[vlc-devel] [PATCH] M3u & pls demux: Check the size of each file line to prevent flooding the playlist.
Rémi Denis-Courmont
remi at remlab.net
Wed Apr 24 18:30:35 CEST 2013
Le mercredi 24 avril 2013 14:58:12, Adrien Maglo a écrit :
> On 24/04/2013 13:38, Rémi Denis-Courmont wrote:
> > On Wed, 24 Apr 2013 13:09:44 +0200, Adrien Maglo <magsoft at videolan.org>
> >
> > wrote:
> >> Hello,
> >>
> >>
> >> The exploit attached to the ticket #7361 shows that it is possible to
> >> freeze VLC with a corrupted playlist file containing very long lines.
> >
> > Well maybe long URLs should not be printed wholly in the logs then?
>
> That's a solution.
> But is it acceptable to store in the playlist such long paths?
As far as I know, only the UI really sucks with large URLs and with lots of
items too. The real core overflow bugs have been fixed a long time ago.
> > And what about all the many other playlist parsers? I think this fails to
> > address the problem.
>
> So the check should be performed in the input_item_NewExt() function or
> an other function of the core?
I don't know. I don't even know if there is a sweet spot length large enough
for legitimate use and yet small enough to preserve UI or logging performance.
Also I could be wrong but I believe not all URLs go through
input_item_NewExt().
The fact is, the day after your current patch gets merged, anyone can come
back with the exact same problem through another playlist format or
redirection mechanism. And it is even likely that he will do so after a while.
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the vlc-devel
mailing list