Message ID | 20240816231157.3166012-2-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel,1/9] avformat/rmdec: check that bug if completely filled | expand |
On 17 Aug 2024, at 1:11, Michael Niedermayer wrote: > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > doc/APIchanges | 4 ++++ > libavcodec/avcodec.h | 4 ++++ > 2 files changed, 8 insertions(+) > > diff --git a/doc/APIchanges b/doc/APIchanges > index 173f317ea1b..53d164959c0 100644 > --- a/doc/APIchanges > +++ b/doc/APIchanges > @@ -2,6 +2,10 @@ The last version increases of all libraries were on 2024-03-07 > > API changes, most recent first: > > +2024-08-xx - xxxxxxxxx - lavc 61.11.100- avcodec.h > + Not really a change but get_buffer*() should not return > + sensitive data IMO this is really hard to understand unless you look at exactly this commit diff which most people reading the change log will not. Maybe instead: Clarify the documentation for get_buffer*() functions, making it clear that the memory returned by them should not contain sensitive information. This is not a change in the API and how it already worked before. > + > 2024-08-10 - xxxxxxxxx - lavu 59.34.100 - hwcontext_vulkan.h > Add qf and nb_qf to AVVulkanDeviceContext. > Deprecate queue_family_index, nb_graphics_queues, > diff --git a/libavcodec/avcodec.h b/libavcodec/avcodec.h > index 2da63c87ea1..cc6dbfa59fe 100644 > --- a/libavcodec/avcodec.h > +++ b/libavcodec/avcodec.h > @@ -1175,6 +1175,10 @@ typedef struct AVCodecContext { > * this callback and filled with the extra buffers if there are more > * buffers than buf[] can hold. extended_buf will be freed in > * av_frame_unref(). > + * decoders will generally initialize the whole buffer before it is output „Decoders“ as this is the start of a sentence. Maybe use \important to make this stand out more as a special consideration for this API instead of just general description. > + * but it can in rare error conditions happen that uninitialized data is passed > + * through. The buffers returned by get_buffer* should thus not contain sensitive > + * data. > * > * If AV_CODEC_CAP_DR1 is not set then get_buffer2() must call > * avcodec_default_get_buffer2() instead of providing buffers allocated by > -- > 2.46.0 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
On Sat, Aug 17, 2024 at 01:32:56AM +0200, epirat07@gmail.com wrote: > > > On 17 Aug 2024, at 1:11, Michael Niedermayer wrote: > > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > doc/APIchanges | 4 ++++ > > libavcodec/avcodec.h | 4 ++++ > > 2 files changed, 8 insertions(+) > > > > diff --git a/doc/APIchanges b/doc/APIchanges > > index 173f317ea1b..53d164959c0 100644 > > --- a/doc/APIchanges > > +++ b/doc/APIchanges > > @@ -2,6 +2,10 @@ The last version increases of all libraries were on 2024-03-07 > > > > API changes, most recent first: > > > > +2024-08-xx - xxxxxxxxx - lavc 61.11.100- avcodec.h > > + Not really a change but get_buffer*() should not return > > + sensitive data > > IMO this is really hard to understand unless you look at exactly this > commit diff which most people reading the change log will not. > > Maybe instead: > > Clarify the documentation for get_buffer*() functions, making it > clear that the memory returned by them should not contain sensitive > information. This is not a change in the API and how it already worked > before. ok will apply something very similar to your suggestion thx [...]
diff --git a/doc/APIchanges b/doc/APIchanges index 173f317ea1b..53d164959c0 100644 --- a/doc/APIchanges +++ b/doc/APIchanges @@ -2,6 +2,10 @@ The last version increases of all libraries were on 2024-03-07 API changes, most recent first: +2024-08-xx - xxxxxxxxx - lavc 61.11.100- avcodec.h + Not really a change but get_buffer*() should not return + sensitive data + 2024-08-10 - xxxxxxxxx - lavu 59.34.100 - hwcontext_vulkan.h Add qf and nb_qf to AVVulkanDeviceContext. Deprecate queue_family_index, nb_graphics_queues, diff --git a/libavcodec/avcodec.h b/libavcodec/avcodec.h index 2da63c87ea1..cc6dbfa59fe 100644 --- a/libavcodec/avcodec.h +++ b/libavcodec/avcodec.h @@ -1175,6 +1175,10 @@ typedef struct AVCodecContext { * this callback and filled with the extra buffers if there are more * buffers than buf[] can hold. extended_buf will be freed in * av_frame_unref(). + * decoders will generally initialize the whole buffer before it is output + * but it can in rare error conditions happen that uninitialized data is passed + * through. The buffers returned by get_buffer* should thus not contain sensitive + * data. * * If AV_CODEC_CAP_DR1 is not set then get_buffer2() must call * avcodec_default_get_buffer2() instead of providing buffers allocated by
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- doc/APIchanges | 4 ++++ libavcodec/avcodec.h | 4 ++++ 2 files changed, 8 insertions(+)