[FFmpeg-cvslog] r12241 - trunk/libavformat/mov.c

Rich Felker dalias
Wed Feb 27 14:20:03 CET 2008


On Wed, Feb 27, 2008 at 02:10:54PM +0100, Baptiste Coudurier wrote:
> Hi Michael,
> 
> Michael Niedermayer wrote:
> > On Wed, Feb 27, 2008 at 01:04:17PM +0100, Reimar D?ffinger wrote:
> >> On Wed, Feb 27, 2008 at 12:52:54PM +0100, Reimar D?ffinger wrote:
> >>> On Wed, Feb 27, 2008 at 12:33:08PM +0100, Baptiste Coudurier wrote:
> >>>> Now Im curious, considering mov layout and libavformat mechanisms, what
> >>>> would you expect to leak or read, besides what the user application is
> >>>> allowed to read anyway (url_fopen suceeds), and what would be different
> >>>> than garbage from a genuine self-contained file.
> >>> Do you really not get the point?
> >> Or alternatively, am I the only one who sees any of these points as really
> >> _critical_? I am sorry if I annoy you because I am completely at odds
> >> with your opinions, but to me this kind of behaviour feels just as bad
> >> as any buffer overflow, and I can't help that it is considered a feature
> >> just drives me crazy.
> > 
> > I agree that the thing should be disabled by default.
> > About the callback, honestly i dont mind either way, its simpler without
> > a callback ...
> > 
> 
> Ok, Patch attached.

In order for this patch to be accepted, I think it should at the very
least filter urls to a minimal list of valid forms. Also I suspect
it's wrong. If I'm playing http://example.com/foo.mov and it has a
reference to bar.mov, I would think that http://example.com/bar.mov,
not a local file named bar.mov, should be opened...

Rich




More information about the ffmpeg-cvslog mailing list