[FFmpeg-devel] [RFC] CFHD

Paul B Mahol onemda at gmail.com
Fri Apr 2 23:22:27 EEST 2021 

On Fri, Apr 2, 2021 at 10:14 PM Paul B Mahol <onemda at gmail.com> wrote:

>
>
> On Fri, Apr 2, 2021 at 8:28 PM Michael Niedermayer <michael at niedermayer.cc>
> wrote:
>
>> Hi all
>>
>> CFHD currently has even with all fixes (ignoring ones with objections)
>> applied a null pointer
>> read and out of array write issue remaining.
>>
>> My patch which makes the header parsing more restrictive has an objection
>> against it. and the only other developer who recently worked on it
>> stated that he has no "time or motivation to deal with this and similar
>> issues"
>>
>> Assuming no fix without objections is found. What do people prefer ?
>> Delay the 4.4 release ?
>> Apply all non objected fixes and mark CFHD as experimental ?
>> Something else ?
>>
>
> Start fixing professionally security issues.
> Am not going to do someone else job.
>


Also due to ignorance of giving needed equipment to other developer(s)
I'm not really motivated to continue maintain any code.

Why should person maintain code for no compensations, even symbolic ones.

I'm really sad in all this situation, where some long time prolific and
important contributors are simply being ignored.



>
>
>> Also if anyone wants to work on this, tell me & paul (so someone can send
>> you
>> the crashing testcases)
>>
>> I wouldnt mind working on this but my approach of makeing the header
>> parser more restrictive and do it in a way that is easy to backport,
>> is unpopular and is in fact possibly just the first step in fixing this
>> if the objection didnt exist.
>>
>> So comments and input from other developers is definitly welcome here!
>>
>> Thanks
>>
>> --
>> Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
>>
>> Awnsering whenever a program halts or runs forever is
>> On a turing machine, in general impossible (turings halting problem).
>> On any real computer, always possible as a real computer has a finite
>> number
>> of states N, and will either halt in less than N cycles or never halt.
>> _______________________________________________
>> ffmpeg-devel mailing list
>> ffmpeg-devel at ffmpeg.org
>> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>>
>> To unsubscribe, visit link above, or email
>> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
>
>

More information about the ffmpeg-devel mailing list