On 10/29/21 3:53 PM, Lennart Poettering wrote: > On Fr, 29.10.21 13:57, David Cantrell (dcantrell@xxxxxxxxxx) wrote: > >> Has there been any consideration for potential security risks with >> regards to the data in this string? Of concern to me are encoding >> formats, size limits or reporting, and structure formats. The >> proposal notes JSON, which has been involved in security related >> problems in the past. > > One of the reasons we are sticking to JSON here is so that we can use > battle-tested parsers we already use for other stuff. you want a > parser that is already used, verified, tested elsewhere, and JSON > makes that easy. A homegrown parser of an entirely new special purpose > format is a lot more problematic security-wise. Does there need to be any parsing at all? WireGuard avoids the problem by only using fixed-size fields, so one only needs to check that the field is of the correct length. Qubes OS uses the same solution in at least its GUI protocol. Sincerely, Demi Marie Obenour (she/her/hers)
Attachment:
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
