From patchwork Sat Jul 25 02:45:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Liu Steven X-Patchwork-Id: 21253 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id BDEF844B891 for ; Sat, 25 Jul 2020 05:45:52 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 8D04E68B6A1; Sat, 25 Jul 2020 05:45:52 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from smtpbgsg2.qq.com (smtpbgsg2.qq.com [54.254.200.128]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D64E968B67C for ; Sat, 25 Jul 2020 05:45:45 +0300 (EEST) X-QQ-mid: bizesmtp27t1595645139tarhvp30 Received: from localhost (unknown [103.107.216.232]) by esmtp10.qq.com (ESMTP) with id ; Sat, 25 Jul 2020 10:45:38 +0800 (CST) X-QQ-SSF: 01100000002000Z0ZXF0B00A0000000 X-QQ-FEAT: Vi+pOBAqRtfZtPQfENBu9ybLiFhdLMxVgs6SpzCk5T6B7Iqnk+0WLLCj6b7ko EStTXFY1demoNXGmOz6LISN4pz/ddmhmvnnytU1A2OJSgC2D4bB7ppxYTDBOPrg80J63k0i sk8pvtTNjGkAAEXuviyH6knKaK8IQg8KpVxOsp334tiILKPt37krO1ie5mqH/nvtiGsLlbM eAYiR0Pwqr5dy6UJDS62nOg0vsKFndAWJgOzkOw3/B2QfZ4sTOHSTFhLKtkuto7M4ZyJW7u 1CwWoFtaIKfsHTM+yxjTlQLnEob6ymVOtjsugiZ7zETre8En/wLO6iJg0= X-QQ-GoodBg: 0 From: Steven Liu To: ffmpeg-devel@ffmpeg.org Date: Sat, 25 Jul 2020 10:45:36 +0800 Message-Id: <20200725024537.97453-1-lq@chinaffmpeg.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <6d19bd48-8415-6c83-021e-7462547125f0@gmail.com> References: <6d19bd48-8415-6c83-021e-7462547125f0@gmail.com> MIME-Version: 1.0 X-QQ-SENDSIZE: 520 Feedback-ID: bizesmtp:chinaffmpeg.org:qybgforeign:qybgforeign6 X-QQ-Bgrelay: 1 Subject: [FFmpeg-devel] [PATCH v2 1/2] avformat/url: check double dot is not to parent directory X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Steven Liu Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" fix ticket: 8814 if get ".." in the url, check next byte and lead byte by double dot, it there have no '/' and not root node, it is not used go to directory ".." Signed-off-by: Steven Liu --- libavformat/url.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/libavformat/url.c b/libavformat/url.c index 20463a6674..35f27fe3ca 100644 --- a/libavformat/url.c +++ b/libavformat/url.c @@ -97,6 +97,18 @@ static void trim_double_dot_url(char *buf, const char *rel, int size) /* set new current position if the root node is changed */ p = root; while (p && (node = strstr(p, ".."))) { + if (strlen(node) > 2 && node[2] != '/') { + node = strstr(node + 1, ".."); + if (!node) + break; + } + + if (p != node && p[node - p - 1] != '/') { + node = strstr(node + 1, ".."); + if (!node) + break; + } + av_strlcat(tmp_path, p, node - p + strlen(tmp_path)); p = node + 3; sep = strrchr(tmp_path, '/'); From patchwork Sat Jul 25 02:45:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Liu Steven X-Patchwork-Id: 21254 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id 99C8F44BAEE for ; Sat, 25 Jul 2020 05:46:06 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 821B268B71A; Sat, 25 Jul 2020 05:46:06 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from smtpbgau1.qq.com (smtpbgau1.qq.com [54.206.16.166]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 4A49F68B708 for ; Sat, 25 Jul 2020 05:45:59 +0300 (EEST) X-QQ-mid: bizesmtp10t1595645143txqfxz3s Received: from localhost (unknown [103.107.216.232]) by esmtp6.qq.com (ESMTP) with id ; Sat, 25 Jul 2020 10:45:42 +0800 (CST) X-QQ-SSF: 01100000002000Z0ZXF0B00A0000000 X-QQ-FEAT: P0hNoAIXT2gzhnL7ZqOZQVjebyaRWFPAbuzPg96BAPX1P9hOtSoCHLnOnbS9b /d8NIvPysdVDZbYdo9VqRp1frC2jRtbkl4Do+MP3ppISBLkGZXyCl3gmOuOT67r5JVrKp1O fzkBnmT2iOK2iiIG2oacR8APm7L0MGPHg9clgweD8aB13Y9VXVP/HCdkNizA6uYQ/E55Rhi /qJ9SLS1ZRzF2fpLZ+2pQ52kCXzMHuPLzq0KuAQn6zXG92oUKCmySSyDk8fcETkXrF6QeL3 Eq0AtOoaMtjYSGvf9iVkEA+f5CEC5B9dbaBv5q4z8r7cGlCcAnUOpfmk67bBtoJStNiw== X-QQ-GoodBg: 0 From: Steven Liu To: ffmpeg-devel@ffmpeg.org Date: Sat, 25 Jul 2020 10:45:37 +0800 Message-Id: <20200725024537.97453-2-lq@chinaffmpeg.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200725024537.97453-1-lq@chinaffmpeg.org> References: <6d19bd48-8415-6c83-021e-7462547125f0@gmail.com> <20200725024537.97453-1-lq@chinaffmpeg.org> MIME-Version: 1.0 X-QQ-SENDSIZE: 520 Feedback-ID: bizesmtp:chinaffmpeg.org:qybgforeign:qybgforeign5 X-QQ-Bgrelay: 1 Subject: [FFmpeg-devel] [PATCH v2 2/2] avformat/tests/url: add test cases of double dot is not goto directory X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Steven Liu Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Signed-off-by: Steven Liu --- libavformat/tests/url.c | 5 +++++ tests/ref/fate/url | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/libavformat/tests/url.c b/libavformat/tests/url.c index 1d961a1b43..0201217109 100644 --- a/libavformat/tests/url.c +++ b/libavformat/tests/url.c @@ -67,6 +67,11 @@ int main(void) test("http://server/foo/bar?param&otherparam", "?someparam"); test("http://server/foo/bar", "//other/url"); test("http://server/foo/bar", "../../../../../other/url"); + test("http://server/foo/bar", "../../../../../other/url/test..mp3"); + test("http://server/foo/bar", "../../../../../other/url/test.."); + test("http://server/foo/bar", "../../../../../other/url/..mp3"); + test("http://server/foo/bar", "../../../../../other/url/..test/mp3"); + test("http://server/foo/bar", "../../../../../other/url/test../mp3"); test("http://server/foo/bar", "/../../../../../other/url"); test("http://server/foo/bar", "/test/../../../../../other/url"); test("http://server/foo/bar", "/test/../../test/../../../other/url"); diff --git a/tests/ref/fate/url b/tests/ref/fate/url index 533ba2cb1e..6e12ee81bd 100644 --- a/tests/ref/fate/url +++ b/tests/ref/fate/url @@ -14,6 +14,11 @@ Testing ff_make_absolute_url: http://server/foo/bar?param&otherparam ?someparam => http://server/foo/bar?someparam http://server/foo/bar //other/url => http://other/url http://server/foo/bar ../../../../../other/url => http://server/other/url + http://server/foo/bar ../../../../../other/url/test..mp3 => http://server/other/url/test..mp3 + http://server/foo/bar ../../../../../other/url/test.. => http://server/other/url/test.. + http://server/foo/bar ../../../../../other/url/..mp3 => http://server/other/url/..mp3 + http://server/foo/bar ../../../../../other/url/..test/mp3 => http://server/other/url/..test/mp3 + http://server/foo/bar ../../../../../other/url/test../mp3 => http://server/other/url/test../mp3 http://server/foo/bar /../../../../../other/url => http://server/other/url http://server/foo/bar /test/../../../../../other/url => http://server/other/url http://server/foo/bar /test/../../test/../../../other/url => http://server/other/url