From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTPS id A7A814CC04
	for <ffmpegdev@gitmailbox.com>; Sat, 12 Apr 2025 00:42:24 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 110AA68C49D;
	Sat, 12 Apr 2025 03:42:21 +0300 (EEST)
Received: from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net
 [217.70.183.198])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E9D9868C356
 for <ffmpeg-devel@ffmpeg.org>; Sat, 12 Apr 2025 03:42:13 +0300 (EEST)
Received: by mail.gandi.net (Postfix) with ESMTPSA id D5CE343290
 for <ffmpeg-devel@ffmpeg.org>; Sat, 12 Apr 2025 00:42:12 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc;
 s=gm1; t=1744418533;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=dmYLt8Cyo9okRBxMY0eKgV61vxtDbv2tvRMhUt70rVs=;
 b=LPP1rqOhEGlK3GSGxvkwxAiYLY/XPCKzWZRXWkoxF8XsA5HZjbe0wm+JQsedH4JnnMkVrB
 7taWLnlX3cEIQA0d7WptbXhWk3ztRVR7JhUYmpISiKYvVGz2Gp4psEIzaeEBh0cb6a5Tl4
 1Yv+Y51oDr4BE3w4TlOwmIsi1zqOBekwcG9k+3rSy+AhpkEi0tYnYhKG8vtq0SmjQbdY2T
 4xp5V5P6ryAiW5Q5Im/P7skAEfk8eohv4g26Bf7hAdhVDy/GYp+tz4rcPUmob9ZYPiJNVV
 y8CWeoa9L2x1YMrFXB7j4AEfUcJngAKqzOkYLjc82+iGA36Ih+MXRNchAmVepQ==
Date: Sat, 12 Apr 2025 02:42:11 +0200
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <20250412004211.GH4991@pb2>
References: <20250410170504.308400-1-michael@niedermayer.cc>
 <GV1P250MB073772D581844374C47913578FB62@GV1P250MB0737.EURP250.PROD.OUTLOOK.COM>
 <20250412001132.GF4991@pb2>
 <16bef658-ba7c-48ff-b7fd-f9d449488f49@rothenpieler.org>
MIME-Version: 1.0
In-Reply-To: <16bef658-ba7c-48ff-b7fd-f9d449488f49@rothenpieler.org>
X-GND-State: clean
X-GND-Score: -70
X-GND-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvudefvdelucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuifetpfffkfdpucggtfgfnhhsuhgsshgtrhhisggvnecuuegrihhlohhuthemuceftddunecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenfghrlhcuvffnffculdeftddmnecujfgurhepfffhvffukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefoihgthhgrvghlucfpihgvuggvrhhmrgihvghruceomhhitghhrggvlhesnhhivgguvghrmhgrhigvrhdrtggtqeenucggtffrrghtthgvrhhnpeeigeektdejudffjefhteegjedtgeettefggedthfejgfevhfetgeekjedtvdfhveenucfkphepgedurdeiiedrieejrdduudefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepgedurdeiiedrieejrdduudefpdhhvghloheplhhotggrlhhhohhsthdpmhgrihhlfhhrohhmpehmihgthhgrvghlsehnihgvuggvrhhmrgihvghrrdgttgdpnhgspghrtghpthhtohepuddprhgtphhtthhopehffhhmphgvghdquggvvhgvlhesfhhfmhhpvghgrdhorhhg
X-GND-Sasl: michael@niedermayer.cc
Subject: Re: [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for
 "disable-safe-bitstream-reader"
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: multipart/mixed; boundary="===============5735369048893826769=="
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20250412004211.GH4991@pb2/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>


--===============5735369048893826769==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="MSTmWlwLvlPsrUFb"
Content-Disposition: inline


--MSTmWlwLvlPsrUFb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Apr 12, 2025 at 02:19:08AM +0200, Timo Rothenpieler wrote:
> On 12.04.2025 02:11, Michael Niedermayer wrote:
> > On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote:
> > > Michael Niedermayer:
> > > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > > > ---
> > > >   configure | 3 ++-
> > > >   1 file changed, 2 insertions(+), 1 deletion(-)
> > > >=20
> > > > diff --git a/configure b/configure
> > > > index bd4f8723760..f1db8b6f235 100755
> > > > --- a/configure
> > > > +++ b/configure
> > > > @@ -436,7 +436,8 @@ Advanced options (experts only):
> > > >     --enable-hardcoded-tables use hardcoded tables instead of runti=
me generation
> > > >     --disable-safe-bitstream-reader
> > > >                              disable buffer boundary checking in bi=
treaders
> > > > -                           (faster, but may crash)
> > > > +                           (This disables some security checks and=
 can cause undefined behavior,
> > > > +                            it may be faster, but should only be u=
sed with trusted input)
> > > >     --sws-max-filter-size=3DN  the max filter size swscale uses [$s=
ws_max_filter_size_default]
> > > >   Optimization options (experts only):
> > >=20
> > > I'd like to keep "crash" in the description. Not everyone (not even
> > > people setting "experts only" options) will be familiar with the term
> > > "undefined behavior".
> >=20
> > what about:
> >=20
> > (This disables some security checks and can cause undefined behavior and
> >   crashes, it may be faster, but should only be used with trusted input)
>=20
> Given that the undefined behaviour can in theory even include arbitrary c=
ode
> execution, I'd probably make it even harsher and mention that worst-case
> being a possibility.

what about this:

(This disables some security checks and can cause undefined behavior,
 crashes and arbitrary code execution, it may be faster, but
 should only be used with trusted input)

?

thx

[...]
--=20
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

He who knows, does not speak. He who speaks, does not know. -- Lao Tsu

--MSTmWlwLvlPsrUFb
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABEKAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZ/m24wAKCRBhHseHBAsP
q4LlAKCS4Kfzye2k5naMBZYNtHh+PmYNzACfToLHLmgkq70SCYvsk/R8zDk/O7k=
=EdUo
-----END PGP SIGNATURE-----

--MSTmWlwLvlPsrUFb--

--===============5735369048893826769==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

--===============5735369048893826769==--