[Bug 664256] Separate video decoding in another process
GStreamer (bugzilla.gnome.org)
bugzilla at gnome.org
Sun Jan 29 16:50:02 PST 2012
https://bugzilla.gnome.org/show_bug.cgi?id=664256
GStreamer | don't know | unspecified
--- Comment #5 from David Schleef <ds at schleef.org> 2012-01-30 00:49:56 UTC ---
Wouldn't it be better to fix the decoders? It's really not that complicated.
It's been done for both theora and schroedinger.
Video decoders only have about 5 places where they need to be audited. After
that, they're basically transforming from bounded array A to bounded array B,
usually iterating over blocks in B. So it's *really* hard to get it to write
outside its bounds. It's somewhat easier to create a stream that will cause an
unaudited decoder to read outside its bounds, but that's not a path that leads
to exploits.
None of this affects the other reasons one might want to use out-of-process
processing, which I think is a good idea. Just not to work around bugs.
--
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list