[vlc-devel] [PATCH 00/13] Execute medialib queries out of the UI thread

Rémi Denis-Courmont remi at remlab.net
Tue Dec 1 17:43:36 CET 2020 

Le maanantaina 30. marraskuuta 2020, 5.30.55 EET Pierre Ynard via vlc-devel a 
écrit :
> > > Well my experience is that, if I enable the media library, VLC
> > > crashes immediately because of some demuxer bug. This is totally
> > > unacceptable.
> > > 
> > > The root cause bug is most likely in an underlying library (and
> > > possibly failure of Debian to update), caused by a file in one of
> > > the standard media directory. Still, for the sake of reliability, it
> > > is totally insane and unacceptable that VLC crashes just because of
> > > a bug in a demuxer triggered by a file that is neither being played
> > > and in a directory that was not explicitly added.
> > > 
> > > If this hits one out of a dozen of devs, how many million users will
> > > have VLC crash straight away?
> > 
> > As you know, this is correctly tracked as #25119 whereas this
> > patchset tackles #22687. From my experience, this helped
> > highlighting a lot of issues in the code with sanitizers, like
> > prefetch so it at least served a better purpose for the user,
> > and we probably need to have a good report system (at least for
> > developers) if moved to a dedicated process. This should be
> > discussed on the #25119 though, as it's out of scope here.
> 
> Wow you guys are a bit scary. I'm glad that you mention the opportunity
> to sanitize code, but I can't help but react on the security concerns
> of this.

I am not sure since when VLC automatically preparses and prefetches the items 
but scanning media directories was added in VLC 1.0 through the mediadirs SD. 
I agree that it's a serious security (and stability) concern, but it's a 
little late to figure it out.

This patchset is about alleged performance problems with the database.

> And using a separate process won't solve that. I sure hope there will be
> a first-run dialog message to warn and allow the user to disable this
> auto-indexing feature - is there another ticket tracking that?

I don't think the user should have to choose, especially not between two bad 
options. This needs process separation for I/O scheduling (perfomance) and 
stability, and sandboxing for security.

-- 
Реми Дёни-Курмон
http://www.remlab.net/

More information about the vlc-devel mailing list