[xine-cvs] CVS: xine-lib/src/xine-engine xine_interface.c,1.60,1.61 xine.c,1.259,1.260 input_rip.c,1

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Update of /cvsroot/xine/xine-lib/src/xine-engine
In directory sc8-pr-cvs1:/tmp/cvs-serv1340/src/xine-engine

Modified Files:
	xine_interface.c xine.c input_rip.c 
Log Message:
* notify the user that the save feature is disabled by default
* security warning when the user tries to set the save_dir to a dangerous location


Index: xine_interface.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/xine-engine/xine_interface.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61

--- xine_interface.c	21 Oct 2003 22:10:34 -0000	1.60
+++ xine_interface.c	24 Oct 2003 09:34:01 -0000	1.61
@@ -772,7 +772,7 @@
 
   static char *std_explanation[] = {
     "",
-    "Warning",
+    "Warning:",
     "Unknown host:",
     "Unknown device:",
     "Network unreachable",
@@ -781,6 +781,7 @@
     "Read error from:",
     "Error loading library:",
     "Encrypted media stream detected",
+    "Security message:"
   };
 
   if( type >= 0 && type < sizeof(std_explanation)/

Index: xine.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/xine-engine/xine.c,v
retrieving revision 1.259
retrieving revision 1.260
diff -u -r1.259 -r1.260
--- xine.c	20 Oct 2003 08:36:57 -0000	1.259
+++ xine.c	24 Oct 2003 09:34:01 -0000	1.260
@@ -1222,7 +1222,24 @@
 
 static void config_save_cb (void *this_gen, xine_cfg_entry_t *entry) {
   xine_t *this = (xine_t *)this_gen;
+  char *homedir_trail_slash = strcat(strdup(xine_get_homedir()), "/");
 
+  if (entry->str_value[0] &&
+      (entry->str_value[0] != '/' || strstr(entry->str_value, "/.") ||
+       strcmp(entry->str_value, xine_get_homedir()) == 0 ||
+       strcmp(entry->str_value, homedir_trail_slash) == 0)) {
+    xine_stream_t *stream;
+    
+    xine_log(this, XINE_LOG_MSG,
+      _("xine: The specified save_dir \"%s\" might be a security risk.\n"), entry->str_value);
+    
+    pthread_mutex_lock(&this->streams_lock);
+    if ((stream = (xine_stream_t *)xine_list_first_content(this->streams)))
+      xine_message(stream, XINE_MSG_SECURITY, _("The specified save_dir might be a security risk."), NULL);
+    pthread_mutex_unlock(&this->streams_lock);
+  }
+  
+  free(homedir_trail_slash);
   this->save_path = entry->str_value;
 }
 

Index: input_rip.c
===================================================================
RCS file: /cvsroot/xine/xine-lib/src/xine-engine/input_rip.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- input_rip.c	20 Oct 2003 08:36:57 -0000	1.8
+++ input_rip.c	24 Oct 2003 09:34:01 -0000	1.9
@@ -540,6 +540,8 @@
   if (!stream->xine->save_path[0]) {
     xine_log(stream->xine, XINE_LOG_MSG,
       _("input_rip: target directory wasn't specified, please fill out the option 'misc.save_dir'\n"));
+    xine_message(stream, XINE_MSG_SECURITY,
+      _("The stream save feature is disabled until you set misc.save_dir in the configuration."));
     return NULL;
   }
   





[xine-cvs] CVS: xine-lib/src/xine-engine xine_interface.c,1.60,1.61 xine.c,1.259,1.260 input_rip.c,1

[xine-cvs] CVS: xine-lib/src/xine-engine xine_interface.c,1.60,1.61 xine.c,1.259,1.260 input_rip.c,1.8,1.9