On 13 Jul 2015 00:12, "Yuri" <y...@rawbw.com> wrote: > It is nothing inherently unsafe in pdf format itself, and any other document formats aren't any safer. You probably confuse pdf and PostScript, which is more like a programming language.
No I think we are definitely talking about PDF files in this thread. History has shown that whenever there is any kind of non-trivial parsing involved with an application then there is a high risk of exploitable bugs. Just look at how many CVEs get posted against things like web browsers, packet sniffers, document viewers. Even things like compression implementations and XML parsers have the occasional vulnerability. PDF parsers have it particularly bad since the PDF format specification is very big and complex and controlled by a single organisation which is desperately trying to retain market share by piling on new features. PostScript is something entirely unrelated. It is a way of describing the layout of documents with words, like a very early CSS or Latex. I remember claims about it being Turing complete but I think that this is in a similar spirit to C++ templates being Turing complete. I have doubts over whether it has enough IO capabilities to do anything malicious on its own. You do raise an interesting point regarding embedded JavaScript inside PDF files which can also be used to exploit vulnerabilities in the viewer. Many PDF viewers will execute this code without the user even knowing about it. If a PDF convertor ignores these embedded scripts then I think that is a definite bonus point for Niels' conversion strategy. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk