[FFmpeg-devel] [PATCH] avformat/demux: Fix segfault due to avcodec_open2 failure (v2)
Pavel Koshevoy
pkoshevoy at gmail.com
Tue Jun 10 20:27:37 EEST 2025
On Tue, Jun 10, 2025 at 9:29 AM Michael Niedermayer <michael at niedermayer.cc>
wrote:
> Hi Pavel
>
> <snip>
>
> is adding an exploitable security issue an option for you ?
>
>
^ that's inflammatory, I have never had any intention of introducing a
security vulnerability.
If people want to keep this, it should be behind a flag and
> disabled by default.
I am not familiar with such flags ... are you suggesting a compile-time
flag, or a run-time flag?
A runtime flag would be preferable, because that would save me from having
to cross-compile win64 ffmpeg libs myself.
Its not enough to fix our code that crashes, other applications
> similarly wont expect such id and type changes mid stream
IDK how likely a media type change is outside the 1_poc.mp4. The sample
files I have don't do that.
I can provide a 61MB clip of one such file, just a few seconds of SDR mpeg2
video/audio slate followed by a few seconds of HDR10 hevc video and eac3
audio... in case someone wants to work on making fftools support this.
Pavel.
More information about the ffmpeg-devel
mailing list