bit
* Fix nightly test expectations
prtest:full
---------
Co-authored-by: Mark Bundschuh <[email protected]>
Co-authored-by: Pat Hickey <[email protected]>
Co-authored-by: Joel Dice <[email protected]>
show more ...
|