[FFmpeg-devel] [PATCH 2/2] drawtext: introduce fontcolor argument expansion
george at nsup.org
Mon Jun 23 16:46:34 CEST 2014
Le quintidi 5 messidor, an CCXXII, Andrey Utkin a écrit :
> I tried to guard against formatting specifier misuse, but now it just
> checks number of specifiers. I am not really sure if this is
> completely secure. Is it really possible to end up with overread or
> dumping particular region of application memory through this?
If you ask the question, then you have to assume the answer is yes. That is
the only sane approach for security issues.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: Digital signature
More information about the ffmpeg-devel