This article was published on January 10, 2014

Google says it has helped fix over 1,000 bugs in FFmpeg via two years of fuzzing


Google says it has helped fix over 1,000 bugs in FFmpeg via two years of fuzzing

For the last two years, Google has been using its data centers to perform large-scale automated testing called fault injection (commonly known as fuzzing) on FFmpeg, a free software project that produces libraries and programs for recording, converting, and streaming audio and video. The company today announced it has helped fixed over 1,000 bugs in the project, including some security issues.

FFmpeg is used in multiple applications and software libraries, including Chrome, MPlayer, VLC, and xine. Google has also simultaneously worked with the developers of Libav, an independent fork of FFmpeg, to help fix over 400 bugs.

“We are continuously improving our corpus and fuzzing methods and will continue to work with both FFmpeg and Libav to ensure the highest quality of the software as used by millions of users behind multiple media players,” Google promises. “Until we can declare both projects ‘fuzz clean’ we recommend that people refrain from using either of the two projects to process untrusted media files.”

➤ FFmpeg and a thousand fixes (Mateusz Jurczyk and Gynvael Coldwind)

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Image Credit: Miguel Saavedra

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with