Le perjantaina 16. toukokuuta 2025, 1.19.15 Itä-Euroopan kesäaika softworkz . a écrit : > of course I understand that. > But it isn't constructed from untrusted input.
You're being ridiculous. `system()` has a long history of causign bugs, many of them security related, and many not fixable. If you were implementing a command line interface that needs to process trusted input like the shell would, you would want to use `wordexp()`. As you merely need to spawn a child process, use the `posix_spawn`*`()` where available, and `fork()` then `exec`*`()` elsewhere. We don't want to spawn a shell just to start a well-known executable (other than the shell itself). -- 德尼-库尔蒙‧雷米 Tapio's place new town, former Finnish Republic of Uusimaa _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
