We also need to check the non "conf::" case. Oops.

diff --git a/src/libvlc.c b/src/libvlc.c
index fa9bbf9deb8f42dc0118c473f0f39f3e4f710cbd..14f172bfbaba09aab95f9dca9f127745c0eab05e 100644 (file)
--- a/src/libvlc.c
+++ b/src/libvlc.c
@@ -230,6 +230,15 @@ int VLC_VariableSet( int i_object, char const *psz_var, vlc_value_t value )
             return VLC_SUCCESS;
         }
     }
+    /* EXPLICIT HACK (this is the legacy API anyway):
+     * VLC_VariableSet is only used from the browser plugins, so we
+     *  can pretty much assume that the input is _not_ trusted. */
+    module_config_t *p_item;
+    p_item = config_FindConfig( VLC_OBJECT(p_libvlc), psz_var );
+    if( !p_item )
+        return VLC_ENOVAR;
+    if( !p_item->b_safe )
+        return VLC_EGENERIC;
 
     i_ret = var_Set( p_libvlc, psz_var, value );