Opened 3 years ago

Closed 3 years ago

#5629 closed defect (wontfix)

Concat format relative path

Reported by: Mista_D Owned by:
Priority: normal Component: avformat
Version: git-master Keywords: concat
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Providing relative path in concat file, fails to read file marking it as "Unsafe file name"

$echo file "../free/test2500.ts" >test.txt

$ffmpeg -f concat -i t1 -f null -
ffmpeg version N-80123-gd74cc61 Copyright (c) 2000-2016 the FFmpeg developers

built with gcc 4.4.7 (GCC) 20120313 (Red Hat 4.4.7-16)
configuration: --enable-static --enable-postproc --enable-gpl --enable-avfilter --enable-libx265 --enable-libx264 --enable-libfdk-aac --enable-pthreads -- enable-swscale --enable-runtime-cpudetect --extra-ldflags=-static --disable-shared --disable-encoder=libgsm --disable-decoder=libgsm --disable-doc --enable-version3 --enable-nonfree --en able-libvpx --pkg-config-flags=--static
libavutil 55. 24.100 / 55. 24.100
libavcodec 57. 43.100 / 57. 43.100
libavformat 57. 37.101 / 57. 37.101
libavdevice 57. 0.101 / 57. 0.101
libavfilter 6. 46.100 / 6. 46.100
libswscale 4. 1.100 / 4. 1.100
libswresample 2. 0.101 / 2. 0.101
libpostproc 54. 0.100 / 54. 0.100

[concat @ 0x1ca08c60] Unsafe file name '../free/test2500.ts'
t1: Operation not permitted

Please advise on providing a concat file link to ffmpeg using relative path...

The process is intended for a live web service, so "-safe 0" is not preferred for security reasons.

Change History (2)

comment:1 Changed 3 years ago by Cigaes

Relative paths going out of the current directory are exactly what -safe 1 is meant to prevent, for example ../../etc/passwd.

comment:2 Changed 3 years ago by cehoyos

  • Keywords concat added
  • Resolution set to wontfix
  • Status changed from new to closed
  • Version changed from 3.0.2 to git-master
Note: See TracTickets for help on using tickets.