From: Jean-Paul Saman Date: Tue, 10 Jun 2008 14:34:25 +0000 (+0200) Subject: Add comment about getVariable() and setVariable() JS function: they are removed becau... X-Git-Tag: 0.9.0-test0~127 X-Git-Url: https://git.sesse.net/?a=commitdiff_plain;h=21d5beede3b4df8a588b131a3ec598f2b84bc6de;p=vlc Add comment about getVariable() and setVariable() JS function: they are removed because of their security implications. Everyone is advice to use the newer ActiveX v2 (IVLCControl2) interface instead. --- diff --git a/projects/activex/vlccontrol.cpp b/projects/activex/vlccontrol.cpp index a1e3c83599..19210148ab 100644 --- a/projects/activex/vlccontrol.cpp +++ b/projects/activex/vlccontrol.cpp @@ -509,191 +509,16 @@ STDMETHODIMP VLCControl::toggleMute(void) STDMETHODIMP VLCControl::setVariable(BSTR name, VARIANT value) { + /** setVariable() is an unsafe interface because of security + implications it has and is thus removed. */ return E_INVALIDARG; -#if 0 - if( 0 == SysStringLen(name) ) - return E_INVALIDARG; - - libvlc_instance_t *p_libvlc; - HRESULT hr = _p_instance->getVLC(&p_libvlc); - if( SUCCEEDED(hr) ) - { - int codePage = _p_instance->getCodePage(); - char *psz_varname = CStrFromBSTR(codePage, name); - if( NULL == psz_varname ) - return E_OUTOFMEMORY; - - int i_type; - vlc_value_t val; - - if( VLC_SUCCESS == VLC_VariableType(i_vlc, psz_varname, &i_type) ) - { - VARIANT arg; - VariantInit(&arg); - - switch( i_type ) - { - case VLC_VAR_BOOL: - hr = VariantChangeType(&arg, &value, 0, VT_BOOL); - if( SUCCEEDED(hr) ) - val.b_bool = (VARIANT_TRUE == V_BOOL(&arg)) ? true : false; - break; - - case VLC_VAR_INTEGER: - case VLC_VAR_HOTKEY: - hr = VariantChangeType(&arg, &value, 0, VT_I4); - if( SUCCEEDED(hr) ) - val.i_int = V_I4(&arg); - break; - - case VLC_VAR_FLOAT: - hr = VariantChangeType(&arg, &value, 0, VT_R4); - if( SUCCEEDED(hr) ) - val.f_float = V_R4(&arg); - break; - - case VLC_VAR_STRING: - case VLC_VAR_MODULE: - case VLC_VAR_FILE: - case VLC_VAR_DIRECTORY: - case VLC_VAR_VARIABLE: - hr = VariantChangeType(&arg, &value, 0, VT_BSTR); - if( SUCCEEDED(hr) ) - { - i_type = VLC_VAR_STRING; - val.psz_string = CStrFromBSTR(codePage, V_BSTR(&arg)); - VariantClear(&arg); - } - break; - - case VLC_VAR_TIME: - // use a double value to represent time (base is expressed in seconds) - hr = VariantChangeType(&arg, &value, 0, VT_R8); - if( SUCCEEDED(hr) ) - val.i_time = (signed __int64)(V_R8(&arg)*1000000.0); - break; - - default: - hr = DISP_E_TYPEMISMATCH; - } - } - else { - // no defined type, use type in VARIANT - hr = NO_ERROR; - switch( V_VT(&value) ) - { - case VT_BOOL: - val.b_bool = (VARIANT_TRUE == V_BOOL(&value)) ? true : false; - i_type = VLC_VAR_BOOL; - break; - case VT_I4: - val.i_int = V_I4(&value); - i_type = VLC_VAR_INTEGER; - break; - case VT_R4: - val.f_float = V_R4(&value); - i_type = VLC_VAR_FLOAT; - break; - case VT_BSTR: - val.psz_string = CStrFromBSTR(codePage, V_BSTR(&value)); - i_type = VLC_VAR_STRING; - break; - case VT_R8: - // use a double value to represent time (base is expressed in seconds) - val.i_time = (signed __int64)(V_R8(&value)*1000000.0); - i_type = VLC_VAR_TIME; - break; - default: - hr = DISP_E_TYPEMISMATCH; - } - } - if( SUCCEEDED(hr) ) - { - hr = (VLC_SUCCESS == VLC_VariableSet(i_vlc, psz_varname, val)) ? NOERROR : E_FAIL; - - if( (VLC_VAR_STRING == i_type) && (NULL != val.psz_string) ) - CoTaskMemFree(val.psz_string); - } - CoTaskMemFree(psz_varname); - } - return hr; -#endif }; -STDMETHODIMP VLCControl::getVariable( BSTR name, VARIANT *value) +STDMETHODIMP VLCControl::getVariable(BSTR name, VARIANT *value) { + /** getVariable() is an unsafe interface because of security + implications it has and is thus removed. */ return E_INVALIDARG; -#if 0 - if( NULL == value ) - return E_POINTER; - - VariantInit(value); - - if( 0 == SysStringLen(name) ) - return E_INVALIDARG; - - libvlc_instance_t *p_libvlc; - HRESULT hr = _p_instance->getVLC(&p_libvlc); - if( SUCCEEDED(hr) ) - { - UINT codePage = _p_instance->getCodePage(); - char *psz_varname = CStrFromBSTR(codePage, name); - if( NULL == psz_varname ) - return E_OUTOFMEMORY; - - hr = E_INVALIDARG; - - vlc_value_t val; - int i_type; - - if( (VLC_SUCCESS == VLC_VariableGet(i_vlc, psz_varname, &val)) - && (VLC_SUCCESS == VLC_VariableType(i_vlc, psz_varname, &i_type)) ) - { - hr = NOERROR; - switch( i_type ) - { - case VLC_VAR_BOOL: - V_VT(value) = VT_BOOL; - V_BOOL(value) = val.b_bool ? VARIANT_TRUE : VARIANT_FALSE; - break; - - case VLC_VAR_INTEGER: - case VLC_VAR_HOTKEY: - V_VT(value) = VT_I4; - V_I4(value) = val.i_int; - break; - - case VLC_VAR_FLOAT: - V_VT(value) = VT_R4; - V_R4(value) = val.f_float; - break; - - case VLC_VAR_STRING: - case VLC_VAR_MODULE: - case VLC_VAR_FILE: - case VLC_VAR_DIRECTORY: - case VLC_VAR_VARIABLE: - V_VT(value) = VT_BSTR; - V_BSTR(value) = BSTRFromCStr(codePage, val.psz_string); - if( NULL != val.psz_string) - free(val.psz_string); - break; - - case VLC_VAR_TIME: - // use a double value to represent time (base is expressed in seconds) - V_VT(value) = VT_R8; - V_R8(value) = ((double)val.i_time)/1000000.0; - break; - - default: - hr = DISP_E_TYPEMISMATCH; - } - } - CoTaskMemFree(psz_varname); - return hr; - } - return hr; -#endif }; void VLCControl::FreeTargetOptions(char **cOptions, int cOptionCount)