The Story
Media decoders have historically been fertile ground for memory safety vulnerabilities. This is because they are complex, heavily used, and commonly processing untrusted data from networks.
AV1 is set to become one of the most important media formats on the Internet. As it becomes more widely used, we want people to have access to a decoder that is as memory safe as reasonably possible while delivering great performance. No such decoder exists today. We are building one.
What We've Done
We've engaged the team at Immunant as well as veteran media codec expert Frank Bossen to work on our decoder, named rav1d. Work started on March 1, 2023.
What's Next
The initial release of rav1d is nearly ready as of July 2024. The code is fully functional and memory safe, only some final stretch optimization work remains.
Links
More from the Prossimo blog
A Safer High Performance AV1 Decoder
Memory safety for a major source of exploitable vulnerabilities.
Funders
