[Live-devel] openRTSP crash when receiving stream via https

Gajdosik Johannes j.gajdosik at pke.at
Thu Dec 1 12:41:32 PST 2022 

Hello Ross,
I am sorry, it is not fixed yet.
Analysis: Here is the modified code in RTSPClient::connectionHandler1.
...
    // The connection succeeded.  If the connection came about from an
    attempt to set up RTSP-over-HTTP, finish this now: if
    (fHTTPTunnelingConnectionIsPending && !setupHTTPTunneling2()) break;

    // Note: Normally "fOutputTLS" == "fInputTLS" here, except when
    we're connecting // to the second (i.e., "POST") connection when
    doing RTSP-over-HTTP: if (fOutputTLS->isNeeded) {
      // We need to complete an additional TLS connection:
      int tlsConnectResult = fOutputTLS->connect(fOutputSocketNum);
...
Before fOutputTLS->connect(...) is called, it is already used in setupHTTPTunneling2() 6 lines above, stack frame #5 - > SIGSEGV


gdb ./openRTSP
GNU gdb (Gentoo 8.3.1 vanilla) 8.3.1
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./openRTSP...
(gdb) r -T 8881 rtsps://localhost:554/h265
Starting program: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP -T 8881 rtsps://localhost:554/h265
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Created new TCP socket 3 for connection
Connecting to 127.0.0.1, port 8881 on socket 3...
...TLS connection completed
...remote connection opened
Requesting RTSP-over-HTTP tunneling (on port 8881)

Sending request: GET /h265 HTTP/1.0
CSeq: 1
User-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)
Host: 127.0.0.1
x-sessioncookie: 8c0a3189e4803a3fc11cd48
Accept: application/x-rtsp-tunnelled
Pragma: no-cache
Cache-Control: no-cache


Received 143 new bytes of response data.
Received a complete GET response:
HTTP/1.0 200 OK
Date: Thu, Dec 01 2022 13:16:05 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/x-rtsp-tunnelled


Connecting to 127.0.0.1, port 8881 on socket 4...
Sending request: POST /h265 HTTP/1.0
CSeq: 1
User-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)
Host: 127.0.0.1
x-sessioncookie: 8c0a3189e4803a3fc11cd48
Content-Type: application/x-rtsp-tunnelled
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 32767
Expires: Sun, 9 Jan 1972 00:00:00 GMT



Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7f3380c in ssl_write_internal () from /usr/lib64/libssl.so.1.1
(gdb) bt
#0  0x00007ffff7f3380c in ssl_write_internal () from /usr/lib64/libssl.so.1.1
#1  0x00007ffff7f339a3 in SSL_write () from /usr/lib64/libssl.so.1.1
#2  0x000055555559cc13 in TLSState::write (this=0x55555562d958,
    data=0x55555566ae40 "POST /h265 HTTP/1.0\r\nCSeq: 1\r\nUser-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)\r\nHost: 127.0.0.1\r\nx-sessioncookie: 8c0a3189e4803a3fc11cd48\r"..., count=352) at TLSState.cpp:45
#3  0x0000555555589084 in RTSPClient::write (this=0x55555562d760,
    data=0x55555566ae40 "POST /h265 HTTP/1.0\r\nCSeq: 1\r\nUser-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)\r\nHost: 127.0.0.1\r\nx-sessioncookie: 8c0a3189e4803a3fc11cd48\r"..., count=352) at RTSPClient.cpp:2030
#4  0x000055555558330c in RTSPClient::sendRequest (this=0x55555562d760, request=0x555555658a40) at RTSPClient.cpp:581
#5  0x0000555555587480 in RTSPClient::setupHTTPTunneling2 (this=0x55555562d760) at RTSPClient.cpp:1615
#6  0x0000555555587683 in RTSPClient::connectionHandler1 (this=0x55555562d760) at RTSPClient.cpp:1647
#7  0x00005555555874cd in RTSPClient::connectionHandler (instance=0x55555562d760) at RTSPClient.cpp:1620
#8  0x00005555555e1ab4 in BasicTaskScheduler::SingleStep (this=0x55555562ceb0, maxDelayTime=0) at BasicTaskScheduler.cpp:171
#9  0x00005555555e41f8 in BasicTaskScheduler0::doEventLoop (this=0x55555562ceb0, watchVariable=0x0) at BasicTaskScheduler0.cpp:80
#10 0x000055555556e10c in main (argc=2, argv=0x7fffffffdfc8) at playCommon.cpp:654
(gdb) f 2
#2  0x000055555559cc13 in TLSState::write (this=0x55555562d958,
    data=0x55555566ae40 "POST /h265 HTTP/1.0\r\nCSeq: 1\r\nUser-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)\r\nHost: 127.0.0.1\r\nx-sessioncookie: 8c0a3189e4803a3fc11cd48\r"..., count=352) at TLSState.cpp:45
45        return SSL_write(fCon, data, count);
(gdb) p *this
$1 = {_vptr.TLSState = 0x55555560c620 <vtable for ClientTLSState+16>, isNeeded = 1 '\001', fHasBeenSetup = 0 '\000', fCtx = 0x0, fCon = 0x0}
(gdb) f 3
#3  0x0000555555589084 in RTSPClient::write (this=0x55555562d760,
    data=0x55555566ae40 "POST /h265 HTTP/1.0\r\nCSeq: 1\r\nUser-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)\r\nHost: 127.0.0.1\r\nx-sessioncookie: 8c0a3189e4803a3fc11cd48\r"..., count=352) at RTSPClient.cpp:2030
2030            return fOutputTLS->write(data, count);
(gdb) p *this
$2 = {<Medium> = {_vptr.Medium = 0x55555560dcb8 <vtable for RTSPClient+16>, fEnviron = @0x55555562d340,
    fMediumName = "liveMedia0", '\000' <repeats 19 times>, fNextTask = 0x0}, static responseBufferSize = 20000, desiredMaxIncomingPacketSize = 0,
  fVerbosityLevel = 1, fCSeq = 2, fCurrentAuthenticator = {_vptr.Authenticator = 0x55555560c6c0 <vtable for Authenticator+16>, fRealm = 0x0,
    fNonce = 0x0, fUsername = 0x55555562da90 "", fPassword = 0x55555562dab0 "", fPasswordIsMD5 = 0 '\000'}, fAllowBasicAuthentication = 1 '\001',
  fServerAddress = {ss_family = 2, __ss_padding = "\"\261\177\000\000\001", '\000' <repeats 111 times>, __ss_align = 0},
  fTunnelOverHTTPPortNum = 8881,
  fUserAgentHeaderStr = 0x5555556329c0 "User-Agent: /sdb3/JohannesGajdosikPKE/live.2022.11.30/testProgs/openRTSP (LIVE555 Streaming Media v2022.11.30)\r\n", fUserAgentHeaderStrLen = 112, fInputSocketNum = 3, fOutputSocketNum = 4, fBaseURL = 0x55555562dad0 "rtsps://localhost:554/h265",
  fTCPStreamIdCount = 0 '\000', fLastSessionId = 0x0, fSessionTimeoutParameter = 0,
  fResponseBuffer = 0x55555562db00 "HTTP/1.0 200 OK\r\nDate: Thu, Dec 01 2022 13:16:05 GMT\r\nCache-Control: no-cache\r\nPragma: no-cache\r\nContent-Type: application/x-rtsp-tunnelled\r\n\r\n", fResponseBytesAlreadySeen = 0, fResponseBufferBytesLeft = 20000, fRequestsAwaitingConnection = {
    _vptr.RequestQueue = 0x55555560c4d0 <vtable for RTSPClient::RequestQueue+16>, fHead = 0x0, fTail = 0x0}, fRequestsAwaitingHTTPTunneling = {
    _vptr.RequestQueue = 0x55555560c4d0 <vtable for RTSPClient::RequestQueue+16>, fHead = 0x0, fTail = 0x0}, fRequestsAwaitingResponse = {
    _vptr.RequestQueue = 0x55555560c4d0 <vtable for RTSPClient::RequestQueue+16>, fHead = 0x0, fTail = 0x0}, fRequireStr = 0x555555632930 "",
  fSessionCookie = "8c0a3189e4803a3fc11cd48\000b7b12679", fSessionCookieCounter = 1, fHTTPTunnelingConnectionIsPending = 0 '\000',
  fTLS = {<TLSState> = {_vptr.TLSState = 0x55555560c620 <vtable for ClientTLSState+16>, isNeeded = 1 '\001', fHasBeenSetup = 1 '\001',
      fCtx = 0x55555563a370, fCon = 0x555555659170}, fClient = @0x55555562d760}, fPOSTSocketTLS = {<TLSState> = {
      _vptr.TLSState = 0x55555560c620 <vtable for ClientTLSState+16>, isNeeded = 1 '\001', fHasBeenSetup = 0 '\000', fCtx = 0x0, fCon = 0x0},
    fClient = @0x55555562d760}, fInputTLS = 0x55555562d930, fOutputTLS = 0x55555562d958}
(gdb) p &fPOSTSocketTLS
$3 = (ClientTLSState *) 0x55555562d958






On Thu, 1 Dec 2022 07:01:52 +1300
Ross Finlayson <finlayson at live555.com> wrote:

> > On Dec 1, 2022, at 2:32 AM, Gajdosik Johannes <j.gajdosik at pke.at>
> > wrote:
> > 
> > Hello Ross,
> > 
> > Now I use the new version live.2022.11.29.tar.gz. And still get the
> > same SIGSEGV:  
> 
> OK, please try again with the next version: 2022.11.30.  I think I’ve
> fixed it for real this time.
> 
> 
> Ross Finlayson
> Live Networks, Inc.
> http://www.live555.com/
> 
> 
> _______________________________________________
> live-devel mailing list
> live-devel at lists.live555.com
> http://lists.live555.com/mailman/listinfo/live-devel

More information about the live-devel mailing list