Hi On Tue, Jan 28, 2025 at 10:12:30PM +0200, Jan Ekström wrote: > On Tue, Jan 28, 2025 at 4:24 PM Michael Niedermayer > wrote: > > > > Maybe fixes: 11435 > > > > Do I understand correctly that the root issue that's being attempted > to be fixed by the initial patch set is that unusual demuxers were > possible to have been probed and opened through the HLS meta demuxer? > In that case I would say that instead of trying to make very nebulous > and easily breakable extension based checking, maybe this demuxer > should just limit its default usable input formats? > > To my knowledge the officially utilized container formats for HLS are > MPEG-TS, MP4-likes (fragmented mp4) and raw audio formats such as AAC, > MP3 or AC-3. One could check what hls.js or ExoPlayer support, and > that should be a generally mostly encompassing thing that does not > depend on what extensions are in use. Adding an AVOption to add > additional formats without code changes would then allow for some > outliers to be added by users. our allowed_extensions list kind of does this already now because with extension_picky (the default now) the probed format must itself declare an extension thats on allowed_extensions so tty can not be used with hls unless one adds it to allowed_extensions completely independant of what extension the files have also any demuxers not listing any extensions can not be used with extension_picky, excpt mpegts which is added as a special case The idea of extension_picky is that everything has to match its not just a check on the file extension of the file (well at least thats the idea until the next security researcher finds a way around it) thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Breaking DRM is a little like attempting to break through a door even though the window is wide open and the only thing in the house is a bunch of things you dont want and which you would get tomorrow for free anyway