On Sun, Jan 24, 2016 at 01:56:51PM +0100, Nicolas George wrote: > Le quintidi 5 pluviôse, an CCXXIV, Clement Boesch a écrit : > > Why not an entry in the AVDictionary options? > > That could be a short-term solution to avoid introducing a new API with > ad-hoc parameters, but AVDictionary is still based on strings exclusively, > that is very unpractical for applications. Furthermore, as I pointed out > earlier, just a whitelist at protocol level is not enough to fix all > security issues raised by playlists, especially all kind of cross-site > information leak. Furthermore, this AVGlobalSettings structure could be the > first step in getting rid of global state. >
> Still, you are probably right: people seem to be rushed about patching this > particularly visible instance of the issue, an entry in the AVDictionary > options is probably the simplest way of doing it right now without > introducing API changes that will need to be reverted after proper > designing. I avoided AVDictionaries a bit in the patch for 2 reasons the first is that its more code, setting a whitelist in a AVDictionary can always fail (ENOMEM), also depending on later failure pathes the added whitelist needs to be freed that would be duplicated code around *_open() which ive added in a new *_open_whitelist(), that of course coulde be kept as a private function in libavformat if preferred ? the 2nd reason is that option semantics remove "consumed" parameters from the AVDictionary options. So the whitelist has a tendency to be removed from the AVDictionary. Which is not good security wise when NULL is considered "everything" [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Dictatorship: All citizens are under surveillance, all their steps and actions recorded, for the politicians to enforce control. Democracy: All politicians are under surveillance, all their steps and actions recorded, for the citizens to enforce control.
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
