[vlc-devel] [PATCH 04/13] modules/access/rtsp: fixed crash on missing ETag + log levels

Filip Roséen filip at atch.se
Thu Feb 25 10:12:30 CET 2016 

If the remote server does not include the `ETag` header when in the
response to the DESCRIBE request, the module would crash due to usage of
`strlen(session_id)` later on, where `session_id` would be  `NULL`.

    % netcat -l -p 8080 <<EOF
    > RTSP/1.0 200 OK
    > CSeq: 1
    > Server: Real
    > RealChallenge1: foobar
    >
    > RTSP/1.0 200 OK
    > CSeq: 2
    > Content-Length: 10
    >
    > helloworld
    EOF

    $ vlc -Idummy --access realrtsp,none 'rtsp://localhost:8080/test'
    [0000000001ab6ea8] dummy interface: using the dummy interface module...
    [00007f1f4c0011d8] core access error: connection failed: Connection refused
    zsh: segmentation fault (core dumped)  vlc -Idummy --access realrtsp,none 'rtsp://localhost:8080/test'
---
 modules/access/rtsp/real.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/modules/access/rtsp/real.c b/modules/access/rtsp/real.c
index 53ad3bc..ee60509 100644
--- a/modules/access/rtsp/real.c
+++ b/modules/access/rtsp/real.c
@@ -648,9 +648,9 @@ rmff_header_t  *real_setup_and_get_header(rtsp_client_t *rtsp_session, int bandw
 
   status=rtsp_request_describe(rtsp_session,NULL);
   if ( status<200 || status>299 ) {
-    msg_Dbg (p_access, "server returned status code %d", status);
+    msg_Warn (p_access, "server returned status code %d", status);
     if ((p_data = rtsp_search_answers(rtsp_session, "Alert"))) {
-      msg_Dbg(p_access, "server replied with a message: '%s'", p_data);
+      msg_Warn(p_access, "server replied with a message: '%s'", p_data);
     }
     rtsp_send_ok( rtsp_session );
     free( challenge1 );
@@ -672,10 +672,13 @@ rmff_header_t  *real_setup_and_get_header(rtsp_client_t *rtsp_session, int bandw
     goto error;
   }
 
-  if (!rtsp_search_answers(rtsp_session,"ETag"))
-    msg_Warn (p_access, "server reply missing ETag");
-  else
-    session_id=strdup(rtsp_search_answers(rtsp_session,"ETag"));
+  if (NULL == (p_data = rtsp_search_answers(rtsp_session, "ETag"))) {
+    msg_Warn(p_access, "ETag missing from server response, aborting!");
+    goto error;
+
+  } else {
+    session_id = strdup(p_data);
+  }
 
   msg_Dbg(p_access, "Stream description size: %u", size);
 
-- 
2.7.1

More information about the vlc-devel mailing list