[FFmpeg-devel] [PATCH 1/2] avcodec: add avcodec_register_one() to register one codec/parser/bsf/hwaccel by its char* name
Michael Niedermayer
michaelni at gmx.at
Tue Sep 30 20:15:29 CEST 2014
On Tue, Sep 30, 2014 at 06:23:38PM +0200, wm4 wrote:
[...]
> But then you might as well create a better API, like a per
> AV(Codec/Format)Context whitelist of allowed codecs.
The goal is security, and for that its neccessary to ensure it cannot
easily or through plausible programming mistakes be circumvented.
If what you suggest here requires every codec lookup and every
demuxer lookup to check against a "local" whitelist. And requires
this whitelist to be passed around so that all libs have it
then this is quite easy to mess up, only one such passing around
or check has to be forgotten, thats quite easy to happen
but maybe i misunderstand what you meant
we have code in libavformat that uses libavfilter
we have code in libavfilter that uses libavformat+libavcodec
We have ff_load_image() we have src_movie, we have demuxers opening
other demuxers
the lists would have to be passed through these and various other
cases without missing anything
Making security depend on "none of this being missed" feels
like russian roulet
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I am the wisest man alive, for I know one thing, and that is that I know
nothing. -- Socrates
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20140930/65df9945/attachment.asc>
More information about the ffmpeg-devel
mailing list