[FFmpeg-devel] What is FFmpeg and what should it be
Tomas Härdin
git at haerdin.se
Thu Aug 3 23:50:55 EEST 2023
tor 2023-08-03 klockan 15:25 +0200 skrev Nicolas George:
> Tomas Härdin (12023-07-31):
> > As far as I recall libxml2 does not enable the fancier features of
> > XML
> > unless told to do so. And if it can't disable things like DTD then
> > a
> > ticket should be opened with them to make that possible.
>
> You are missing the point: even if all these features are entirely
> disabled (which we cannot be really sure), the code and data
> structure
> have to be designed to make them possible.
The IMF code uses libxml2 successfully already. I'm not a huge fan of
IMF in lavf tbh since it borders on business logic, but at least we're
leveraging existing code to support it
> > It almost certainly means worse security, not better.
>
> I am quite sure your estimation in this is wrong.
If you think libxml2's test suite is insufficient then open a ticket
with them about it. As far as I can tell it is comprehensive. One
improvement might be to make use of formal methods to prove code
correctness.
> You are not a boss directing the time of your employees towards the
> task
> most profitable for you. Michael is not hacking software defined
> radio
> to be profitable for somebody, he is having fun with it (probably
> because he recently got his hands on the hardware). And I want to
> write
> a <foo bar="qux"> parser because it is an interesting challenge.
Interesting challenges for you are maintenance burdens for everyone
else, and therefore appropriating part of their time.
/Tomas
More information about the ffmpeg-devel
mailing list