[FFmpeg-devel] [PATCH] avformat/hls: Pass a copy of the URL for probing

Michael Niedermayer michael at niedermayer.cc
Wed Jul 1 12:29:03 EEST 2020 

On Mon, Jun 29, 2020 at 09:18:18PM +0200, Michael Niedermayer wrote:
> On Mon, Jun 29, 2020 at 09:08:07PM +0200, Andreas Rheinhardt wrote:
> > Michael Niedermayer:
> > > The segments / url can be modified by the io read when reloading
> > > 
> > > This may be an alternative or additional fix for Ticket8673
> > > as a further alternative the reload stuff could be disabled during
> > > probing
> > > 
> > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > ---
> > >  libavformat/hls.c | 6 ++++--
> > >  1 file changed, 4 insertions(+), 2 deletions(-)
> > > 
> > > diff --git a/libavformat/hls.c b/libavformat/hls.c
> > > index 3798bdd5d1..ba17c4ed96 100644
> > > --- a/libavformat/hls.c
> > > +++ b/libavformat/hls.c
> > > @@ -1946,6 +1946,7 @@ static int hls_read_header(AVFormatContext *s)
> > >      /* Open the demuxer for each playlist */
> > >      for (i = 0; i < c->n_playlists; i++) {
> > >          struct playlist *pls = c->playlists[i];
> > > +        char *url;
> > >          ff_const59 AVInputFormat *in_fmt = NULL;
> > >  
> > >          if (!(pls->ctx = avformat_alloc_context())) {
> > > @@ -1983,8 +1984,9 @@ static int hls_read_header(AVFormatContext *s)
> > >                            read_data, NULL, NULL);
> > >          pls->ctx->probesize = s->probesize > 0 ? s->probesize : 1024 * 4;
> > >          pls->ctx->max_analyze_duration = s->max_analyze_duration > 0 ? s->max_analyze_duration : 4 * AV_TIME_BASE;
> > > -        ret = av_probe_input_buffer(&pls->pb, &in_fmt, pls->segments[0]->url,
> > > -                                    NULL, 0, 0);
> > > +        url = av_strdup(pls->segments[0]->url);
> > > +        ret = av_probe_input_buffer(&pls->pb, &in_fmt, url, NULL, 0, 0);
> > > +        av_free(url);
> > >          if (ret < 0) {
> > >              /* Free the ctx - it isn't initialized properly at this point,
> > >               * so avformat_close_input shouldn't be called. If
> > > 
> > Is the missing allocation check intentional?
> 
> i thought if it fails filename is NULL and the code could still
> plausibly continue.
> but we can also fail or warn if people prefer

will apply this as i think this makes the fix for a public CVE more
robust

[...]

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Into a blind darkness they enter who follow after the Ignorance,
they as if into a greater darkness enter who devote themselves
to the Knowledge alone. -- Isha Upanishad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20200701/e1c07b45/attachment.sig>

More information about the ffmpeg-devel mailing list