[FFmpeg-devel] RTSP Video Stream - Buffer Overflow!
Yiğit (Yeet) Uyan
yigituyan at google.com
Mon Aug 17 22:21:46 EEST 2020
Hi everyone,
RTSP/S links longer than 1024 characters are failing due to a buffer
overflow issue happening when parsing RTSP links (eg. ffplay <rtsp link>).
FFmpeg has a buffer definition in libavformat/Rtsp.h, where it defines the
control_uri as 1024 characters.
RTSP/S links follow a similar pattern to common web URIs, i.e.
<rtsps://my.camera.server:port/...>, and in many cases these links are
generated, routed and modified by common underlying web infrastructure. The
common conception for the web when parsing a URI is to expect up to 2000
characters.
https://stackoverflow.com/questions/417142/what-is-the-maximum-length-of-a-url-in-different-browsers
The link above is for browsers, but it is very similar in many other web
technologies as well.
Can somebody help with extending the rtsp/s link limit to match the web
urls (eg. 2048 characters)
Thanks in advance,
I have created and submitted the following patch to ffmpeg-devel at ffmpeg.org,
though it does not show up in patchwork. I am not sure what the following
steps are..
Signed-off-by: Yiğit (Yeet) Uyan <yigituyan at google.com>
---
libavformat/rtsp.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/rtsp.h b/libavformat/rtsp.h
index 54a9a30c16..2b37f5b49f 100644
--- a/libavformat/rtsp.h
+++ b/libavformat/rtsp.h
@@ -315,7 +315,7 @@ typedef struct RTSPState {
/** some MS RTSP streams contain a URL in the SDP that we need to use
* for all subsequent RTSP requests, rather than the input URI; in
* other cases, this is a copy of AVFormatContext->filename. */
- char control_uri[1024];
+ char control_uri[2048];
More information about the ffmpeg-devel
mailing list