HackerTrans
TopNewTrendsCommentsPastAskShowJobs

andrewmd5

no profile record

Submissions

We made the dev tier free. Go nuts. – Rainway

rainway.com
2 points·by andrewmd5·4 lata temu·0 comments

Why should 0 be a “boring” value in an enum?

github.com
1 points·by andrewmd5·4 lata temu·0 comments

How we added support for Rust to our schema language

rainway.com
2 points·by andrewmd5·5 lat temu·0 comments

NPM silently suspended package adoption after mistakenly transferring one to me

twitter.com
3 points·by andrewmd5·5 lat temu·0 comments

comments

andrewmd5
·4 lata temu·discuss
Afghanistan?
andrewmd5
·5 lat temu·discuss
It is to support finding devices you can cast to inside the app (like conference calling boxes.)
andrewmd5
·5 lat temu·discuss
If you can recreate a file so it’s hash matches known CP then that file is CP my dude. The probability of just two hashes accidentally colliding is approximately: 4.3*10-60

Even if you do a content aware hash where you break the file into chunks and hash each chunk, you still wouldn’t be able to magically recreate the hash of a CP file without also producing part of the CP.
andrewmd5
·5 lat temu·discuss
The overhead of stream abstractions is negligible if your goal is security when processing arbitrary input files provided from a zero-trust environment.

In environments where you’re prioritizing performance I’d still argue streams are likely your best bet when the size of the file to be parsed is not a constant. You wouldn’t want to load 50 large files into ram on a server environment let alone a phone.

If your input buffer is a bunch of tiny 10 KB files and you trust them? Sure, load them into memory and access their indices on the stack. Make sure you reuse the buffer to avoid unnecessary allocations.

If you want parallel processing with zero-allocations then streams with an array pool for their backing buffer are the best bet.

Not loading arbitrary files into memory will always be safer than doing so.

As for decoding - I believe the functions for validating if an array of bytes is an image should be far removed from the decoding and presentation of those bytes to the frame buffer. You don’t need to decode a JPG to validate that a file is a JPG. It either conforms to the standard or it doesn’t; the pixel data is irrelevant.
andrewmd5
·5 lat temu·discuss
If your goal is validation (i.e. this is a JPG/PNG) and stripping of EXIF data it is entirely possible to write your own parser in a managed and safe language in less than 500 lines of code without sacrificing any performance.

Don’t load them into memory, parse them as a stream byte-by-byte in accordance with the standard for the codec, check every offset before seeking, and reject images that don’t conform to the standard.

And of course, a ton of fuzzing to accompany it.
andrewmd5
·5 lat temu·discuss
The binary is that big on Linux because the debug symbols are embedded in the executable. You need to strip them.