I'm trying to understand the threat level of the following scenario in a web application:
- Web app contains a C++ component compiled to Wasm by Emscripten
- Runs 3rd party Wasm blobs (assume fully untrusted)
- Assume neither blob can call back to JS via import/export
- All Wasm blobs share memory
So, obviously a malicious blob could clobber the memory used by the C++ component. I'm wondering how likely it is that it could somehow run arbitrary JS in the context of the web app, ie. inject a script via some of the hooks emscripten puts into Module.
Thanks!!