Anonymous
11/17/2024, 4:12:45 PM
No.1341036
>>1341032
>I didn't say that the malicious video couldn't be spec compliant.
Yes you did:
>If it's compromised, it won't re-encode properly.
>If you don't trust a video
... then you should be committed to a mental institution for the reasons outlined in detail above.
Strongly consider the fact that instead of targeting MPC-HC or BSPlayer or whatever, the exploit that's baked into the video might just as well target the decoder part of the x264 codec that you have installed, and therefore this:
>ffmpeg -i input.mp4 -c:v libx265 -crf 20 output.mp4
will trigger it as well.
Just like any other operation that accesses the video contents inside the file, anything from viewing it in a player to reencoding it in command line without even displaying a single frame on your screen.
In other words, if you're afraid that a given video file is malicious and that's why you're afraid to play it, then you should have the exact same concern about reencoding it with ffmpeg or with anything else.
>I didn't say that the malicious video couldn't be spec compliant.
Yes you did:
>If it's compromised, it won't re-encode properly.
>If you don't trust a video
... then you should be committed to a mental institution for the reasons outlined in detail above.
Strongly consider the fact that instead of targeting MPC-HC or BSPlayer or whatever, the exploit that's baked into the video might just as well target the decoder part of the x264 codec that you have installed, and therefore this:
>ffmpeg -i input.mp4 -c:v libx265 -crf 20 output.mp4
will trigger it as well.
Just like any other operation that accesses the video contents inside the file, anything from viewing it in a player to reencoding it in command line without even displaying a single frame on your screen.
In other words, if you're afraid that a given video file is malicious and that's why you're afraid to play it, then you should have the exact same concern about reencoding it with ffmpeg or with anything else.