Parsers are fundamental components of modern systems, silently processing everything from network protocols to file formats - and rarely do they stand alone.
For any given format or protocol, multiple parser implementations exist across different languages, frameworks, and security boundaries.
This talk delves into parser differential bugs: The fascinating and dangerous phenomena that emerge when these different parsers interpret the same message in slightly different ways.
Through practical demonstrations focused on YAML parsers across popular implementations, we'll examine how subtle variations in specification interpretation, edge case handling, and error recovery can lead to "very useful differences"¹. Using YAML as our case study, we'll uncover how these parser differentials manifest in real-world applications and create impactful security vulnerabilities in production systems.
We'll also explore notable parser differential vulnerabilities discovered by security researchers in the wild, showcasing the broader impact and creative applications of this technique across different formats and contexts.
¹) vulnerabilities
joernchen likes to read. His main points of interest are in enjoying the reading of other peoples source code, as well as the inspection of interesting binary data in order to extend given systems functionality to unexpected limits.
Currently he works in GitLab's Security Research Team as a Principal Security Engineer.,
