Zip linting and bzip2 in Rust
More secure handling of popular archive formats
Zip is a widely used format for distributing files. It is a rather permissive file format, opening the door to various attacks such as zip bombs. The `bzip2` compression format is still used in many legacy settings. Consequently, it is part of the supply chain of many projects. To mitigate these risks, this project will deliver a) a zip linter checking for suspicious file contents in zip files and b) a memory-safe implementation of bzip2 through drop-in replacements of the libraries and a safe Rust `bzip2` binary.
- The project's own website: https://trifectatech.org/initiatives/data-compression
Run by Trifecta Tech Foundation + Armijn Hemel
This project was funded through the NGI0 Core Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101092990.
