[FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader"

Michael Niedermayer michael at niedermayer.cc
Wed Apr 16 03:34:35 EEST 2025 

On Sat, Apr 12, 2025 at 02:42:11AM +0200, Michael Niedermayer wrote:
> On Sat, Apr 12, 2025 at 02:19:08AM +0200, Timo Rothenpieler wrote:
> > On 12.04.2025 02:11, Michael Niedermayer wrote:
> > > On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote:
> > > > Michael Niedermayer:
> > > > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > > > ---
> > > > >   configure | 3 ++-
> > > > >   1 file changed, 2 insertions(+), 1 deletion(-)
> > > > > 
> > > > > diff --git a/configure b/configure
> > > > > index bd4f8723760..f1db8b6f235 100755
> > > > > --- a/configure
> > > > > +++ b/configure
> > > > > @@ -436,7 +436,8 @@ Advanced options (experts only):
> > > > >     --enable-hardcoded-tables use hardcoded tables instead of runtime generation
> > > > >     --disable-safe-bitstream-reader
> > > > >                              disable buffer boundary checking in bitreaders
> > > > > -                           (faster, but may crash)
> > > > > +                           (This disables some security checks and can cause undefined behavior,
> > > > > +                            it may be faster, but should only be used with trusted input)
> > > > >     --sws-max-filter-size=N  the max filter size swscale uses [$sws_max_filter_size_default]
> > > > >   Optimization options (experts only):
> > > > 
> > > > I'd like to keep "crash" in the description. Not everyone (not even
> > > > people setting "experts only" options) will be familiar with the term
> > > > "undefined behavior".
> > > 
> > > what about:
> > > 
> > > (This disables some security checks and can cause undefined behavior and
> > >   crashes, it may be faster, but should only be used with trusted input)
> > 
> > Given that the undefined behaviour can in theory even include arbitrary code
> > execution, I'd probably make it even harsher and mention that worst-case
> > being a possibility.
> 
> what about this:
> 
> (This disables some security checks and can cause undefined behavior,
>  crashes and arbitrary code execution, it may be faster, but
>  should only be used with trusted input)

will apply, feel free to change if someone has ideas for improvment

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Those who are best at talking, realize last or never when they are wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250416/b47b9ccb/attachment.sig>

More information about the ffmpeg-devel mailing list