You used to be able to get arbitrary code execution with format string bugs via the ‘%n’ modifier.
Nowadays you typically only get information disclosure since many C compilers disallow the use of the
%n modifier because of its security implications. The situation is the same with Wasm – it doesn’t
appear to be possible to get arbitrary code execution, but information disclosure is indeed possible.
By entering a suitable input, we can leak out the value of the variable ‘secret_password’: