wrv | 3 years ago | on: Finding and exploiting vulnerabilities in H.264 decoders [pdf]
We did find an H.265 issue, but the tool is not currently built to generate H.265 videos.
wrv's comments
wrv | 3 years ago | on: Finding and exploiting vulnerabilities in H.264 decoders [pdf]
The iOS issues were found by directly playing generated videos on an actual iPhone with iOS 13.3. The kernel panics helped guide us on where to look in Ghidra. Corellium was helpful for kernel debugging, and testing newer versions of iOS. Without Corellium, kernel debugging may have been more painful.
wrv | 3 years ago | on: Finding and exploiting vulnerabilities in H.264 decoders [pdf]
A Rust decoder was something discussed at the start, which is why we chose the language. As research goes, we primarily focused on just the H.264 syntax elements.
The Chromium folks are working on a Rust crate called cros-codecs [1] for VP8, VP9, and H.264 parameter set parsing, with VAAPI as a back-end.
[1] https://chromium.googlesource.com/crosvm/crosvm/+/42bdf1de57...
wrv | 3 years ago | on: Finding and exploiting vulnerabilities in H.264 decoders [pdf]
Hi, first author here! Thanks for sharing the paper. Check out our Mastodon thread for a high level overview of our findings: https://infosec.exchange/@wrv/110081590177440081
page 1