virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-08-15 14:13:16 +02:00
Code Issues Releases Activity

mov: Double-check that alias path is not an absolute path

Browse Source 
nlvl_to and nlvl_from can be set to 1 if both alias and target files
are in the same directory, so actually check the first character of the
string. We can do this because MacOS filepaths (alis type 2) are always
converted to UNIX filepaths (alis type 18).
This commit is contained in:
Vittorio Giovara
2015-04-07 15:06:05 +02:00
parent 376589e5dd
commit 9286de0459
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libavformat/mov.c
View File

@@ -2301,7 +2301,7 @@ static int mov_open_dref(AVIOContext **pb, char *src, MOVDref *ref,
{ {
/* try relative path, we do not try the absolute because it can leak information about our /* try relative path, we do not try the absolute because it can leak information about our
system to an attacker */ system to an attacker */
if (ref->nlvl_to > 0 && ref->nlvl_from > 0) { if (ref->nlvl_to > 0 && ref->nlvl_from > 0 && ref->path[0] != '/') {
char filename[1024]; char filename[1024];
char *src_path; char *src_path;
int i, l; int i, l;