[FFmpeg-devel] [PATCH 2/2] avformat/hls: Be more picky on extensions
Michael Niedermayer
michael at niedermayer.cc
Thu Jan 23 02:11:34 EET 2025
Hi Kieran
On Wed, Jan 22, 2025 at 10:47:52PM +0000, Kieran Kunhya via ffmpeg-devel wrote:
> On Wed, 22 Jan 2025, 20:36 Michael Niedermayer, <michael at niedermayer.cc>
> wrote:
>
> > This blocks disallowed extensions from probing
> > It also requires all available segments to have matching extensions to the
> > format
> > mpegts is treated independent of the extension
> >
>
> Potentially this is a stupid question but what stops an attacker from
> faking the extension?
How would he fake the extension ?
The attacker generally wants to access a sensitive file, maybe one in
/etc or maybe .ssh with something like the tty demuxer / ansi decoder
lets pick /etc/passwd as a specific example
that file does not have an extension compatible with the tty demuxer
and we assume that the attacker cannot create links on the target
because if he can he likely can also just read the file directly
This new patch should require every file now to have the appropriate
extension before reading it with that demuxer.
Before this patch you could trigger a demuxer to be probed and have
it be used on another file
If you see a way to bypass this still, please tell me
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Whats the most studid thing your enemy could do ? Blow himself up
Whats the most studid thing you could do ? Give up your rights and
freedom because your enemy blew himself up.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20250123/e7de17bd/attachment.sig>
More information about the ffmpeg-devel
mailing list