Atkelar (atkelar) wrote,
Atkelar
atkelar

WTF coding #5 - Specifications.

Recently (i.e. about three years ago) I aquired a new hobby: implement internet standards. It is rather time consuming, yes... so far I've succeeded in writing my own implementation of several cryptography algorithms (RSA, AES, SHA-2, PBKDF2 to name most of them) and to get several protocols to a "running in test environment" stage both as server and as client: DNS, IRC, SMTP, POP3, HTTP and I also have a half-finished TLS implementation around. All done in C# to prove it can be done.

Needless to say that all of the above required reading a LOT of specifications (mostly RFCs). I think I should have compiled a "highlights of WTF-RFC" way back when I first came across something like that. But today I saw one again and I'd like to share it as an example. Recent implementation ideas drifted towards a graphics library and I started with the GIF format decoding. The specs are available here: http://www.w3.org/Graphics/GIF/spec-gif89a.txt

...and right there, chapter 20 (page 13) is a little gem. I quote:

"Values: 0 - Local Color Table is not present. Use Global Color Table if available."

Innocent enough when you just read it. But try to put that into code... it leaves an empty code path:

if (hasLocalTable)
{
	UseLocalTable();
}
else
{
	if (hasGlobalTable)
		UseGlobalTable();
	else
		????!!!!
}


And let me tell you, the specs of our beloved internet are FULL of these omissions that let programmers create loopy implementations left and right. DON'T you ever curse any one company or project team anymore! Sometimes there are "undefined" situations in the specs and god knows how the software is going to react then.

Why am I so upset? Because I want to write a STABLE implementation. That means that I check every possible misuse of parameters and values inside the files that I read. There have been numerous attacks through wonky image decoders in web browsers dating back to the mid-90's with an animated GIF that would nuke your Netscape Navigator... including countdown :D

So: While a VALID GIF will have either local or global color table, a crafted, malicious one might not. My code is going to "throw" up a matching error... but what does other code do?
Tags: programming, security, software development, technology, wtf
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 2 comments