[FFmpeg-devel] [PATCH 1/2] avcodec/snowdec: Check intra block dc differences.

Ronald S. Bultje rsbultje at gmail.com
Fri Nov 17 02:47:55 EET 2017


Hi,

On Thu, Nov 16, 2017 at 4:41 PM, Michael Niedermayer <michael at niedermayer.cc
> wrote:

> On Thu, Nov 16, 2017 at 01:21:19PM -0500, Ronald S. Bultje wrote:
> > Hi,
> >
> > On Thu, Nov 16, 2017 at 11:50 AM, Michael Niedermayer <
> > michael at niedermayer.cc> wrote:
> >
> > > On Thu, Nov 16, 2017 at 06:26:06AM -0500, Ronald S. Bultje wrote:
> > > > Hi,
> > > >
> > > > On Wed, Nov 15, 2017 at 10:15 PM, Carl Eugen Hoyos <
> ceffmpeg at gmail.com>
> > > > wrote:
> > > >
> > > > > 2017-11-16 4:06 GMT+01:00 Ronald S. Bultje <rsbultje at gmail.com>:
> > > > >
> > > > > > So, commit it without the error message? I really don't see the
> > > issue.
> > > > >
> > > > > As explained, the issue is that without an error message, it
> > > > > is impossible to parse any related bug report.
> > > >
> > > >
> > > > We've been OK with that situation so far. Since it only happens for
> > > fuzzed
> > > > files, it's OK to continue going like that.
> > >
> > > Thats not the case, the snow spec contains no limit in the place where
> > > we need to check. Its a natural and expected limit so likely all files
> > > will be within that but a file outside would still be arguably valid.
> > >
> > > So a valid file could potentially be outside this range and the
> > > maintainer (that being me) need to know about this.
> > >
> > > Please dont see every change that originated from a fuzzer generated
> > > report as only related to fuzzed files.
> >
> >
> > We are re-hashing old arguments here. I'm not really interested in that.
>
> >
> > My review comment is and remains: please remove the log msg. Otherwise,
> the
> > patch is perfectly fine.
>
> Thank you for your review comment.
>
> please awnser my question, if this is just a suggestion or a
> veto, so we can move forward. Its not clear from your wording to me
> if you belive you have authority over other maintainers or not.


I'm sorry, what? Authority? Are you kidding me? Amend the patch, stop being
difficult. This whole discussion is ridiculous. I thought you were on a
deadline for a remote root code execution exploit or something?

Ronald


More information about the ffmpeg-devel mailing list