Support attacking basic structural binary formats (JUMBF, CBOR) used in c2pa manifests

[samuelwenker]

Both JUMBF and CBOR have numerous binary formatting requirements that could result in buffer overruns if malicious values are set and a memory-unsafe parser is used without appropriate checks.

A couple very simple examples:

• JUMBF field indicating that its size is longer than the remainder of the entire manifest
• CBOR array length longer than the number of items in the actual array

As such, attack manifests that have malicious values for these types of things should be included in any security test suite.

[puhley]

I currently have a simple fuzzer written for the c2pa-rs project. I haven't published it yet because I am still conducting some experiments. Although, that fuzzer is also specific to the c2pa-rs SDK. Since the c2pa-rs library won't be used by everyone within the c2pa community, there is also a need for a more generalized approach to fuzzing C2PA implementations.

My current plan is to publish guidance and some supporting files within this project for taking an existing open-source fuzzer and applying it to generic C2PA implementations. This would have the following advantages:

• Existing open-source fuzzers are robust and there is no need to re-invent the wheel.
• The command line for this project would become too complicated if we were to add more command line flags for a home-grown fuzzer
• The guidance and sample files could be applied by anyone within the C2PA community regardless of whether they use c2pa-rs.

Although, I am open to discussion if you have additional ideas on how to support people seeking to do binary fuzzing.