x/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-06-11 08:13:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

avformat/icecast: reject CR/LF in metadata header values

Browse Source 
Reported by Franciszek Kalinowski (isec.pl / striga.ai) and Bartosz Smigielski.
This commit is contained in:
Franciszek Kalinowski
2026-05-21 18:05:39 +00:00
committed by Marvin Scholz
co-authored by Marvin Scholz
parent 87439ed619
commit 99e1ecca36
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libavformat/icecast.c
+7 -1
View File
@@ -70,8 +70,14 @@ static const AVOption options[] = {
static void cat_header(AVBPrint *bp, const char key[], const char value[])
{
if (NOT_EMPTY(value))
if (NOT_EMPTY(value)) {
if (strpbrk(value, "\r\n")) {
av_log(NULL, AV_LOG_ERROR,
"Refusing to send '%s' header: value contains CR/LF\n", key);
return;
}
av_bprintf(bp, "%s: %s\r\n", key, value);
}
}
static int icecast_close(URLContext *h)