[FFmpeg-devel] [PATCH] avcodec/jpeg2000: Check that codsty->log2_prec_widths/heights has been initialized

Ronald S. Bultje rsbultje at gmail.com
Tue Sep 5 14:20:23 EEST 2017


This really isn't worth our time. Really, it isn't.

On Tue, Sep 5, 2017 at 7:04 AM, Michael Niedermayer <michael at niedermayer.cc>

> > Please change it to ff_tlog().
> that would make the message unavailable to the user, so the user
> would not know why a decoding failure occured.

It is intentional to not make it available to the end user. That is by
design. The message is inappropriate for end users. For example, it doesn't
tell in a human-readable form what's going on or how to solve it or where
to go for more information. It isn't helpful at all. I don't know a single
end user who even knows what a COD is, they probably think it's a video
game (try Googling it).

> Lets also look at what other software does

"Mommy, he did it first."

> You can again see, theres lots of details, which may be critically
> important in a bug report.

There are no bug reports related to this issue, otherwise we would have
fixed this security issue long ago. This is a fuzz-only issue. That makes
it all the more important to not waste precious bytes in our binaries on
it, or lines on our commandline terminals. When I get 1000s of lines of
debug output, I ignore them all unless I grep'ed for something specific to
not make it 1000s. When I get 10, I might actually read the first 2.

Please change the message to ff_dlog() if you really, really insist on
something else than ff_tlog(). That way, our precious end users don't need
to see it.


More information about the ffmpeg-devel mailing list