[FFmpeg-devel] [PATCH 1/2] avcodec: add avcodec_register_one() to register one codec/parser/bsf/hwaccel by its char* name

Reimar Döffinger Reimar.Doeffinger at gmx.de
Tue Sep 30 21:04:10 CEST 2014


On Tue, Sep 30, 2014 at 05:21:20PM +0200, Michael Niedermayer wrote:
> > with no
> > global mutable state.
> 
> i disagree, applications that care about security must
> restrict used entities globally, thus by definition want to change
> global state. maybe not the way its done in this patch yes, ill
> think about it and submit something better but
> A security critical application does not want a mysterious unknown
> library to load and use a unrestricted libavcodec behind its back
> that would likely bypass the whole idea of restricting the decoders
> and demuxers

In that case I would think you'd at very least want to completely
thrash the description structs of all demuxers and decoders you
do not want to use.
Or at the very least overwrite the function pointers with 0s,
trashing flags might slightly decrease security I guess.


More information about the ffmpeg-devel mailing list