Remove VLCOPT support from M3U parser.

author Rémi Denis-Courmont <rem@videolan.org>

Tue, 20 Nov 2007 18:54:04 +0000 (18:54 +0000)

committer Rémi Denis-Courmont <rem@videolan.org>

Tue, 20 Nov 2007 18:54:04 +0000 (18:54 +0000)
author Rémi Denis-Courmont <rem@videolan.org>
Tue, 20 Nov 2007 18:54:04 +0000 (18:54 +0000)
committer Rémi Denis-Courmont <rem@videolan.org>
Tue, 20 Nov 2007 18:54:04 +0000 (18:54 +0000)
diff --git a/modules/demux/playlist/m3u.c b/modules/demux/playlist/m3u.c

index 7d2a436b9feb15d41c9d8222213ae3ffff519b9f..d2228715f9af64627c9dd38c4e9c42827751b8a0 100644 (file)
--- a/modules/demux/playlist/m3u.c
+++ b/modules/demux/playlist/m3u.c
@@ -145,6 +145,13 @@ static int Demux( demux_t *p_demux )
                  if( psz_artist )
                      psz_artist = strdup( psz_artist );
              }
+#if 0
+            /* You're going to need a pretty strong explanation, why
+             * this is not a big security hole if you are to uncomment
+             * this piece of code. Potentially untrusted input file must
+             * not be allowed to specify options in an open-handed fashion.
+             * -- Courmisch
+             */
              else if( !strncasecmp( psz_parse, "EXTVLCOPT:",
                                     sizeof("EXTVLCOPT:") -1 ) )
              {
@@ -158,6 +165,7 @@ static int Demux( demux_t *p_demux )
                      INSERT_ELEM( ppsz_options, i_options, i_options,
                                   psz_option );
              }
+#endif
          }
          else if( !strncasecmp( psz_parse, "RTSPtext", sizeof("RTSPtext") -1 ) )
          {
author	Rémi Denis-Courmont <rem@videolan.org>
	Tue, 20 Nov 2007 18:54:04 +0000 (18:54 +0000)
committer	Rémi Denis-Courmont <rem@videolan.org>
	Tue, 20 Nov 2007 18:54:04 +0000 (18:54 +0000)