[vlc-devel] [PATCH] Mark some options as safe

Rémi Denis-Courmont remi at remlab.net
Wed Mar 11 13:53:10 CET 2009

On Wed, 11 Mar 2009 13:05:07 +0100, Frederik Kriewitz
<frederik at kriewitz.eu> wrote:
> The Patch is marking some options, which are commonly needed if VLC
> is used as a streaming client, to be safe to allow usage in playlists.

I am not confident that caching values are safe, if using inadequately
large or small values. RTP misorder and dropout values are in a similar
situation. I could be too pessimistic here.

http-reconnect is a horrible hack in the first place. I believe making this
option safe would enable DDoS attacks through the VLC client.

I suspect vout-filter can be used as a proxy for any random setting (e.g.
"filter{opt1=val1,opt2=val2}"). If this is true, it's a non-starter.

Rémi Denis-Courmont

More information about the vlc-devel mailing list