Definitely. So many exploits start with decoders, for images, PDFs, and other data formats. Any safety you can add helps. It also makes for a good Rust candidate because it's likely a fairly...
Definitely. So many exploits start with decoders, for images, PDFs, and other data formats. Any safety you can add helps. It also makes for a good Rust candidate because it's likely a fairly self-contained module, and won't need to interact much with other code.
This makes a lot of sense for Mozilla, and I could also see Google coming to to same conclusion with Chromium, now that they're starting to integrate Rust as well. Back in 2021, everything was still being written in C++. Dark times.
Generally I think AVIF makes more sense than JPEG-XL as a web (lossy) format, however the support for progressive decoding could be very useful to some websites. Additionally, it makes it easier to handle formats created by other tools when they're able to be displayed nicely in browsers.
I think this is the right approach. Image decoders are ripe for exploitation, and an excellent candidate for implementation in Rust.
Definitely. So many exploits start with decoders, for images, PDFs, and other data formats. Any safety you can add helps. It also makes for a good Rust candidate because it's likely a fairly self-contained module, and won't need to interact much with other code.
This makes a lot of sense for Mozilla, and I could also see Google coming to to same conclusion with Chromium, now that they're starting to integrate Rust as well. Back in 2021, everything was still being written in C++. Dark times.
Generally I think AVIF makes more sense than JPEG-XL as a web (lossy) format, however the support for progressive decoding could be very useful to some websites. Additionally, it makes it easier to handle formats created by other tools when they're able to be displayed nicely in browsers.