[FFmpeg-devel] [PATCH 5/9] nistspheredec: prevent overflow during block alignment calculation

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Sun Jan 29 01:23:24 EET 2017


On 28.01.2017 03:48, Ronald S. Bultje wrote:
> I agree a macro here doesn't help. My concern wasn't with the check itself,
> I agree a file with 100 channels should error out. My concern is that these
> files will universally be the result of fuzzing, so I don't want to spam
> stderr with messages related to it, nor do I want source/binary size to
> increase because of it.
> 
> If you make ff_elog similar to assert (only if NDEBUG is not set), that may
> work for the binary size concern, but the source code size is still a
> concern. Again, not because it's bad code, but because it's needless since
> it only happens for fuzzed samples.

You claim that, but it's impossible to prove and thus likely wrong.

Also it's quite arbitrary that you object to this log message, while e.g.
the following has been there for years:
     if (s->nb_streams == ASF_MAX_STREAMS) {
         av_log(s, AV_LOG_ERROR, "too many streams\n");
         return AVERROR(EINVAL);
     }

Unless you can come up with objective criteria, when to add log messages
and when not, this topic is going to be a pointless waste of time.

Best regards,
Andreas


More information about the ffmpeg-devel mailing list