On 28.01.2016 20:16, Nicolas George wrote:
> Well, since we are sure there are more information leak issues in this area
> of code, we can still discuss a proper fix before the next one becomes
> public.
>
> A few unsorted thoughts about it:
>
> - Restrictions can not be limited to just the proto
L'octidi 8 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> a fix, good or not that isnt implemented is useless
>
> I am not really attracted to the design you suggest, to me its worse
> in several ways but above all its alot more work. So I dont volunteer
>
> to elaborate and avoid misuderst
On Wed, Jan 27, 2016 at 02:04:06PM +0100, Michael Niedermayer wrote:
> On Sun, Jan 24, 2016 at 07:39:18PM +0100, Nicolas George wrote:
> > Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
[...]
> >
> > > another problem of the struct is that depending on from which lib
> > > the pr
On Sun, Jan 24, 2016 at 07:39:18PM +0100, Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> > the argument is added, not out of strict need, (there already is a
> > AVDictionary that can be used) but to make it clear that the author
> > set the whitelist cor
On 24.01.2016 21:32, Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Andreas Cadhalpun a écrit :
>> No. It would have prevented the issue with hls.
>
> Reacting to known attacks by ad-hoc hole-plugging is no way of building
> proper security.
The ad-hoc fix was the change done in the h
Le quintidi 5 pluviôse, an CCXXIV, Andreas Cadhalpun a écrit :
> No. It would have prevented the issue with hls.
Reacting to known attacks by ad-hoc hole-plugging is no way of building
proper security.
> But it's usually only used with local files.
I do not know that. Do you?
> Why not?
Becaus
On 24.01.2016 20:20, Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Andreas Cadhalpun a écrit :
>> The idea is to classify protocols as local (file, concat) or remote (http,
>> tcp).
>
> I am sorry, but this is completely broken.
No. It would have prevented the issue with hls.
> Fir
Le quintidi 5 pluviôse, an CCXXIV, Andreas Cadhalpun a écrit :
> The idea is to classify protocols as local (file, concat) or remote (http,
> tcp).
I am sorry, but this is completely broken. First, concat is not local.
Second, local/remote is not a relevant distinction for security.
Any design m
On 24.01.2016 16:03, Michael Niedermayer wrote:
> On Sun, Jan 24, 2016 at 03:37:24PM +0100, Andreas Cadhalpun wrote:
>> On 24.01.2016 03:42, Michael Niedermayer wrote:
>>> From: Michael Niedermayer
>>> diff --git a/libavformat/avformat.h b/libavformat/avformat.h
>>> index 4964263..2fb9130 100644
>
Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> the argument is added, not out of strict need, (there already is a
> AVDictionary that can be used) but to make it clear that the author
> set the whitelist correctly. Also it simplifies the code compared
> to using the AVDictionary
On Sun, Jan 24, 2016 at 04:03:40PM +0100, Michael Niedermayer wrote:
> On Sun, Jan 24, 2016 at 03:37:24PM +0100, Andreas Cadhalpun wrote:
> > On 24.01.2016 03:42, Michael Niedermayer wrote:
[...]
> > > if ((ret = av_opt_set_dict(*puc, options)) < 0)
> > > goto fail;
> > > +
> > > +
On Sun, Jan 24, 2016 at 03:37:24PM +0100, Andreas Cadhalpun wrote:
> On 24.01.2016 03:42, Michael Niedermayer wrote:
> > From: Michael Niedermayer
> >
> > TODO: Docs
> > TODO: version bump
> >
> > Note to maintainers: update tools
> >
> > Note, testing and checking for missing changes is needed
On 24.01.2016 03:42, Michael Niedermayer wrote:
> From: Michael Niedermayer
>
> TODO: Docs
> TODO: version bump
>
> Note to maintainers: update tools
>
> Note, testing and checking for missing changes is needed
>
> Signed-off-by: Michael Niedermayer
> ---
> ffmpeg_opt.c
On Sun, Jan 24, 2016 at 01:56:51PM +0100, Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Clement Boesch a écrit :
> > Why not an entry in the AVDictionary options?
>
> That could be a short-term solution to avoid introducing a new API with
> ad-hoc parameters, but AVDictionary is still
On Sun, Jan 24, 2016 at 12:47:59PM +0100, Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> > --- a/libavformat/avio.h
> > +++ b/libavformat/avio.h
> > @@ -595,6 +595,10 @@ int avio_open(AVIOContext **s, const char *url, int
> > flags);
> > int avio_open2(
On Sun, Jan 24, 2016 at 01:57:05PM +0100, wm4 wrote:
> On Sun, 24 Jan 2016 13:43:40 +0100
> Clément Bœsch wrote:
>
> > On Sun, Jan 24, 2016 at 12:47:59PM +0100, Nicolas George wrote:
> > > Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> > > > --- a/libavformat/avio.h
> > > >
Le quintidi 5 pluviôse, an CCXXIV, Clement Boesch a écrit :
> Why not an entry in the AVDictionary options?
That could be a short-term solution to avoid introducing a new API with
ad-hoc parameters, but AVDictionary is still based on strings exclusively,
that is very unpractical for applications.
On Sun, 24 Jan 2016 13:43:40 +0100
Clément Bœsch wrote:
> On Sun, Jan 24, 2016 at 12:47:59PM +0100, Nicolas George wrote:
> > Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> > > --- a/libavformat/avio.h
> > > +++ b/libavformat/avio.h
> > > @@ -595,6 +595,10 @@ int avio_open(A
On Sun, 24 Jan 2016 12:47:59 +0100
Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> > --- a/libavformat/avio.h
> > +++ b/libavformat/avio.h
> > @@ -595,6 +595,10 @@ int avio_open(AVIOContext **s, const char *url, int
> > flags);
> > int avio_open2(AVIOC
On Sun, Jan 24, 2016 at 12:47:59PM +0100, Nicolas George wrote:
> Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> > --- a/libavformat/avio.h
> > +++ b/libavformat/avio.h
> > @@ -595,6 +595,10 @@ int avio_open(AVIOContext **s, const char *url, int
> > flags);
> > int avio_open2(
Le quintidi 5 pluviôse, an CCXXIV, Michael Niedermayer a écrit :
> --- a/libavformat/avio.h
> +++ b/libavformat/avio.h
> @@ -595,6 +595,10 @@ int avio_open(AVIOContext **s, const char *url, int
> flags);
> int avio_open2(AVIOContext **s, const char *url, int flags,
> const AVIOInt
On 1/23/2016 11:42 PM, Michael Niedermayer wrote:
> diff --git a/libavformat/avio.h b/libavformat/avio.h
> index c3c0b73..26c39b2 100644
> --- a/libavformat/avio.h
> +++ b/libavformat/avio.h
> @@ -595,6 +595,10 @@ int avio_open(AVIOContext **s, const char *url, int
> flags);
> int avio_open2(AVIO
From: Michael Niedermayer
TODO: Docs
TODO: version bump
Note to maintainers: update tools
Note, testing and checking for missing changes is needed
Signed-off-by: Michael Niedermayer
---
ffmpeg_opt.c |4 ++--
libavdevice/lavfi.c |2 +-
libavformat/as
23 matches
Mail list logo
