[FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader"

Michael Niedermayer michael at niedermayer.cc
Sat Apr 12 03:42:11 EEST 2025 

On Sat, Apr 12, 2025 at 02:19:08AM +0200, Timo Rothenpieler wrote:
> On 12.04.2025 02:11, Michael Niedermayer wrote:
> > On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote:
> > > Michael Niedermayer:
> > > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > > ---
> > > >   configure | 3 ++-
> > > >   1 file changed, 2 insertions(+), 1 deletion(-)
> > > > 
> > > > diff --git a/configure b/configure
> > > > index bd4f8723760..f1db8b6f235 100755
> > > > --- a/configure
> > > > +++ b/configure
> > > > @@ -436,7 +436,8 @@ Advanced options (experts only):
> > > >     --enable-hardcoded-tables use hardcoded tables instead of runtime generation
> > > >     --disable-safe-bitstream-reader
> > > >                              disable buffer boundary checking in bitreaders
> > > > -                           (faster, but may crash)
> > > > +                           (This disables some security checks and can cause undefined behavior,
> > > > +                            it may be faster, but should only be used with trusted input)
> > > >     --sws-max-filter-size=N  the max filter size swscale uses [$sws_max_filter_size_default]
> > > >   Optimization options (experts only):
> > > 
> > > I'd like to keep "crash" in the description. Not everyone (not even
> > > people setting "experts only" options) will be familiar with the term
> > > "undefined behavior".
> > 
> > what about:
> > 
> > (This disables some security checks and can cause undefined behavior and
> >   crashes, it may be faster, but should only be used with trusted input)
> 
> Given that the undefined behaviour can in theory even include arbitrary code
> execution, I'd probably make it even harsher and mention that worst-case
> being a possibility.

what about this:

(This disables some security checks and can cause undefined behavior,
 crashes and arbitrary code execution, it may be faster, but
 should only be used with trusted input)

?

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

He who knows, does not speak. He who speaks, does not know. -- Lao Tsu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250412/7efb1c7d/attachment.sig>

More information about the ffmpeg-devel mailing list