[vlc-commits] http: correctly strip URI scheme upon redirection (fixes #6872)
Rémi Denis-Courmont
git at videolan.org
Sun Sep 30 16:54:27 CEST 2012
vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Sun Sep 30 17:52:39 2012 +0300| [15eb1dff90131cee1244c5d2c652b07b04816d7f] | committer: Rémi Denis-Courmont
http: correctly strip URI scheme upon redirection (fixes #6872)
Quoting the reporter:
| According to include/vlc_access.h, access_t.psz_location is "URL with
| the scheme stripped". But in http module, schema stays there after
| 302 redirection. That may cause httplive module try to access URL like
| "http://http://host/path".
Pointed-out-by: bbcallen <bbcallen at gmail.com>
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=15eb1dff90131cee1244c5d2c652b07b04816d7f
---
modules/access/http.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/modules/access/http.c b/modules/access/http.c
index d74bbb1..cd388cc 100644
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -574,20 +574,19 @@ connect:
goto error;
}
-
- /* Do not accept redirection outside of HTTP works */
const char *psz_protocol;
- if( !strncmp( p_sys->psz_location, "http:", 5 ) )
+ if( !strncmp( p_sys->psz_location, "http://", 7 ) )
psz_protocol = "http";
- else if( !strncmp( p_sys->psz_location, "https:", 6 ) )
+ else if( !strncmp( p_sys->psz_location, "https://", 8 ) )
psz_protocol = "https";
else
- {
- msg_Err( p_access, "insecure redirection ignored" );
+ { /* Do not accept redirection outside of HTTP */
+ msg_Err( p_access, "unsupported redirection ignored" );
goto error;
}
free( p_access->psz_location );
- p_access->psz_location = strdup( p_sys->psz_location );
+ p_access->psz_location = strdup( p_sys->psz_location
+ + strlen( psz_protocol ) + 3 );
/* Clean up current Open() run */
vlc_UrlClean( &p_sys->url );
http_auth_Reset( &p_sys->auth );
More information about the vlc-commits
mailing list