English

SeeWasm: An Efficient and Fully-Functional Symbolic Execution Engine for WebAssembly Binaries

Cryptography and Security 2024-08-19 v1 Software Engineering

Abstract

WebAssembly (Wasm), as a compact, fast, and isolation-guaranteed binary format, can be compiled from more than 40 high-level programming languages. However, vulnerabilities in Wasm binaries could lead to sensitive data leakage and even threaten their hosting environments. To identify them, symbolic execution is widely adopted due to its soundness and the ability to automatically generate exploitations. However, existing symbolic executors for Wasm binaries are typically platform-specific, which means that they cannot support all Wasm features. They may also require significant manual interventions to complete the analysis and suffer from efficiency issues as well. In this paper, we propose an efficient and fully-functional symbolic execution engine, named SeeWasm. Compared with existing tools, we demonstrate that SeeWasm supports full-featured Wasm binaries without further manual intervention, while accelerating the analysis by 2 to 6 times. SeeWasm has been adopted by existing works to identify more than 30 0-day vulnerabilities or security issues in well-known C, Go, and SGX applications after compiling them to Wasm binaries.

Keywords

Cite

@article{arxiv.2408.08537,
  title  = {SeeWasm: An Efficient and Fully-Functional Symbolic Execution Engine for WebAssembly Binaries},
  author = {Ningyu He and Zhehao Zhao and Hanqin Guan and Jikai Wang and Shuo Peng and Ding Li and Haoyu Wang and Xiangqun Chen and Yao Guo},
  journal= {arXiv preprint arXiv:2408.08537},
  year   = {2024}
}

Comments

Accepted by ISSTA'24 Demo Track, the tool can be accessed at https://github.com/PKU-ASAL/SeeWasm

R2 v1 2026-06-28T18:14:25.507Z