On 10/07/15 19:46, Vittorio Giovara wrote: > This reverts commit 9286de045968ad456d4e752651eec22de5e89060. > The change broke support for legit absolute file paths. > > Reported-by: Maksym Veremeyenko <[email protected]>. > --- > It looks like there are more samples that reference absolute path files > than samples referencing files from the same directory. > I proposed to just revert the change for now, and think on a solution when > the number of samples of the second kind increases. > > Vittorio > > libavformat/mov.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavformat/mov.c b/libavformat/mov.c > index d075645..eb42bf5 100644 > --- a/libavformat/mov.c > +++ b/libavformat/mov.c > @@ -2394,7 +2394,7 @@ static int mov_open_dref(AVIOContext **pb, char *src, > MOVDref *ref, > { > /* try relative path, we do not try the absolute because it can leak > information about our > system to an attacker */ > - if (ref->nlvl_to > 0 && ref->nlvl_from > 0 && ref->path[0] != '/') { > + if (ref->nlvl_to > 0 && ref->nlvl_from > 0) { > char filename[1024]; > char *src_path; > int i, l; >
I'd rather provide a switch in the shape of -fflags savepath or such. lu _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
