lavf: add a protocol whitelist/blacklist for file opened internally

Should make the default behaviour safer for careless callers that open random untrusted files. Bug-Id: CVE-2016-1897 Bug-Id: CVE-2016-1898
author: Anton Khirnov <anton@khirnov.net> 2016-01-20 11:11:38 +0100
committer: Anton Khirnov <anton@khirnov.net> 2016-02-22 11:48:30 +0100
commit: ec4c48397641dbaf4ae8df36c32aaa5a311a11bf (patch)
tree: 04b1a3187ffa6c4a1821eb5d6dc70ac8397b5006 /libavformat/sapdec.c
parent: 8c0ceafb0f25da077ff23e394667119f031574fd (diff)
download: ffmpeg-ec4c48397641dbaf4ae8df36c32aaa5a311a11bf.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/libavformat/sapdec.c b/libavformat/sapdec.c
index 9fafd6bffe..fc85f65735 100644
--- a/libavformat/sapdec.c
+++ b/libavformat/sapdec.c
@@ -85,7 +85,8 @@ static int sap_read_header(AVFormatContext *s)
         av_strlcpy(host, "224.2.127.254", sizeof(host));
     }
 
-    sap->protocols = ffurl_get_protocols(NULL, NULL);
+    sap->protocols = ffurl_get_protocols(s->protocol_whitelist,
+                                         s->protocol_blacklist);
     if (!sap->protocols) {
         ret = AVERROR(ENOMEM);
         goto fail;
author	Anton Khirnov <anton@khirnov.net>	2016-01-20 11:11:38 +0100
committer	Anton Khirnov <anton@khirnov.net>	2016-02-22 11:48:30 +0100
commit	ec4c48397641dbaf4ae8df36c32aaa5a311a11bf (patch)
tree	04b1a3187ffa6c4a1821eb5d6dc70ac8397b5006 /libavformat/sapdec.c
parent	8c0ceafb0f25da077ff23e394667119f031574fd (diff)
download	ffmpeg-ec4c48397641dbaf4ae8df36c32aaa5a311a11bf.tar.gz