With Cranelift, it is currently possible for a malicious actor to do a JIT bomb. Wasmtime currently provides a single-pass compiler that should prevent this called Winch.
Possible solution design or implementation
Switch from Cranelift to Winch to prevent potential JIT bombs.
Summary
With Cranelift, it is currently possible for a malicious actor to do a JIT bomb. Wasmtime currently provides a single-pass compiler that should prevent this called Winch.
Possible solution design or implementation
Switch from Cranelift to Winch to prevent potential JIT bombs.