mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-11-13 12:51:16 +00:00
Code Issues 1 Projects Releases Wiki Activity
GStreamer multimedia framework
1699 commits 44 branches 1509 tags 488 MiB
C 81%
C++ 10%
C# 4.7%
Python 1.6%
Meson 1%
Other 1.3%
Find a file
Sebastian Dröge 44ccca3086 rtsp-auth: Fix NULL pointer dereference when handling an invalid basic Authorization header 
When using the basic authentication scheme, we wouldn't validate that
the authorization field of the credentials is not NULL and pass it on
to g_hash_table_lookup(). g_str_hash() however is not NULL-safe and will
dereference the NULL pointer and crash.
A specially crafted (read: invalid) RTSP header can cause this to
happen.

As a solution, check for the authorization to be not NULL before
continuing processing it and if it is simply fail authentication.

This fixes CVE-2020-6095 and TALOS-2020-1018.

Discovered by Peter Wang of Cisco ASIG.
2020-03-23 16:06:43 +02:00
docs Remove autotools build 2019-10-13 13:52:37 +01:00
examples Add initialization for context and params (gchar *) 2020-02-07 17:55:09 +01:00
gst rtsp-auth: Fix NULL pointer dereference when handling an invalid basic Authorization header 2020-03-23 16:06:43 +02:00
pkgconfig Remove autotools build 2019-10-13 13:52:37 +01:00
tests rtsp-client: add property post-session-timeout 2020-01-15 11:47:27 +00:00
.gitignore Remove autotools build 2019-10-13 13:52:37 +01:00
.gitlab-ci.yml Add Gitlab CI configuration 2018-11-12 16:06:39 +02:00
AUTHORS Initial import 2008-10-09 13:29:12 +01:00
ChangeLog Release 1.16.0 2019-04-19 00:34:55 +01:00
COPYING Fix FSF address 2012-11-04 00:14:25 +00:00
COPYING.LIB Fix FSF address 2012-11-04 00:14:25 +00:00
gst-rtsp-server.doap Release 1.16.0 2019-04-19 00:34:55 +01:00
meson.build meson: build gir even when cross-compiling if introspection was enabled explicitly 2019-10-18 08:30:59 +00:00
meson_options.txt docs: Port to hotdoc 2019-05-13 11:38:39 -04:00
NEWS Release 1.16.0 2019-04-19 00:34:55 +01:00
README Fix typo in README 2015-03-15 12:27:39 +00:00
RELEASE Back to development 2019-04-19 11:00:07 +01:00
REQUIREMENTS Initial import 2008-10-09 13:29:12 +01:00
TODO rtsp: cleanups 2012-11-15 17:11:16 +01:00

README 

gst-rtsp-server is a library on top of GStreamer for building an RTSP server

There are some examples in the examples/ directory and more comprehensive
documentation in docs/README.