From ec4c48397641dbaf4ae8df36c32aaa5a311a11bf Mon Sep 17 00:00:00 2001
From: Anton Khirnov <anton@khirnov.net>
Date: Wed, 20 Jan 2016 11:11:38 +0100
Subject: lavf: add a protocol whitelist/blacklist for file opened internally

Should make the default behaviour safer for careless callers that open
random untrusted files.

Bug-Id: CVE-2016-1897
Bug-Id: CVE-2016-1898
---
 libavformat/options_table.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libavformat/options_table.h')

diff --git a/libavformat/options_table.h b/libavformat/options_table.h
index 8372ef3650..b566da6400 100644
--- a/libavformat/options_table.h
+++ b/libavformat/options_table.h
@@ -70,6 +70,10 @@ static const AVOption avformat_options[] = {
 {"auto",              "enabled when required by target format",    0, AV_OPT_TYPE_CONST, {.i64 = AVFMT_AVOID_NEG_TS_AUTO },              INT_MIN, INT_MAX, E, "avoid_negative_ts"},
 {"make_non_negative", "shift timestamps so they are non negative", 0, AV_OPT_TYPE_CONST, {.i64 = AVFMT_AVOID_NEG_TS_MAKE_NON_NEGATIVE }, INT_MIN, INT_MAX, E, "avoid_negative_ts"},
 {"make_zero",         "shift timestamps so they start at 0",       0, AV_OPT_TYPE_CONST, {.i64 = AVFMT_AVOID_NEG_TS_MAKE_ZERO },         INT_MIN, INT_MAX, E, "avoid_negative_ts"},
+{"protocol_blacklist", "A comma-separated list of blacklisted protocols used for opening files internally by lavf",
+                       OFFSET(protocol_blacklist), AV_OPT_TYPE_STRING, { .str = "concat" }, .flags = E | D },
+{"protocol_whitelist", "A comma-separated list of whitelisted protocols used for opening files internally by lavf",
+                       OFFSET(protocol_whitelist), AV_OPT_TYPE_STRING, { .str = NULL }, .flags = E | D },
 {NULL},
 };
 
-- 
cgit v1.2.3