On Mon, Mar 09, 2015 at 05:33:46PM +0100, Nicolas George wrote: > Le nonidi 19 ventôse, an CCXXIII, Michael Niedermayer a écrit : > > you miss the problem, this is a demuxer side problem, > > a attacker can at least crash your application no muxer side change > > can fix this, the attacker has his own self written muxer that > > produces a mallicious bitstream > > (Unrelated to this particular change, which seems right to me.) > > Maybe we need a flag to indicate whether an option can be safely set, even > with a value coming from an hostile source.
yes, indeed -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The bravest are surely those who have the clearest vision of what is before them, glory and danger alike, and yet notwithstanding go out to meet it. -- Thucydides
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
