Android N Media Stack Sandboxing Could Protect Against Future 'Stagefright' Vulnerabilities

[Lucian Armasu]

Android N will bring a cleaner codebase for the mediaserver library (preventing future attacks) as well as sandboxing for various media components to limit an attacker's capabilities.

Android N Media Stack Sandboxing Could Protect Against Future 'Stagefright' Vulnerabilities : Read more

 

[hellwig]

I wonder if people understand the impact of these sorts of changes. Look at the code example, it took one assembly instruction and turned it into multiple instructions include three comparisons and a conditional branch.

Yes it's safer, but it's a LOT more complex. Imagine if it injected this code for EVERY arithmetic operation. They even admit they left some overflows alone for "performance", does that mean they're now performing assembly-level reviews on their applications?

 

[wifiburger]

I remember codding in my C++ class and our group has to protect every function from overflow attacks, It was stupid, annoying and time consumming