This wasn't an issue prior to 58404738, when the whole RTMP packet
was copied at once and the length of the individual embedded flv
packets only were validated by the flv demuxer.
Prior to this patch, this could lead to reads and writes out of bound.
Signed-off-by: Martin Storsjö <martin@martin.st>
If the embedded flv packets were incomplete and we aborted the
copying loop early, make sure the flv buffer is trimmed to
only contain full packets.
Signed-off-by: Martin Storsjö <martin@martin.st>
update_offset is also called from handle_metadata, where the
packet header sizes is already included in the size.
Previously this lead to flv_data/flv_size including 15 uninitialized
bytes at the end after each call to handle_metadata, making the
flv demuxer lose sync with the stream.
Also remove leftover copying in handle_metadata. This is a leftover
from the refactoring in 5840473. (Previously this final mempcy was
the one that copied all the packets at once, while this is done
within the loop right now.) After making sure flv_size is set to
the right size, this write was out of bounds.
Signed-off-by: Martin Storsjö <martin@martin.st>
This was overlooked in d872fb0f7 since I assumed all the realloc
issues in the rtmp code was fixed already.
Signed-off-by: Martin Storsjö <martin@martin.st>
The current magic numbers passed are values in seconds, while the
parameter itself should be passed over the wire in milliseconds.
This makes (some/all?) live streams from Red5 work correctly, that
previously returned StreamNotFound even with "-rtmp_live live". After
this commit, the default 'any' also works on these streams.
Signed-off-by: Martin Storsjö <martin@martin.st>
On (certain streams/setups at least on) Red5, the description string
actually is present, but empty. Therefore, first try loading the
description, but if not found or empty, load the code string instead.
The code string is quite understandable in most cases anyway (like
"NetStream.Play.StreamNotFound").
Signed-off-by: Martin Storsjö <martin@martin.st>
When av_reallocp fails, the associated variables that keep track of
the number of elements in the array (and in some cases, the
separate number of allocated elements) need to be reset.
Not all of these might technically be needed, but it's better to
reset them if in doubt, to make sure variables don't end up
conflicting.
Signed-off-by: Martin Storsjö <martin@martin.st>
Use update_offset() as done for rtmp audio, video and notifications and
read update and write the fields instead of replacing them in the rtmp
packet and then memcpying it to the output buffer.
A given packet won't always come in contiguously; sometimes
they may be broken up on chunk boundaries by packets of another
channel.
This support primarily involves tracking information about the
data that's been read, so the reader can pick up where it left
off for a given channel.
As a side effect, we no longer over-report the bytes read if
(toread = MIN(size, chunk_size)) == size
Signed-off-by: Martin Storsjö <martin@martin.st>
This more closely corresponds to the usage of the field.
Its usage here is unrelated to the channel ID.
Signed-off-by: Martin Storsjö <martin@martin.st>
Channel 4 is typically used by the Flash player to transmit
audio, channel 6 for video, and various stream-specific invokes
get sent over channel 8, which is designated the source channel.
This more closely matches the behavior of the Flash player,
including the transmission of play requests over channel 8.
Signed-off-by: Martin Storsjö <martin@martin.st>
Sending non-monotonic packets (e.g. when the audio and video
streams are monotonic within themselves but not muxed
monotonically) will lead to negative values the RTMP timestamp
field (where timestamps are transmitted only as deltas for each
channel), and this delta can end up being incorrectly written as
a large unsigned number.
Signed-off-by: Martin Storsjö <martin@martin.st>
When streaming to limelight, the app name is either a full
"appname/subaccount" or "appname/_definst_". In the latter case,
the app name can be simplified into simply "appname", but the
authentication hashing assumes the /_definst_ still to be present.
Signed-off-by: Martin Storsjö <martin@martin.st>
do_adobe_auth takes the parameters in the order "opaque, challenge".
Due to the way they are treated, this didn't matter in the tested
setups though - if both are set, we only use one. In the tested
setups (Wowza and Akamai) either one of them were null or they
were both set to the same value, which is why this worked before.
Signed-off-by: Martin Storsjö <martin@martin.st>
Limelight is a not too uncommon CDN. The authentication scheme is
pretty similar to the adobe authentication, but is even closer to
normal http digest authentication (but not close enough to warrant
sharing code) than the adobe version.
Signed-off-by: Martin Storsjö <martin@martin.st>
This is mostly used to authenticate the client when publishing.
Tested with wowza and akamai.
Some but not all servers support resending a new connect invoke
within the same connection, so always reconnect for sending a new
connection attempt. This matches what other applications do as well.
The authentication scheme is structurally pretty similar to http
digest authentication, but uses base64 instead of hex strings.
Signed-off-by: Martin Storsjö <martin@martin.st>
In order to send or receive a stream FCPublish, FCSubscribe and _checkbw
are completely optional and often not implemented. releaseStream over a
non-existen stream might report an error instead of being silent.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Not all compilers support ssize_t (MSVC doesn't), and none of these
variables need to be larger than 32 bit.
Signed-off-by: Martin Storsjö <martin@martin.st>
Specifies how the server verifies client SWF files before allowing the
files to connect to an application. Verifying SWF files is a security
measure that prevents someone from creating their own SWF files that can
attempt to stream your resources.
Signed-off-by: Martin Storsjö <martin@martin.st>