Audit remediation: codec subprocess timeout + LICENSE#2
Open
audriB wants to merge 3 commits into
Open
Conversation
….2-8) 6.2-7 (timeout): _call_c_exec ran the C codec via subprocess.run with no timeout, so a hung or looping codec process would block indefinitely. Add a generous default timeout (_C_EXEC_TIMEOUT = 300s, overridable via NDI_COMPRESS_TIMEOUT) and turn TimeoutExpired into a clear RuntimeError. 6.2-8 (LICENSE): add LICENSE (CC BY-NC-SA 4.0) matching the NDI-compress-matlabp counterpart. FLAGGED (not done): the deeper 6.2-7 concern — codec provenance (P-code vs committed C binaries built at different times; can't rule out format drift) — needs the codec source vendored + built in CI or a pinned versioned build + checksum manifest, plus a cross-language round-trip fixture. That requires the build provenance and a paired MATLAB run; see docs/Audit_Remediation_Results. Authored without the codec C toolchain; the timeout path is covered by the existing error handling. needs the codec binaries to run end-to-end.
Adversarial review found that a non-numeric NDI_COMPRESS_TIMEOUT crashed import (float() at module scope raised ValueError before any code ran). Parse it in a helper that falls back to the 300s default with a RuntimeWarning on a bad value, and document the env var in the README (it was added in code but not user-facing docs).
…6 ecosystem audit; lockstep + deferrals)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Addresses the NDI ecosystem audit findings for NDI-compress-python (§6.2-7, §6.2-8). For review — please do not merge without sign-off.
Changes
_call_c_exec, which now runs with a timeout (default 300 s) so a hung/looping codec process can't block indefinitely. Override via theNDI_COMPRESS_TIMEOUTenv var (invalid value → default + warning);subprocess.TimeoutExpiredis surfaced as a clearRuntimeError. Documented in the README.Deferred (flagged, not done here)
docs/Audit_Remediation_Results_2026-06-12.md.