Can we just not process weird file formats people receive by iMessage/text?
Reading this WebP vulnerability report and I got to the words “lossless image compression” and “Huffman encoded Huffman tables” and I am trying to understand what we’re doing here other than paying for exploit developers’ kids’ orthodontia. https://blog.isosceles.com/the-webp-0day/
Step 1: support two image formats. Step 2: if someone needs to send some weird image format to you, they convert it to one of the two formats that your phone’s formally-verified software can read.
“Oh but there’s a library that…” no no no there isn’t a library for that. That library is like the iPhone’s headphone jack, you need to forget it exists.
“But weird image formats you’ve never heard of need to be decoded very efficiently, and that means risky table construction and direct memory manipulation…” actually maybe we just make weird image formats really slow and safe instead.