Leo Izen: > After commit 6b1f68ccb04d791f0250e05687c346a99ff47ea1 we refuse to use > URLs of the form https://foo.bar/baz.m3u8?foo=bar because it fails the > file extension check. This commit strips the ?foo=bar at the end before > checking the file extension. > > Signed-off-by: Leo Izen <leo.i...@gmail.com> > --- > libavformat/hls.c | 11 ++++++++++- > 1 file changed, 10 insertions(+), 1 deletion(-) > > diff --git a/libavformat/hls.c b/libavformat/hls.c > index 11e345b280..6a97cced17 100644 > --- a/libavformat/hls.c > +++ b/libavformat/hls.c > @@ -2534,7 +2534,16 @@ static int hls_probe(const AVProbeData *p) > strstr(p->buf, "#EXT-X-TARGETDURATION:") || > strstr(p->buf, "#EXT-X-MEDIA-SEQUENCE:")) { > > - if (!av_match_ext(p->filename, "m3u8,hls,m3u")) { > + char *request_qmark = strchr(p->filename, '?'); > + int match_ext; > + > + if (request_qmark) > + *request_qmark = '\0'; > + match_ext = av_match_ext(p->filename, "m3u8,hls,m3u"); > + if (request_qmark) > + *request_qmark = '?'; > + > + if (!match_ext) { > av_log(NULL, AV_LOG_ERROR, "Not detecting m3u8/hls with non > standard extension\n"); > return 0; > }
This temporarily modifies p->filename which is a const char* (you let strchr cast the const away); it is provided by the user and may point to read-only memory, i.e. restoring the string is not safe. Furthermore, it may lead to data races, because the string might be used somewhere else concurrently (hypothetically, we could even run the probe functions in a multi-threaded way). - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".