You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Wuffs is a memory-safe programming language (and a standard library written in that language) for Wrangling Untrusted File Formats Safely. Wrangling includes parsing, decoding and encoding. Example file formats include images, audio, video, fonts and compressed archives.
Wuffs the Library is available as transpiled C code. Other C/C++ projects can use that library without requiring the Wuffs the Language toolchain. Those projects can use Wuffs the Library like using any other third party C library.
I was wondering if something like this could be used for image decoding for the purpose of improving security (and likely performance).
It may not support as many formats as pillow but it could act as safe guard for common formats, reducing the risk of image decoder bugs leading to serious vulnerabilities.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
As per https://github.com/google/wuffs
I was wondering if something like this could be used for image decoding for the purpose of improving security (and likely performance).
It may not support as many formats as pillow but it could act as safe guard for common formats, reducing the risk of image decoder bugs leading to serious vulnerabilities.
Beta Was this translation helpful? Give feedback.
All reactions