Philip Langdale explains how VMware’s VNC-like video codec came to exist: The story of a humble codec. Good reading, and describes the engineering/documentation trade-offs often made in the corporate software world.

This is encouraging: In the following rant, other people (the whole of Ubuntu in this case) are taking the heat for FFmpeg’s shortcomings: 5 Things I hate about Ubuntu. Item #3: “It has defective or near unusable packages (ie ffmpeg, scribus)”

In this situation, the complaint refers to the fact that FFmpeg’s native, default codebase does not presently include the ability to encode AMR or MP3. The Guru is reportedly working on a native MP3 encoder. Native AMR… that certainly should be in the codebase by now, though it probably isn’t.

Many thanks to VMware for contributing to the existing MultimediaWiki description for their own VMware Video codec. This is a a lossless codec used for efficiently and losslessly capturing action from virtualized computer desktops running under VMware’s Workstation product. The community had worked out a number of the codec details but VMware people have filled in the gaps.

Sam Hocevar — who I last saw with his groundbreaking counter-CAPTCHA research named PWNtcha — has been working on a fuzzing program called zzuf. Fuzzing is when you create random, implicitly fraudulent data and feed it as input into a program which is supposed to process the data and make sure that the program fails gracefully when chewing on the pathological data. I learned about this technique some time ago and have always wanted to launch it against our body of open source multimedia software. Sam has done just this. None of the multimedia players tested fared particularly well.

FFmpeg devs have already corrected a number of the issues uncovered by this cursory fuzz test. According to the program’s description, zzuf intercepts file operations and changes random bits in the program’s input. This is a great start to the process. However, it will likely only attack the demuxer layer of the various multimedia applications. A deeper method would be to fuzz, e.g., individual chunks of codec data on the way from the demuxer to its corresponding decoder. This could probably be rigged up in FFmpeg fairly easily (just be sure to make the behavior deterministic so any bugs can be reproduced).