[vlc-devel] [PATCH] M3u & pls demux: Check the size of each file line to prevent flooding the playlist.
Adrien Maglo
magsoft at videolan.org
Wed Apr 24 13:58:12 CEST 2013
On 24/04/2013 13:38, Rémi Denis-Courmont wrote:
> On Wed, 24 Apr 2013 13:09:44 +0200, Adrien Maglo <magsoft at videolan.org>
> wrote:
>> Hello,
>>
>>
>> The exploit attached to the ticket #7361 shows that it is possible to
>> freeze VLC with a corrupted playlist file containing very long lines.
>
> Well maybe long URLs should not be printed wholly in the logs then?
That's a solution.
But is it acceptable to store in the playlist such long paths?
>> VLC indeed outputs to the logs a message giving the name of the media,
>> which is extremely long. This is not a security issue but as logging is
>> a costly operation, outputting this message takes a lot of time and
>> freezes VLC.
>>
>> The attached patch proposes to set a maximum line length for the M3U and
>
>> PLS playlist format. It therefore prevent the playlist from being
>> flooded using these demux.
>
> And what about all the many other playlist parsers? I think this fails to
> address the problem.
So the check should be performed in the input_item_NewExt() function or
an other function of the core?
--
MagSoft
More information about the vlc-devel
mailing list