Browse code
avformat/hls: forbid all protocols except http(s) & file
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7145e80b4f78cff5ed5fee04d4c4d53daaa0e077)
Conflicts:
libavformat/hls.c
Maxim Andreev authored on 2016/01/13 17:51:12Showing 1 changed files
| ... | ... |
@@ -927,6 +927,12 @@ static int open_input(HLSContext *c, struct playlist *pls) |
| 927 | 927 |
seg->url, seg->url_offset, pls->index); |
| 928 | 928 |
|
| 929 | 929 |
if (seg->key_type == KEY_NONE) {
|
| 930 |
+ const char *proto_name = avio_find_protocol_name(seg->url); |
|
| 931 |
+ if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) {
|
|
| 932 |
+ ret = AVERROR_INVALIDDATA; |
|
| 933 |
+ goto cleanup; |
|
| 934 |
+ } |
|
| 935 |
+ |
|
| 930 | 936 |
ret = ffurl_open(&pls->input, seg->url, AVIO_FLAG_READ, |
| 931 | 937 |
&pls->parent->interrupt_callback, &opts); |
| 932 | 938 |
|
| ... | ... |
@@ -934,6 +940,11 @@ static int open_input(HLSContext *c, struct playlist *pls) |
| 934 | 934 |
char iv[33], key[33], url[MAX_URL_SIZE]; |
| 935 | 935 |
if (strcmp(seg->key, pls->key_url)) {
|
| 936 | 936 |
URLContext *uc; |
| 937 |
+ const char *proto_name = avio_find_protocol_name(seg->key); |
|
| 938 |
+ if (!av_strstart(proto_name, "http", NULL) && !av_strstart(proto_name, "file", NULL)) {
|
|
| 939 |
+ ret = AVERROR_INVALIDDATA; |
|
| 940 |
+ goto cleanup; |
|
| 941 |
+ } |
|
| 937 | 942 |
if (ffurl_open(&uc, seg->key, AVIO_FLAG_READ, |
| 938 | 943 |
&pls->parent->interrupt_callback, &opts2) == 0) {
|
| 939 | 944 |
if (ffurl_read_complete(uc, pls->key, sizeof(pls->key)) |