The Story
Media decoders have historically been fertile ground for memory safety vulnerabilities. This is because they are complex, heavily used, and commonly processing untrusted data from networks.
AV1 is set to become one of the most important media formats on the Internet. As it becomes more widely used, we want people to have access to a decoder that is as memory safe as reasonably possible while delivering great performance. No such decoder exists today. We are building one.
What We've Done
We've engaged the team at Immunant as well as veteran media codec expert Frank Bossen to work on our decoder, named rav1d. Work started on March 1, 2023.
What's Next
The initial release of rav1d is nearly ready as of July 2024. The code is fully functional and memory safe, only some final stretch optimization work remains.
Links
More from the Prossimo blog
Optimizing rav1d, an AV1 Decoder in Rust
rav1d
is a port of the high performance dav1d
AV1 decoder from C to memory safe Rust. An essential goal of this project was maintaining performance, building a memory safe decoder with competitive performance compared to the leading C implementation.
Porting C to Rust for a Fast and Safe AV1 Media Decoder
We ported the dav1d
AV1 decoder to Rust. Here’s how we did it and what we learned.
A Safer High Performance AV1 Decoder
Memory safety for a major source of exploitable vulnerabilities.