-
Notifications
You must be signed in to change notification settings - Fork 419
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
About Instagram's flaw #380
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Instagram had a security vulnerability. Instagram uses MozJPEG. These two facts were somewhat conflated in the vulnerability report that gets reposted all over the Internet right now.
MozJPEG is NOT affected by this vulnerability. The issue was in Facebook's own integration code, unique to Instagram only.
There will be no MozJPEG patches in response to that report, because there's nothing to fix on MozJPEG's side.
The problem was in how Instagram allocated memory for its image buffer. Instagram used the C programming language, where such basic operation is evidently error-prone and dangerous. Integer overflow in size passed to
malloc
allowed out-of-bounds writes. C doesn't check whether buffers are large enough, and even makes it tricky to correctly check for integer overflow due to signed overflow being specified as Undefined Behavior. It's a very common problem, so it's possible that other applications written in C that use MozJPEG, or libjpeg-turbo, or other image libraries have similar flaws. However, this issue is not in MozJPEG itself. MozJPEG makes it application's responsibility to allocate output image buffers. To mitigate such issues, we recommend using MozJPEG from a safe programming language like Rust.The text was updated successfully, but these errors were encountered: