package/gortsplib
1
0
Fork 0
mirror of https://github.com/aler9/gortsplib synced 2025-10-05 23:26:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix infinite loop when parsing specially-crafted headers (#521)

Browse Source
This commit is contained in:
Alessandro Ros
2024-02-21 23:36:35 +01:00
committed by GitHub
parent 4a8bcf3634
commit 55fa72f0c2
4 changed files with 18 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
pkg/headers/keyval.go
View File

@@ -49,19 +49,17 @@ func keyValParse(str string, separator byte) (map[string]string, error) {
var k string var k string
k, str = readKey(str, separator) k, str = readKey(str, separator)
if len(k) > 0 { if len(str) > 0 && str[0] == '=' {
if len(str) > 0 && str[0] == '=' { var v string
var v string var err error
var err error v, str, err = readValue(origstr, str[1:], separator)
v, str, err = readValue(origstr, str[1:], separator) if err != nil {
if err != nil { return nil, err
return nil, err
}
ret[k] = v
} else {
ret[k] = ""
} }
ret[k] = v
} else {
ret[k] = ""
} }
// skip separator // skip separator

21
pkg/headers/keyval_test.go
View File

@@ -85,21 +85,8 @@ func TestKeyValParse(t *testing.T) {
} }
} }
func TestKeyValParseErrors(t *testing.T) { func FuzzKeyValParse(f *testing.F) {
for _, ca := range []struct { f.Fuzz(func(t *testing.T, b string) {
name string keyValParse(b, ',') //nolint:errcheck
s string })
err string
}{
{
"apexes not closed",
`key1="v,1`,
"apexes not closed (key1=\"v,1)",
},
} {
t.Run(ca.name, func(t *testing.T) {
_, err := keyValParse(ca.s, ',')
require.EqualError(t, err, ca.err)
})
}
} }

2
pkg/headers/testdata/fuzz/FuzzKeyValParse/15422aae47040b82 vendored Normal file
View File

@@ -0,0 +1,2 @@
go test fuzz v1
string("=\"")

2
pkg/headers/testdata/fuzz/FuzzKeyValParse/32a837cd12bd2cfa vendored Normal file
View File

@@ -0,0 +1,2 @@
go test fuzz v1
string("=\x84")