webrtc_private: Check prefix of STUN/TURN server URL

author Sangchul Lee <sc11.lee@samsung.com>

Tue, 9 Aug 2022 02:22:57 +0000 (11:22 +0900)

committer Sangchul Lee <sc11.lee@samsung.com>

Tue, 9 Aug 2022 06:11:43 +0000 (15:11 +0900)
author Sangchul Lee <sc11.lee@samsung.com>
Tue, 9 Aug 2022 02:22:57 +0000 (11:22 +0900)
committer Sangchul Lee <sc11.lee@samsung.com>
Tue, 9 Aug 2022 06:11:43 +0000 (15:11 +0900)
diff --git a/include/webrtc.h b/include/webrtc.h

index e5f9695bea75076f46f821b7c80be159edd8dc69..3fab5b8c199b430790771a9e89cf6c71bc71d4e9 100644 (file)
--- a/include/webrtc.h
+++ b/include/webrtc.h
@@ -1313,7 +1313,7 @@ int webrtc_media_source_set_video_loopback(webrtc_h webrtc, unsigned int source_
   * @since_tizen 6.5
   * @remarks Regarding STUN, refer to the RFC7064(https://tools.ietf.org/html/rfc7064).
   * @param[in] webrtc       WebRTC handle
- * @param[in] stun_server  The STUN server URL
+ * @param[in] stun_server  The STUN server URL of the form stun://host:port
   * @return @c 0 on success,
   *         otherwise a negative error value
   * @retval #WEBRTC_ERROR_NONE    Successful
diff --git a/include/webrtc_private.h b/include/webrtc_private.h

index b094c9de0b57fee3e4d6d265e678a273661bee1a..cd2b07e530338178bfdb8e1306fc2907d86179b4 100644 (file)
--- a/include/webrtc_private.h
+++ b/include/webrtc_private.h
@@ -685,6 +685,7 @@ int _webrtcbin_set_session_description(webrtc_s *webrtc, const char *description
  int _webrtcbin_add_ice_candidate(webrtc_s *webrtc, const char *candidate);
  void _webrtcbin_on_data_channel_cb(GstElement *webrtcbin, GObject *data_channel, gpointer user_data);
  bool _webrtcbin_have_remote_offer(webrtc_s *webrtc);
+bool _stun_url_has_valid_prefix(const char *url);
  gchar *_check_and_encode_turn_url(const char *url);
  
  void _init_data_channels(webrtc_s *webrtc);
diff --git a/packaging/capi-media-webrtc.spec b/packaging/capi-media-webrtc.spec

index 05db26d1d04645077b3ea6ebdc64254a256c973e..2ae3851f9a6ceebf0c7cfffb974901413b8a159d 100644 (file)
--- a/packaging/capi-media-webrtc.spec
+++ b/packaging/capi-media-webrtc.spec
@@ -1,6 +1,6 @@
  Name:       capi-media-webrtc
  Summary:    A WebRTC library in Tizen Native API
-Version:    0.2.180
+Version:    0.2.181
  Release:    0
  Group:      Multimedia/API
  License:    Apache-2.0
diff --git a/src/webrtc.c b/src/webrtc.c

index 0f6924131d0b194d8680473cae644d481b6bf614..8bc82b1b34b5f2cda1adedae533f2cdc3b7b6396 100644 (file)
--- a/src/webrtc.c
+++ b/src/webrtc.c
@@ -859,6 +859,9 @@ int webrtc_set_stun_server(webrtc_h webrtc, const char *stun_server)
  
         RET_VAL_IF(_webrtc->state != WEBRTC_STATE_IDLE, WEBRTC_ERROR_INVALID_STATE, "the state should be IDLE");
  
+       if (!_stun_url_has_valid_prefix(stun_server))
+               return WEBRTC_ERROR_INVALID_PARAMETER;
+
         g_free(_webrtc->stun_server_url);
  
         /* FIXME: validate this url before setting */
@@ -905,7 +908,8 @@ int webrtc_add_turn_server(webrtc_h webrtc, const char *turn_server)
  
         RET_VAL_IF(_webrtc->state != WEBRTC_STATE_IDLE, WEBRTC_ERROR_INVALID_STATE, "the state should be IDLE");
  
-       turn_url = _check_and_encode_turn_url(turn_server);
+       if (!(turn_url = _check_and_encode_turn_url(turn_server)))
+               return WEBRTC_ERROR_INVALID_PARAMETER;
  
         g_signal_emit_by_name(G_OBJECT(_webrtc->gst.webrtcbin), "add-turn-server", turn_url, &ret);
         if (!ret) {
diff --git a/src/webrtc_private.c b/src/webrtc_private.c

index a161b830fde50816fba292f64b14a540896f62d2..7cb6a51d15e346e8cb37e060036d68c9fc50d9d0 100644 (file)
--- a/src/webrtc_private.c
+++ b/src/webrtc_private.c
@@ -140,12 +140,35 @@ void _generate_dot(GstElement *pipeline, const gchar *name)
         g_free(dot_name);
  }
  
+bool _stun_url_has_valid_prefix(const char *url)
+{
+       if (!g_str_has_prefix(url, "stun://")) {
+               LOG_ERROR("STUN url[%s] must start with 'stun://'", url);
+               return false;
+       }
+
+       return true;
+}
+
+static bool __turn_url_has_valid_prefix(const char *url)
+{
+       if (!g_str_has_prefix(url, "turn://") && !g_str_has_prefix(url, "turns://")) {
+               LOG_ERROR("TURN url[%s] must have 'turn(s)://'", url);
+               return false;
+       }
+
+       return true;
+}
+
  gchar *_check_and_encode_turn_url(const char *url)
  {
         g_auto(GStrv) str_arr = g_strsplit(url, "@", 2);
         g_auto(GStrv) str_arr2 = g_strsplit(str_arr[0], ":", 0);
         g_autofree gchar *password = NULL;
  
+       if (!__turn_url_has_valid_prefix(url))
+               return NULL;
+
         if (g_strv_length(str_arr2) > 3) { /* NOTE: assume id has ':' character */
                 password = g_uri_escape_string(str_arr2[3], NULL, FALSE);
                 return g_strdup_printf("%s:%s%s%s:%s@%s",
author	Sangchul Lee <sc11.lee@samsung.com>
	Tue, 9 Aug 2022 02:22:57 +0000 (11:22 +0900)
committer	Sangchul Lee <sc11.lee@samsung.com>
	Tue, 9 Aug 2022 06:11:43 +0000 (15:11 +0900)
include/webrtc.h		patch \| blob \| history
include/webrtc_private.h		patch \| blob \| history
packaging/capi-media-webrtc.spec		patch \| blob \| history
src/webrtc.c		patch \| blob \| history
src/webrtc_private.c		patch \| blob \| history