Security and Debugging
Libav is a library used in many different context, players use it to decode, server-side services use it to transcode, broadcasters use it within their complex production pipelines.
You can consider security issues pretty much any kind of bug:
A segfault is a security issue.
A read/write from not allocated memory is a security issue.
An assert triggered IS a security issue and using asserts is not a way to fix any kind of security issue.
A memory leak is a security issue and in most cases the worst kind.
Most of the bugs are naive assumptions and overlooks piling up over the years, the most common are the following
Off by one
- You loop over something and you read one element too many
- What happens when your frame has dimension 0? What if it is as large as the maximum representable value?
- If you think that a malloc cannot fail, think again, if you think realloc won’t ever return NULL so you can forget about the old pointer and just overwrite it, please DO think again. It can happen, even on Linux.
Sloppy coding practices
- Some bad practices tend to stick and bad patterns such as not forwarding return values will lead to problems later, usually making the process of tracking back to the root issue HARD.