Format string bug

string %x%x%x%x %x%x%x %x%x%x%x%x%x%x%x%x%x%x%x%x

You used to be able to get arbitrary code execution with format string bugs via the ‘%n’ modifier. Nowadays you typically only get information disclosure since many C compilers disallow the use of the %n modifier because of its security implications. The situation is the same with Wasm – it doesn’t appear to be possible to get arbitrary code execution, but information disclosure is indeed possible. By entering a suitable input, we can leak out the value of the variable ‘secret_password’:

            
#include 
#include 

#ifdef __EMSCRIPTEN__
#include 
#endif

void EMSCRIPTEN_KEEPALIVE format_string_bug(char *str) {
  char secret_password[] = "MyP@ssw0rd!!";
  printf("you entered = ");
  printf(str);
  printf("\n");
}