On Fri, Mar 04, 2022 at 04:03:07PM +0100, Niklas Haas wrote:
> From: Niklas Haas <g...@haasn.dev>
> 
> Using the venerable HEADER.txt as a small file to load.
> ---
>  libavutil/tests/opt.c    | 38 +++++++++++++++++++++++++++++++++++++-
>  tests/fate/libavutil.mak |  2 +-
>  tests/ref/fate/opt       |  4 ++++
>  3 files changed, 42 insertions(+), 2 deletions(-)

Please add tests which tries to load
id_rsa
~/.ssh/id_rsa
shadow
/etc/shadow
.bash_history
...

The idea here is of course that such attempts fail

Also document the security implications of this feature in 
doc/APIchanges / release notes if there is a security implication

Adjusting the parameters of most components could previously
not read arbitrary files so a application could previously
pass a string from a untrusted user to it.
If this changes it needs to be justfied and documented
If it doesnt change and its still safe that should be documented.
If it depends on whitelists and callbacks that should be actually implemented
in ffmpeg and the relevant examples 

And i do like this feature, if it can be done without security issues

thx

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The misfortune of the wise is better than the prosperity of the fool.
-- Epicurus

Attachment: signature.asc
Description: PGP signature

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to