mirror
/
yt-dlp
kopia lustrzana https://github.com/yt-dlp/yt-dlp
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność
yt-dlp/test
Historia
Simon Sawicki ff07792676
[core] Prevent RCE when using `--exec` with `%q` (CVE-2024-22423) 
The shell escape function now properly escapes `%`, `\\` and `\n`. `utils.Popen` as well as `%q` output template expansion have been patched accordingly.

Prior to this fix using `--exec` together with `%q` when on Windows could cause remote code to execute. See https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-hjq6-52gw-2g7p for more details.

Authored by: Grub4K
 		2024-04-09 18:36:13 +02:00
..
testdata
__init__.py
conftest.py
helper.py
parameters.json
test_InfoExtractor.py
test_YoutubeDL.py Infer `acodec` for single-codec containers 2024-03-31 22:50:21 +05:30
test_YoutubeDLCookieJar.py
test_aes.py
test_age_restriction.py
test_all_urls.py
test_cache.py
test_compat.py
test_config.py
test_cookies.py [cleanup] Standardize `import datetime as dt` (#8978) 2024-04-01 05:32:15 +05:30
test_download.py
test_downloader_external.py
test_downloader_http.py
test_execution.py [docs] Misc Cleanup (#8977) 2024-03-11 00:48:47 +05:30
test_iqiyi_sdk_interpreter.py
test_jsinterp.py
test_netrc.py
test_networking.py [rh:curlcffi] Add support for `curl_cffi` 2024-03-16 23:15:11 -05:00
test_networking_utils.py
test_overwrites.py
test_plugins.py
test_post_hooks.py
test_postprocessors.py
test_socks.py [rh:curlcffi] Add support for `curl_cffi` 2024-03-16 23:15:11 -05:00
test_subtitles.py
test_traversal.py [cleanup] Misc (#9426) 2024-04-09 16:12:26 +00:00
test_update.py
test_utils.py [core] Prevent RCE when using `--exec` with `%q` (CVE-2024-22423) 2024-04-09 18:36:13 +02:00
test_verbose_output.py
test_websockets.py [test] Workaround websocket server hanging (#9467) 2024-03-16 16:57:21 +13:00
test_write_annotations.py.disabled
test_youtube_lists.py
test_youtube_misc.py
test_youtube_signature.py
testcert.pem