Skip to content
Snippets Groups Projects
Commit 2d9ba81a authored by dkg's avatar dkg
Browse files

spelling correction. 

while mat2 has both a thread model (a thread pool that strips metadata
in parallel) and a threat model (a list of malicious adversaries and
their capabilities that we are trying to defeat), i think this
paragraph is talking about the latter.
parent 072ee181
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
doc/implementation_notes.md
+ 1
1
View file @ 2d9ba81a
...@@ -64,7 +64,7 @@ to the filesystem. This ensures that every metadata is removed. ...@@ -64,7 +64,7 @@ to the filesystem. This ensures that every metadata is removed.
XML attacks XML attacks
----------- -----------
Since our thread model conveniently excludes files crafted to specifically Since our threat model conveniently excludes files crafted to specifically
bypass MAT2, fileformats containing harmful XML are out of our scope. bypass MAT2, fileformats containing harmful XML are out of our scope.
But since MAT2 is using [etree](https://docs.python.org/3/library/xml.html#xml-vulnerabilities) But since MAT2 is using [etree](https://docs.python.org/3/library/xml.html#xml-vulnerabilities)
to process XML, it's "only" vulnerable to DoS, and not memory corruption: to process XML, it's "only" vulnerable to DoS, and not memory corruption:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment