Right, this is why video parse / decode ought to be sandboxed. Writing secure code for these formats, especially in C, is really hard. I just sort of glanced at the bug in the repo, but it sounds plausible. It certainly wouldn’t be the first of its kind.
And it's my impression the code is often in assembly, which is even less structured.