Likelihood of memory corruption bugs in age decryption?

[viktor3002]

Are there any audits/ reviews of the age code base, specifically the logic for decrypting .age files? Finding a bug there seems like a very effective way to attack organizations using androidqf, because:

• For decryption, the private key is necessary. The decryption will likely happen on a trusted system.
• It is likely that other decrypted androidqf folders will be on the system where the age decryption is performed
• Cybersecurity NGOs receive androidqf.age files from clients on a regular basis, so it is an easy way for attackers to get malicious input data to the analysis machines of these NGOs
• In some cases the decryption will be performed on the personal computers of analysts. They will likely have internet access and a vast collection of other interesting personal data from beneficiaries on these computers.

To mitigate the risk, sandboxing the age decryption process might be an option. I don't know which approach would be the most straight forward, maybe vagrant?

[DrWhax]

You can always swap it for: https://github.com/str4d/rage