[Gdal-dev] GDAL and Security Issues
Frank Warmerdam
warmerdam at pobox.com
Thu Oct 14 10:19:13 EDT 2004
Folks,
I just read a new security notice about an image file being a potential
security hole, this time with Solaris and Xpm files. Past alerts have included
jpeg files and png files (via libz) and a few others I can't recall. The
libtiff team has also received and corrected a number of security related
issues with libtiff.
The point I would like to make in this email is that GDAL format drivers are
likely to contain bugs that would allow "hostile" image files to cause a stack
overrun, and potentially result in a security breach.
Folks who are opening files from untrusted sources should take this risk into
account. In normal day to day use this isn't likely a big risk, but it does
exist. The risk is likely greater in cases where GDAL is used in a server
that accepts arbitrary input files from untrusted users over the Internet.
In addition to the risk of attackers preparing hostile files specifically
intended to exploit holes in GDAL, there are also likely to be holes in the
various supporting libraries such as libtiff, libpng, libjpeg and even the
commercial libraries such as those used for ECW, MrSID and JPEG2000. The
chance of bugs in these more widely used libraries being exploited is
proportionately higher.
While it is image files that have gotten most of the attention in security
alerts lately, similar issues could occur with vector files and OGR.
I will take reasonable steps to avoid problems in code I write, and to
updated to fixed versions of public libraries after a fix but ultimately
I take no responsibility for the "safety" of GDAL. I also welcome feedback
on perceived security issues in GDAL or supporting libraries, or even funding
for a more indepth audit of GDAL code for security issues.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam at pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | Geospatial Programmer for Rent
More information about the Gdal-dev
mailing list