libwebp
safety-dance
libwebp | safety-dance | |
---|---|---|
13 | 8 | |
1,913 | 518 | |
0.9% | 0.0% | |
8.8 | 0.0 | |
5 days ago | about 2 years ago | |
C | ||
BSD 3-clause "New" or "Revised" License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libwebp
-
Google assigns a CVE for libwebp and gives it a 10.0 score
The thing that concerns me most is looking at the fix it is very difficult to see why this fix is correct. It also appears as there is lots of code without explicit bounds checks. It makes me worried because while the logic may be safe this makes the logic very complex. I wonder what the cost would be to add an explicit, local bounds check at every array access. This would serve as a backup that is much easier to verify. I suspect the cost would be relatively small. Small enough that I personally would be happy to pay it.
https://github.com/webmproject/libwebp/commit/902bc919033134...
This is also a great reminded that fuzzing isn't a solution to memory unsafe languages and libraries. If anything the massive amount of bugs found via fuzzing should scare us as it is likely only scratching the surface of the vulnerabilities that still lie in the code, a couple too many branches away from being likely to be found by fuzzing.
-
The WebP 0day
There's a follow-up fix, according to Debian[0]: https://github.com/webmproject/libwebp/commit/95ea5226c87044...
[0]: https://security-tracker.debian.org/tracker/CVE-2023-4863
-
CVE-2023-4863: Heap buffer overflow in WebP (Chrome)
The breakage [0] was introduced by the creator [1] of the project. If you want to audit 1674 commits over the past 12 years, it'd be easier to just audit the full project.
[0] https://github.com/webmproject/libwebp/commit/21735e06f7c1cb...
[1] https://github.com/webmproject/libwebp/commit/c3f41cb47e5f32...
- Convenient CPU feature detection and dispatch in the Magnum Engine
-
Whats going on with .webp and why are more and more internet images being converted to it?
If you like the command line, then you can use ffmpeg and ImageMagick, or use libwebp directly
-
What's up with people hating WebP?
The webp parser code is open source. Which means that even if Google decides to hide/obscure the code for webp, they'd legally not be allowed to prevent you from using older versions of the webp parser library. The only thing they could do is patent it, and then companies in the US (which has software patents, unfortunately) would have to pay royalties to decode it anyway; but here comes the next point
safety-dance
-
The WebP 0day
[2]: https://github.com/rust-secure-code/safety-dance
-
Do you ever use unsafe { .. } when not implementing custom data structures or interacting with external C code?
The most "virtuous"/desirable statement in this topic is probably the "100% safe code now - while being faster than the C version!" on the rust-secure-code/safety-dance entry for miniz_oxide.
-
Good example of high performance Rust project without unsafe code?
According to the rust-secure-code/safety-dance trophy case, their audit left miniz_oxide 100% safe and faster than the C version.
- Hey Rustaceans! Got an easy question? Ask here (50/2021)!
-
Rust Vs. Go Random Observations
Efforts that don't try to pick winners, but just to help packages that already exist, like Rust Safety Dance and developing tools like Miri. (And that dependency-improving sprint, the name of which eludes me, but which was mentioned in TWIR a while ago.)
-
Fast and robust e-mail parsing library for Rust
I'm similarly iffy on using a parser for something as web-exposed as e-mail which uses unsafe for a performance boost without a thumbs-up from someone like /u/Shnatsel and the Safety Dance.
-
Weird architectures weren't supported to begin with
Since this all happened, the safety-dance project has come into existence, which aims to channel the mob into doing useful things, not just piling onto someone who's got different views on what they want from Rust.
-
Is there anyone looking for GSOC student for a Rust project ? (or just a contributor for a project ?)
https://github.com/rust-secure-code/safety-dance is always looking for contributors.
What are some alternatives?
libjpeg-turbo - Main libjpeg-turbo repository
stdx - The missing batteries of Rust
Save-webP-as-extension - Firefox extension to overlay format and JPEG quality buttons on inline or stand-alone images for quickly saving a converted version of the image.
ttf-parser - A high-level, safe, zero-allocation TrueType font parser.
BrowserBoxPro - :cyclone: BrowserBox is Web application virtualization via zero trust remote browser isolation and secure document gateway technology. Embed secure unrestricted webviews on any device in a regular webpage. Multiplayer embeddable browsers, open source! [Moved to: https://github.com/BrowserBox/BrowserBox]
actix-net - A collection of lower-level libraries for composable network services.
image - [mirror] Go supplementary image libraries
json-benchmark - nativejson-benchmark in Rust
libavif - libavif - Library for encoding and decoding .avif files
sandbox - A sand simulation game
Electron - :electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS
image-png - PNG decoding and encoding library in pure Rust