Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix nil url deref when handling invalid requests #458

Merged
merged 3 commits into from
Nov 7, 2023

Conversation

database64128
Copy link
Contributor

@database64128 database64128 commented Nov 5, 2023

This fixes the following panic when handling certain invalid requests:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x50 pc=0x5601e7562614]
goroutine 206 [running]:
github.com/bluenviron/gortsplib/v4/pkg/url.(*URL).RTSPPathAndQuery(...)
        github.com/bluenviron/gortsplib/v4@v4.3.0/pkg/url/url.go:81
github.com/bluenviron/gortsplib/v4.(*ServerConn).handleRequestInner(0xc0001a8200, 0xc00064c7c0)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:221 +0x174
github.com/bluenviron/gortsplib/v4.(*ServerConn).handleRequestOuter(0xc0001a8200, 0xc00064c7c0)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:382 +0x67
github.com/bluenviron/gortsplib/v4.(*ServerConn).runInner(0xc0001a8200)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:191 +0x172
github.com/bluenviron/gortsplib/v4.(*ServerConn).run(0xc0001a8200)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:165 +0x348
created by github.com/bluenviron/gortsplib/v4.newServerConn in goroutine 7
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:109 +0x3d6

This fixes the following panic when handling certain invalid requests:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x50 pc=0x5601e7562614]
goroutine 206 [running]:
github.com/bluenviron/gortsplib/v4/pkg/url.(*URL).RTSPPathAndQuery(...)
        github.com/bluenviron/gortsplib/v4@v4.3.0/pkg/url/url.go:81
github.com/bluenviron/gortsplib/v4.(*ServerConn).handleRequestInner(0xc0001a8200, 0xc00064c7c0)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:221 +0x174
github.com/bluenviron/gortsplib/v4.(*ServerConn).handleRequestOuter(0xc0001a8200, 0xc00064c7c0)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:382 +0x67
github.com/bluenviron/gortsplib/v4.(*ServerConn).runInner(0xc0001a8200)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:191 +0x172
github.com/bluenviron/gortsplib/v4.(*ServerConn).run(0xc0001a8200)
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:165 +0x348
created by github.com/bluenviron/gortsplib/v4.newServerConn in goroutine 7
        github.com/bluenviron/gortsplib/v4@v4.3.0/server_conn.go:109 +0x3d6
Copy link

codecov bot commented Nov 5, 2023

Codecov Report

Merging #458 (e189695) into main (0933bf9) will decrease coverage by 0.03%.
The diff coverage is 0.00%.

❗ Current head e189695 differs from pull request most recent head 42797c7. Consider uploading reports for the commit 42797c7 to get more accurate results

@@            Coverage Diff             @@
##             main     #458      +/-   ##
==========================================
- Coverage   84.55%   84.52%   -0.03%     
==========================================
  Files         106      106              
  Lines       10921    10926       +5     
==========================================
+ Hits         9234     9235       +1     
- Misses       1291     1295       +4     
  Partials      396      396              
Files Coverage Δ
server_conn.go 89.58% <0.00%> (-1.36%) ⬇️

... and 3 files with indirect coverage changes

📣 Codecov offers a browser extension for seamless coverage viewing on GitHub. Try it in Chrome or Firefox today!

@aler9
Copy link
Member

aler9 commented Nov 7, 2023

Hello, thanks for reporting the issue, i moved the check a little above in order to cover all cases, and i added tests.

@aler9 aler9 merged commit b8838ca into bluenviron:main Nov 7, 2023
7 checks passed
@database64128 database64128 deleted the nil-url-fix branch January 24, 2024 17:08
@github-actions github-actions bot locked and limited conversation to collaborators Jul 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants