|
Packit |
40c2f1 |
# Security overview
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
## General
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
libexif is a software library to process EXIF datablobs, which are usually
|
|
Packit |
40c2f1 |
embedded in JPEG files.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
It allows reading, writing, changing, and extraction (binary and textual versions)
|
|
Packit |
40c2f1 |
of this data.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
## Attack Surface
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
Any data blob put into the library should be assumed untrusted and
|
|
Packit |
40c2f1 |
potentially malicious.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
ABI parameters can be considered trusted.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
The primary attack scenario is processing of files for EXIF content
|
|
Packit |
40c2f1 |
extraction (displaying) via unattended services, up to and including
|
|
Packit |
40c2f1 |
webservices where files can be uploaded by potential attackers.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
## Bugs considered security issues
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
(Mostly for CVE assigments rules.)
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
Triggering memory corruption of any form is considered in scope.
|
|
Packit |
40c2f1 |
Triggering endless loops is considered in scope. (would block services)
|
|
Packit |
40c2f1 |
Triggering unintentional aborts is considered in scope.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
Common library usage patterns are in scope.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
Crashes during writing out of data as EXIF could be in scope.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
## Bugs not considered security issues
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
Crashes caused by debugging functionality are not in scope.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
## Bugreports
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
Bugreports can be filed as github issues.
|
|
Packit |
40c2f1 |
|
|
Packit |
40c2f1 |
If you want to report an embargoed security bug report, reach out to dan@coneharvesters.com.
|