Vorbis dev - Aug 2001 - Will Vorbis happily decode packets with random data?

> For my application there's been some talk of people hiding viruses in
> Vorbis files.  While the possibility's remote, I'm exploring ways
to
> verify that a give file really is a Vorbis file, and doesn't even have
> long streaches of executable code in the middle of it.
> 
> If a file has valid Ogg page structure, and a valid Vorbis header, but
> somewhere in the file a packet has been replaced with arbitrary data
> (say Windows executable code), will the decoder notice this?  For
> example, will it get into some invalid state which it notices, and
> return an error code?  Or will it happily produce bogus output, unaware
> that there's a problem?
And how exactly is this a risk?  Do you think the sound driver is going
to magically start executing code?  Vorbis doesn't execute the sound, it
only does some math on it and sends it to the next part of the pipeline.

Also, since Vorbis treats everything as float and then casts to int
(normally) as a final step, I don't think any executable would survive
this format.

Certainly if it's a bad vorbis packet, the engine will kick it back.
It's designed to be tolerant of bad data, but it will let you know bad
data is there.

Unlike some other companies, we don't make libraries with full scripting
interfaces built in, along with operating systems that blinding trust
everything you download :)

jack.

--- >8 ----
List archives:  http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to
'vorbis-dev-request@xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.

I'm searching for a similar trick for checking files to be added to
myplay.
> If it will notice the problem, then I can check for valid Vorbisness by
> decoding the file.  If not, then I'll need to think of something else.
Ummm - isn't this a bad idea if the files is designed to exploit a
buffer overflow in the decoder? Unless your scanning server is running
in a non-target environment?

-- 
Scott Manley (AKA Szyzyg)
Streaming Media Hacker
www.myplay.com

--- >8 ----
List archives:  http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to
'vorbis-dev-request@xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.

Hi,

For my application there's been some talk of people hiding viruses in
Vorbis files.  While the possibility's remote, I'm exploring ways to
verify that a give file really is a Vorbis file, and doesn't even have
long streaches of executable code in the middle of it.

If a file has valid Ogg page structure, and a valid Vorbis header, but
somewhere in the file a packet has been replaced with arbitrary data
(say Windows executable code), will the decoder notice this?  For
example, will it get into some invalid state which it notices, and
return an error code?  Or will it happily produce bogus output, unaware
that there's a problem?

If it will notice the problem, then I can check for valid Vorbisness by
decoding the file.  If not, then I'll need to think of something else.

Thanks,
Martin

--- >8 ----
List archives:  http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to
'vorbis-dev-request@xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.

On Wed, Aug 08, 2001 at 12:16:58PM -0400, Martin C. Martin
wrote:
> Hi,
> 
> For my application there's been some talk of people hiding viruses in
> Vorbis files.  While the possibility's remote, I'm exploring ways
to
> verify that a give file really is a Vorbis file, and doesn't even have
> long streaches of executable code in the middle of it.
> 
> If a file has valid Ogg page structure, and a valid Vorbis header, but
> somewhere in the file a packet has been replaced with arbitrary data
> (say Windows executable code), will the decoder notice this?  
If the random data was inserted into a file after it was generated,
the affected page will be rejected.  The checksum on the page will
fail.  If it was added between pages or after the stream, it will also
be rejected.

If the random packet was inserted into the stream at generation time
(and fed through the paging/checksumming mechanism within Corbis), it
might get as far as decode, but will possibly still get kicked bad.
Worst case, it will decode as noise.

Monty

--- >8 ----
List archives:  http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to
'vorbis-dev-request@xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.