Hacker News new | past | comments | ask | show | jobs | submit login

Couple of interesting things in the post that aren't about 'what to patch now'

It can be quite a bit of work to recreate a POC of the exploit even knowing the location and the fix.

A lossless decompressor in an image decoder can be quite fuzzing resistant.

Maybe obvious to security people but fun to read about as a muggle.




The answer to this stuff isn't to fuzz, it's to cut this code out like it's a tumor. Then if it breaks stuff throughout the OS/browser, write one heavily sandboxed and memory-safe format converter that can handle the problem. I'd rather have an iPhone or browser that is annoying in a few edge cases than have code like this where vulnerabilities are almost guaranteed (irrespective of fuzzing.) I know I'm being optimistic here, but I'm positive this won't the last chapter in this story.


I'm positive this won't the last chapter in this story

I'm sure you're right about that.'Fuzzing resistant, takes human-directed fuzzing to recreate a PoC' seemed fun, but, as you say, that's the magic of memory unsafety.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: