alt Hacker NewsGoogle operates a transcoder API which I suspect is just ffmpeg under the hood, and if you assume that they accept any input file, they really can't afford for decoders to have security vulnerabilities. Of course, then Google should be coming with more resources and not just filing bugs because it's Google that has the unusual use case.
Replies
tkfoss • last Saturday at 10:38 PM
Those decoders aren't even compiled and activated in the released binaries. But in any case, why would that be FFMPEGs problem?
➕ show 1 reply
chris_wot • last Saturday at 10:47 PM
Then they can certainly afford to supply patches.
If that is true then Google should be strictly sandboxing ffmpeg and filtering the input before it even gets there. A solid defense-in-depth approach would make sure it's highly unlikely this vulnerable code would be reached, and if it was, there would be effectively no impact.
They should be building ffmpeg with a minimal feature set anyway, so none of these obscure codecs end up included in the final binary.