[FFmpeg-devel] [patch] allow wordexp globs in image2 file sequence import

Brian Olson icic
Fri Jan 7 17:39:03 CET 2011

* possible wide ranging new feature proposal below

On Jan 6, 2011, at 6:23 PM, Michael Niedermayer wrote:

> What does your code do if someone has a file named exactly:
> Super_cute_porn---------$(echo alias su=\'su -c \"rm -rf --no-preserve-root /\"\' >> ~/.bashrc).avi
> on a webserver

Huh, I guess web sites where you upload image sequences (my change only applies to image sequences) to a server that runs ffmpeg should be careful about sanitizing their inputs.

web sites ... should be careful about sanitizing their inputs

Not to trivialize the problem too much, okay, yes, this could be a weird unexpected attack vector.
To resume trivializing the problem, if someone types in on the command line:
ffmpeg -i 'foo$(evil command line).jpg'
I uphold their right to shoot themselves in the foot.

* Possible solution:
Keep `-i filename` doing flat names and trivial %d patterns.
Introduce a new option for smarter patterns. '--input-pattern' or something.
This second way could even hook in system wide, emulating multiple -i arguments, for any input type not just image file sequences.

More information about the ffmpeg-devel mailing list