X-Git-Url: https://git.pterodactylus.net/?a=blobdiff_plain;f=synfig-core%2Ftags%2Fstable%2Fsrc%2Fmodules%2Fmptr_mplayer%2Fmptr_mplayer.cpp;h=9e3d547f54ab2b34e73741e3bb8cfbc8fad76bbf;hb=47fce282611fbba1044921d22ca887f9b53ad91a;hp=d1c6fb457a5b48b80e4cbb023a241785a43e27cf;hpb=46036a57bc1ab5583c5d5c2188e8c52d7682d9d5;p=synfig.git diff --git a/synfig-core/tags/stable/src/modules/mptr_mplayer/mptr_mplayer.cpp b/synfig-core/tags/stable/src/modules/mptr_mplayer/mptr_mplayer.cpp index d1c6fb4..9e3d547 100644 --- a/synfig-core/tags/stable/src/modules/mptr_mplayer/mptr_mplayer.cpp +++ b/synfig-core/tags/stable/src/modules/mptr_mplayer/mptr_mplayer.cpp @@ -1,18 +1,22 @@ -/*! ======================================================================== -** Sinfg -** ppm Target Module -** $Id: mptr_mplayer.cpp,v 1.1.1.1 2005/01/04 01:23:14 darco Exp $ +/* === S Y N F I G ========================================================= */ +/*! \file mptr_mplayer.cpp +** \brief ppm Target Module ** -** Copyright (c) 2002 Robert B. Quattlebaum Jr. +** $Id$ ** -** This software and associated documentation -** are CONFIDENTIAL and PROPRIETARY property of -** the above-mentioned copyright holder. +** \legal +** Copyright (c) 2002-2005 Robert B. Quattlebaum Jr., Adrian Bentley ** -** You may not copy, print, publish, or in any -** other way distribute this software without -** a prior written agreement with -** the copyright holder. +** This package is free software; you can redistribute it and/or +** modify it under the terms of the GNU General Public License as +** published by the Free Software Foundation; either version 2 of +** the License, or (at your option) any later version. +** +** This package is distributed in the hope that it will be useful, +** but WITHOUT ANY WARRANTY; without even the implied warranty of +** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +** General Public License for more details. +** \endlegal ** ** === N O T E S =========================================================== ** @@ -27,7 +31,7 @@ # include #endif -#include +#include #include #include "mptr_mplayer.h" #include @@ -39,7 +43,7 @@ /* === M A C R O S ========================================================= */ -using namespace sinfg; +using namespace synfig; using namespace std; using namespace etl; @@ -66,11 +70,14 @@ mplayer_mptr::~mplayer_mptr() } bool -mplayer_mptr::GetFrame(Time time, sinfg::Surface &surface, sinfg::ProgressCallback *) +mplayer_mptr::GetFrame(Time time, synfig::Surface &surface, synfig::ProgressCallback *) { + +#error This code has vulnerabilites: arbitrary shell command execution and tmpfile issues + int ret; ret=system( - strprintf("/usr/local/bin/mencoder \"%s\" -ovc rawrgb -ss %f -endpos 0 -nosound -o /tmp/tmp.sinfg.rgbdata | grep \"VIDEO\" > /tmp/tmp.sinfg.size", + strprintf("/usr/local/bin/mencoder \"%s\" -ovc rawrgb -ss %f -endpos 0 -nosound -o /tmp/tmp.synfig.rgbdata | grep \"VIDEO\" > /tmp/tmp.synfig.size", filename.c_str(), time ).c_str() @@ -82,24 +89,24 @@ mplayer_mptr::GetFrame(Time time, sinfg::Surface &surface, sinfg::ProgressCallba return false; } */ - FILE *sizefile=fopen("/tmp/tmp.sinfg.size","rt"); - FILE *rgbfile=fopen("/tmp/tmp.sinfg.rgbdata","rb"); + FILE *sizefile=fopen("/tmp/tmp.synfig.size","rt"); + FILE *rgbfile=fopen("/tmp/tmp.synfig.rgbdata","rb"); if(!rgbfile) { - cerr<<"unable to open /tmp/tmp.sinfg.rgbdata"<