Re: Are WAV files dangerous?

From: Lassi Hippeläinen (lahippel_at_ieee.orgies.invalid)
Date: 08/17/04


Date: Tue, 17 Aug 2004 11:09:32 GMT

Bill Unruh wrote:

> The question is how tightly the standards constrain the file.

No. The question is what happens when the file doesn't conform to the
standard. A parser shouldn't crash at the first non-conformance. It
should be robust enough to either ignore the errors or reject the data.

Many exploits discovered by the PROTOS test suite (including SNMP
implementations!) were holes left by too trusting programmers.

-- Lassi