Re-enable EXTVLCOPT: parsing in m3u playlists. You'll need to append the --m3u-extvlc...

diff --git a/modules/demux/playlist/m3u.c b/modules/demux/playlist/m3u.c
index d2228715f9af64627c9dd38c4e9c42827751b8a0..2068327fdc80653fdab47a3766da06511127dbf5 100644 (file)
--- a/modules/demux/playlist/m3u.c
+++ b/modules/demux/playlist/m3u.c
@@ -109,6 +109,7 @@ static int Demux( demux_t *p_demux )
     const char**ppsz_options = NULL;
     int        i_options = 0;
     vlc_bool_t b_cleanup = VLC_FALSE;
+    vlc_bool_t b_enable_extvlcopt = config_GetInt( p_demux, "m3u-extvlcopt" );
     input_item_t *p_input;
 
     INIT_PLAYLIST_STUFF;
@@ -145,27 +146,26 @@ static int Demux( demux_t *p_demux )
                 if( psz_artist )
                     psz_artist = strdup( psz_artist );
             }
-#if 0
-            /* You're going to need a pretty strong explanation, why
-             * this is not a big security hole if you are to uncomment
-             * this piece of code. Potentially untrusted input file must
-             * not be allowed to specify options in an open-handed fashion.
-             * -- Courmisch
-             */
             else if( !strncasecmp( psz_parse, "EXTVLCOPT:",
                                    sizeof("EXTVLCOPT:") -1 ) )
             {
-                /* VLC Option */
-                char *psz_option;
-                psz_parse += sizeof("EXTVLCOPT:") -1;
-                if( !*psz_parse ) goto error;
-
-                psz_option = MaybeFromLocaleDup( psz_parse );
-                if( psz_option )
-                    INSERT_ELEM( ppsz_options, i_options, i_options,
-                                 psz_option );
+                if( b_enable_extvlcopt )
+                {
+                    /* VLC Option */
+                    char *psz_option;
+                    psz_parse += sizeof("EXTVLCOPT:") -1;
+                    if( !*psz_parse ) goto error;
+
+                    psz_option = MaybeFromLocaleDup( psz_parse );
+                    if( psz_option )
+                        INSERT_ELEM( ppsz_options, i_options, i_options,
+                                     psz_option );
+                }
+                else
+                {
+                    msg_Err( p_demux, "m3u EXTVLCOPT parsing is disabled for security reasons. If you need it and trust the m3u playlist you are trying to open, please append --m3u-extvlcopt to you command line." );
+                }
             }
-#endif
         }
         else if( !strncasecmp( psz_parse, "RTSPtext", sizeof("RTSPtext") -1 ) )
         {

diff --git a/modules/demux/playlist/playlist.c b/modules/demux/playlist/playlist.c
index 1b9273ba03ad11df8b22750a0a55f6aee106394e..fb6f6591e038b52a853f3870b0a76951a295003d 100644 (file)
--- a/modules/demux/playlist/playlist.c
+++ b/modules/demux/playlist/playlist.c
@@ -45,6 +45,11 @@
 #define SKIP_ADS_LONGTEXT N_( "Use playlist options usually used to prevent " \
     "ads skipping to detect ads and prevent adding them to the playlist." )
 
+#define EXTVLCOPT_TEXT N_( "Enable parsing of EXTVLCOPT: options" )
+#define EXTVLCOPT_LONGTEXT N_( "Enable parsing of EXTVLCOPT: options in m3u " \
+    "playlists. This option is default disabled to prevent untrusted sources " \
+    "using VLC options without the user's knowledge." )
+
 vlc_module_begin();
     add_shortcut( "playlist" );
     set_category( CAT_INPUT );
@@ -65,6 +70,9 @@ vlc_module_begin();
         set_description( _("M3U playlist import") );
         add_shortcut( "m3u-open" );
         set_capability( "demux2", 10 );
+        add_bool( "m3u-extvlcopt", VLC_FALSE, NULL,
+                  EXTVLCOPT_TEXT, EXTVLCOPT_LONGTEXT, VLC_FALSE );
+        change_unsaveable();
         set_callbacks( E_(Import_M3U), E_(Close_M3U) );
     add_submodule();
         set_description( _("PLS playlist import") );