[FFmpeg-devel] [RFC][PATCH] configure: Disable unsafe demuxers by default

wm4 nfxjfg at googlemail.com
Fri May 11 03:31:54 EEST 2018

On Fri, 11 May 2018 01:49:58 +0200
James Darnley <james.darnley at gmail.com> wrote:

> ...

Security in ffmpeg sure is weird. On one hand we get all kinds of crazy
stuff that's supposed to mitigate... something (like whitelists), on
the other hand we get this.

> I haven't tried to stand in the way of other bad changes to ffmpeg (like
> the fact that the flac muxer will now mux video streams) and I won't try
> to stand in the way of this one.

That sounds insane, but it's probably about cover art. Only ffmpeg is
insane enough to treat cover art as single-frame video stream. (And
as an API user I've really tried hard to make this work, but it remains
a painful special case.)

So, not sure why you claim it's a "bad change" to add support for that
in the flac muxer. It merely follows the ffmpeg API.

Anyway, I guess D. B. is right and this thread is a fucking waste of
time, so goodbye.

More information about the ffmpeg-devel mailing list