On Fri, Apr 2, 2021 at 8:28 PM Michael Niedermayer <mich...@niedermayer.cc> wrote:
> Hi all > > CFHD currently has even with all fixes (ignoring ones with objections) > applied a null pointer > read and out of array write issue remaining. > > My patch which makes the header parsing more restrictive has an objection > against it. and the only other developer who recently worked on it > stated that he has no "time or motivation to deal with this and similar > issues" > > Assuming no fix without objections is found. What do people prefer ? > Delay the 4.4 release ? > Apply all non objected fixes and mark CFHD as experimental ? > Something else ? > Start fixing professionally security issues. Am not going to do someone else job. > Also if anyone wants to work on this, tell me & paul (so someone can send > you > the crashing testcases) > > I wouldnt mind working on this but my approach of makeing the header > parser more restrictive and do it in a way that is easy to backport, > is unpopular and is in fact possibly just the first step in fixing this > if the objection didnt exist. > > So comments and input from other developers is definitly welcome here! > > Thanks > > -- > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > Awnsering whenever a program halts or runs forever is > On a turing machine, in general impossible (turings halting problem). > On any real computer, always possible as a real computer has a finite > number > of states N, and will either halt in less than N cycles or never halt. > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
