[FFmpeg-cvslog] Move av_tempfile() into libavutil, it is a generically usefull thing and its small.

Reimar Döffinger Reimar.Doeffinger at gmx.de
Sun Oct 16 22:51:06 CEST 2011



On 16 Oct 2011, at 22:40, Michael Niedermayer <michaelni at gmx.at> wrote:

> On Sun, Oct 16, 2011 at 10:28:33PM +0200, Reimar Döffinger wrote:
>> On 16 Oct 2011, at 22:16, Michael Niedermayer <michaelni at gmx.at> wrote:
>>> On Sun, Oct 16, 2011 at 09:42:12PM +0200, Reimar Döffinger wrote:
>>>> On Sun, Oct 16, 2011 at 09:35:26PM +0200, Michael Niedermayer wrote:
>>>>> On Sun, Oct 16, 2011 at 09:22:11PM +0200, Reimar Döffinger wrote:
>>>>>> On Sun, Oct 16, 2011 at 05:21:22PM +0200, Michael Niedermayer wrote:
>>>>>>> -    fd = open(*filename, O_RDWR | O_BINARY | O_CREAT, 0444);
>>>>>> 
>>>>>> Adding O_EXCL should increase security here.
>>>>>> Seems supported at least on Linux and Windows.
>>>>>> Might fail compilation on some systems though.
>>>>> 
>>>>> fixed locally
>>>> 
>>>> Oh, and did you fix the 0444 mode? That seems both like
>>>> a bad idea and mismatches mkstemp behaviour.
>>> 
>>> fixed locally, anything else that needs fixing?
>> 
>> Nothing beyond me still having a really bad feeling about this code for now at least.
> 
> if you prefer we can move it back to libavcodec and require a flag
> for the cache protocol somehow

I'd appreciate if you could think about the latter at least, I don't know if a cache-URL-redirect within cache-URL could be used for an inode count DOS, and for people like me with only a small in-memory /tmp just the cache itself would lend itself for DOSing /tmp - not sure about the consequences of that though.
As long as TMPDIR/TEMPDIR is not supported I'd warn about that and/generally recommend against using it in any more places at least.
> 


More information about the ffmpeg-cvslog mailing list