[FFmpeg-devel] [RFC][PATCH] configure: Disable unsafe demuxers by default

wm4 nfxjfg at googlemail.com
Fri May 11 02:36:56 EEST 2018


On Fri, 11 May 2018 00:21:37 +0100
Rostislav Pehlivanov <atomnuker at gmail.com> wrote:

> On 10 May 2018 at 23:27, Paul B Mahol <onemda at gmail.com> wrote:
> 
> > On 5/11/18, wm4 <nfxjfg at googlemail.com> wrote:  
> > > On Thu, 10 May 2018 16:44:59 +0100
> > > Derek Buitenhuis <derek.buitenhuis at gmail.com> wrote:
> > >  
> > >> These demuxers have probes that mainly probe based on file extension,
> > >> and map to codec IDs that render text as video. The result is that
> > >> ffmpeg will, by default, happily render, for example, .txt files
> > >> as images. This is not exactly a good security practice, an only
> > >> makes it easier for potential attackers to gain the contents of
> > >> system files.
> > >>
> > >> Disable building these by default.
> > >>
> > >> Signed-off-by: Derek Buitenhuis <derek.buitenhuis at gmail.com>
> > >> ---  
> > >
> > > +1
> > >
> > > You should send a patch that disables all those useless game demuxers
> > > too. They only cause security issues and bloated library sizes.  
> >
> > Against.
> > _______________________________________________
> > ffmpeg-devel mailing list
> > ffmpeg-devel at ffmpeg.org
> > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >  
> 
> I agree with Paul, game demuxers are useful, don't bloat much and can be
> fixed.

Experience shows that it's always the obscure features which cause
security issues. Regarding the bloat: these small things add up a lot,
and suddenly you have hundreds of demuxers. It's hard to filter them
out manually, and why make each user do that? Many of these game formats
in particular probably have something like under a dozen files in the
universe that exist at all (such as the files included in a particular
game release).


More information about the ffmpeg-devel mailing list