为什么苹果仍然允许格式不正确的媒体文件到达解码器 – 以及如何阻止这一现象
提议:一个内存安全的预解码验证层,用于媒体输入(如 MP4、MOV 等),苹果可以在不更改现有解码器的情况下进行部署。<p>消除了一个类别的零点击漏洞。没有格式破坏。无需修补。<p>https://jam2we5b3a.medium.com/this-is-the-future-apple-should-already-be-shipping-054c69d78e50
查看原文
Proposed: a memory-safe, pre-decoder validator layer for media inputs (MP4, MOV, etc) that Apple could deploy without changing existing decoders.<p>Eliminates a class of zero-click exploits. No format breakage. No patching.<p>https://jam2we5b3a.medium.com/this-is-the-future-apple-should-already-be-shipping-054c69d78e50