lib3mf 0.1.2

Pure Rust implementation for 3MF (3D Manufacturing Format) parsing and writing
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117

# Security Policy

## Supported Versions

We currently support the following versions with security updates:

| Version | Supported          |
| ------- | ------------------ |
| 0.1.x   | :white_check_mark: |

## Reporting a Vulnerability

If you discover a security vulnerability in lib3mf_rust, please report it responsibly:

### How to Report

1. **Do NOT open a public issue** for security vulnerabilities
2. Instead, use one of these secure methods:
   - **GitHub Security Advisory**: Use the [Security Advisory](https://github.com/telecos/lib3mf_rust/security/advisories/new) feature
   - **Email**: Contact the maintainers directly at the email address listed in the repository

### What to Include

Please include the following information in your report:

- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (optional)
- Your contact information for follow-up questions

### Response Timeline

- **Initial Response**: We aim to acknowledge receipt within 48 hours
- **Status Updates**: We will provide updates on the investigation within 7 days
- **Fix Timeline**: Critical vulnerabilities will be addressed as soon as possible, typically within 30 days

### Disclosure Policy

- We request that you do not publicly disclose the vulnerability until we have had a chance to address it
- Once a fix is released, we will publicly acknowledge your responsible disclosure (unless you prefer to remain anonymous)
- We will credit you in the CHANGELOG and release notes

## Security Considerations

### Code Safety

This library is designed with security in mind:

- **No unsafe code**: The entire codebase uses `#![forbid(unsafe_code)]`
- **Memory safety**: All memory management handled by Rust's ownership system
- **Type safety**: Leverages Rust's type system for correctness
- **Input validation**: All XML and ZIP data is validated

### Known Security Considerations

#### 3MF File Parsing

- **Untrusted Input**: 3MF files should always be treated as untrusted input
- **XML Injection**: The parser validates XML structure and rejects malformed data
- **ZIP Bombs**: Large compressed files are handled, but extremely large files may consume significant memory
- **Resource Exhaustion**: Very large models may consume substantial memory and CPU

#### Secure Content Extension

- **Test Keys Only**: The library includes test decryption keys from the 3MF Consortium test suite
- **Production Use**: For production applications, use external cryptographic libraries with your own keys
- **Never Use Test Keys**: The embedded test keys are for conformance testing only and must not be used in production

**Known Advisory**: RUSTSEC-2023-0071 (RSA timing sidechannel)
- **Status**: No stable fix available (only RC versions)
- **Severity**: Medium (5.9 CVSS)
- **Impact**: Potential key recovery through timing sidechannels in RSA operations
- **Mitigation**: The RSA dependency is only used for test-only decryption with test keys from the 3MF Consortium test suite. Production applications should implement their own secure decryption using external cryptographic libraries and never use the embedded test keys.
- **Tracking**: We are monitoring the `rsa` crate for stable releases that address this issue.

#### Recommended Practices

When using lib3mf_rust in your application:

1. **Validate Input**: Always validate 3MF files from untrusted sources
2. **Resource Limits**: Consider imposing limits on file size and complexity
3. **Sandboxing**: Consider running 3MF parsing in a sandboxed environment for untrusted files
4. **Error Handling**: Always handle parsing errors gracefully
5. **Update Regularly**: Keep the library updated to receive security fixes

## Security Features

### Input Validation

The library performs comprehensive validation:

- XML structure validation
- Numeric range checking (triangle indices, vertex references)
- Resource ID validation and circular reference detection
- Color format validation
- UUID format validation
- File path validation within ZIP containers

### Safe Dependencies

We maintain vigilant dependency management:

- Regular dependency updates
- Security advisory monitoring
- Minimal dependency footprint
- Well-maintained, trusted dependencies only

## Acknowledgments

We appreciate the security research community's efforts in responsibly disclosing vulnerabilities. Contributors who report valid security issues will be acknowledged in our release notes (unless they prefer anonymity).

## Additional Resources

- [Rust Security Guidelines](https://anssi-fr.github.io/rust-guide/)
- [OWASP Secure Coding Practices](https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/)
- [3MF Specification](https://3mf.io/specification/)