avformat/hls: forbid all protocols except http(s) & file

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7145e80b4f78cff5ed5fee04d4c4d53daaa0e077)

Conflicts:

	libavformat/hls.c

1 files changed, 11 insertions, 0 deletions

diff --git a/libavformat/hls.c b/libavformat/hls.c
index f17b826f30..1bd4678b97 100644
--- a/libavformat/hls.c
+++ b/libavformat/hls.c
@@ -927,6 +927,12 @@ static int open_input(HLSContext *c, struct playlist *pls)
            seg->url, seg->url_offset, pls->index);
 
     if (seg->key_type == KEY_NONE) {
+        const char *proto_name = avio_find_protocol_name(seg->url);
+        if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) {
+            ret = AVERROR_INVALIDDATA;
+            goto cleanup;
+        }
+
         ret = ffurl_open(&pls->input, seg->url, AVIO_FLAG_READ,
                           &pls->parent->interrupt_callback, &opts);
 
@@ -934,6 +940,11 @@ static int open_input(HLSContext *c, struct playlist *pls)
         char iv[33], key[33], url[MAX_URL_SIZE];
         if (strcmp(seg->key, pls->key_url)) {
             URLContext *uc;
+            const char *proto_name = avio_find_protocol_name(seg->key);
+            if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) {
+                ret = AVERROR_INVALIDDATA;
+                goto cleanup;
+            }
             if (ffurl_open(&uc, seg->key, AVIO_FLAG_READ,
                            &pls->parent->interrupt_callback, &opts2) == 0) {
                 if (ffurl_read_complete(uc, pls->key, sizeof(pls->key))