[vlc-devel] Re: [PATCH] vlc: access module ftp , enable login with user:password
Rémi Denis-Courmont
rem at videolan.org
Thu Jun 8 23:06:37 CEST 2006
Le Jeudi 8 Juin 2006 22:30, Petr Vacek a écrit :
> Small , probably dirty patch, works for me. Can I get some comment on
> this ?
I think your patches has some nasty buffer overflows. AFAIK, psz is
dynamically allocated from the vlc variables to fit whatever values is
involved, so you can't blindly overwrites it with something else with
strcpy().
You might also consider using the same ugly tricks that is in the HTTP
access to hide the password from the playlist item name, ie. rewrite
the name of the item without the password, but keep the password in
the “MRL”.
--
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20060609/0f8965c9/attachment.sig>
More information about the vlc-devel
mailing list