You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Instagram had a security vulnerability. Instagram uses MozJPEG. These two facts were somewhat conflated in the vulnerability report that gets reposted all over the Internet right now.
MozJPEG is NOT affected by this vulnerability. The issue was in Facebook's own integration code, unique to Instagram only.
There will be no MozJPEG patches in response to that report, because there's nothing to fix on MozJPEG's side.
The problem was in how Instagram allocated memory for its image buffer. Instagram used the C programming language, where such basic operation is evidently error-prone and dangerous. Integer overflow in size passed to malloc allowed out-of-bounds writes. C doesn't check whether buffers are large enough, and even makes it tricky to correctly check for integer overflow due to signed overflow being specified as Undefined Behavior. It's a very common problem, so it's possible that other applications written in C that use MozJPEG, or libjpeg-turbo, or other image libraries have similar flaws. However, this issue is not in MozJPEG itself. MozJPEG makes it application's responsibility to allocate output image buffers. To mitigate such issues, we recommend using MozJPEG from a safe programming language like Rust.
The text was updated successfully, but these errors were encountered:
mozilla
locked as resolved and limited conversation to collaborators
Sep 29, 2020
Instagram had a security vulnerability. Instagram uses MozJPEG. These two facts were somewhat conflated in the vulnerability report that gets reposted all over the Internet right now.
MozJPEG is NOT affected by this vulnerability. The issue was in Facebook's own integration code, unique to Instagram only.
There will be no MozJPEG patches in response to that report, because there's nothing to fix on MozJPEG's side.
The problem was in how Instagram allocated memory for its image buffer. Instagram used the C programming language, where such basic operation is evidently error-prone and dangerous. Integer overflow in size passed to
mallocallowed out-of-bounds writes. C doesn't check whether buffers are large enough, and even makes it tricky to correctly check for integer overflow due to signed overflow being specified as Undefined Behavior. It's a very common problem, so it's possible that other applications written in C that use MozJPEG, or libjpeg-turbo, or other image libraries have similar flaws. However, this issue is not in MozJPEG itself. MozJPEG makes it application's responsibility to allocate output image buffers. To mitigate such issues, we recommend using MozJPEG from a safe programming language like Rust.The text was updated successfully, but these errors were encountered: