On Wed, Sep 20, 2023 at 06:43:18PM +0100, Kieran Kunhya wrote:
> >
> > I dont suggest merging more EVC code before the release. I meant the
> > EVC code already in git, is reading alot of things with no checks.
> > It maybe doesnt matter in most cases, as its not used in most cases without
> > more EVC code but still
> > Also ATM other things are blocking so EVC still could make it in principle.
> > Just that the release should not be delayed because of addition of more
> > EVC code
> > But someone needs to check the existing EVC code in git without checks is
> > safe
> >
> 
> Or just mark EVC as experimental?

thats an option but even now, before we even have a experimental decoder in
git we already had a out of array write issue caused by evc code
so we still need to be carefull as not everything is under these checks

also iam not sure "experimental" is the right flag for code that has
possible security issues. People might turn experimental on not realizing
the security aspect.

thx

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Breaking DRM is a little like attempting to break through a door even
though the window is wide open and the only thing in the house is a bunch
of things you dont want and which you would get tomorrow for free anyway