|
|
|
|
|
|
by cogman10
183 days ago
|
|
|
A curious search reveals that vulnerabilities that do exist are of 2 flavors. 1. Standard C memory vulnerabilities 2. Unsafe file traversal while unzipping The entire second class is avoided in a fixed file format. The first class of vulnerabilities plague everything. A quick look at libxml2 CVEs shows that. |
|
|
but yeah the first class of vulns is why we have advice like don’t run untrusted input, which is not dissimilar to “don’t unzip untrusted payloads”.