[FFmpeg-devel] [PATCH]Auto-detection for concat demuxer
Carl Eugen Hoyos
cehoyos at ag.or.at
Sun Feb 3 09:40:13 CET 2013
On Sunday 03 February 2013 09:21:31 am Nicolas George wrote:
> > Attached patch adds auto-detection for the concat demuxer.
> >
> > Please review, Carl Eugen
>
> Thanks, but I am afraid this may be a security concern:
> allowing a foreign file to redirect to any file in the system
> may expose sensitive information, or worse.
Maybe a configure switch?
I honestly have no opinion here, I just wanted to post the patch.
[...]
> I find that SCORE_MAX for just a line that starts with "file"
> and a space is a bit too much.
Improved patch attached.
Thank you, Carl Eugen
-------------- next part --------------
diff --git a/libavformat/concatdec.c b/libavformat/concatdec.c
index 0514755..32d57c3 100644
--- a/libavformat/concatdec.c
+++ b/libavformat/concatdec.c
@@ -37,6 +37,22 @@ typedef struct {
static int concat_probe(AVProbeData *probe)
{
+ const char *buf = probe->buf;
+ const char *end = buf + probe->buf_size;
+ int found = 0;
+
+ while (buf + 6 < end) {
+ if (!strncmp(buf, "file ", 5)) {
+ found++;
+ buf += 5;
+ } else if (*buf != '#') {
+ return 0;
+ }
+ while (buf < end && *buf++ != '\n')
+ ;
+ }
+ if (found >= 2) return AVPROBE_SCORE_MAX;
+ if (found == 1) return AVPROBE_SCORE_MAX / 4;
return 0;
}
More information about the ffmpeg-devel
mailing list