mykola/mk-dl-bot_legacy
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions

there is vulnerability related to argument injection

Browse source
This commit is contained in:
mykola2312 2024-02-21 22:38:24 +02:00
parent c737ecd1ba
commit cac2a020bc
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/dl/yt_dlp.rs
View file

@ -167,6 +167,7 @@ impl fmt::Display for YtDlpError {
pub struct YtDlp {} pub struct YtDlp {}
// BUG: REAL ARGUMENT INJECTION! FIX ASAP
impl YtDlp { impl YtDlp {
pub async fn load_info(url: &str) -> Result<YtDlpInfo, YtDlpError> { pub async fn load_info(url: &str) -> Result<YtDlpInfo, YtDlpError> {
let output = spawn("python", ["-m", "yt_dlp", url, "-j"]).await?; let output = spawn("python", ["-m", "yt_dlp", url, "-j"]).await?;