Yes, security is by definition adversarial. Thanks for the most basic lesson.
How are you getting ffmpeg to process a stream or file type different from the one you’re expecting? Most use cases of ffmpeg are against known input and known output types. If you’re just stuffing user-supplied files through your tools, then yes you have a different threat model.
> How are you getting ffmpeg to process a stream or file type different from the one you’re expecting?
... That is how ffmpeg works? With default settings it auto-detects the input codec from the bitstream, and the output codec from the extension. You have to go out of your way to force the input codec and disable the auto-detection, and I don't think most software using ffmpeg as a backend would force the user to manually do it, because users can't be trusted to know those details.
In the industry I think folks generally know what they’re feeding into it and what they’re wanting out of it. When there’s a handoff between companies the stream encoding, bitrate, and resolution are generally part of the project spec. Within a company, your teams should know what they’re feeding into a tool and it’s probably not some obscure LucasArts game codec.
If it’s a potential problem for home users, yeah, that’s an issue but it’s not every use of the tool.
How are you getting ffmpeg to process a stream or file type different from the one you’re expecting? Most use cases of ffmpeg are against known input and known output types. If you’re just stuffing user-supplied files through your tools, then yes you have a different threat model.