Comment by pbmahol
7 months ago
Is there scientific proof of above claim such as "WASM sandboxing is pretty good!" ?
At least most if not all ffmpeg decoders and demuxers are fuzzed all the time and any found issue is addressed.
7 months ago
Is there scientific proof of above claim such as "WASM sandboxing is pretty good!" ?
At least most if not all ffmpeg decoders and demuxers are fuzzed all the time and any found issue is addressed.
Fuzzing is good, robust sandboxing is better, I'd argue. There's just a much smaller surface area to cover for the latter.
> Is there scientific proof of above claim such as "WASM sandboxing is pretty good!" ?
I'm not aware of quantitative studies, but just from a design perspective, the surface that a WASM runtime presents seems intrinsically easier to defend than that of, say, the full Unix userspace that ffmpeg instances usually run in.
Anecdotally, many high-profile iOS and Android vulnerabilities originated in some more or less obscure codec implementation.