@@ -363,6 +363,17 @@ for testing. Do not use it unless you know what you're doing.
ffmpeg -cpucount 2
@end example
+@item -mask_url -i @var{url} (@emph{output})
+If the protocol address contains the user name and password, the ps -ef
+command exposes plaintext. The -mask_url parameter option is added to
+replace the protocol address in the command line with the asterisk (*).
+Because other users can run the ps -ef command to view sensitive
+information such as the user name and password in the protocol address,
+which is insecure.
+@example
+ffmpeg -mask_url -i rtsp://username:password-ip:port/stream/test
+@end example
+
@item -max_alloc @var{bytes}
Set the maximum size limit for allocating a block on the heap by ffmpeg's
family of malloc functions. Exercise @strong{extreme caution} when using
@@ -61,6 +61,69 @@ AVDictionary *format_opts, *codec_opts;
int hide_banner = 0;
+void mask_param(int argc, char **argv)
+{
+ int i, j;
+ for (i = 1; i < argc; i++) {
+ char *match = strstr(argv[i], "://");
+ if (match) {
+ int total = strlen(argv[i]);
+ for (j = 0; j < total; j++) {
+ argv[i][j] = '*';
+ }
+ }
+ }
+}
+
+char **copy_argv(int argc, char **argv)
+{
+ char **argv_copy;
+ argv_copy = av_mallocz(argc * sizeof(char *));
+ if (!argv_copy) {
+ av_log(NULL, AV_LOG_FATAL, "argv_copy malloc failed\n");
+ exit_program(1);
+ }
+
+ for (int i = 0; i < argc; i++) {
+ int length = strlen(argv[i]) + 1;
+ argv_copy[i] = av_mallocz(length * sizeof(char *));
+ if (!argv_copy[i]) {
+ av_log(NULL, AV_LOG_FATAL, "argv_copy[%d] malloc failed\n", i);
+ exit_program(1);
+ }
+ memcpy(argv_copy[i], argv[i], length);
+ }
+ return argv_copy;
+}
+
+char **handle_arg_param(int argc, int mask_flag, char **argv)
+{
+ char **argv_copy;
+ argv_copy = copy_argv(argc, argv);
+ if (mask_flag)
+ mask_param(argc, argv);
+ return argv_copy;
+}
+
+int get_mask_flag(int *argc, char ***argv)
+{
+ if (*argc > 1 && !strcmp((*argv)[1], "-mask_url")) {
+ (*argv)[1] = (*argv)[0];
+ (*argc)--;
+ (*argv)++;
+ return 1;
+ }
+
+ return 0;
+}
+
+void free_argv_copy(int argc, char **argv)
+{
+ for (int i = 0; i < argc; i++)
+ av_free(argv[i]);
+ av_free(argv);
+}
+
void uninit_opts(void)
{
av_dict_free(&swr_opts);
@@ -215,13 +278,13 @@ static void prepare_app_arguments(int *argc_ptr, char ***argv_ptr)
if (win32_argv_utf8) {
*argc_ptr = win32_argc;
*argv_ptr = win32_argv_utf8;
- return;
+ goto end;
}
win32_argc = 0;
argv_w = CommandLineToArgvW(GetCommandLineW(), &win32_argc);
if (win32_argc <= 0 || !argv_w)
- return;
+ goto end;
/* determine the UTF-8 buffer size (including NULL-termination symbols) */
for (i = 0; i < win32_argc; i++)
@@ -232,7 +295,7 @@ static void prepare_app_arguments(int *argc_ptr, char ***argv_ptr)
argstr_flat = (char *)win32_argv_utf8 + sizeof(char *) * (win32_argc + 1);
if (!win32_argv_utf8) {
LocalFree(argv_w);
- return;
+ goto end;
}
for (i = 0; i < win32_argc; i++) {
@@ -246,6 +309,12 @@ static void prepare_app_arguments(int *argc_ptr, char ***argv_ptr)
*argc_ptr = win32_argc;
*argv_ptr = win32_argv_utf8;
+end:
+ if (*argc_ptr > 1 && !strcmp((*argv_ptr)[1], "-mask_url")) {
+ (*argv_ptr)[1] = (*argv_ptr)[0];
+ (*argc_ptr)--;
+ (*argv_ptr)++;
+ }
}
#else
static inline void prepare_app_arguments(int *argc_ptr, char ***argv_ptr)
@@ -50,6 +50,31 @@ extern AVDictionary *format_opts, *codec_opts;
extern int hide_banner;
/**
+ * Using to mask sensitive info.
+ */
+void mask_param(int argc, char **argv);
+
+/**
+ * Using to copy ori argv.
+ */
+char **copy_argv(int argc, char **argv);
+
+/**
+ * Handle argv and argv_copy.
+ */
+char **handle_arg_param(int argc, int mask_flag, char **argv);
+
+/**
+ * Get mask flag.
+ */
+int get_mask_flag(int *argc, char ***argv);
+
+/**
+ * Free argv.
+ */
+void free_argv_copy(int argc, char **argv);
+
+/**
* Register a program-specific cleanup routine.
*/
void register_exit(void (*cb)(int ret));
@@ -3865,9 +3865,9 @@ static int64_t getmaxrss(void)
int main(int argc, char **argv)
{
- int ret;
+ int ret, mask_flag;
BenchmarkTimeStamps ti;
-
+ char **argv_copy;
init_dynload();
register_exit(ffmpeg_cleanup);
@@ -3877,15 +3877,16 @@ int main(int argc, char **argv)
av_log_set_flags(AV_LOG_SKIP_REPEATED);
parse_loglevel(argc, argv, options);
+ mask_flag = get_mask_flag(&argc, &argv);
#if CONFIG_AVDEVICE
avdevice_register_all();
#endif
avformat_network_init();
show_banner(argc, argv, options);
-
+ argv_copy = handle_arg_param(argc, mask_flag, argv);
/* parse options and open all input/output files */
- ret = ffmpeg_parse_options(argc, argv);
+ ret = ffmpeg_parse_options(argc, argv_copy);
if (ret < 0)
exit_program(1);
@@ -3920,5 +3921,6 @@ int main(int argc, char **argv)
exit_program(69);
exit_program(received_nb_signals ? 255 : main_return_code);
+ free_argv_copy(argc, argv_copy);
return main_return_code;
}
@@ -3663,10 +3663,12 @@ void show_help_default(const char *opt, const char *arg)
/* Called from the main */
int main(int argc, char **argv)
{
- int flags;
+ int flags, mask_flag;
+ char **argv_copy;
VideoState *is;
init_dynload();
+ mask_flag = get_mask_flag(&argc, &argv);
av_log_set_flags(AV_LOG_SKIP_REPEATED);
parse_loglevel(argc, argv, options);
@@ -3682,7 +3684,8 @@ int main(int argc, char **argv)
show_banner(argc, argv, options);
- parse_options(NULL, argc, argv, options, opt_input_file);
+ argv_copy = handle_arg_param(argc, mask_flag, argv);
+ parse_options(NULL, argc, argv_copy, options, opt_input_file);
if (!input_filename) {
show_usage();
@@ -3759,6 +3762,6 @@ int main(int argc, char **argv)
event_loop(is);
/* never returns */
-
+ free_argv_copy(argc, argv_copy);
return 0;
}
@@ -4035,9 +4035,10 @@ int main(int argc, char **argv)
WriterContext *wctx;
char *buf;
char *w_name = NULL, *w_args = NULL;
- int ret, input_ret, i;
-
+ int ret, input_ret, i, mask_flag;
+ char **argv_copy;
init_dynload();
+ mask_flag = get_mask_flag(&argc, &argv);
#if HAVE_THREADS
ret = pthread_mutex_init(&log_mutex, NULL);
@@ -4056,8 +4057,8 @@ int main(int argc, char **argv)
#endif
show_banner(argc, argv, options);
- parse_options(NULL, argc, argv, options, opt_input_file);
-
+ argv_copy = handle_arg_param(argc, mask_flag, argv);
+ parse_options(NULL, argc, argv_copy, options, opt_input_file);
if (do_show_log)
av_log_set_callback(log_callback);
@@ -4173,6 +4174,7 @@ end:
av_freep(&print_format);
av_freep(&read_intervals);
av_hash_freep(&hash);
+ free_argv_copy(argc, argv_copy);
uninit_opts();
for (i = 0; i < FF_ARRAY_ELEMS(sections); i++)
I have modified the issues again. Please review it again. Thank you. If the protocol address contains the user name and password, the ps -ef command exposes plaintext. The -mask_url parameter option is added to replace the protocol address in the command line with the asterisk (*). Because other users can run the ps -ef command to view sensitive information such as the user name and password in the protocol address, which is insecure. Signed-off-by: wujian_nanjing <wujian2@huawei.com> --- doc/fftools-common-opts.texi | 11 +++++++ fftools/cmdutils.c | 75 ++++++++++++++++++++++++++++++++++++++++++-- fftools/cmdutils.h | 25 +++++++++++++++ fftools/ffmpeg.c | 10 +++--- fftools/ffplay.c | 9 ++++-- fftools/ffprobe.c | 10 +++--- 6 files changed, 126 insertions(+), 14 deletions(-)