webrtc, rtmp2: Warn if the user or password aren't escaped

If the user/pass aren't escaped, the userinfo will be ambiguous and we
won't know where to split. We will accidentally get it right if the :
belongs in the password.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1481>

diff --git a/ext/webrtc/gstwebrtcice.c b/ext/webrtc/gstwebrtcice.c
index 9b2cc66..23a490b 100644 (file)
--- a/ext/webrtc/gstwebrtcice.c
+++ b/ext/webrtc/gstwebrtcice.c
@@ -291,6 +291,12 @@ _parse_userinfo (const gchar * userinfo, gchar ** user, gchar ** pass)
     return;
   }
 
+  /* Check that the first occurence is also the last occurence */
+  if (colon != g_strrstr (userinfo, ":"))
+    GST_WARNING ("userinfo %s contains more than one ':', will assume that the "
+        "first ':' delineates user:pass. You should escape the user and pass "
+        "before adding to the URI.", userinfo);
+
   *user = g_strndup (userinfo, colon - userinfo);
   *pass = g_strdup (&colon[1]);
 }

diff --git a/gst/rtmp2/gstrtmp2locationhandler.c b/gst/rtmp2/gstrtmp2locationhandler.c
index 7c79c79..d8e4367 100644 (file)
--- a/gst/rtmp2/gstrtmp2locationhandler.c
+++ b/gst/rtmp2/gstrtmp2locationhandler.c
@@ -221,6 +221,11 @@ uri_handler_set_uri (GstURIHandler * handler, const gchar * string,
       goto out;
     }
 
+    if (g_strrstr (split[1], ":") != NULL)
+      GST_WARNING_OBJECT (self, "userinfo %s contains more than one ':', will "
+          "assume that the first ':' delineates user:pass. You should escape "
+          "the user and pass before adding to the URI.", userinfo);
+
     g_object_set (self, "username", split[0], "password", split[1], NULL);
     g_strfreev (split);
   }