diff options
| author | Michael Niedermayer <michael@niedermayer.cc> | 2016-01-15 13:29:38 +0100 |
|---|---|---|
| committer | Michael Niedermayer <michael@niedermayer.cc> | 2016-01-15 17:39:05 +0100 |
| commit | 8d5060192cf2bdd9e504e640bc5aafee3a04b99b (patch) | |
| tree | 19e84b0d1104b9f2376f3b38dd585123b6dbe963 | |
| parent | 4089af67ab93b062f1b91c72d6a60547029235c8 (diff) | |
| download | ffmpeg-8d5060192cf2bdd9e504e640bc5aafee3a04b99b.tar.gz | |
avformat/hls: More strict url checks
No case is known where these are needed
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ba42b6482c725a59eb468391544dc0c75b8c6f0)
Conflicts:
libavformat/hls.c
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Conflicts:
libavformat/hls.c
| -rw-r--r-- | libavformat/hls.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/libavformat/hls.c b/libavformat/hls.c index 1bd4678b97..de40b6de9d 100644 --- a/libavformat/hls.c +++ b/libavformat/hls.c @@ -900,6 +900,20 @@ static void intercept_id3(struct playlist *pls, uint8_t *buf, pls->is_id3_timestamped = (pls->id3_mpegts_timestamp != AV_NOPTS_VALUE); } + +static int check_url(const char *url) { + const char *proto_name = avio_find_protocol_name(url); + if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) + return AVERROR_INVALIDDATA; + + if (!strncmp(proto_name, url, strlen(proto_name)) && url[strlen(proto_name)] == ':') + return 0; + else if (strcmp(proto_name, "file") || !strcmp(url, "file,")) + return AVERROR_INVALIDDATA; + + return 0; +} + static int open_input(HLSContext *c, struct playlist *pls) { AVDictionary *opts = NULL; @@ -927,11 +941,9 @@ static int open_input(HLSContext *c, struct playlist *pls) seg->url, seg->url_offset, pls->index); if (seg->key_type == KEY_NONE) { - const char *proto_name = avio_find_protocol_name(seg->url); - if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) { - ret = AVERROR_INVALIDDATA; + ret = check_url(seg->url); + if (ret < 0) goto cleanup; - } ret = ffurl_open(&pls->input, seg->url, AVIO_FLAG_READ, &pls->parent->interrupt_callback, &opts); @@ -940,11 +952,10 @@ static int open_input(HLSContext *c, struct playlist *pls) char iv[33], key[33], url[MAX_URL_SIZE]; if (strcmp(seg->key, pls->key_url)) { URLContext *uc; - const char *proto_name = avio_find_protocol_name(seg->key); - if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) { - ret = AVERROR_INVALIDDATA; + ret = check_url(seg->key); + if (ret < 0) goto cleanup; - } + if (ffurl_open(&uc, seg->key, AVIO_FLAG_READ, &pls->parent->interrupt_callback, &opts2) == 0) { if (ffurl_read_complete(uc, pls->key, sizeof(pls->key)) |