On Wed, Apr 08, 2015 at 07:30:48PM +0200, Hendrik Leppkes wrote:
> On Wed, Apr 8, 2015 at 7:27 PM, Gilles Chanteperdrix
> <gilles.chanteperd...@xenomai.org> wrote:
> >
> >> Nice security hole.
> >
> > how is that ? I do not see any buffer overflow possible.
> >
>
> Executing a command with system() is very unsafe.
Indeed, never thought of that. With exec this problem does not
exist, we get to choose how the arguments are split.
--
Gilles.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
