alee/relicario
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity

fix(wasm): impl Drop for SessionHandle clears registry entry

Browse Source 
Closes the P1.1 defense-in-depth gap: wasm-bindgen's auto-generated
.free() previously dropped the SessionHandle wrapper (a u32) without
removing the SESSIONS HashMap entry, leaving the master key and
image_secret in WASM linear memory until JS explicitly called
lock(handle). Drop now wires .free() to session::remove, and the
new native test pins the contract.

Refs: docs/superpowers/specs/2026-05-04-security-polish-design.md (Phase 1)
Refs: docs/superpowers/reviews/2026-05-04-architecture-review.md (P1.1)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
adlee-was-taken
2026-05-06 01:52:24 -04:00
parent bd3d53fddb
commit 1e858e1d1f
3 changed files with 56 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/relicario-wasm/tests/session_drop.rs Normal file
View File

@@ -0,0 +1,16 @@
//! Belt-and-suspenders companion to the native `dropping_session_handle_clears_registry_entry`
//! test in `lib.rs`. This file exists for `wasm-pack test --node` symmetry; the
//! native test in the same crate is what gates CI.
use wasm_bindgen_test::wasm_bindgen_test;
use relicario_wasm::{__test_make_handle, __test_session_exists};
#[wasm_bindgen_test]
fn dropping_session_handle_clears_registry_entry() {
let handle = __test_make_handle();
let id = handle.value();
assert!(__test_session_exists(id));
drop(handle);
assert!(!__test_session_exists(id));
}