From 53e0d5d7247548743e13c59c35e59fc2161e9582 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Fri, 2 Jun 2017 14:47:16 +0200 Subject: [PATCH] avformat/options: log filename on open The loglevel is choosen so that the main filename and any images of multi image sequences are shown only at debug level to avoid clutter. This makes exploits in playlists more visible. As they would show accesses to private/sensitive files Signed-off-by: Michael Niedermayer --- libavformat/options.c | 12 ++++++++++++ libavformat/utils.c | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/libavformat/options.c b/libavformat/options.c index 25a506eef8..9371c72667 100644 --- a/libavformat/options.c +++ b/libavformat/options.c @@ -102,6 +102,18 @@ static const AVClass av_format_context_class = { static int io_open_default(AVFormatContext *s, AVIOContext **pb, const char *url, int flags, AVDictionary **options) { + int loglevel; + + if (!strcmp(url, s->filename) || + s->iformat && !strcmp(s->iformat->name, "image2") || + s->oformat && !strcmp(s->oformat->name, "image2") + ) { + loglevel = AV_LOG_DEBUG; + } else + loglevel = AV_LOG_INFO; + + av_log(s, loglevel, "Opening \'%s\' for %s\n", url, flags & AVIO_FLAG_WRITE ? "writing" : "reading"); + #if FF_API_OLD_OPEN_CALLBACKS FF_DISABLE_DEPRECATION_WARNINGS if (s->open_cb) diff --git a/libavformat/utils.c b/libavformat/utils.c index fbd8b58ac2..c5f1eac185 100644 --- a/libavformat/utils.c +++ b/libavformat/utils.c @@ -533,6 +533,7 @@ int avformat_open_input(AVFormatContext **ps, const char *filename, if ((ret = av_opt_set_dict(s, &tmp)) < 0) goto fail; + av_strlcpy(s->filename, filename ? filename : "", sizeof(s->filename)); if ((ret = init_input(s, filename, &tmp)) < 0) goto fail; s->probe_score = ret; @@ -570,7 +571,6 @@ int avformat_open_input(AVFormatContext **ps, const char *filename, } s->duration = s->start_time = AV_NOPTS_VALUE; - av_strlcpy(s->filename, filename ? filename : "", sizeof(s->filename)); /* Allocate private data. */ if (s->iformat->priv_data_size > 0) {