is it me or does ios have a myriad of cves in in the image processing/decoder stack? You'd think they'd sandbox in some kind of memory safe framework/lang by now?
Apple should formalize the iMessage de facto DeviceAndAccountTakeover() API call. I lost count how many zero-click it has. Tim Apple can take the privacy high road all day but it doesn't matter if the code is rotten.
Also image formats are fairly stable, so they are a good candidate for a verified F* parser. Not sure how easy it is for pdf, maybe start with a reasonable subset of it.
Good luck doing that for stuff like PDF which can include JavaScript in the PDF file itself, or SVG+PDF which both can include raw font files, another reliable source of exploits.
PDF/A-1 and PDF/UA require unicode mapping, so embedded font files might be not as critical, you can just render unicode text, and javascript is routinely banned for being inaccessible.
unfortunately sandboxes also have bugs which allows for RCE. this is typically called a "full chain" because it chains together a series of bugs (initial decoder exploit + sandbox escape exploit) to gain full RCE
https://citizenlab.ca/2025/06/first-forensic-confirmation-of...
https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zer...
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage...
https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hac...