rtspsrc: Fix SRTP + RTX, auth access, a leak, and an invalid memory access.

In parse_keymgmt(), don't mutate the input string that's been passed
as const, especially since we might need the original value again if
the same key info applies to multiple streams (RTX, for example).

When a resource is 404, and we have auth info - retry with the auth
info the same as if we had receive unauthorised, in case the resource
isn't even visible until credentials are supplied.

Fix a memory leak handling Mikey data.

When generating a random keystring, don't overrun the 30 byte
buffer by generating 32 bytes into it.
This commit is contained in:
Jan Schmidt 2015-09-03 20:56:55 +10:00
parent 50e9cc7f04
commit fe4ed1d1df

View file

@ -1858,7 +1858,6 @@ static gboolean
parse_keymgmt (const gchar * keymgmt, GstCaps * caps)
{
gboolean res = FALSE;
gchar *p, *kmpid;
gsize size;
guchar *data;
GstMIKEYMessage *msg;
@ -1866,17 +1865,28 @@ parse_keymgmt (const gchar * keymgmt, GstCaps * caps)
const gchar *srtp_cipher;
const gchar *srtp_auth;
p = (gchar *) keymgmt;
{
gchar *orig_value;
gchar *p, *kmpid;
p = orig_value = g_strdup (keymgmt);
SKIP_SPACES (p);
if (*p == '\0')
if (*p == '\0') {
g_free (orig_value);
return FALSE;
}
PARSE_STRING (p, " ", kmpid);
if (!g_str_equal (kmpid, "mikey"))
if (kmpid == NULL || !g_str_equal (kmpid, "mikey")) {
g_free (orig_value);
return FALSE;
}
data = g_base64_decode (p, &size);
g_free (orig_value); /* Don't need this any more */
}
if (data == NULL)
return FALSE;
@ -1984,6 +1994,7 @@ parse_keymgmt (const gchar * keymgmt, GstCaps * caps)
gst_buffer_new_wrapped (g_memdup (pkd->key_data, pkd->key_len),
pkd->key_len);
gst_caps_set_simple (caps, "srtp-key", GST_TYPE_BUFFER, buf, NULL);
gst_buffer_unref (buf);
}
gst_caps_set_simple (caps,
@ -5940,6 +5951,7 @@ gst_rtspsrc_send (GstRTSPSrc * src, GstRTSPConnection * conn,
switch (int_code) {
case GST_RTSP_STS_UNAUTHORIZED:
case GST_RTSP_STS_NOT_FOUND:
if (gst_rtspsrc_setup_auth (src, response)) {
/* Try the request/response again after configuring the auth info
* and loop again */
@ -6335,10 +6347,11 @@ default_srtcp_params (void)
GstBuffer *buf;
guint8 *key_data;
#define KEY_SIZE 30
guint data_size = GST_ROUND_UP_4 (KEY_SIZE);
/* create a random key */
key_data = g_malloc (KEY_SIZE);
for (i = 0; i < KEY_SIZE; i += 4)
key_data = g_malloc (data_size);
for (i = 0; i < data_size; i += 4)
GST_WRITE_UINT32_BE (key_data + i, g_random_int ());
buf = gst_buffer_new_wrapped (key_data, KEY_SIZE);