←back to thread

FFmpeg to Google: Fund us or stop sending bugs

(thenewstack.io)
1126 points CrankyBear | 1 comments | 11 Nov 25 18:32 UTC | HN request time: 0.213s | source
Show context
firefax ◴[11 Nov 25 21:25 UTC] No.45893096[source]
Is it unreasonable to ask that if a massive company funds someone to find a CVE in an open source project, they should also submit a patch? Google is a search company. Seems kind of... evil... to pay your devs to find holes in something with nothing to do with searching, then refuse to pay them to fix the problem they noticed.
replies(1): >>45895794 #
tpmoney ◴[12 Nov 25 02:37 UTC] No.45895794[source]
Google contributes to ffmpeg on a fairly regular basis https://git.ffmpeg.org/gitweb/ffmpeg.git/search/HEAD?s=@goog...

No it's not "unreasonable" to ask for patches along with bug fixes, but it is unreasonable to be mad if they don't. They could just not file the bug reports at all, and that is an objectively worse outcome.

replies(2): >>45896133 #>>45902975 #
firefax ◴[12 Nov 25 17:30 UTC] No.45902975[source]
>No it's not "unreasonable" to ask for patches along with bug fixes, but it is unreasonable to be mad if they don't

Your stance seems to be is that it is unreasonable to be annoyed by someone who is being unreasonable.

When I searched for synonyms for "unreasonable" in a major English language thesarus, the following synonyms were listed:

indefensible, mindless, reasonless, senseless, unjustified, untenable, unwarranted

So yes, it absolutely is valid for the FFMPEG crew to feel trolled by Project Zero.

replies(2): >>45904757 #>>45907957 #
1. tpmoney ◴[12 Nov 25 22:46 UTC] No.45907957[source]
No, my stance is that it is reasonable for ffmpeg to ask for patches along with bug fixes and that is it simultaneously reasonable for Google to submit bug reports without those patches. Just like it would be reasonable for Google to ask for a feature in ffmpeg and it's equally reasonable for the ffmpeg maintainers to decline to implement the feature. Reasonableness is not a binary thing.