| 10 | |
| 11 | '''1. Security enhancements'''[[BR]] |
| 12 | |
| 13 | Due to its nature of dealing essentially with external input, mostly on the form of files, but also network |
| 14 | exchanges, GDAL/OGR can be exposed to various threats regarding its security of use. |
| 15 | The page http://trac.osgeo.org/gdal/wiki/SecurityIssues summarizes such issues. |
| 16 | |
| 17 | The project consists of : |
| 18 | * manual code auditing to detect and fix issues, |
| 19 | * use of automatic fuzzing tools to stress-test the library (such as [http://lcamtuf.coredump.cx/afl/ afl]), |
| 20 | * development and use of generic classes/methods/practices (e.g. detection of integer overflows) to ease robust development. |
| 21 | * exploring sandboxing solutions to write drivers compatible with the Linux [http://en.wikipedia.org/wiki/Seccomp seccomp] mechanism could be a way of limiting the effects of bugs in drivers. This could be conceptually an extension of the [http://www.gdal.org/gdal_api_proxy.html GDAL API Proxy mechanism] (GDAL core communicating via a pipe with the drivers), with also redirection of low level routines. |
| 22 | |
| 23 | Students that want to apply for this subject will have to priorly demonstrate their capabilities |
| 24 | and interest in the topic, for example by identifing a few existing defects in the code base |
| 25 | and propose ways of addressing them. |
| 26 | |
| 27 | Skills: |
| 28 | * programming skills needed - C/C++, awareness of software security issues and practices related to those languages |
| 29 | * difficulty level - moderate/high |
| 30 | |
| 31 | Possible mentor/co-mentor: Even Rouault (even.rouault at spatialys.com) |