[FFmpeg-trac] #8687(avformat:new): HLS playlist with segment URL without path part causes SIGSEGV

FFmpeg trac at avcodec.org
Wed May 27 13:43:37 EEST 2020 

#8687: HLS playlist with segment URL without path part causes SIGSEGV
----------------------------------+--------------------------------------
             Reporter:  wader     |                     Type:  defect
               Status:  new       |                 Priority:  normal
            Component:  avformat  |                  Version:  git-master
             Keywords:  hls       |               Blocked By:
             Blocking:            |  Reproduced by developer:  0
Analyzed by developer:  0         |
----------------------------------+--------------------------------------
 Summary of the bug:

 HLS playlist with segment URL without path part causes SIGSEGV

 ffmpeg version: master at b5aee6086b717b83bce8f6be4324fabaddec6209
 (2020-05-27)

 How to reproduce:
 {{{
 /build # cat test.m3u8
 #EXTM3U
 #EXT-X-VERSION:3
 #EXT-X-TARGETDURATION:1
 #EXTINF:11.811,
 http://a
 /build # gdb --args ./ffprobe_g -i test.m3u8
 GNU gdb (GDB) 8.3.1
 Copyright (C) 2019 Free Software Foundation, Inc.
 License GPLv3+: GNU GPL version 3 or later
 <http://gnu.org/licenses/gpl.html>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.
 Type "show copying" and "show warranty" for details.
 This GDB was configured as "x86_64-alpine-linux-musl".
 Type "show configuration" for configuration details.
 For bug reporting instructions, please see:
 <http://www.gnu.org/software/gdb/bugs/>.
 Find the GDB manual and other documentation resources online at:
     <http://www.gnu.org/software/gdb/documentation/>.

 For help, type "help".
 Type "apropos word" to search for commands related to "word"...
 Reading symbols from ./ffprobe_g...
 (gdb) r
 Starting program: /build/ffprobe_g -i test.m3u8
 warning: Error disabling address space randomization: Operation not
 permitted
 ffprobe version N-97964-gb5aee6086b Copyright (c) 2007-2020 the FFmpeg
 developers
   built with gcc 9.2.0 (Alpine 9.2.0)
   configuration: --enable-debug --disable-optimizations
   libavutil      56. 49.100 / 56. 49.100
   libavcodec     58. 88.100 / 58. 88.100
   libavformat    58. 43.100 / 58. 43.100
   libavdevice    58.  9.103 / 58.  9.103
   libavfilter     7. 83.100 /  7. 83.100
   libswscale      5.  6.101 /  5.  6.101
   libswresample   3.  6.100 /  3.  6.100
 [hls @ 0x55b973e0c440] Skip ('#EXT-X-VERSION:3')

 Program received signal SIGSEGV, Segmentation fault.
 0x000055b972e475af in av_stristart (str=0x0, pfx=0x55b972f43388 "/",
 ptr=0x0) at src/libavutil/avstring.c:47
 47          while (*pfx && av_toupper((unsigned)*pfx) ==
 av_toupper((unsigned)*str)) {
 (gdb) l
 42          return !*pfx;
 43      }
 44
 45      int av_stristart(const char *str, const char *pfx, const char
 **ptr)
 46      {
 47          while (*pfx && av_toupper((unsigned)*pfx) ==
 av_toupper((unsigned)*str)) {
 48              pfx++;
 49              str++;
 50          }
 51          if (!*pfx && ptr)
 (gdb) bt
 #0  0x000055b972e475af in av_stristart (str=0x0, pfx=0x55b972f43388 "/",
 ptr=0x0) at src/libavutil/avstring.c:47
 #1  0x000055b971f17ab5 in trim_double_dot_url (buf=0x7ffc983db350
 "\354\003", rel=0x7ffc983da350 "http://a", size=4096) at
 src/libavformat/url.c:107
 #2  0x000055b971f17ddd in ff_make_absolute_url (buf=0x7ffc983db350
 "\354\003", size=4096, base=0x55b973e0cbc0 "/Users/wader/src/ffmpeg-
 master/test.m3u8",
     rel=0x7ffc983da350 "http://a") at src/libavformat/url.c:153
 #3  0x000055b971ddd4b4 in parse_playlist (c=0x55b973e0cf00,
 url=0x55b973e0cbc0 "/Users/wader/src/ffmpeg-master/test.m3u8",
 pls=0x55b9757c9a00,
     in=0x7f3400745380) at src/libavformat/hls.c:908
 #4  0x000055b971de0112 in hls_read_header (s=0x55b973e0c440) at
 src/libavformat/hls.c:1830
 #5  0x000055b971f19db8 in avformat_open_input (ps=0x7ffc983dc508,
 filename=0x7ffc983ddf02 "/Users/wader/src/ffmpeg-master/test.m3u8",
 fmt=0x0,
     options=0x55b973b02c08 <format_opts>) at src/libavformat/utils.c:627
 #6  0x000055b9719ed16f in open_input_file (ifile=0x7ffc983dc590,
 filename=0x7ffc983ddf02 "/Users/wader/src/ffmpeg-master/test.m3u8",
 print_filename=0x0)
     at src/fftools/ffprobe.c:2870
 #7  0x000055b9719ed789 in probe_file (wctx=0x55b9757c7040,
 filename=0x7ffc983ddf02 "/Users/wader/src/ffmpeg-master/test.m3u8",
 print_filename=0x0)
     at src/fftools/ffprobe.c:3003
 #8  0x000055b9719efbc1 in main (argc=3, argv=0x7ffc983dc658) at
 src/fftools/ffprobe.c:3722
 (gdb) p pfx
 $1 = 0x561bbf32c388 "/"
 (gdb) p str
 $2 = 0x0
 (gdb) f 1
 #1  0x0000561bbe300ab5 in trim_double_dot_url (buf=0x7ffedc617020
 "\354\003", rel=0x7ffedc616020 "http://a", size=4096) at
 src/libavformat/url.c:107
 107         if (!av_stristart(p, "/", NULL) && root != rel)
 (gdb) p p
 $3 = 0x0
 (gdb) f 2
 #2  0x0000561bbe300ddd in ff_make_absolute_url (buf=0x7ffedc617020
 "\354\003", size=4096, base=0x561bc01f5bc0 "/Users/wader/src/ffmpeg-
 master/test.m3u8",
     rel=0x7ffedc616020 "http://a") at src/libavformat/url.c:153
 153             trim_double_dot_url(buf, rel, size);
 (gdb) p buf
 $4 = 0x7ffedc617020 "\354\003"
 (gdb) p rel
 $5 = 0x7ffedc616020 "http://a"
 }}}

 If i add a slash to the segment URL i get valid error:

 {{{
 /build # cat test.m3u8
 #EXTM3U
 #EXT-X-VERSION:3
 #EXT-X-TARGETDURATION:1
 #EXTINF:11.811,
 http://a/
 /build # gdb --args ./ffprobe_g -i test.m3u8
 GNU gdb (GDB) 8.3.1
 Copyright (C) 2019 Free Software Foundation, Inc.
 License GPLv3+: GNU GPL version 3 or later
 <http://gnu.org/licenses/gpl.html>
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.
 Type "show copying" and "show warranty" for details.
 This GDB was configured as "x86_64-alpine-linux-musl".
 Type "show configuration" for configuration details.
 For bug reporting instructions, please see:
 <http://www.gnu.org/software/gdb/bugs/>.
 Find the GDB manual and other documentation resources online at:
     <http://www.gnu.org/software/gdb/documentation/>.

 For help, type "help".
 Type "apropos word" to search for commands related to "word"...
 Reading symbols from ./ffprobe_g...
 r
 (gdb) r
 Starting program: /build/ffprobe_g -i /Users/wader/src/ffmpeg-
 master/test.m3u8
 warning: Error disabling address space randomization: Operation not
 permitted
 ffprobe version N-97964-gb5aee6086b Copyright (c) 2007-2020 the FFmpeg
 developers
   built with gcc 9.2.0 (Alpine 9.2.0)
   configuration: --enable-debug --disable-optimizations
   libavutil      56. 49.100 / 56. 49.100
   libavcodec     58. 88.100 / 58. 88.100
   libavformat    58. 43.100 / 58. 43.100
   libavdevice    58.  9.103 / 58.  9.103
   libavfilter     7. 83.100 /  7. 83.100
   libswscale      5.  6.101 /  5.  6.101
   libswresample   3.  6.100 /  3.  6.100
 [hls @ 0x55dc945e2440] Skip ('#EXT-X-VERSION:3')
 [hls @ 0x55dc945e2440] Opening 'http://a/' for reading
 [http @ 0x7f60466d0cc0] Protocol 'http' not on whitelist
 'file,crypto,data'!
 [hls @ 0x55dc945e2440] Failed to open segment 0 of playlist 0
 [hls @ 0x55dc945e2440] Skip ('#EXT-X-VERSION:3')
     Last message repeated 80 times
 }}}

--
Ticket URL: <https://trac.ffmpeg.org/ticket/8687>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list