Add structural validation layer and harden install scripts#8
Merged
Conversation
Foundation for the structural validation layer that checks image header integrity beyond magic byte detection. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Structural validation layer that checks image header integrity beyond magic byte detection. Each validator performs lightweight checks: - PNG: IHDR chunk presence, width/height > 0 - JPEG: valid marker after SOI (0xC0-0xFE range) - GIF: Logical Screen Descriptor width/height > 0 - TIFF: IFD offset within valid range - BMP: DIB header size matches known valid values - WebP: VP8/VP8L/VP8X chunk header presence - HEIC/AVIF: ftyp box size sanity check - PDF: rejects files with /JS, /JavaScript, /OpenAction, /AA, /Launch Also adds validationFailed case to XPBCError. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Covers all 8 format validators plus text passthrough: - PNG: valid, too short, missing IHDR, zero width/height - JPEG: valid, no marker prefix, invalid range, too short - GIF: valid, zero width/height, too short - TIFF: valid LE/BE, offset too small/exceeds data, too short - BMP: valid DIB sizes (40, 124), invalid size, too short - WebP: VP8/VP8L/VP8X valid, unknown chunk, too short - HEIC/AVIF: valid, box size too small/exceeds data - PDF: valid, /JS, /JavaScript, /OpenAction, /AA, /Launch - Text: always valid Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Validation runs by default after format detection. If the image header is malformed, xpbc exits with error code 1 and a descriptive message. Use --no-validate to skip validation for trusted inputs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Adds Important limitations subsection to Security section explaining that structural validation cannot detect crafted exploit payloads, decompression bombs, or obfuscated PDF active content. Warns against piping untrusted data. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Validate INSTALL_DIR is an absolute path and does not contain '..' - Download checksums.txt from release and verify SHA256 before extraction - Use curl -fsSL to fail on HTTP errors - Send error messages to stderr Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Validate VERSION_STRING matches semver format vX.Y.Z - Change sed delimiter from '/' to '|' to prevent injection via version string - Send error messages to stderr Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Generate SHA256 checksums.txt and upload as release asset - Explicitly set packages, issues, pull-requests permissions to none Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ape injection When decodeText falls back to Latin-1 encoding, strip C0 control characters (except tab, newline, carriage return) and DEL (0x7F) to prevent potential terminal escape sequence injection from untrusted input. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Critical: - ByteReader: Convert to Data extension with Optional return and boundary checks to prevent out-of-bounds crashes Warning: - DataValidator: Replace Dictionary lookup with exhaustive switch so compiler catches missing validators when DataType grows - PDFValidator: Add boundary-aware keyword matching to reduce false positives (/JSActions, /AABattery no longer trigger), fail-close on decode failure - DataType: Add CustomStringConvertible for stable error messages - PasteboardWriter: Apply control character filter to UTF-8 text too (not just Latin-1 fallback), extract stripControlCharacters - install.sh: Add trap cleanup EXIT for intermediate file cleanup Suggestion: - FtypValidator: Add ISO BMFF comment for boxSize 0/1, explicit Int cast for UInt32/Int comparison - Tests: Add boundary value tests (PNG 29/28 bytes, ftyp boxSize==8), PDF false positive tests, total 69 test cases Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Warning fixes: - stripControlCharacters: Use allSatisfy over all Unicode scalars instead of first! to handle multi-scalar graphemes safely - PDFValidator: Add comment documenting hex escape bypass limitation - FtypValidator: Raise minimum ftyp box size from 8 to 12 per ISO 14496-12 (header 8 + major brand 4) - install.sh: Add VERSION format validation (semver pattern) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add ftyp boundary value test for boxSize=11 (just below minimum 12) - Make stripControlCharacters internal for testability - Add stripControlCharacters tests: ESC removal, tab/newline/CR preservation, NUL removal, multi-scalar grapheme passthrough - Total: 74 test cases Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add DataValidator and FormatValidator to data flow diagram - Document all 8 format validators and their specific checks - Document safe byte-reading Data extension (boundary-checked, Optional) - Document PDF boundary-aware keyword matching and hex escape limitation - Document control character stripping for terminal injection prevention - Update error handling table with validationFailed case - Update module boundaries with new public/internal types - Update "Adding a New Format" guide (now 7 steps including validator) - Update testing section: 74 tests across 2 suites with detailed breakdown Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--no-validateでスキップ可能Changes
Structural validation (8 validators)
/JS,/JavaScript,/OpenAction,/AA,/Launchwith boundary-aware matchingInstall/release hardening
install.sh: checksum verification, absolute path +..rejection,trap cleanup EXIT, VERSION semver checkrelease-artifactbundle.sh: version format validation, sed delimiter|release.yml:shasum -a 256checksums generation, explicitpermissionsOther
DataTypeconforms toCustomStringConvertiblefor stable error messagesByteReaderasDataextension with boundary-checked Optional returnsallSatisfyon all Unicode scalarsTest plan
swift test— 74 tests pass (24 detection + 50 validation)cat valid.png | xpbc→ image copied to clipboard--no-validatewith malformed data → validation skipped, clipboard writteninstall.shrejects relative paths and..paths🤖 Generated with Claude Code