[FFmpeg-devel] [PATCH v2] gdigrab: Allow capturing a window by its handle
Nicolas George
george at nsup.org
Wed Dec 13 12:03:55 EET 2023
Rémi Denis-Courmont (12023-12-12):
> ...and test for overflow errors in errno.m (which shall have been
> zeroed beforehand). AFAIK, you need to do both if you want strict
> error detection.
Or we can consider that 30064771114 is just another valid way if writing
42 = 042 = 0x2a. It would be better to check, but it is less critical
than checking for garbage at the and, which itself is less critical than
checking that the number is entirely absent.
> Don't some distros forbid the use of the n specifier for (debatable)
> "security reasons"? Or is that only for formatting, and not in
> scanning?
First time I ear of that. We use %n in quite a few places — not only
code by me — and we did not have a problem.
If there is a real security consideration about %n, I would like a
pointer to the explanations; but I strongly doubt there are, it is just
another conversion specifier with all the usual caveats. If not, and
there are distros who forbid it for no valid reason, then I say to hell
with them.
Regards,
--
Nicolas George
More information about the ffmpeg-devel
mailing list