[vlc-commits] demux: adaptive: sanitize user-agent (fix #20813)
Francois Cartegnie
git at videolan.org
Tue Apr 30 14:28:01 CEST 2019
vlc | branch: master | Francois Cartegnie <fcvlcdev at free.fr> | Tue Apr 23 15:50:05 2019 +0200| [aa98792614777b86b052c2ec03deac57ca3da1e9] | committer: Francois Cartegnie
demux: adaptive: sanitize user-agent (fix #20813)
pretty useless since we can no longer change it...
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=aa98792614777b86b052c2ec03deac57ca3da1e9
---
modules/demux/adaptive/http/HTTPConnection.cpp | 10 +++++++---
modules/demux/adaptive/http/HTTPConnection.hpp | 2 +-
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/modules/demux/adaptive/http/HTTPConnection.cpp b/modules/demux/adaptive/http/HTTPConnection.cpp
index 1924368827..c0bf3fa9ed 100644
--- a/modules/demux/adaptive/http/HTTPConnection.cpp
+++ b/modules/demux/adaptive/http/HTTPConnection.cpp
@@ -70,7 +70,12 @@ HTTPConnection::HTTPConnection(vlc_object_t *p_object_, AuthStorage *auth,
: AbstractConnection( p_object_ )
{
transport = socket_;
- psz_useragent = var_InheritString(p_object_, "http-user-agent");
+ char *psz_useragent = var_InheritString(p_object_, "http-user-agent");
+ useragent = psz_useragent ? std::string(psz_useragent) : std::string("");
+ free(psz_useragent);
+ for(std::string::iterator it = useragent.begin(); it != useragent.end(); ++it)
+ if(!std::isprint(*it))
+ *it = ' ';
queryOk = false;
retries = 0;
authStorage = auth;
@@ -83,7 +88,6 @@ HTTPConnection::HTTPConnection(vlc_object_t *p_object_, AuthStorage *auth,
HTTPConnection::~HTTPConnection()
{
- free(psz_useragent);
delete transport;
}
@@ -435,7 +439,7 @@ std::string HTTPConnection::buildRequestHeader(const std::string &path) const
req << "Cookie: " << cookie << "\r\n";
}
req << "Cache-Control: no-cache" << "\r\n" <<
- "User-Agent: " << std::string(psz_useragent) << "\r\n";
+ "User-Agent: " << useragent << "\r\n";
req << extraRequestHeaders();
return req.str();
}
diff --git a/modules/demux/adaptive/http/HTTPConnection.hpp b/modules/demux/adaptive/http/HTTPConnection.hpp
index 50ef844ab8..10e8594144 100644
--- a/modules/demux/adaptive/http/HTTPConnection.hpp
+++ b/modules/demux/adaptive/http/HTTPConnection.hpp
@@ -95,7 +95,7 @@ namespace adaptive
ssize_t readChunk (void *p_buffer, size_t len);
enum RequestStatus parseReply();
std::string readLine();
- char * psz_useragent;
+ std::string useragent;
AuthStorage *authStorage;
ConnectionParams locationparams;
More information about the vlc-commits
mailing list