[FFmpeg-devel] [PATCH 1/5] avformat/tty: Remove .txt from the extensions as it more likely is not a multimedia related file

Michael Niedermayer michael at niedermayer.cc
Wed Sep 12 01:44:47 EEST 2018

On Tue, Sep 11, 2018 at 11:31:23PM +0200, Carl Eugen Hoyos wrote:
> 2018-05-12 18:33 GMT+02:00, Michael Niedermayer <michael at niedermayer.cc>:
> > Iam not sure if this is a good idea or not but it may make some
> > attacks harder. So throwing this out for discussions ...
> I am definitely not objecting but I doubt that this patch can make
> any attack harder.

files ending with the .txt extension which are not multimedia files
contain some other posibly sensitive data. If an attacker can control
the input path for ffmpeg and nothing else then being able to read txt files
allows leaking the content to the attacker generally.

We had bugs that allowed the attacker to control the input path in some
cases. So this pre-requesite has evidence for past occurance.

We surely can leave txt in the list if people prefer. This is not a clear
case of what is better. Its not a true "its buggy and this fixes it" case
rather a "this is a steping stone an attacker might find useful in some
case of unknown propability"

> The main "advantage" of the patch imo is that it stops FFmpeg
> from decoding txt files.
> Carl Eugen
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

No snowflake in an avalanche ever feels responsible. -- Voltaire
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20180912/441bd704/attachment.sig>

More information about the ffmpeg-devel mailing list