Le primidi 21 frimaire, an CCXXV, Michael Niedermayer a écrit : > As long as it is not documented that you need to run libavcodec/format > in a seperate process it is a security issue if you crash.
This is not specific to FFmpeg and documented in books and courses on development in general. > iam not really in the camp that belives that these OOM crashes are > a real security issue nor am i in the camp that belives they are non > issues. (i in fact had pointed some security researchers who reported > some OOM issues to threads here previously and the effect of that > was that they simply registered CVE# for the issues and published > them (after some time) not bothering to inform me about either) > i had hoped they would join the discussions ... The short summary you give here makes it look that these so-called security "researchers" are just idiots. > What id like to do is simply fix the issues i can fix. The max_pixels > and max_streams code is doing that. No, they do not. They mitigate a few corner cases at the cost of complexity and brittleness. > And compltely indepandant of the security aspect, the pixels and > streams are special in that they can cause OOM crashes without being > crafted input files, in fact totally valid files can trigger it. Which is another clue that OOM is not a security issue in itself. My opinion: Revert all this while we still can just do it without extra work. Regards, -- Nicolas George
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel