Categories
Development

Can you verify security of my 2 small C and JS code?

Please, I declare two pointers array in C code, but I will use it with malloc in javascript.
I want to know if my C code is secure I mean when I just reserve a place in memory and as long as it’s just a declaration of a pointer nobody (hackers) has access to it.

My C code:

void addOne(int* input_ptr, int* output_ptr, int len)
    {

    int i;
    for(i = 0; i < len; i++)
        output_ptr[i] = input_ptr[i] ;

    }

the function addone will be used in javascript with webassembly like this (I will use malloc):

var addOne = Module.cwrap("addOne", null, ["number", "number", "number"]);
var input_array = new Int32Array([10, 2, 3, 5, 0]);
var len = input_array.length;                          
var bytes_per_element = input_array.BYTES_PER_ELEMENT;   


var input_ptr = Module._malloc(len * bytes_per_element);
var output_ptr = Module._malloc(len * bytes_per_element);

Module.HEAP32.set(input_array, input_ptr / bytes_per_element); 
addOne(input_ptr, output_ptr, len);                           
var output_array = new Int32Array(Module.HEAP32.buffer, output_ptr, len);

console.log("The output array is:", output_array);

Module._free(input_ptr);
Module._free(output_ptr);

From what i read on the internet i must not be afraid of malloc in javascript since there is a standbox.

Thanks in advance.

Leave a Reply

Your email address will not be published. Required fields are marked *