Can we just not process weird file formats people receive by iMessage/text?
Reading this WebP vulnerability report and I got to the words “lossless image compression” and “Huffman encoded Huffman tables” and I am trying to understand what we’re doing here other than paying for exploit developers’ kids’ orthodontia. https://blog.isosceles.com/the-webp-0day/
Step 1: support two image formats. Step 2: if someone needs to send some weird image format to you, they convert it to one of the two formats that your phone’s formally-verified software can read.
@matthew_d_green The whole point of compressing images is that your phone receives fewer bytes. If we didn't care how many bytes it receives we'd do exactly what you said with some format equivalent to PNM.
@robryk The problem isn’t that we compress the images. It’s that we support weird formats *and* require decoding of those weird old formats to be blazing fast. What if we just picked a couple of good formats with fast decoders, and made everything else slower? Computers are fast as hell now.
@matthew_d_green BTW you might find https://github.com/google/wuffs interesting.
