Closed lum1n0us closed 3 months ago
yamt
commented
3 months ago btw, does it make much sense to perform fuzzing on the aot loader? (i guess it's what you are doing. this is just a guess because i have no access to the given oss-fuzz url.) unlike wasm modules, we somehow need to trust aot modules in some extent anyway.
lum1n0us
commented
3 months ago It is a problem. We're kind of hesitant to do that(fix aot related problems).
We do need to trust aot modules but also want to robust(for aot_loader) and protection(since there is no case for wamrc currently). So, we are using a "better than nothing" policy until figure it out clearly.
lum1n0us
commented
3 months ago
69920