[FFmpeg-devel] [PATCH] avformat/libssh: check the user provided a password before trying to use it
James Almer
jamrial at gmail.com
Sun Jun 11 20:47:47 EEST 2017
Fixes ticket #6413
Signed-off-by: James Almer <jamrial at gmail.com>
---
The public key authentication also tries to use the password variable. I
don't know if NULL is valid in that case or not.
Perhaps for that one it would be better to replace the current usage of
legacy API instead.
libavformat/libssh.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/libssh.c b/libavformat/libssh.c
index 49e92e7516..9e3d4da45e 100644
--- a/libavformat/libssh.c
+++ b/libavformat/libssh.c
@@ -103,7 +103,7 @@ static av_cold int libssh_authentication(LIBSSHContext *libssh, const char *user
}
}
- if (!authorized && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) {
+ if (!authorized && password && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) {
if (ssh_userauth_password(libssh->session, NULL, password) == SSH_AUTH_SUCCESS) {
av_log(libssh, AV_LOG_DEBUG, "Authentication successful with password.\n");
authorized = 1;
--
2.13.0
More information about the ffmpeg-devel
mailing list