[Live-devel] Bug / patch in parseRTSPRequestString

Sébastien Escudier sebastien-devel at celeos.eu
Thu Nov 13 01:01:45 PST 2008 


Hi

I had a segfault in parseRTSPRequestString. To see gdb details, please go te the
end of the mail.

I looked into the code, and here is some comments :

- The following line appears to be useless, as j is set to i+1 next line :
  while (j < reqStrSize && (reqStr[j] == ' ' || reqStr[j] == '\t')) ++j; // skip
over any additional white space
  for (j = i+1; (int)j < (int)(reqStrSize-8); ++j) {

- My bug was because here, and I think k1 was 0 in my case
// Also look for the URL 'pre-suffix' before this:
unsigned k3 = --k1;

So why not adding a check like :
unsigned k3=0;
if( k1 > 0)
 k3 = --k1;

Regards.


gdb told me this :

#0  0xb5bfdb02 in parseRTSPRequestString (
    reqStr=0x844c050 " rvr l ..-i\rDt:Wd 2Nv20 62:2 M\rSsin
5764e5d6\nCnetLnt:0\nah-oto:n-ach\rCe:26\n\n", reqStrSize=167,
    resultCmdName=0xb28f404c "/1.0 200OK\r\nSee:vc100gt\nae e,1 o
081:45GT\neso:a4d4ffdb\rotn-egh \rCceCnrl oce\nsq 8\r\r",
resultCmdNameMaxSize=100,
    resultURLPreSuffix=0xb28f3fe8 "cam2", resultURLPreSuffixMaxSize=100,
    resultURLSuffix=0xb28f3f84 "rvr l ..-i\rDt:Wd 2Nv20 62:2 M\rSsin
5764e5d6\nCnetLnt:0\nah-oto:n-ach\rCe:26\n\n", resultURLSuffixMaxSize=100,
    resultCSeq=0xb28f3f20 "&#65533;\f\036\b$\005", resultCSeqMaxSize=100)
    at RTSPCommon.cpp:100

(gdb) x/167c reqStr
0x844c050:	32 ' '	114 'r'	118 'v'	114 'r'	32 ' '	108 'l'	32 ' '	46 '.'
0x844c058:	46 '.'	45 '-'	105 'i'	13 '\r'	68 'D'	116 't'	58 ':'	87 'W'
0x844c060:	100 'd'	32 ' '	50 '2'	78 'N'	118 'v'	50 '2'	48 '0'	32 ' '
0x844c068:	54 '6'	50 '2'	58 ':'	50 '2'	32 ' '	77 'M'	13 '\r'	83 'S'
0x844c070:	115 's'	105 'i'	110 'n'	32 ' '	53 '5'	55 '7'	54 '6'	52 '4'
0x844c078:	101 'e'	53 '5'	100 'd'	54 '6'	10 '\n'	67 'C'	110 'n'	101 'e'
0x844c080:	116 't'	76 'L'	110 'n'	116 't'	58 ':'	48 '0'	10 '\n'	97 'a'
0x844c088:	104 'h'	45 '-'	111 'o'	116 't'	111 'o'	58 ':'	110 'n'	45 '-'
0x844c090:	97 'a'	99 'c'	104 'h'	13 '\r'	67 'C'	101 'e'	58 ':'	50 '2'
0x844c098:	54 '6'	10 '\n'	10 '\n'	0 '\0'	32 ' '	56 '8'	13 '\r'	13 '\r'
0x844c0a0:	10 '\n'	82 'R'	84 'T'	83 'S'	80 'P'	47 '/'	49 '1'	46 '.'
0x844c0a8:	48 '0'	32 ' '	50 '2'	48 '0'	48 '0'	79 'O'	75 'K'	13 '\r'
0x844c0b0:	10 '\n'	83 'S'	101 'e'	101 'e'	58 ':'	118 'v'	99 'c'	49 '1'
0x844c0b8:	48 '0'	48 '0'	103 'g'	116 't'	10 '\n'	97 'a'	101 'e'	32 ' '
0x844c0c0:	101 'e'	44 ','	49 '1'	32 ' '	111 'o'	32 ' '	48 '0'	56 '8'
0x844c0c8:	49 '1'	58 ':'	52 '4'	53 '5'	71 'G'	84 'T'	10 '\n'	101 'e'
0x844c0d0:	115 's'	111 'o'	58 ':'	97 'a'	52 '4'	100 'd'	52 '4'	102 'f'
0x844c0d8:	102 'f'	100 'd'	98 'b'	13 '\r'	111 'o'	116 't'	110 'n'	45 '-'
0x844c0e0:	101 'e'	103 'g'	104 'h'	32 ' '	13 '\r'	67 'C'	99 'c'	101 'e'
0x844c0e8:	67 'C'	110 'n'	114 'r'	108 'l'	32 ' '	111 'o'	99 'c'	101 'e'
0x844c0f0:	10 '\n'	115 's'	113 'q'	32 ' '	56 '8'	13 '\r'	13 '\r'

So reqStr had to be : " rvr l ..-i\rDt:Wd 2Nv20 62:2 M\rSsin
5764e5d6\nCnetLnt:0\nah-oto:n-ach\rCe:26\n\n\0 8\r\r\nRTSP/1.0
200OK\r\nSee:vc100gt\nae e,1 o 081:45GT\neso:a4d4ffdb\rotn-egh \rCceCnrl
oce\nsq 8\r\r"

More information about the live-devel mailing list