Shipping new Firefox code that parses untrusted data from the network normally r... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		swift on Sept 4, 2016 \| parent \| context \| favorite \| on: FLAC Support in Firefox 51 Shipping new Firefox code that parses untrusted data from the network normally requires security view, and a new fuzzer for the data format in question is usually written. There's lots of process and infrastructure around this sort of thing at Mozilla. This is sometimes handled in a separate bug from the one implementing the feature. I'm surprised that the corresponding security review bug isn't linked from the FLAX bug, though, which may be an oversight. (Or it may be the non-public blocking bug, and it's non-public because an issue was found.)

sitkack on Sept 6, 2016 [–]

Now that I think of it, the majority of this work should have been done in JS land, with the heaviest decoding being exposed as a document._firefox.media.flac_decode() method that takes a buffer of flac stream. That one flac stream could be formally verified, everything else lives in user land.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact