On Sunday, 28 May 2017 at 16:58:53 UTC, aberba wrote:
https://lwn.net/Articles/708196/
From the look of things and feedbacks from several security
analysts and system developers, [exposed] I/O needs to be
memory safe.
GStreamer multimedia library developed in C has safety issues
[see article]. What would its safety be if it was written in D
(along with its plugins)?
It consists of many libraries. Audio-video decoders tend to be
selected based on performance so no bounds checks. You can
usually do it in a safe manner, but then you either need to adapt
all the algorithms or prove correctness. Both alternatives are
expensive. So really, sandboxing sounds like a more realistic
alternative for an open source media player that aims to support
all formats using third party codecs...
