[vlc-devel] [PATCH 00/13] I took `modules/access/rtsp` (aka. "realrtsp") to the hospital

Filip Roséen filip at atch.se
Thu Feb 25 10:12:26 CET 2016

I accidentally stumbled upon the module *realrtsp* and quickly realized that
the poor fella was indeed quite sick. I have spent a few hours writing patches
for the most serious implications that the current code have, and focus has
been on making the module more stable (ie. not crash on invalid input).

Even though I would like to refactor a lot of the implementation in order for
the module to behave in a more sane manner, the primarily goal of this
patch-tree is to get rid of the unstable parts. 

Maybe a refactor of the module will happen in the future, but at least now it
is not super-sensitive to malformed input.

: Summary

  - Removed stdio-"logging" and replaced such with `msg_{Err,Warn,Dbg}` where
  - Fixed multiple issues regarding (lack of) bounds checking
  - Fixed multiple issues regarding (lack of) error checking 
  - Fixed multiple issues regarding (lack of) diagnostics

: Things that can/should be done in the future

  - Add better and accurate parsing of input data (such as actually considering
    attributes on headers).
  - Make sure the different log levels used are actually sane
  - Remove macros that has to do with logging
  - Make use of standard functions available in include/ to clean up the module
  - Introduce further error-handling and checks

: An (ascii-art) turtle
:----------------------               .--------------------------.
                                     _| I'll save you, realrtsp! |
                  ,+'/.\'+,    ___  / '--------------------------'
                \/\_/\_/\_/\,+' * \

Filip Roséen (13):
  modules/access/rtsp: replaced (some) stdio-"logging" with
  modules/access/rtsp: Fixed crash when 'RealChallenge1' is missing from
    initial server reply
  modules/access/rtsp: fixed crash on unsuccessful DESCRIBE-response
    that includes `Alert`
  modules/access/rtsp: fixed crash on missing ETag + log levels
  modules/access/rtsp: fixed endless iteration on unexpected data
  modules/access/rtsp: fixed bufferoverflow and off-by-one
  modules/access/rtsp: fixed memcpy potentially reading outside buffer
  modules/access/rtsp: fixed rtsp_send_request to respect bounds of
  modules/access/rtsp: fixed `rtsp_search_answers` (bounds +
  modules/access/rtsp: `rtsp_schedule_field` => bounds-check +
    error-check + diagnostic
  modules/access/rtsp: `rtsp_unscheduled_field` => bounds-check +
  modules/access/rtsp: minor refactor + bounds check of
    `rtsp_unschedule_all` and `rtsp_free_answers`
  modules/access/rtsp: `rtsp_get_answers` (many fixes)

 modules/access/rtsp/real.c         | 122 ++++++++++++---------
 modules/access/rtsp/real.h         |   4 +-
 modules/access/rtsp/real_rmff.c    |  31 +++---
 modules/access/rtsp/real_rmff.h    |   3 +-
 modules/access/rtsp/real_sdpplin.c |  89 +++++++++-------
 modules/access/rtsp/real_sdpplin.h |   2 +-
 modules/access/rtsp/rtsp.c         | 213 ++++++++++++++++++++++---------------
 7 files changed, 272 insertions(+), 192 deletions(-)


More information about the vlc-devel mailing list