[vtk-developers] Strange problem with vtkPLYReader

[Elvis Stansvik]

2017-08-10 19:59 GMT+02:00 Sean McBride <sean at rogue-research.com>:
> On Thu, 10 Aug 2017 13:38:28 -0400, Will Schroeder said:
>
>>>In which case one may reasonably argue that the PLYReader is indeed broken,
>>>for failing to reject invalid files.
>>
>>You are opening a can of worms here. I would humbly suggest that in most
>>all file formats in VTK if the data is invalid then bad things will happen.
>
> Yup, which is a huge weakness of VTK, IMNSHO.
>
>>If you want to make a sanity check as part of the read process then do it
>>as an optional step because fully vetting data can take forever.
>
> Vetting the data does take time, yes.  Sometimes the code can be factored such that the validation happens at one level, and some lower level function can assume it's valid.
>
> But the alternative is crashing upon invalid data.  That's bad, especially when dealing with data from untrusted sources like files or the network.  This is how we're in a world where opening maliciously crafted jpeg/pdf/font/etc files can be used to run arbitrary code and do all kinds of nastiness.

+1

I would think that for most applications, crashing hard upon opening a
faulty file is not an option, and not having the library fail
gracefully just forces applications to vet the data themselves, which
in some (many?) cases may be even more costly than had the library
done it during loading. I think the Robustness principle very much
applies here [1].

But yes, time...

Elvis

[1] https://en.wikipedia.org/wiki/Robustness_principle

>
> If I had infinite time, fuzzing the VTK readers would be a fun project...
>
> Sean
>
>
> _______________________________________________
> Powered by www.kitware.com
>
> Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html
>
> Search the list archives at: http://markmail.org/search/?q=vtk-developers
>
> Follow this link to subscribe/unsubscribe:
> http://public.kitware.com/mailman/listinfo/vtk-developers
>