GitHub - fastzip/malo

Malo is a resource for those writing security-minded file formats.

Each of the archive/compression formats has subdirectories named:

accept (valid by the spec)
iffy (weird, but technically valid and unambiguous)
malicious (weird, plausibly valid but in a bad/ambiguous way)
reject (invalid by the spec)

A permissive decoder may accept all of them. A security-minded one accepts only the accept group and rejects everything else.

The contributors believe there to be the beginnings of parser differentials invited by accepting any of iffy or malicious (for example, ignoring checksums).

SPDX-License-Identifier: CC0-1.0 OR BSD-2-Clause

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
.github/workflows		.github/workflows
_src/malo		_src/malo
_tests		_tests
deflate		deflate
nar		nar
tar		tar
zar		zar
zip		zip
zstd		zstd
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
conftest.py		conftest.py
pytest.ini		pytest.ini
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages