[Ffmpeg-cvslog] r5740 - in trunk/libavutil: Makefile lls.c lls.h
Michael Niedermayer
michaelni
Sat Jul 15 10:50:39 CEST 2006
Hi
On Fri, Jul 14, 2006 at 09:40:19PM -0400, Rich Felker wrote:
> On Fri, Jul 14, 2006 at 10:49:19PM +0200, Michael Niedermayer wrote:
> > Hi
> >
> > On Fri, Jul 14, 2006 at 09:35:01PM +0100, M?ns Rullg?rd wrote:
> > > Michael Niedermayer <michaelni at gmx.at> writes:
> > >
> > > > i agree but theres a problem, some asserts are irrelevant
> > > > speedwise and some are in speed-critical parts, and there are some people
> > > > (me for example, and possibly other developers...) who want the rarely
> > > > executed asserts() to be enabled while the often executed ones should be
> > > > disabled in their build ... a global NDEBUG is not enough here
> > > >
> > > > IIRC ive already at least suggested once that 2 av_asserts, one for
> > > > speedcritical and one for non-speedcritical parts should be added
> > > > yeah i shouldnt suggest but rather do the work myself i know ...
> > >
> > > We could also use a single av_assert with a numerical argument
> > > specifying the debug level at which to enable it.
> > >
> > > Something like
> > >
> > > #ifndef AV_DEBUG
> > > #define AV_DEBUG 0
> > > #endif
> > >
> > > #define av_assert(level, expr) do { \
> > > if(level < AV_DEBUG){ \
> > > assert(expr) \
> > > } \
> > > } while(0)
> >
> > no objections, feel free to commit
> >
> >
> > about the levels, id suggest:
> > 0 assert failure could lead to exploits
> > 1 assert in speed uncritical code
> > 2 assert in speed critical code
>
> Regarding level 0, if this is the case the code needs to be fixed,
> since aborting the calling app on bad input is hardly acceptable
> either... I tend to think there's no reason to have a special assert
> level for it. If finding the bug and adding the assert isn't too hard,
> adding the "return failure" or "longjmp out" code shouldn't be much
> harder and prevents "DoS" vulns which could also be nasty when lavc is
> used inside some sort of long-lived/server process.
and what should we add for:
complex_algorithm(&a, &b); // if i implemented this correctly then a is
// guaranteed to be within the array
array[a]= b;
should we add a
if(a>= array_length)
return;
even though this is not possible if the code is non buggy?
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
In the past you could go to a library and read, borrow or copy any book
Today you'd get arrested for mere telling someone where the library is
More information about the ffmpeg-cvslog
mailing list