[FFmpeg-devel] [PATCH v3] avformat/url: check url root node when rel include double dot

Steven Liu lq at chinaffmpeg.org
Mon Apr 27 14:12:16 EEST 2020


fix ticket: 8625
and add testcase into url for double dot corner case

Signed-off-by: Steven Liu <liuqi05 at kuaishou.com>
---
 libavformat/tests/url.c |  3 +++
 libavformat/url.c       | 21 +++++++++++++++++++--
 tests/ref/fate/url      |  3 +++
 3 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/libavformat/tests/url.c b/libavformat/tests/url.c
index 5e484fd428..02d0d59aa8 100644
--- a/libavformat/tests/url.c
+++ b/libavformat/tests/url.c
@@ -56,6 +56,7 @@ int main(void)
     test("/foo/bar", "baz");
     test("/foo/bar", "../baz");
     test("/foo/bar", "/baz");
+    test("/foo/bar", "../../../baz");
     test("http://server/foo/", "baz");
     test("http://server/foo/bar", "baz");
     test("http://server/foo/", "../baz");
@@ -65,6 +66,8 @@ int main(void)
     test("http://server/foo/bar?param=value/with/slashes", "/baz");
     test("http://server/foo/bar?param&otherparam", "?someparam");
     test("http://server/foo/bar", "//other/url");
+    test("http://server/foo/bar", "../../../../../other/url");
+    test("http://server/foo/bar", "/../../../../../other/url");
 
     printf("\nTesting av_url_split:\n");
     test2("/foo/bar");
diff --git a/libavformat/url.c b/libavformat/url.c
index 596fb49cfc..0aa50ab9a7 100644
--- a/libavformat/url.c
+++ b/libavformat/url.c
@@ -81,6 +81,7 @@ void ff_make_absolute_url(char *buf, int size, const char *base,
                           const char *rel)
 {
     char *sep, *path_query;
+    char *root, *p;
     /* Absolute path, relative to the current server */
     if (base && strstr(base, "://") && rel[0] == '/') {
         if (base != buf)
@@ -120,16 +121,32 @@ void ff_make_absolute_url(char *buf, int size, const char *base,
         return;
     }
 
+    root = p = buf;
+    /* Get the path root of the url which start by "://" */
+    if (p && strstr(p, "://")) {
+        sep = strstr(p, "://");
+        if (sep) {
+            sep += 3;
+            root = strchr(sep, '/');
+        }
+    }
+
     /* Remove the file name from the base url */
     sep = strrchr(buf, '/');
+    if (sep <= root)
+        sep = root;
+
     if (sep)
         sep[1] = '\0';
     else
         buf[0] = '\0';
     while (av_strstart(rel, "../", NULL) && sep) {
         /* Remove the path delimiter at the end */
-        sep[0] = '\0';
-        sep = strrchr(buf, '/');
+        if (sep > root) {
+            sep[0] = '\0';
+            sep = strrchr(buf, '/');
+        }
+
         /* If the next directory name to pop off is "..", break here */
         if (!strcmp(sep ? &sep[1] : buf, "..")) {
             /* Readd the slash we just removed */
diff --git a/tests/ref/fate/url b/tests/ref/fate/url
index 980b2ce1f9..c8260a97be 100644
--- a/tests/ref/fate/url
+++ b/tests/ref/fate/url
@@ -3,6 +3,7 @@ Testing ff_make_absolute_url:
                                           /foo/bar baz                  => /foo/baz
                                           /foo/bar ../baz               => /baz
                                           /foo/bar /baz                 => /baz
+                                          /foo/bar ../../../baz         => /baz
                                 http://server/foo/ baz                  => http://server/foo/baz
                              http://server/foo/bar baz                  => http://server/foo/baz
                                 http://server/foo/ ../baz               => http://server/baz
@@ -12,6 +13,8 @@ Testing ff_make_absolute_url:
     http://server/foo/bar?param=value/with/slashes /baz                 => http://server/baz
             http://server/foo/bar?param&otherparam ?someparam           => http://server/foo/bar?someparam
                              http://server/foo/bar //other/url          => http://other/url
+                             http://server/foo/bar ../../../../../other/url => http://server/other/url
+                             http://server/foo/bar /../../../../../other/url => http://server/../../../../../other/url
 
 Testing av_url_split:
 /foo/bar                                                     =>                                                    -1 /foo/bar
-- 
2.25.0





More information about the ffmpeg-devel mailing list