* [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" @ 2025-04-10 17:05 Michael Niedermayer 2025-04-11 6:32 ` Andreas Rheinhardt 0 siblings, 1 reply; 6+ messages in thread From: Michael Niedermayer @ 2025-04-10 17:05 UTC (permalink / raw) To: FFmpeg development discussions and patches Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- configure | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/configure b/configure index bd4f8723760..f1db8b6f235 100755 --- a/configure +++ b/configure @@ -436,7 +436,8 @@ Advanced options (experts only): --enable-hardcoded-tables use hardcoded tables instead of runtime generation --disable-safe-bitstream-reader disable buffer boundary checking in bitreaders - (faster, but may crash) + (This disables some security checks and can cause undefined behavior, + it may be faster, but should only be used with trusted input) --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default] Optimization options (experts only): -- 2.49.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" 2025-04-10 17:05 [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" Michael Niedermayer @ 2025-04-11 6:32 ` Andreas Rheinhardt 2025-04-12 0:11 ` Michael Niedermayer 0 siblings, 1 reply; 6+ messages in thread From: Andreas Rheinhardt @ 2025-04-11 6:32 UTC (permalink / raw) To: ffmpeg-devel Michael Niedermayer: > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > configure | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/configure b/configure > index bd4f8723760..f1db8b6f235 100755 > --- a/configure > +++ b/configure > @@ -436,7 +436,8 @@ Advanced options (experts only): > --enable-hardcoded-tables use hardcoded tables instead of runtime generation > --disable-safe-bitstream-reader > disable buffer boundary checking in bitreaders > - (faster, but may crash) > + (This disables some security checks and can cause undefined behavior, > + it may be faster, but should only be used with trusted input) > --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default] > > Optimization options (experts only): I'd like to keep "crash" in the description. Not everyone (not even people setting "experts only" options) will be familiar with the term "undefined behavior". - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" 2025-04-11 6:32 ` Andreas Rheinhardt @ 2025-04-12 0:11 ` Michael Niedermayer 2025-04-12 0:19 ` Timo Rothenpieler 0 siblings, 1 reply; 6+ messages in thread From: Michael Niedermayer @ 2025-04-12 0:11 UTC (permalink / raw) To: FFmpeg development discussions and patches [-- Attachment #1.1: Type: text/plain, Size: 1575 bytes --] On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote: > Michael Niedermayer: > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > configure | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/configure b/configure > > index bd4f8723760..f1db8b6f235 100755 > > --- a/configure > > +++ b/configure > > @@ -436,7 +436,8 @@ Advanced options (experts only): > > --enable-hardcoded-tables use hardcoded tables instead of runtime generation > > --disable-safe-bitstream-reader > > disable buffer boundary checking in bitreaders > > - (faster, but may crash) > > + (This disables some security checks and can cause undefined behavior, > > + it may be faster, but should only be used with trusted input) > > --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default] > > > > Optimization options (experts only): > > I'd like to keep "crash" in the description. Not everyone (not even > people setting "experts only" options) will be familiar with the term > "undefined behavior". what about: (This disables some security checks and can cause undefined behavior and crashes, it may be faster, but should only be used with trusted input) ? thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB I am the wisest man alive, for I know one thing, and that is that I know nothing. -- Socrates [-- Attachment #1.2: signature.asc --] [-- Type: application/pgp-signature, Size: 195 bytes --] [-- Attachment #2: Type: text/plain, Size: 251 bytes --] _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" 2025-04-12 0:11 ` Michael Niedermayer @ 2025-04-12 0:19 ` Timo Rothenpieler 2025-04-12 0:42 ` Michael Niedermayer 0 siblings, 1 reply; 6+ messages in thread From: Timo Rothenpieler @ 2025-04-12 0:19 UTC (permalink / raw) To: ffmpeg-devel On 12.04.2025 02:11, Michael Niedermayer wrote: > On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote: >> Michael Niedermayer: >>> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> >>> --- >>> configure | 3 ++- >>> 1 file changed, 2 insertions(+), 1 deletion(-) >>> >>> diff --git a/configure b/configure >>> index bd4f8723760..f1db8b6f235 100755 >>> --- a/configure >>> +++ b/configure >>> @@ -436,7 +436,8 @@ Advanced options (experts only): >>> --enable-hardcoded-tables use hardcoded tables instead of runtime generation >>> --disable-safe-bitstream-reader >>> disable buffer boundary checking in bitreaders >>> - (faster, but may crash) >>> + (This disables some security checks and can cause undefined behavior, >>> + it may be faster, but should only be used with trusted input) >>> --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default] >>> >>> Optimization options (experts only): >> >> I'd like to keep "crash" in the description. Not everyone (not even >> people setting "experts only" options) will be familiar with the term >> "undefined behavior". > > what about: > > (This disables some security checks and can cause undefined behavior and > crashes, it may be faster, but should only be used with trusted input) Given that the undefined behaviour can in theory even include arbitrary code execution, I'd probably make it even harsher and mention that worst-case being a possibility. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" 2025-04-12 0:19 ` Timo Rothenpieler @ 2025-04-12 0:42 ` Michael Niedermayer 2025-04-16 0:34 ` Michael Niedermayer 0 siblings, 1 reply; 6+ messages in thread From: Michael Niedermayer @ 2025-04-12 0:42 UTC (permalink / raw) To: FFmpeg development discussions and patches [-- Attachment #1.1: Type: text/plain, Size: 2168 bytes --] On Sat, Apr 12, 2025 at 02:19:08AM +0200, Timo Rothenpieler wrote: > On 12.04.2025 02:11, Michael Niedermayer wrote: > > On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote: > > > Michael Niedermayer: > > > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > > > --- > > > > configure | 3 ++- > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > diff --git a/configure b/configure > > > > index bd4f8723760..f1db8b6f235 100755 > > > > --- a/configure > > > > +++ b/configure > > > > @@ -436,7 +436,8 @@ Advanced options (experts only): > > > > --enable-hardcoded-tables use hardcoded tables instead of runtime generation > > > > --disable-safe-bitstream-reader > > > > disable buffer boundary checking in bitreaders > > > > - (faster, but may crash) > > > > + (This disables some security checks and can cause undefined behavior, > > > > + it may be faster, but should only be used with trusted input) > > > > --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default] > > > > Optimization options (experts only): > > > > > > I'd like to keep "crash" in the description. Not everyone (not even > > > people setting "experts only" options) will be familiar with the term > > > "undefined behavior". > > > > what about: > > > > (This disables some security checks and can cause undefined behavior and > > crashes, it may be faster, but should only be used with trusted input) > > Given that the undefined behaviour can in theory even include arbitrary code > execution, I'd probably make it even harsher and mention that worst-case > being a possibility. what about this: (This disables some security checks and can cause undefined behavior, crashes and arbitrary code execution, it may be faster, but should only be used with trusted input) ? thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB He who knows, does not speak. He who speaks, does not know. -- Lao Tsu [-- Attachment #1.2: signature.asc --] [-- Type: application/pgp-signature, Size: 195 bytes --] [-- Attachment #2: Type: text/plain, Size: 251 bytes --] _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" 2025-04-12 0:42 ` Michael Niedermayer @ 2025-04-16 0:34 ` Michael Niedermayer 0 siblings, 0 replies; 6+ messages in thread From: Michael Niedermayer @ 2025-04-16 0:34 UTC (permalink / raw) To: FFmpeg development discussions and patches [-- Attachment #1.1: Type: text/plain, Size: 2391 bytes --] On Sat, Apr 12, 2025 at 02:42:11AM +0200, Michael Niedermayer wrote: > On Sat, Apr 12, 2025 at 02:19:08AM +0200, Timo Rothenpieler wrote: > > On 12.04.2025 02:11, Michael Niedermayer wrote: > > > On Fri, Apr 11, 2025 at 08:32:55AM +0200, Andreas Rheinhardt wrote: > > > > Michael Niedermayer: > > > > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > > > > --- > > > > > configure | 3 ++- > > > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > > > > > diff --git a/configure b/configure > > > > > index bd4f8723760..f1db8b6f235 100755 > > > > > --- a/configure > > > > > +++ b/configure > > > > > @@ -436,7 +436,8 @@ Advanced options (experts only): > > > > > --enable-hardcoded-tables use hardcoded tables instead of runtime generation > > > > > --disable-safe-bitstream-reader > > > > > disable buffer boundary checking in bitreaders > > > > > - (faster, but may crash) > > > > > + (This disables some security checks and can cause undefined behavior, > > > > > + it may be faster, but should only be used with trusted input) > > > > > --sws-max-filter-size=N the max filter size swscale uses [$sws_max_filter_size_default] > > > > > Optimization options (experts only): > > > > > > > > I'd like to keep "crash" in the description. Not everyone (not even > > > > people setting "experts only" options) will be familiar with the term > > > > "undefined behavior". > > > > > > what about: > > > > > > (This disables some security checks and can cause undefined behavior and > > > crashes, it may be faster, but should only be used with trusted input) > > > > Given that the undefined behaviour can in theory even include arbitrary code > > execution, I'd probably make it even harsher and mention that worst-case > > being a possibility. > > what about this: > > (This disables some security checks and can cause undefined behavior, > crashes and arbitrary code execution, it may be faster, but > should only be used with trusted input) will apply, feel free to change if someone has ideas for improvment thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Those who are best at talking, realize last or never when they are wrong. [-- Attachment #1.2: signature.asc --] [-- Type: application/pgp-signature, Size: 195 bytes --] [-- Attachment #2: Type: text/plain, Size: 251 bytes --] _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2025-04-16 0:34 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2025-04-10 17:05 [FFmpeg-devel] [PATCH v2] configure: Clearer documentation for "disable-safe-bitstream-reader" Michael Niedermayer 2025-04-11 6:32 ` Andreas Rheinhardt 2025-04-12 0:11 ` Michael Niedermayer 2025-04-12 0:19 ` Timo Rothenpieler 2025-04-12 0:42 ` Michael Niedermayer 2025-04-16 0:34 ` Michael Niedermayer
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel This inbox may be cloned and mirrored by anyone: git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \ ffmpegdev@gitmailbox.com public-inbox-index ffmpegdev Example config snippet for mirrors. AGPL code for this site: git clone https://public-inbox.org/public-inbox.git