[Ffmpeg-devel] Re: [PATCH] MXF demuxer

Baptiste Coudurier baptiste.coudurier
Tue Jul 18 01:02:59 CEST 2006

Uoti Urpala wrote:
> On Tue, 2006-07-18 at 00:39 +0200, Baptiste Coudurier wrote:
>>>> +    if (type) { /* long form */
>>>> +        int bytes_num = length & 0x7f;
>>>> +        /* SMPTE 379M 5.3.4 guarantee that bytes_num must not exceed 8 bytes */
>>>> +        assert(bytes_num <= 8);
>>> using assert() to check stuff from a stream for validity is unacceptable
>>> its like printf() aborting your application due to a spelling error
>> I assume bytes_num is <= 8. then It will overflow size. It's a
>> "security" issue. I'll use av_assert.
> If the file contains values not allowed by the spec you should diagnose
> that as invalid input and return an error. It's not reasonable to assume
> that the user would demux "trusted" files only, and so killing the
> program because of invalid input is not appropriate.

If I follow your principle, asserts are just useless. I shall always
check values and return -1 in every situation, now I can grep for assert
in ffmpeg source code and see some asserts are just ensuring that value
is right assuming the latter treatment will not fail.

I agree with you in principle of course. Im just lost in what is a good
"assert" and Im afraid that will start another flame or troll.

Baptiste COUDURIER                              GnuPG Key Id: 0x5C1ABAAA
SMARTJOG S.A.                                    http://www.smartjog.com
Key fingerprint                 8D77134D20CC9220201FC5DB0AC9325C5C1ABAAA
Phone: +33 1 49966312

More information about the ffmpeg-devel mailing list