On Tue, 4 Jul 2017 08:42:56 +0200 Reimar Döffinger <reimar.doeffin...@gmx.de> wrote:
> On 04.07.2017, at 00:51, Nicolas George <geo...@nsup.org> wrote: > > > Hi. Nice to see you back. > > > > Le sextidi 16 messidor, an CCXXV, Reimar Döffinger a écrit : > >> This is more than 4kB of data on the stack. > >> Large stack arrays have a huge amount of security implications, please > >> put such buffers (if really needed) into the context. > > > > 4 ko is not large, and neither is what is used here. We have a lot stack > > allocations of that size and more and a few significantly larger. > > Ok, I won't try to change policy, but the guard pages (if even implemented) > are 4kB and thus anything not significantly smaller increases security risks. > As does any type of array that presents an overflow risk. > Those may rather be kernel issues admittedly, but considering all OS kernels > seem to have the same issues they should probably not be entirely ignored by > application. If you're interested in security hacks, you should probably use a Microsoft compiler, which will touch at least every 4K of stack allocation, to avoid skipping a guard page. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
