[vlc-devel] [BUG] upnp:f020c4f5 from 2012-03-08 breaks resolve_rel_url() - VLC:UPnP to MythTV
Marcelo Roberto Jimenez
mroberto at users.sourceforge.net
Mon Sep 22 17:01:52 CEST 2014
Hi Philip,
Sorry for the delay.
I have applied your patches with a small modification to patch number 5
that was not compiling due to the use of "inline" in the function
"is_end_path()".
Regards,
Marcelo.
On Thu, May 1, 2014 at 5:26 PM, Philipp Matthias Hahn <pmhahn at pmhahn.de>
wrote:
> Hello,
>
> today I tried to debug a problem of VLC no longer being able to browse
> the MythTV UPnP server, which was reported in
> <http://www.mythtv.org/pipermail/mythtv-users/2013-October/354498.html>.
>
> It's a bug in src/genlib/net/uri/uri.c:581 resolve_rel_url(), which can
> be demonstrated by the following short programm:
>
> #include <stdlib.h>
> #include <stdio.h>
> #include <string.h>
>
> const char psz_base_url[] = "http://192.168.178.33:6544/getDeviceDesc";
> const char psz_event_sub_url[] = "CDS_Event";
>
> int main(void) {
> int ret;
> char *psz_url = (char *)malloc(strlen(psz_base_url) +
> strlen(psz_event_sub_url) + 1);
>
> ret = UpnpResolveURL(psz_base_url, psz_event_sub_url, psz_url);
> printf("%d %s\n", ret, psz_url);
> return 0;
> }
>
> It returns
> "http://192.168.178.33:6544/CDS_EventDesc"
> instead of
> "http://192.168.178.33:6544/CDS_Event"; notice the trailing "Desc".
>
>
> This is causes by commit 0edaf336:
> Remove most of strcpy, sprintf and strcat
>
> Replace strcpy, sprintf and strcat by strncpy, snprintf and strncat to
> avoid buffer overflows.
>
> (forward port of commit 97a17ff5add73c97844e2fa74456bab4df0800f1)
>
> which blindly replaces several
> strcpy(dest, src)
> by
> strncpy(dest, src, strlen(src))
> , which are NOT equivalent, as strlen() returns the length without the
> ending '\0'. Thus the string is not terminated!
>
>
> I reviewed that commit and changed several cases to simply use strdup()
> instead of using strlen() every time.
> Fixing resolve_rel_url() took a lot longer than expected, because there
> were other problems hiding:
> 1. The conversion from if() to switch() broke the getaddrinfo() logic,
> 2. remove_dots() did not handle all cases from RFC 3986 correctly,
> 3. resolve_rel_url() did not handle queries and fragments correctly.
>
> Please find attached my patch set including a new unit test; whith those
> applied I'm no able to at least get VLC to connect to MythTV using UPnP.
> But VLC/MythTV now has different problem...
>
> Sincerely
> Philipp
> --
> / / (_)__ __ ____ __ Philipp Hahn
> / /__/ / _ \/ // /\ \/ /
> /____/_/_//_/\_,_/ /_/\_\ pmhahn at pmhahn.de
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20140922/4c5e5b64/attachment.html>
More information about the vlc-devel
mailing list