[vlc] Re: Very strange/suspicious VLC-related behavior
Ross Finlayson
finlayson at live555.com
Tue Apr 10 10:10:07 CEST 2007
> > Is this an indication of a security hole in VLC?
>
>Probably. But might well be an abuse of the "well-known" movement
>vectors overflow in libmpeg2 (Meuuh posted some infos about this after
>Sam unleashed zzuf).
>
>In any case, it looks very bad. Yet, if you trust the data source, this
>looks pretty weird.
Yes, I trust the data source. The MPEG-2 Transport Stream file that
I was playing was originally recorded off a firewire cable (connected
to a cable TV box) using a (Mac) application called "iRecord". (It
seems very unlikely that this Mac OS X application would corrupt its
output Transport Stream file in such a way that would cause VLC to
generate something that looks like a Windows script.)
> Did you enable any networked plugin in VLC (service
>discovery, remote interface, etc.) ?
No - I didn't change/reconfigure VLC at all after I originally downloaded it.
> What does netstat say?
Unfortunately I didn't get to run that. (I rebooted my Mac OS X
machine afterwards, just to be on the safe side.)
> > (Is there anything in the VLC code that can allow files to be
> > renamed?)
>
>Sort of, unfortunately, yes. The HTTP access code renames playlist items
>when following redirections, for instance. Still, if you were playing a
>file locally...
Yes, I was playing a (MPEG-2 Transport Stream) file locally. I don't
think I've ever played a "http://" URL from VLC...
Ross.
--
This is the vlc mailing-list, see http://www.videolan.org/vlc/
To unsubscribe, please read http://www.videolan.org/support/lists.html
More information about the vlc
mailing list