What absolute nonsense. There's a gulf of difference between "there's no way 500+ codecs contributed mostly by unpaid hobbyists is robust to hostile input" and "here's working exploit code."