Hi Kieran On Wed, Jan 22, 2025 at 10:47:52PM +0000, Kieran Kunhya via ffmpeg-devel wrote: > On Wed, 22 Jan 2025, 20:36 Michael Niedermayer, > wrote: > > > This blocks disallowed extensions from probing > > It also requires all available segments to have matching extensions to the > > format > > mpegts is treated independent of the extension > > > > Potentially this is a stupid question but what stops an attacker from > faking the extension? How would he fake the extension ? The attacker generally wants to access a sensitive file, maybe one in /etc or maybe .ssh with something like the tty demuxer / ansi decoder lets pick /etc/passwd as a specific example that file does not have an extension compatible with the tty demuxer and we assume that the attacker cannot create links on the target because if he can he likely can also just read the file directly This new patch should require every file now to have the appropriate extension before reading it with that demuxer. Before this patch you could trigger a demuxer to be probed and have it be used on another file If you see a way to bypass this still, please tell me thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Whats the most studid thing your enemy could do ? Blow himself up Whats the most studid thing you could do ? Give up your rights and freedom because your enemy blew himself up.