[MPlayer-dev-eng] [PATCH] Use unrar for open vobsubs if available

Michael Niedermayer michaelni at gmx.at
Fri Nov 30 13:46:04 CET 2007


On Thu, Nov 29, 2007 at 10:15:44PM -0500, Rich Felker wrote:
> On Thu, Nov 29, 2007 at 10:42:32PM +0100, Michael Niedermayer wrote:
> > now i should provide some link to some text/free book/torrent of a non free
> > book about secure programming ... sadly i dont know any
> > but it surely would be a quite usefull addition to our docs
> 
> This reminds me of a thought I had earlier: what if we had a nice list
> of functions & programming idioms that are considered insecure, 

i think thats a great idea, but you forgot to attach the patch :)


> but
> unlike lame projects that just forbid them even in special cases where
> they're obviously okay, instead require by policy either that they not
> be used, or that they be accompanied by a comment explaining why
> they're safe in the special case they're used in. (e.g. a comment
> before a strcat that sufficient space was allocated 10 lines above, or
> before a popen that no input-supplied or -derived data is used in
> constructing the command line).

i dunno if the overhead for secure functions matters enough
for mplayer to allow them at the discretion of the developer

iam thinking of the advantages vs the risk in case the devel makes a
mistake ...

also we at least should stop insecure functions with a #ifdef so that
vissibility of the uses of such functions is maximized and they arent
missed when reviewing commits and patches
just MHO


[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Everything should be made as simple as possible, but not simpler.
-- Albert Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/attachments/20071130/15032a2b/attachment.pgp>


More information about the MPlayer-dev-eng mailing list