mov: Double-check that alias path is not an absolute path

nlvl_to and nlvl_from can be set to 1 if both alias and target files are in the same directory, so actually check the first character of the string. We can do this because MacOS filepaths (alis type 2) are always converted to UNIX filepaths (alis type 18).

mov: Double-check that alias path is not an absolute path
nlvl_to and nlvl_from can be set to 1 if both alias and target files are in the same directory, so actually check the first character of the string. We can do this because MacOS filepaths (alis type 2) are always converted to UNIX filepaths (alis type 18).
9286de04 · Vittorio Giovara · 376589e5 · 9286de04
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

libavformat/mov.c libavformat/mov.c +1 -1

未找到文件。
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2301,7 +2301,7 @@ static int mov_open_dref(AVIOContext **pb, char *src, MOVDref *ref,
 {
    /* try relative path, we do not try the absolute because it can leak information about our
       system to an attacker */
-    if (ref->nlvl_to > 0 && ref->nlvl_from > 0) {
+    if (ref->nlvl_to > 0 && ref->nlvl_from > 0 && ref->path[0] != '/') {
        char filename[1024];
        char *src_path;
        int i, l;