[FFmpeg-devel] [PATCH] Avoid sending packets to network when multicast ttl is 0 in udp
omid.ghaffarinia at gmail.com
Wed Jul 13 13:39:28 EEST 2016
I attached the patch.
The actual bug is, when creating a local multicast stream (i.e. giving
"rtp://220.127.116.11:10000?ttl=0" to avio_open), then you can see the
packets on the network and not just on local machine (despite setting
multicast ttl to 0) which was a security bug in my purpose of usage
(it also made a lot of unused traffic on network)
The user does not choose to enable/disable the kernel hack, that is
how it is designed.
This behavior does NOT happen in Windows machines, but the patch given
does no harm at all (it does nothing in Windows)
On Wed, Jul 13, 2016 at 3:12 AM, Moritz Barsnick <barsnick at gmx.net> wrote:
> On Tue, Jul 12, 2016 at 18:31:36 +0430, Omid Ghaffarinia wrote:
> Your mailer has broken the patch by inserting line breaks. You should
> try attaching the patch as a file, or directly using "git send-email".
>> Bug is due to kernel handling multicast ttl 0 differently (as noted in
>> kernel code net/ipv4/route.c:2191 see:
> ffmpeg is not a Linux-only tool/library, so comments should point out
> which "kernel" more precisely (and possibly which versions this applies
> to). Admitted, the link to github contains the string "linux". ;-)
> Furthermore: Please explain what the actual bug (i.e. misbehavior) is,
> and what this fix changes (or how it fixes it).
> Are you allowing ffmpeg to work when the user is making use of the
> kernel hack?
> What does this patch achieve on non-Linux operating systems?
> (Sorry for the stupid questions, all this isn't obvious to me, and I do
> have at least some understanding of network stuff.)
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2949 bytes
Desc: not available
More information about the ffmpeg-devel