That claim sounds implausible - the memory usage patterns should not be a function of untrusted input.
Or heck, .doc or .psd, which are basically just memcpy’d internal structures of Word and Photoshop respectively.
-
-
That's basically XCF too. https://github.com/GNOME/gimp/blob/master/devel-docs/xcf.txt … They're collaborating with the Krita developers to make https://en.wikipedia.org/wiki/OpenRaster as a replacement. It's probably going to be even more complex though since they're going to want to add more capabilities.
-
The solution to the problem cannot be not making this kind of software, or somehow getting users not to exchange media files, image editing files, word processor documents, etc. Really just parse the file format in a memory safe language without dynamic code execution.
- 16 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.