Avatar for the contentauth user
contentauth
c2pa-rs
BlogDocsChangelog

fix: Harden JUMB embed media description box parser against integer underflow attack

#1950Merged
Comparing
ssanthosh/vulnerability_fixes_integer_underflow_EmbedMediaDesc_parser
(
c151f95
) with
main
(
f4eaf9e
)
CodSpeed Performance Gauge
-1%
Untouched
32
Skipped
2

Benchmarks

34 total
sign 100kb wav
sdk/benches/sign.rs::benches::sign_wav
CodSpeed Performance Gauge
+1%
4.5 ms4.4 ms
read 100kb-signed.tiff (with manifest)
sdk/benches/read.rs::benches::read_tiff
CodSpeed Performance Gauge
+1%
2.7 ms2.7 ms
read 100kb-signed.wav (with manifest)
sdk/benches/read.rs::benches::read_wav
CodSpeed Performance Gauge
0%
4.7 ms4.7 ms
read 100kb-signed.gif (with manifest)
sdk/benches/read.rs::benches::read_gif
CodSpeed Performance Gauge
0%
4.6 ms4.5 ms
read 100kb-signed.svg (with manifest)
sdk/benches/read.rs::benches::read_svg
CodSpeed Performance Gauge
0%
8.5 ms8.5 ms
read 100kb-signed.mp3 (with manifest)
sdk/benches/read.rs::benches::read_mp3
CodSpeed Performance Gauge
0%
5 ms5 ms
read 100kb-signed.png (with manifest)
sdk/benches/read.rs::benches::read_png
CodSpeed Performance Gauge
0%
12 ms12 ms
sign 100kb gif
sdk/benches/sign.rs::benches::sign_gif
CodSpeed Performance Gauge
0%
470.5 KB470.5 KB
read 100kb-signed.svg (with manifest)
sdk/benches/read.rs::benches::read_svg
CodSpeed Performance Gauge
0%
233.8 KB233.8 KB
read 100kb-signed.gif (with manifest)
sdk/benches/read.rs::benches::read_gif
CodSpeed Performance Gauge
0%
166.4 KB166.4 KB
read 100kb-signed.wav (with manifest)
sdk/benches/read.rs::benches::read_wav
CodSpeed Performance Gauge
0%
274.1 KB274.1 KB
sign 100kb mp3
sdk/benches/sign.rs::benches::sign_mp3
CodSpeed Performance Gauge
0%
516.7 KB516.7 KB
sign 100kb png
sdk/benches/sign.rs::benches::sign_png
CodSpeed Performance Gauge
0%
518.2 KB518.2 KB
sign 100kb wav
sdk/benches/sign.rs::benches::sign_wav
CodSpeed Performance Gauge
0%
581.6 KB581.6 KB
read 100kb-signed.jpg (with manifest)
sdk/benches/read.rs::benches::read_jpeg
CodSpeed Performance Gauge
0%
750.4 KB750.4 KB
read 100kb-signed.mp4 (with manifest)
sdk/benches/read.rs::benches::read_mp4
CodSpeed Performance Gauge
0%
166.6 KB166.6 KB
sign 100kb jpeg
sdk/benches/sign.rs::benches::sign_jpeg
CodSpeed Performance Gauge
0%
517.9 KB517.9 KB
read 100kb-signed.mp3 (with manifest)
sdk/benches/read.rs::benches::read_mp3
CodSpeed Performance Gauge
0%
203.5 KB203.5 KB
read 100kb-signed.tiff (with manifest)
sdk/benches/read.rs::benches::read_tiff
CodSpeed Performance Gauge
0%
112 KB112 KB
sign 100kb tiff
sdk/benches/sign.rs::benches::sign_tiff
CodSpeed Performance Gauge
0%
238.7 KB238.7 KB
sign 100kb svg
sdk/benches/sign.rs::benches::sign_svg
CodSpeed Performance Gauge
0%
480.7 KB480.7 KB
sign 100kb mp4
sdk/benches/sign.rs::benches::sign_mp4
CodSpeed Performance Gauge
0%
464.1 KB464.1 KB
read 100kb-signed.png (with manifest)
sdk/benches/read.rs::benches::read_png
CodSpeed Performance Gauge
0%
790.5 KB790.5 KB
read 100kb-signed.jpg (with manifest)
sdk/benches/read.rs::benches::read_jpeg
CodSpeed Performance Gauge
0%
12 ms12 ms
read 100kb-signed.mp4 (with manifest)
sdk/benches/read.rs::benches::read_mp4
CodSpeed Performance Gauge
0%
4.8 ms4.8 ms

Commits

Click on a commit to change the comparison range
Base
main
f4eaf9e
-0.94%
fix: Harden JUMB embed media description box parser against integer underflow attack
c151f95
1 month ago
by ssanthosh
© 2026 CodSpeed Technology
Home Terms Privacy Docs