From patchwork Thu Sep 3 17:29:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Jan_Ekstr=C3=B6m?= X-Patchwork-Id: 22079 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id 3050644AA6B for ; Thu, 3 Sep 2020 21:32:58 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1453468A9D5; Thu, 3 Sep 2020 21:32:58 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-ej1-f65.google.com (mail-ej1-f65.google.com [209.85.218.65]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 443DD688039 for ; Thu, 3 Sep 2020 21:32:52 +0300 (EEST) Received: by mail-ej1-f65.google.com with SMTP id lo4so5215846ejb.8 for ; Thu, 03 Sep 2020 11:32:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=BgXVyYkSt8SZZl55ZRsWCQN7WEocC771PTlPne90SqQ=; b=PT1YSmasnAuYKFw1R8C1qyRj1aJUcj3iYrkcUaLFKaYV+viuwZGYbBnkXkiJ2ssSeN p9/YWdsuMOExCnSfNjJcnrYOajdYMTQthhUyPHTR19TAjidJCqQrTEDFrAPLhrkvcON7 p6oMzU2F7vxdcFj9NDKPxi9IB1FCD8PieJEJt61bpoEgYd+7ZEo01ulSEWJQON/aZxkY 79up0xiK4sNSSzhiBl4VV48xfMG8vF0cpDYPG+EfRYFeJ1YwCqXvPs4xGlNru8DbJYjq 8Iu/FeyCOFsNAfpy2vBBGzqmkMYqa2te50K8M8dasGIWG8iDhUHE6F41shrPyR0iEKYX GVGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=BgXVyYkSt8SZZl55ZRsWCQN7WEocC771PTlPne90SqQ=; b=QrfEIuMxTUzKro412IboK1HhlpBU51iuiNU5blT3ah0WqQret81SSP/GokVuhDbkSQ /lxu4HxlRUBat7MdBFfoAXr4runUJ6G/AQo/EZAXxXwFF05gPijPKqXzXACXj13Q1Tyd UBKHw6BxjvM1Y3Uyy1cf2TDoA6Zyp5hrEoSLPEPxunL5E3GW7GTN2uR4kWyrvReNyGgH 0usG2NzMjZTa96SBeTYAd4+BlL3VoowEaQgO3LmbLf0aRYALMla9VQwv7LVx14zYfhFQ yTtc2M2V5+1MgcAERAK+BS1gk5eSbtc50oXitrC5v/aYDgE7vbGYs9jWsE6TQYd5b/FX akBQ== X-Gm-Message-State: AOAM531fqYbUb1Vbt7oSAjtJvY9rVS55iuIMq7tqzusAEK3PTGDMxyIQ Y2/VRHzUieN6c72YkEN4qJTBryD5t1A= X-Google-Smtp-Source: ABdhPJzwmhmf3IWnX3RMJVWHF+Tqf4aPQIOEBmr6A13EIgn0fNj+zBJOWNZb6zd8FkQ3od/6/lj/FA== X-Received: by 2002:a2e:2e04:: with SMTP id u4mr1780387lju.102.1599154143585; Thu, 03 Sep 2020 10:29:03 -0700 (PDT) Received: from localhost.localdomain (91-159-194-103.elisa-laajakaista.fi. [91.159.194.103]) by smtp.gmail.com with ESMTPSA id u14sm727707lji.83.2020.09.03.10.29.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Sep 2020 10:29:02 -0700 (PDT) From: =?utf-8?q?Jan_Ekstr=C3=B6m?= To: ffmpeg-devel@ffmpeg.org Date: Thu, 3 Sep 2020 20:29:01 +0300 Message-Id: <20200903172901.44199-1-jeebjp@gmail.com> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH] avformat/dashdec: only limit DASH manifest size according to AVBprint limits X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Currently the API is internally limited to unsigned integers, so if we limit the file size as well as the amount to read to UINT_MAX - 1, we do not require additional limiting to be performed on the values. This change is based on the fact that initially the 8*1024 value added in 96d70694aea64616c68db8be306c159c73fb3980 was only for the case where the file size was not known. It was not a maximum file size limit. In 29121188983932f79aef8501652630d322a9974c this was reworked to be a maximum manifest file size limit, while its commit message appears to only note that it added support for larger manifest file sizes. This should enable various unfortunately large MPEG-DASH manifests, such as Youtube's multi-megabyte live stream archives to load up as well as bring back the original intent of the logic. --- libavformat/dashdec.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/libavformat/dashdec.c b/libavformat/dashdec.c index c5a5ff607b..1e9985f32c 100644 --- a/libavformat/dashdec.c +++ b/libavformat/dashdec.c @@ -29,7 +29,7 @@ #include "dash.h" #define INITIAL_BUFFER_SIZE 32768 -#define MAX_MANIFEST_SIZE 50 * 1024 +#define MAX_BPRINT_READ_SIZE (UINT_MAX - 1) #define DEFAULT_MANIFEST_SIZE 8 * 1024 struct fragment { @@ -1256,14 +1256,16 @@ static int parse_manifest(AVFormatContext *s, const char *url, AVIOContext *in) } filesize = avio_size(in); - if (filesize > MAX_MANIFEST_SIZE) { + filesize = filesize > 0 ? filesize : DEFAULT_MANIFEST_SIZE; + + if (filesize > MAX_BPRINT_READ_SIZE) { av_log(s, AV_LOG_ERROR, "Manifest too large: %"PRId64"\n", filesize); return AVERROR_INVALIDDATA; } - av_bprint_init(&buf, (filesize > 0) ? filesize + 1 : DEFAULT_MANIFEST_SIZE, AV_BPRINT_SIZE_UNLIMITED); + av_bprint_init(&buf, filesize + 1, AV_BPRINT_SIZE_UNLIMITED); - if ((ret = avio_read_to_bprint(in, &buf, MAX_MANIFEST_SIZE)) < 0 || + if ((ret = avio_read_to_bprint(in, &buf, MAX_BPRINT_READ_SIZE)) < 0 || !avio_feof(in) || (filesize = buf.len) == 0) { av_log(s, AV_LOG_ERROR, "Unable to read to manifest '%s'\n", url);