Funny, John Carmack was just admiring the creator of ffmpeg the other day for being a better programmer. https://x.com/id_aa_carmack/status/2064095424420487226?s=46
Funny, John Carmack was just admiring the creator of ffmpeg the other day for being a better programmer. https://x.com/id_aa_carmack/status/2064095424420487226?s=46
The majority of code in ffmpeg today isn't written by Fabrice, but also there's multiple axes that people view programming ability on. Some people can write software that will do things you couldn't imagine given the constraints. Some people can write software that is resilient against all malformed input. Sometimes these people are the same people, but frequently they're not.
One thing has nothing to do with the other.
Security vulnerabilities are less about programming ability and more about rigor.
[flagged]
Can't help laughing at a random ad hominem against John Carmack of all people, and about his opinion on a guy who is already widely regarded as an especially talented programmer.
[dead]
I don't think that's fair. There's a lot of talent and grit behind ffmpeg. But for better or worse, getting the code to do what it's supposed to do requires a different mindset than getting it to not do anything else (i.e., to handle malicious inputs correctly).
The developers of ffmpeg are very good at the first thing and not very good at the second. But few people on this planet, if instructed to write a complex video format parser in C or assembly, can produce something that's secure on the first try. The main failing of the ffmpeg team is that they should have spent more time on architectural hardening and mitigations. Most other large projects of this type do.
So all I am hearing is.. Rust
My understanding is that ffmpeg is probably incredibly close to the metal, with tons of assembler mixed in. I imagine doing the same in Rust would include lots of `unsafe` blocks and a similar amount of assembly, so it wouldn't change much in terms of security. Or am I wrong?
Wuffs usually comes up in this context: https://github.com/google/wuffs
So who is someone who's opinion is worth anything to you?
Except yourself, presumably, to me it almost seems nobody is perfect.
On this subject I'd at minimum expect someone with experience in security. Not someone most famously known for making toys that run on computers.
I've seen a lot of things written about Carmack over the last 30+ years, not one comment this casually dismissive until today.