ons 2022-02-02 klockan 14:48 +0100 skrev Michael Niedermayer: > On Tue, Feb 01, 2022 at 05:43:24PM +0100, Tomas Härdin wrote: > > tis 2022-02-01 klockan 11:06 +0100 skrev Michael Niedermayer: > > > On Mon, Jan 31, 2022 at 09:22:52PM +0100, Tomas Härdin wrote: > > > [...] > > > > It strikes me that this borders on incorporating business logic > > > > within > > > > lavf. A user could achieve the same thing with a small shell > > > > script. > > > > For example adding an alias that inspects calls to ffmpeg and > > > > sed:s > > > > ipfs:// URLs accordingly > > > > > > That sounds like a security nightmare > > > > Parsing shit in C is a far bigger nightmare I can assure you. The > > command line can leverage sed and the regex in the URL RFC. > > the problem is if you parse it on the command line and change it > before passing it to ffmpeg. You really need to have ffmpeg and > the command line parse it 100% exactly the same.
The word you're looking for is langsec. It is why I harp on about being very strict with what we accept. /Tomas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
