mov: Double-check that alias path is not an absolute path

nlvl_to and nlvl_from can be set to 1 if both alias and target files are in the same directory, so actually check the first character of the string. We can do this because MacOS filepaths (alis type 2) are always converted to UNIX filepaths (alis type 18).
author: Vittorio Giovara <vittorio.giovara@gmail.com> 2015-04-07 15:06:05 +0200
committer: Vittorio Giovara <vittorio.giovara@gmail.com> 2015-04-19 22:50:24 +0100
commit: 9286de045968ad456d4e752651eec22de5e89060 (patch)
tree: 33ebe16ed019915243e7d88369c575a775615c09 /libavformat/mov.c
parent: 376589e5dd72aa2dd42500f456fca303fcdcad85 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 2704dfb35e..70fa1e0775 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -2301,7 +2301,7 @@ static int mov_open_dref(AVIOContext **pb, char *src, MOVDref *ref,
 {
     /* try relative path, we do not try the absolute because it can leak information about our
        system to an attacker */
-    if (ref->nlvl_to > 0 && ref->nlvl_from > 0) {
+    if (ref->nlvl_to > 0 && ref->nlvl_from > 0 && ref->path[0] != '/') {
         char filename[1024];
         char *src_path;
         int i, l;
author	Vittorio Giovara <vittorio.giovara@gmail.com>	2015-04-07 15:06:05 +0200
committer	Vittorio Giovara <vittorio.giovara@gmail.com>	2015-04-19 22:50:24 +0100
commit	9286de045968ad456d4e752651eec22de5e89060 (patch)
tree	33ebe16ed019915243e7d88369c575a775615c09 /libavformat/mov.c
parent	376589e5dd72aa2dd42500f456fca303fcdcad85 (diff)