projects / synfig.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 324d875) | patch
Security fix: mod_ffmpeg target used popen to run ffmpeg, change it to use pipe,...
authorpabs <pabs@1f10aa63-cdf2-0310-b900-c93c546f37ac>
Thu, 6 Dec 2007 03:41:36 +0000 (03:41 +0000)
committerpabs <pabs@1f10aa63-cdf2-0310-b900-c93c546f37ac>
Thu, 6 Dec 2007 03:41:36 +0000 (03:41 +0000)
commite89560dada3a83e1e39bdae2eedeea5650489309
tree97275a1cc981f84ca0f7111f914e99dca94d47a7tree | snapshot
parent324d87553cf67500135b36a18136da74aade53ebcommit | diff
Security fix: mod_ffmpeg target used popen to run ffmpeg, change it to use pipe, fork and exec. SIF files with a malicious <name> parameter or with a strange filename could previously have executed arbitrary shell commands.

git-svn-id: http://svn.voria.com/code@1181 1f10aa63-cdf2-0310-b900-c93c546f37ac
synfig-core/trunk/src/modules/mod_ffmpeg/trgt_ffmpeg.cpp diff | blob | history
Synfig (Bombe’s repository)