From 52f4aea0def80c645f8c3dccf8510ea5c1c174a3 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Wed, 12 Jan 2005 01:20:18 +0000 Subject: [PATCH] cvs policy entry about security Originally committed as revision 3825 to svn://svn.ffmpeg.org/ffmpeg/trunk --- doc/ffmpeg-doc.texi | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/doc/ffmpeg-doc.texi b/doc/ffmpeg-doc.texi index 110f9acded..eb2f664373 100644 --- a/doc/ffmpeg-doc.texi +++ b/doc/ffmpeg-doc.texi @@ -1124,6 +1124,10 @@ please use av_log() instead. Never revert changes made a long time ago or buggy code. Fix it in the normal way instead. +@item + Never write to not allocated memory, never write over the end of arrays, + always check values read from some untrusted source before using them as index + into an array or otherwise risky things. @end enumerate We think our rules are not too hard. If you have comments, contact us.