virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-02-09 14:14:39 +02:00
Code Issues Releases Activity

avformat/mov: Use open_cb() if set

Browse Source 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This commit is contained in:
Michael Niedermayer 2015-05-11 17:45:42 +02:00
parent 541d75f9a0
commit 77ccc9145a
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
libavformat/mov.c
View File

@ -2602,6 +2602,11 @@ static void mov_build_index(MOVContext *mov, AVStream *st)
static int mov_open_dref(MOVContext *c, AVIOContext **pb, const char *src, MOVDref *ref,
AVIOInterruptCB *int_cb)
{
AVOpenCallback open_func = c->fc->open_cb;
if (!open_func)
open_func = ffio_open2_wrapper;
/* try relative path, we do not try the absolute because it can leak information about our
system to an attacker */
if (ref->nlvl_to > 0 && ref->nlvl_from > 0 && ref->path[0] != '/') {
@ -2634,19 +2639,22 @@ static int mov_open_dref(MOVContext *c, AVIOContext **pb, const char *src, MOVDr
av_strlcat(filename, "../", sizeof(filename));
av_strlcat(filename, ref->path + l + 1, sizeof(filename));
if (!c->use_absolute_path)
if (!c->use_absolute_path && !c->fc->open_cb)
if(strstr(ref->path + l + 1, "..") || ref->nlvl_from > 1)
return AVERROR(ENOENT);
if (strlen(filename) + 1 == sizeof(filename))
return AVERROR(ENOENT);
if (!avio_open2(pb, filename, AVIO_FLAG_READ, int_cb, NULL))
if (!open_func(c->fc, pb, filename, AVIO_FLAG_READ, int_cb, NULL))
return 0;
}
} else if (c->use_absolute_path) {
av_log(c->fc, AV_LOG_WARNING, "Using absolute path on user request, "
"this is a possible security issue\n");
if (!avio_open2(pb, ref->path, AVIO_FLAG_READ, int_cb, NULL))
if (!open_func(c->fc, pb, ref->path, AVIO_FLAG_READ, int_cb, NULL))
return 0;
} else if (c->fc->open_cb) {
if (!open_func(c->fc, pb, ref->path, AVIO_FLAG_READ, int_cb, NULL))
return 0;
}