From 6534839154b9644a0019baf155f9bda542aa6e75 Mon Sep 17 00:00:00 2001 From: wm4 Date: Sat, 4 Jan 2014 19:00:01 +0100 Subject: demux_subreader: reject file if not opened by --sub demux_subreader.c contains the old MPlayer subtitle parser, and I have absolutely no confidence in this (very crappy) code. There might be one or two security risks associated with running that code on arbitrary input. --- demux/demux.h | 1 + demux/demux_subreader.c | 3 +++ 2 files changed, 4 insertions(+) (limited to 'demux') diff --git a/demux/demux.h b/demux/demux.h index 7a663684f9..6f9437f2d3 100644 --- a/demux/demux.h +++ b/demux/demux.h @@ -152,6 +152,7 @@ struct demuxer_params { int matroska_wanted_segment; bool *matroska_was_valid; struct ass_library *ass_library; + bool expect_subtitle; }; typedef struct demuxer { diff --git a/demux/demux_subreader.c b/demux/demux_subreader.c index 6bb39c960d..1fa449d7f0 100644 --- a/demux/demux_subreader.c +++ b/demux/demux_subreader.c @@ -1337,6 +1337,9 @@ static int d_open_file(struct demuxer *demuxer, enum demux_check check) if (check > DEMUX_CHECK_REQUEST) return -1; + if (!demuxer->params || !demuxer->params->expect_subtitle) + return -1; + struct stream *ps = read_probe_stream(demuxer->stream, PROBE_SIZE); struct subreader sr; -- cgit v1.2.3