ffmpeg | branch: release/2.7 | Maxim Andreev <andreevma...@gmail.com> | Wed Jan
13 11:51:12 2016 +0300| [cde38373d134e6cf6a92d900fb2f3ce996e4655c] | committer:
Michael Niedermayer
avformat/hls: forbid all protocols except http(s) & file
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 7145e80b4f78cff5ed5fee04d4c4d53daaa0e077)
Conflicts:
libavformat/hls.c
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cde38373d134e6cf6a92d900fb2f3ce996e4655c
---
libavformat/hls.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/libavformat/hls.c b/libavformat/hls.c
index bd34329..e7e323b 100644
--- a/libavformat/hls.c
+++ b/libavformat/hls.c
@@ -1036,6 +1036,12 @@ static int open_input(HLSContext *c, struct playlist
*pls, struct segment *seg)
seg->url, seg->url_offset, pls->index);
if (seg->key_type == KEY_NONE) {
+ const char *proto_name = avio_find_protocol_name(seg->url);
+ if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name,
"file", NULL)) {
+ ret = AVERROR_INVALIDDATA;
+ goto cleanup;
+ }
+
ret = ffurl_open(&pls->input, seg->url, AVIO_FLAG_READ,
&pls->parent->interrupt_callback, &opts);
@@ -1043,6 +1049,11 @@ static int open_input(HLSContext *c, struct playlist
*pls, struct segment *seg)
char iv[33], key[33], url[MAX_URL_SIZE];
if (strcmp(seg->key, pls->key_url)) {
URLContext *uc;
+ const char *proto_name = avio_find_protocol_name(seg->key);
+ if (!av_strstart(proto_name, "http", NULL) &&
!av_strstart(proto_name, "file", NULL)) {
+ ret = AVERROR_INVALIDDATA;
+ goto cleanup;
+ }
if (ffurl_open(&uc, seg->key, AVIO_FLAG_READ,
&pls->parent->interrupt_callback, &opts2) == 0) {
if (ffurl_read_complete(uc, pls->key, sizeof(pls->key))
_______________________________________________
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
