From patchwork Wed Apr 13 13:02:58 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhao Zhili X-Patchwork-Id: 35300 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:671c:b0:7c:62c8:b2d1 with SMTP id q28csp190083pzh; Wed, 13 Apr 2022 06:03:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxGRU8pyt4ayoHSXwiYdvtZdafPEnYHhinrBUbxM+zrnitHDn5vMkWI7f3dZwE2txRlIfOa X-Received: by 2002:a17:907:72c5:b0:6d6:e749:da41 with SMTP id du5-20020a17090772c500b006d6e749da41mr40442050ejc.591.1649855000348; Wed, 13 Apr 2022 06:03:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649855000; cv=none; d=google.com; s=arc-20160816; b=cIrACIEHieDm+1C9iHXxYiwKrzeAtANcnJvEy94/fDgW7mRaf32Lcld70woT/7TKN4 W7jQjFgM+3Jb2iJ5L29Mvqm+VPl7IrbzcUnaq/aJASJ653HMb+vKyjYyWRgNRFyoWHlu MNtTZ+BMesoaf/WsqVIZUoKNpfHNYqjfKV8wEVfBmdT+Y9nvjCVRmVkm1ARanRZqnxhc mMt1c8Smm8wHMsDBb44QWtCrc05KRfI7po0F70JdsAKJTQQkemd0dR2XBnKN5aEBfYE1 v4Kxod6AcGRKOoE7wusC4VyAEP2GBEyJKdBjyPe3b5CHioDih3ebsbooAPgkUf7/jRyL nIhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:references:in-reply-to:date :to:from:message-id:dkim-signature:delivered-to; bh=3bwRNB/EV1WKLOB1IWZQLUx9SVBYSEK2B9hIaOYWS6s=; b=f/AR3nMhcN8yEZSialtntga/Y889i9Q1WFjKAA48tQsKBkqAY7cWhYNA6PRsCqcECr nByed9nMbS/RPFcohyzciE5IHNyqiLRupWcGxhlXU2KYM8TSW5gq9rK82z3Iy7vUCJYg MIVffP4/dB2llSAc4a3gt0FHebjvFY9WvjlavPjYhvk82IQdX8Bt5m4v9RugrCJ/Qm6S zcBYL4cHH15fwYjH/b7E1Tpnj8qhLylm+1UPpA6mQtIi1gez5waR/Z7kWkNW9FnCz0+5 XY2OWsvG7Sct0QCkpuJmLni8pg62Kgk4GFAdpw0M9RbLRGZOxeuC80LWOCcOuZ3Dz+o6 S9Sw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@foxmail.com header.s=s201512 header.b=evCW5Tpl; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=foxmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id hr4-20020a1709073f8400b006dfc6f53845si14367520ejc.455.2022.04.13.06.03.17; Wed, 13 Apr 2022 06:03:20 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@foxmail.com header.s=s201512 header.b=evCW5Tpl; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=foxmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id E585D68B3DC; Wed, 13 Apr 2022 16:03:12 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from out162-62-57-64.mail.qq.com (out162-62-57-64.mail.qq.com [162.62.57.64]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 999C768B0BB for ; Wed, 13 Apr 2022 16:03:05 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foxmail.com; s=s201512; t=1649854981; bh=huyXIa6nwC2pIqCV7QQTrHWJ1WWzQAH78krub6sZ8AY=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=evCW5TplgAR25kD3WLQmJ13o3Aspajp/XJ5nQB2ulcjb3IbcF6P5akfa2RvR5Nb7P 5VfGhwfrGYd6v2X+ekODZaHJWq0Dp/1FdjYI79RUYnMdiFHUJrcR0NkkKRPbGm5uOe txLJDtH5LF4OQcagXAjgNnXPqlWNeqRS2kUg3RpI= Received: from ZHILIZHAO-MB2.tencent.com ([113.108.77.51]) by newxmesmtplogicsvrszc9.qq.com (NewEsmtp) with SMTP id C02AA03; Wed, 13 Apr 2022 21:03:00 +0800 X-QQ-mid: xmsmtpt1649854980thxsje6h3 Message-ID: X-QQ-XMAILINFO: NiAdzfE16ND40AG1a1fWNdnFhtrZ4DkthL/qGAaAlEYLsYsBYYzE2wcOLhfsLo 2eK5gRNqoASXWPeZ31TxF6PZ4kCUijULhdMBAYt7bR8tF6xPsjMpbdHOERqAhtTN1/RofzzmIRho aCy+FAZpvPrnYLsiZuQYRI1ZNTuKC0DG5ssuFu+2Vwi9mV+BmYxPZyCcdIOkx13ceBve5potkW1Z 5oUSMrV+rs9aAb9pW6+M32qaiLjETZoZhaL+NfwuRnQUC1o1aLIFeVQsQlGbBjw84OD8gx8W9LYh tzSYLno+Z5sFlSvgSEan+BqCaGkD5KheaMV/uMW5i2oleC2xDntY5n8z/jEfaicytwvY7Z6EXXwx jwK/gmf8Yj0AH8uwVOQ0AsJuVUokTu0IWtoYAfW9xy+e12w7ae+1VIu4/8+QczPSZ297k0zRMzwd PvUfRBlwY2SU+hlsCuBbBU4Oyd3OL/X+SbRSqI0ivNIlpFMe6n95KuAS7soAi0TM5Kdm3Qz97iQJ haLmwbanmbzdZ3PCOqg2CT3pyWKqyzWuuQ5UwdSp0gCTeOUMK1eUG7qewj4Q7JW/fpVGkp8bnioP kxLmUM9f3lsGm46w28fpoTJ3Zqf0Uo/GsgHeYAUD+NHitlEEv5lL7dwzRJLszOgTJt09BYWhVdeX KZrKP2kTTM5mb5DuvYcwn9JPNgd895Dnndv0jSiYNNLqMEZpvb3CYMMoKnu3XjqLuSTTklQrdYWN ATvehl0ZgbqkjgxsVk+aqQUVIldgxTELWzdIbuDcl6L6sfDhM+fLE9SaWiP1UTn3oiO0mfKLxXhy aQHShWLdphQebaClgu4l5GhdJvP1aRyeRlblW6Ywk5XKMpEFz79yiMiibWPPjN5ner4I4JvIT3Jc sqUFZK+kbX7GRZnVbI9BmOivAbowJFAVqgpHvLs3kXTl7WZy49fRYxnDMieNkT6w== From: Zhao Zhili To: ffmpeg-devel@ffmpeg.org Date: Wed, 13 Apr 2022 21:02:58 +0800 X-OQ-MSGID: <20220413130258.69659-1-quinkblack@foxmail.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <164985079952.21047.6948837515637292729@lain.red.khirnov.net> References: <164985079952.21047.6948837515637292729@lain.red.khirnov.net> MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH v2] avformat/hls: check IV size inside EXT-X-KEY X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Zhao Zhili Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: oP2kS7BUvi4w Before the patch, an implicit padding on the right is applied for incomplete IV in manifest. No padding is allowed for IV inside EXT-X-KEY. --- libavformat/hls.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/libavformat/hls.c b/libavformat/hls.c index 83ff4cc607..312294f0c7 100644 --- a/libavformat/hls.c +++ b/libavformat/hls.c @@ -810,7 +810,12 @@ static int parse_playlist(HLSContext *c, const char *url, if (!strcmp(info.method, "SAMPLE-AES")) key_type = KEY_SAMPLE_AES; if (!av_strncasecmp(info.iv, "0x", 2)) { - ff_hex_to_data(iv, info.iv + 2); + int n = ff_hex_to_data(iv, info.iv + 2); + if (n != 16) { + av_log(c->ctx, AV_LOG_ERROR, "Incomplete IV '%s'\n", info.iv); + ret = AVERROR_INVALIDDATA; + goto fail; + } has_iv = 1; } av_strlcpy(key, info.uri, sizeof(key));