Hi, On 23/07/2020 19:50, Michael Richardson wrote:
Liang Xia via Datatracker <noreply@xxxxxxxx> wrote: > But about my one question, I have not seen any response or actions: "Issues for > clarification: In Security Considerations, besides the DoS attacks brought by > the malicious payloads, is there any other kinds of attack possibly? For > example, virus or worm are hidden in the malicious payloads to attack the > system for more damages? Does it make sense and what's the consideration?" Hi, thank you for the review comments. Aside from possible buffer-overflow attacks that would attempt to smash the stack of a process, none of the content carried in ffv1 is intended to be executable. A virus or worm hidden in the payload would be rendered as if it was visual data by normal software processing. Clearly, a malicious system could use the ffv1 format in an attempt to disquise itself, but that would take a co-consipirator to extract that content.
I second Michael on the lack of attack implying hidden content, as the expected output is only visual content.
I added a pull request on the spec for adding an explicit mention of the lack of content intended to be executed at https://github.com/FFmpeg/FFV1/pull/224 , in addition to fixes of issues found during last call review at https://github.com/FFmpeg/FFV1/pull/223
Jérôme -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call