[FFmpeg-devel] [PATCH 3/9] lavf/file: implement EXCL flag.
george at nsup.org
Sat Apr 19 15:32:27 CEST 2014
Le decadi 30 germinal, an CCXXII, wm4 a écrit :
> Uh, that sounds severely misdirected. You shouldn't use any relative
> paths for extracting such attachments, and trying to make sure no files
I do not intend to use any specific kind of paths, just the one provided by
> get overwritten during extraction just seems like a very weak way to
> limit the potential damage such a very unsafe mechanism could cause. I
> don't think it's very secure if an attacker can create arbitrary files
> on your filesystem, even if it can't _overwrite_ existing files.
Apparently, you missed the part where I said the documentation would contain
visible warnings about that.
> Why extract all attachments at once? What's the possible use case (I
> see none)?
Inserting the fonts into the fontconfig system, lowering the loading time,
would be one obvious example. Doing batch processing, such as format
conversion, on the attachments, would be another example.
> You could just extract individual attachments, reporting
> their name in ffprobe and making the user provide a destination
> filename, like mkvextract does.
I could decode H.264 with a pen, a lot of paper and a pocket calculator;
darn, people used to compute planets' orbits without even the pocket
calculator. Extracting all the attachments in a file with a tool that works
one by one is nowhere as tedious, but it is still plenty tedious enough. And
I find it tedious while I am quite fluent in shell, which means I can gain a
lot of time.
> In fact, why not just leave this to
And let us leave video decoding to dshow...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: Digital signature
More information about the ffmpeg-devel