[vlc-devel] [PATCH] Adding caf file demuxer module.
matthias at tristan-inc.com
Sun Sep 22 22:12:04 CEST 2013
Am 22.09.2013 um 00:03 schrieb Rafaël Carré <funman at videolan.org>:
> So I would say bailing out if > UINT32_MAX is the right thing to do.
> Do you expect valid files to use such high values?
> Another question is can we DoS VLC with a carefully crafted file?
> Let's say if it's stuck reading 4GB (-1 byte) on a HTTP link and on a
> mobile phone with 3G connection.
I'm not sure I understand exactly what you mean, but yeah, I guess so, if the app is expecting data, and the network doesn't deliver, we might be stuck. But I feel not really qualified to answer this since I don't know (yet) the architecture of VLC very well.
More information about the vlc-devel