Libspng Puts Security at the Forefront

August 1, 2019 Posted by Technology 0 thoughts on “Libspng Puts Security at the Forefront”

Libspng, a C library for reading and writing Portable Network Graphics(PNG) files, has recently been released with the goal of providing a simpler, faster API than libpng or any other library. According to the author of libspng, the new library is 35% faster than libpng for RGB/RGBA images.

The author, who goes by randy408, explained how he achieved such a significant speed in a Reddit comment. “It’s using less intermediate variables in the decoding loop, most of the scaling/gamma correction/transparency testing are now done per-row instead of per-pixel, some codepaths (e.g. PNG RGBA8 -> SPNG_FMT_RGBA8) have no per-pixel logic, it copies the image rows as-is. For indexed color images even the per-row processing is eliminated by preprocessing the palette entries, in the decoding loop it’s only doing table lookups. All of these optimizations are verified against libpng for correctness so it’s not gonna output garbage in some corner case.”

Besides performance, the author ensures a highly secure library. In accordance with CERT C Coding Standard, libspng follows rules pertaining to arrays, integers, error handling, etc. Libspng is continuously fuzzed by OSS-Fuzz.  OSS-Fuzz is a high-quality fuzzing infrastructure that was developed by Google. Before a project can leverage the infrastructure of OSS-Fuzz, the project in question has to either have a large user base or be critical to IT. The fact that libspng was accepted speaks to its quality.

The library also appears to be well tested. According to several scans, libspng’s defect density 0.o. Randy also used PngSuite to test the library. As stated in the release notes, “[T]he test suite consists of over 700 test cases, 175 test images are decoded with all possible output format and flag combinations and compared against libpng’s output.”

Despite the fact that libspng was made, in part, to be a modern alternative to libpng, libspng is not drop-in compatible with libpng at the moment. Randy listed several implementations that would need to be made before that could occur. For now, new users would have to make do with breaking away from libpng.

Please follow and like us: