[vlc-devel] [PATCH 1/2] demux: adaptive: fix out of range exception

Wed Oct 18 08:30:38 CEST 2017

On 2017年10月18日 08:10, Zhao Zhili wrote:
>
> 于 2017年10月18日 GMT+08:00 上午1:01:19, Francois Cartegnie <fcvlcdev at free.fr> 写到:
>> Le 12/10/2017 à 10:11, Zhao Zhili a écrit :
>>> ---
>>>   modules/demux/adaptive/http/HTTPConnection.cpp | 7 +++----
>>>   1 file changed, 3 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/modules/demux/adaptive/http/HTTPConnection.cpp
>> b/modules/demux/adaptive/http/HTTPConnection.cpp
>>> index 5934fb7270..a1f81b61d8 100644
>>> --- a/modules/demux/adaptive/http/HTTPConnection.cpp
>>> +++ b/modules/demux/adaptive/http/HTTPConnection.cpp
>>> @@ -246,10 +246,9 @@ int HTTPConnection::parseReply()
>>>           size_t split = lines.find_first_of(':');
>>>           if(split != std::string::npos)
>>>           {
>>> -            size_t value = split + 1;
>>> -            while(lines.at(value) == ' ')
>>> -                value++;
>>> -
>>> +            size_t value = lines.find_first_not_of(' ', split + 1);
>>> +            if(value == std::string::npos)
>>> +                value = lines.length();
>>>               onHeader(lines.substr(0, split), lines.substr(value));
>>>               lines = std::string();
>>>           }
>>>
>> I don't understand what this changes.
>>
>>
>> -- 
>> Francois Cartegnie
>> VideoLAN - VLC Developer
>> _______________________________________________
>> vlc-devel mailing list
>> To unsubscribe or modify your subscription options:
>> https://mailman.videolan.org/listinfo/vlc-devel
> lf the line contains key but no value, lines.at() will index ouf of range, and then crash (since no catch).
>
> The solution:
> 1. lines.find_first_not_of() don't throw exception
> 2. check the value of 'value' to make sure substr don't throw exception
>

According to RFC2616:
    *rule
       The character "*" preceding an element indicates repetition. The
       full form is "<n>*<m>element" indicating at least <n> and at most
       <m> occurrences of element. Default values are 0 and infinity so
       that "*(element)" allows any number, including zero; "1*element"
       requires at least one; and "1*2element" allows one or two.

     [rule]
       Square brackets enclose optional elements; "[foo bar]" is
       equivalent to "*1(foo bar)".

        message-header = field-name ":" [ field-value ]
        field-name     = token
        field-value    = *( field-content | LWS )
        field-content  = <the OCTETs making up the field-value
                         and consisting of either *TEXT or combinations
                         of token, separators, and quoted-string>

So it seems empty field value is legal.