BREWasm: A General Static Binary Rewriting Framework for WebAssembly | SpringerLink
Skip to main content
Springer Nature Link
Log in

BREWasm: A General Static Binary Rewriting Framework for WebAssembly

  • Conference paper
  • First Online:
Static Analysis (SAS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14284))

Included in the following conference series:

Abstract

Binary rewriting is a widely adopted technique in software analysis. WebAssembly (Wasm), as an emerging bytecode format, has attracted great attention from our community. Unfortunately, there is no general-purpose binary rewriting framework for Wasm, and existing effort on Wasm binary modification is error-prone and tedious. In this paper, we present BREWasm, the first general purpose static binary rewriting framework for Wasm, which has addressed inherent challenges of Wasm rewriting including high complicated binary structure, strict static syntax verification, and coupling among sections. We perform extensive evaluation on diverse Wasm applications to show the efficiency, correctness and effectiveness of BREWasm. We further show the promising direction of implementing a diverse set of binary rewriting tasks based on BREWasm in an effortless and user-friendly manner.

S. Cao and N. He—The first two authors contribute equally.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 9380
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 11725
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The second line, denoted by L2. We adopt such notations in the following.

  2. 2.

    In this work, the binary rewriting specifically refers to the static binary rewriting.

References

  1. Leb128 algorithm (2023). https://en.wikipedia.org/wiki/LEB128

  2. Official webpage (2023). https://webassembly.org/docs/use-cases/

  3. Structured control flow (2023). https://tinygo.org/docs/guides/webassembly/

  4. Alliance, B.: GitHub wasm-tools repository (2023). https://github.com/bytecodealliance/wasm-tools/tree/main/crates/wasm-mutate

  5. Becker, M., Baldin, D., Kuznik, C., Joy, M.M., Xie, T., Mueller, W.: XEMU: an efficient QEMU based binary mutation testing framework for embedded software. In: Proceedings of the Tenth ACM International Conference on Embedded Software, pp. 33–42 (2012)

    Google Scholar 

  6. Bhattarai, S.: Github zig-wasm-dom repository (2023). https://shritesh.github.io/zig-wasm-dom/

  7. Brito, T., Lopes, P., Santos, N., Santos, J.F.: Wasmati: an efficient static vulnerability scanner for WebAssembly. Comput. Secur. 118, 102745 (2022)

    Article  Google Scholar 

  8. Bruening, D., Amarasinghe, S.: Efficient, transparent, and comprehensive runtime code manipulation. Ph.D. thesis, Massachusetts Institute of Technology, Department of Electrical Engineering ... (2004)

    Google Scholar 

  9. Cabrera Arteaga, J., et al.: Superoptimization of WebAssembly bytecode. In: Companion Proceedings of the 4th International Conference on Art, Science, and Engineering of Programming, pp. 36–40 (2020)

    Google Scholar 

  10. Cabrera-Arteaga, J., Monperrus, M., Toady, T., Baudry, B.: WebAssembly diversification for malware evasion. arXiv preprint arXiv:2212.08427 (2022)

  11. Charriere, M.: LOFIMUSIC website (2023). https://lofimusic.app/collegemusic-lonely

  12. Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: Proceedings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 184–196 (1998)

    Google Scholar 

  13. De Sutter, B., De Bus, B., De Bosschere, K.: Link-time binary rewriting techniques for program compaction. ACM Trans. Programm. Lang. Syst. (TOPLAS) 27(5), 882–945 (2005)

    Article  Google Scholar 

  14. Duck, G.J., Gao, X., Roychoudhury, A.: Binary rewriting without control flow recovery. In: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 151–163 (2020)

    Google Scholar 

  15. EOSIO: EOSIO official website (2023). https://eos.io/

  16. Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: a retrospective. In: Proceedings of the 1999 Workshop on New Security Paradigms, pp. 87–95 (1999)

    Google Scholar 

  17. Haas, A., et al.: Bringing the web up to speed with webassembly. In: Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 185–200 (2017)

    Google Scholar 

  18. Hall, A., Ramachandran, U.: An execution model for serverless functions at the edge. In: Proceedings of the International Conference on Internet of Things Design and Implementation, pp. 225–236 (2019)

    Google Scholar 

  19. He, N., et al.: EOSAFE: Security analysis of EOSIO smart contracts. In: USENIX Security Symposium, pp. 1271–1288 (2021)

    Google Scholar 

  20. He, N., et al.: Eunomia: enabling user-specified fine-grained search in symbolically executing WebAssembly binaries. arXiv preprint arXiv:2304.07204 (2023)

  21. Hilbig, A., Lehmann, D., Pradel, M.: An empirical study of real-world WebAssembly binaries: security, languages, use cases. In: Proceedings of the Web Conference 2021, pp. 2696–2708 (2021)

    Google Scholar 

  22. Hundt, R.: HP caliper: a framework for performance analysis tools. IEEE Concurr. 8(4), 64–71 (2000)

    Article  Google Scholar 

  23. Kim, T., et al.: RevARM: a platform-agnostic arm binary rewriter for security applications. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 412–424 (2017)

    Google Scholar 

  24. Lehmann, D., Kinder, J., Pradel, M.: Everything old is new again: binary security of WebAssembly. In: Proceedings of the 29th USENIX Conference on Security Symposium, pp. 217–234 (2020)

    Google Scholar 

  25. Lehmann, D., Pradel, M.: Wasabi: a framework for dynamically analyzing WebAssembly. In: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 1045–1058 (2019)

    Google Scholar 

  26. Lehmann, D., Pradel, M.: Finding the dwarf: recovering precise types from WebAssembly binaries. In: Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation, pp. 410–425 (2022)

    Google Scholar 

  27. Lehmann, D., Torp, M.T., Pradel, M.: Fuzzm: finding memory bugs through binary-only instrumentation and fuzzing of WebAssembly (2021). https://arxiv.org/pdf/2110.15433.pdf

  28. Luk, C.K., et al.: Pin: building customized program analysis tools with dynamic instrumentation. ACM SIGPLAN Not. 40(6), 190–200 (2005)

    Article  Google Scholar 

  29. Mäkitalo, N., et al.: WebAssembly modules as lightweight containers for liquid IoT applications. In: Brambilla, M., Chbeir, R., Frasincar, F., Manolescu, I. (eds.) ICWE 2021. LNCS, vol. 12706, pp. 328–336. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-74296-6_25

    Chapter  Google Scholar 

  30. McSema: GitHub McSema repository (2023). https://github.com/lifting-bits/mcsema

  31. MDN: MDN web docs website (2023). https://developer.mozilla.org/en-US/docs/WebAssembly/Rust_to_wasm

  32. Musch, M., Wressnegger, C., Johns, M., Rieck, K.: New kid on the web: a study on the prevalence of WebAssembly in the wild. In: Perdisci, R., Maurice, C., Giacinto, G., Almgren, M. (eds.) DIMVA 2019. LNCS, vol. 11543, pp. 23–42. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22038-9_2

    Chapter  Google Scholar 

  33. Muth, R., Debray, S.K., Watterson, S., De Bosschere, K.: Alto: a link-time optimizer for the Compaq alpha. Softw. Pract. Exp. 31(1), 67–101 (2001)

    Article  Google Scholar 

  34. Nagy, S., Nguyen-Tuong, A., Hiser, J.D., Davidson, J.W., Hicks, M.: Breaking through binaries: compiler-quality instrumentation for better binary-only fuzzing. In: 30th USENIX Security Symposium (2021)

    Google Scholar 

  35. Naseem, F.N., Aris, A., Babun, L., Tekiner, E., Uluagac, A.S.: MINOS: a lightweight real-time cryptojacking detection system. In: NDSS (2021)

    Google Scholar 

  36. Nieke, M., Almstedt, L., Kapitza, R.: EdgeDancer: secure mobile WebAssembly services on the edge. In: Proceedings of the 4th International Workshop on Edge Systems, Analytics and Networking, pp. 13–18 (2021)

    Google Scholar 

  37. Payer, M., Barresi, A., Gross, T.R.: Fine-grained control-flow integrity through binary hardening. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 144–164. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-20550-2_8

    Chapter  Google Scholar 

  38. Pilfold, L.: Rustexp website (2023). https://rustexp.lpil.uk/

  39. PyPI: PyPI cyleb128 library (2023). https://pypi.org/project/cyleb128/

  40. Shenton, C.: GitHub kingling repository (2023). https://github.com/cshenton/kindling

  41. Srivastava, A., Eustace, A.: ATOM: a system for building customized program analysis tools. In: Proceedings of the ACM SIGPLAN 1994 Conference on Programming Language design and Implementation, pp. 196–205 (1994)

    Google Scholar 

  42. Stiévenart, Q., Binkley, D.W., De Roover, C.: Static stack-preserving intra-procedural slicing of WebAssembly binaries. In: Proceedings of the 44th International Conference on Software Engineering, pp. 2031–2042 (2022)

    Google Scholar 

  43. Stiévenart, Q., De Roover, C., Ghafari, M.: Security risks of porting c programs to WebAssembly. In: Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing, pp. 1713–1722 (2022)

    Google Scholar 

  44. Strackx, R., Piessens, F.: Fides: selectively hardening software application components against kernel-level or process-level malware. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 2–13 (2012)

    Google Scholar 

  45. Suedmeier, E.: wasm-basic-triangle website (2023). https://shritesh.github.io/zig-wasm-dom/

  46. Takahiro: NES-rust-ecsy website (2023). https://takahirox.github.io/nes-rust-ecsy/index.html

  47. Tian, L., Shi, Y., Chen, L., Yang, Y., Shi, G.: Gadgets splicing: dynamic binary transformation for precise rewriting. In: 2022 IEEE/ACM International Symposium on Code Generation and Optimization (CGO), pp. 155–167. IEEE (2022)

    Google Scholar 

  48. TinyGo: TinyGo official docs webpage (2023). https://tinygo.org/docs/guides/webassembly/

  49. Ts, J.: GitHub clockexample-go-webassembly repository (2023). https://github.com/Yaoir/ClockExample-Go-WebAssembly

  50. Turner, A.: GitHub wasm-by-example repository (2023). https://github.com/torch2424/wasm-by-example/tree/master/examples/reading-and-writing-audio/demo/go

  51. WABT: WABT tool website (2023). https://github.com/WebAssembly/wabt

  52. Wang, W., Ferrell, B., Xu, X., Hamlen, K.W., Hao, S.: SEISMIC: SEcure in-lined script monitors for interrupting cryptojacks. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018, Part II. LNCS, vol. 11099, pp. 122–142. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_7

    Chapter  Google Scholar 

  53. WAPM: base64-cli app in WAPM (2023). https://takahirox.github.io/nes-rust-ecsy/index.html

  54. wasabi: GitHub wasabi repository (2023). https://github.com/danleh/wasabi

  55. WAVM: GitHub WAVM repository (2023). https://github.com/WAVM/WAVM/tree/master/Test/wasi

  56. WebAssembly: WebAssembly specification webpage (2023). https://webassembly.github.io/spec/core/binary/index.html

  57. WebAssembly: WebAssembly static validation algorithm (2023). https://webassembly.github.io/spec/core/appendix/algorithm.html

  58. WebAssembly: WebAssembly website (2023). https://webassembly.org/

  59. Williams-King, D., et al.: Egalito: layout-agnostic binary recompilation. In: Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 133–147 (2020)

    Google Scholar 

  60. Xu, Y., Xu, Z., Chen, B., Song, F., Liu, Y., Liu, T.: Patch based vulnerability matching for binary programs. In: Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 376–387 (2020)

    Google Scholar 

  61. Zakai, A.: Emscripten: an LLVM-to-Javascript compiler. In: Proceedings of the ACM International Conference Companion on Object Oriented Programming Systems Languages and Applications Companion, pp. 301–312 (2011)

    Google Scholar 

  62. Zhang, Y., et al.: Characterizing and detecting webassembly runtime bugs. arXiv preprint arXiv:2301.12102 (2023)

Download references

Acknowledgement

We have great thanks to all anonymous reviewers and our shepherd, Prof. Jingling Xue. This work was supported in part by National Key R &D Program of China (2021YFB2701000), the National Natural Science Foundation of China (grants No.62072046 and 62141208), and Xiaomi Young Talents Program.

Author information

Authors and Affiliations

  1. Beijing University of Posts and Telecommunications, Beijing, China

    Shangtong Cao

  2. Key Lab on HCST (MOE), Peking University, Beijing, China

    Ningyu He & Yao Guo

  3. Huazhong University of Science and Technology, Wuhan, China

    Haoyu Wang

Authors
  1. Shangtong Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ningyu He
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yao Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Haoyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haoyu Wang .

Editor information

Editors and Affiliations

  1. U. Politécnica de Madrid (UPM) and IMDEA Software Institute, Pozuelo de Alarcón, Madrid, Spain

    Manuel V. Hermenegildo

  2. U. Politécnica de Madrid (UPM) and IMDEA Software Institute, Pozuelo de Alarcon, Spain

    José F. Morales

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cao, S., He, N., Guo, Y., Wang, H. (2023). BREWasm: A General Static Binary Rewriting Framework for WebAssembly. In: Hermenegildo, M.V., Morales, J.F. (eds) Static Analysis. SAS 2023. Lecture Notes in Computer Science, vol 14284. Springer, Cham. https://doi.org/10.1007/978-3-031-44245-2_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-44245-2_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-44244-5

  • Online ISBN: 978-3-031-44245-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics