[FFmpeg-devel] [PATCH] avformat/libssh: check the user provided a password before trying to use it
James Almer
jamrial at gmail.com
Sat Jun 17 00:30:45 EEST 2017
On 6/11/2017 2:47 PM, James Almer wrote:
> Fixes ticket #6413
>
> Signed-off-by: James Almer <jamrial at gmail.com>
> ---
> The public key authentication also tries to use the password variable. I
> don't know if NULL is valid in that case or not.
> Perhaps for that one it would be better to replace the current usage of
> legacy API instead.
Ping.
>
> libavformat/libssh.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavformat/libssh.c b/libavformat/libssh.c
> index 49e92e7516..9e3d4da45e 100644
> --- a/libavformat/libssh.c
> +++ b/libavformat/libssh.c
> @@ -103,7 +103,7 @@ static av_cold int libssh_authentication(LIBSSHContext *libssh, const char *user
> }
> }
>
> - if (!authorized && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) {
> + if (!authorized && password && (auth_methods & SSH_AUTH_METHOD_PASSWORD)) {
> if (ssh_userauth_password(libssh->session, NULL, password) == SSH_AUTH_SUCCESS) {
> av_log(libssh, AV_LOG_DEBUG, "Authentication successful with password.\n");
> authorized = 1;
>
More information about the ffmpeg-devel
mailing list