ffmpeg/FFmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2024-10-20 15:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
86,375 Commits 37 Branches 400 Tags 505 MiB
C 90.2%
Assembly 7.8%
Makefile 1.3%
C++ 0.2%
Objective-C 0.2%
Other 0.1%
189ff42196
Go to file
Michael Niedermayer 189ff42196 avformat/hls: Check local file extensions 
This reduces the attack surface of local file-system
information leaking.

It prevents the existing exploit leading to an information leak. As
well as similar hypothetical attacks.

Leaks of information from files and symlinks ending in common multimedia extensions
are still possible. But files with sensitive information like private keys and passwords
generally do not use common multimedia filename extensions.
It does not stop leaks via remote addresses in the LAN.

The existing exploit depends on a specific decoder as well.
It does appear though that the exploit should be possible with any decoder.
The problem is that as long as sensitive information gets into the decoder,
the output of the decoder becomes sensitive as well.
The only obvious solution is to prevent access to sensitive information. Or to
disable hls or possibly some of its feature. More complex solutions like
checking the path to limit access to only subdirectories of the hls path may
work as an alternative. But such solutions are fragile and tricky to implement
portably and would not stop every possible attack nor would they work with all
valid hls files.

Developers have expressed their dislike / objected to disabling hls by default as well
as disabling hls with local files. There also where objections against restricting
remote url file extensions. This here is a less robust but also lower
inconvenience solution.
It can be applied stand alone or together with other solutions.
limiting the check to local files was suggested by nevcairiel

This recommits the security fix without the author name joke which was
originally requested by Nicolas.

Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com>

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-06-05 13:55:01 +02:00
compat compat/cuda: make cuvidGetDecoderCaps optional 2017-06-01 12:39:06 +02:00
doc avfilter/af_surround: add support for some upmixing of 3.0, 2.1 and 5.1 channel layout 2017-06-04 16:37:47 +02:00
ffbuild build: remove --enable-raise-major configure option 2017-05-17 22:52:59 -03:00
libavcodec x86/aacpsdsp: optimize ff_ps_mul_pair_single_sse 2017-06-04 23:29:56 -03:00
libavdevice Use AVOnce as a static variable consistently 2017-05-22 12:36:32 +02:00
libavfilter avfilter/af_afftfilt: fix memory leaks 2017-06-04 22:51:57 +02:00
libavformat avformat/hls: Check local file extensions 2017-06-05 13:55:01 +02:00
libavresample Merge commit '92db5083077a8b0f8e1050507671b456fd155125' 2017-05-04 19:59:30 -03:00
libavutil avutil/softfloat: Fix sign error in and improve documentation of av_int2sf() 2017-06-04 23:41:08 +02:00
libpostproc Merge commit '92db5083077a8b0f8e1050507671b456fd155125' 2017-05-04 19:59:30 -03:00
libswresample Merge commit '92db5083077a8b0f8e1050507671b456fd155125' 2017-05-04 19:59:30 -03:00
libswscale Merge commit '92db5083077a8b0f8e1050507671b456fd155125' 2017-05-04 19:59:30 -03:00
presets presets: remove moldering iPod presets 2014-06-17 16:15:04 -08:00
tests fate: add test for the Dirac low delay profile 2017-06-05 06:10:40 +01:00
tools tools/target_dec_fuzzer: Move the hwaccel check outside the initialization if 2017-05-29 03:40:47 +02:00
.gitattributes fate: add SCC test 2017-01-27 17:06:42 +01:00
.gitignore build: add support for building .cu files via nvcc 2017-05-15 11:46:50 +02:00
.travis.yml Merge commit 'eda183287489b2c705843aa373a19c4e46fb2fec' 2015-11-22 17:12:24 +00:00
Changelog avfilter: add audio surround upmixer 2017-06-01 21:25:36 +02:00
cmdutils_opencl.c cmdutils_opencl: Fix read of uinitialized cl_mem 2017-05-11 13:02:12 +02:00
cmdutils.c avformat, ffmpeg: deprecate old rotation API 2017-03-27 13:20:27 +02:00
cmdutils.h Merge commit '122de16dd8108a59a55d30543c9f28b5f61b02d1' 2017-05-05 14:04:30 +02:00
configure Disable MSA optimization for big endian arch 2017-06-03 00:09:58 +02:00
CONTRIBUTING.md Add CONTRIBUTING.md 2016-09-18 10:02:13 +01:00
COPYING.GPLv2
COPYING.GPLv3
COPYING.LGPLv2.1
COPYING.LGPLv3
CREDITS
ffmpeg_cuvid.c ffmpeg_cuvid: adapt for recent filter graph initialization changes 2017-03-03 08:45:43 +01:00
ffmpeg_dxva2.c Merge commit '18c506e9e6e8df8b1d496d093077b8240ea68c28' 2016-06-26 15:34:01 +02:00
ffmpeg_filter.c ffmpeg: check for unconnected outputs 2017-05-05 00:15:15 +02:00
ffmpeg_opt.c ffmpeg: remove bsf extradata propagation hack 2017-05-24 20:28:00 -03:00
ffmpeg_qsv.c ffmpeg: init filtergraphs only after we have a frame on each input 2017-03-03 08:45:43 +01:00
ffmpeg_vaapi.c ffmpeg_vaapi: Always set hwaccel_ctx, so it gets properly cleaned up on error 2017-02-05 15:13:15 +00:00
ffmpeg_vdpau.c Merge commit 'f72db3f2f3a8c83a4f5dede8fa03434b2bf676c6' 2016-06-26 15:29:39 +02:00
ffmpeg_videotoolbox.c ffmpeg_videotoolbox: fix usage of av_get_codec_tag_string() 2017-03-29 14:49:29 +02:00
ffmpeg.c ffmpeg: remove bsf extradata propagation hack 2017-05-24 20:28:00 -03:00
ffmpeg.h ffmpeg: remove bsf extradata propagation hack 2017-05-24 20:28:00 -03:00
ffplay.c Merge commit '122de16dd8108a59a55d30543c9f28b5f61b02d1' 2017-05-05 14:04:30 +02:00
ffprobe.c ffprobe: Print AVContentLightMetadata side data contents 2017-06-01 15:07:16 -04:00
ffserver_config.c ffserver_config: Check for failure to allocate FFServerIPAddressACL 2016-12-22 19:23:08 +01:00
ffserver_config.h ffsrever: Make the status page bitexact if any stream is bitexact 2016-11-29 19:26:26 +01:00
ffserver.c Merge commit '122de16dd8108a59a55d30543c9f28b5f61b02d1' 2017-05-05 14:04:30 +02:00
INSTALL.md
LICENSE.md Merge commit '4fef648d10bf3bcfd4b8fa5755c1128966a2427c' 2017-03-15 22:07:47 +01:00
MAINTAINERS lavc: remove libschroedinger encoding and decoding wrappers 2017-05-29 20:15:58 +01:00
Makefile build: remove --enable-raise-major configure option 2017-05-17 22:52:59 -03:00
README.md Add CONTRIBUTING.md 2016-09-18 10:02:13 +01:00
RELEASE Bump minor versions for master after release/3.3 branchpoint 2017-03-31 13:21:06 +02:00

README.md

FFmpeg README

FFmpeg is a collection of libraries and tools to process multimedia content such as audio, video, subtitles and related metadata.

Libraries

  • libavcodec provides implementation of a wider range of codecs.
  • libavformat implements streaming protocols, container formats and basic I/O access.
  • libavutil includes hashers, decompressors and miscellaneous utility functions.
  • libavfilter provides a mean to alter decoded Audio and Video through chain of filters.
  • libavdevice provides an abstraction to access capture and playback devices.
  • libswresample implements audio mixing and resampling routines.
  • libswscale implements color conversion and scaling routines.

Tools

  • ffmpeg is a command line toolbox to manipulate, convert and stream multimedia content.
  • ffplay is a minimalistic multimedia player.
  • ffprobe is a simple analysis tool to inspect multimedia content.
  • ffserver is a multimedia streaming server for live broadcasts.
  • Additional small tools such as aviocat, ismindex and qt-faststart.

Documentation

The offline documentation is available in the doc/ directory.

The online documentation is available in the main website and in the wiki.

Examples

Coding examples are available in the doc/examples directory.

License

FFmpeg codebase is mainly LGPL-licensed with optional components licensed under GPL. Please refer to the LICENSE file for detailed information.

Contributing

Patches should be submitted to the ffmpeg-devel mailing list using git format-patch or git send-email. Github pull requests should be avoided because they are not part of our review process and will be ignored.