From: Sangchul Lee Date: Tue, 9 Aug 2022 02:22:57 +0000 (+0900) Subject: webrtc_private: Check prefix of STUN/TURN server URL X-Git-Tag: submit/tizen/20220812.094531~4 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F08%2F279408%2F1;p=platform%2Fcore%2Fapi%2Fwebrtc.git webrtc_private: Check prefix of STUN/TURN server URL Doxygen is also improved. [Version] 0.3.197 [Issue Type] Improvement Change-Id: Ia3d2b0991cdef41709cd2d5c19d8e0c82bf09a40 Signed-off-by: Sangchul Lee --- diff --git a/include/webrtc.h b/include/webrtc.h index 0cb403a3..3cc748c4 100644 --- a/include/webrtc.h +++ b/include/webrtc.h @@ -1869,7 +1869,7 @@ int webrtc_media_source_unset_video_loopback(webrtc_h webrtc, unsigned int sourc * @since_tizen 6.5 * @remarks Regarding STUN, refer to the RFC7064(https://tools.ietf.org/html/rfc7064). * @param[in] webrtc WebRTC handle - * @param[in] stun_server The STUN server URL + * @param[in] stun_server The STUN server URL of the form stun://host:port * @return @c 0 on success, * otherwise a negative error value * @retval #WEBRTC_ERROR_NONE Successful diff --git a/include/webrtc_private.h b/include/webrtc_private.h index 023851e2..4a9966bc 100644 --- a/include/webrtc_private.h +++ b/include/webrtc_private.h @@ -832,6 +832,7 @@ webrtc_gst_slot_s* _get_slot_by_id(GHashTable *slots, unsigned int id); int _add_no_target_ghostpad_to_slot(webrtc_gst_slot_s *slot, bool is_src, GstPad **new_pad); int _set_ghost_pad_target(GstPad *ghost_pad, GstElement *target_element, bool is_src); void _generate_dot(GstElement *pipeline, const gchar *name); +bool _stun_url_has_valid_prefix(const char *url); gchar *_check_and_encode_turn_url(const char *url); #ifdef __cplusplus diff --git a/packaging/capi-media-webrtc.spec b/packaging/capi-media-webrtc.spec index fd1b91e1..1360924f 100644 --- a/packaging/capi-media-webrtc.spec +++ b/packaging/capi-media-webrtc.spec @@ -1,6 +1,6 @@ Name: capi-media-webrtc Summary: A WebRTC library in Tizen Native API -Version: 0.3.196 +Version: 0.3.197 Release: 0 Group: Multimedia/API License: Apache-2.0 diff --git a/src/webrtc.c b/src/webrtc.c index 04bfd9da..061cabf2 100644 --- a/src/webrtc.c +++ b/src/webrtc.c @@ -954,6 +954,9 @@ int webrtc_set_stun_server(webrtc_h webrtc, const char *stun_server) RET_VAL_IF(_webrtc->state != WEBRTC_STATE_IDLE, WEBRTC_ERROR_INVALID_STATE, "the state should be IDLE"); + if (!_stun_url_has_valid_prefix(stun_server)) + return WEBRTC_ERROR_INVALID_PARAMETER; + g_free(_webrtc->stun_server_url); /* FIXME: validate this url before setting */ @@ -1000,7 +1003,8 @@ int webrtc_add_turn_server(webrtc_h webrtc, const char *turn_server) RET_VAL_IF(_webrtc->state != WEBRTC_STATE_IDLE, WEBRTC_ERROR_INVALID_STATE, "the state should be IDLE"); - turn_url = _check_and_encode_turn_url(turn_server); + if (!(turn_url = _check_and_encode_turn_url(turn_server))) + return WEBRTC_ERROR_INVALID_PARAMETER; g_signal_emit_by_name(G_OBJECT(_webrtc->gst.webrtcbin), "add-turn-server", turn_url, &ret); if (!ret) { diff --git a/src/webrtc_private.c b/src/webrtc_private.c index 13000e59..08f03776 100644 --- a/src/webrtc_private.c +++ b/src/webrtc_private.c @@ -141,12 +141,35 @@ void _generate_dot(GstElement *pipeline, const gchar *name) } //LCOV_EXCL_STOP +bool _stun_url_has_valid_prefix(const char *url) +{ + if (!g_str_has_prefix(url, "stun://")) { + LOG_ERROR("STUN url[%s] must start with 'stun://'", url); + return false; + } + + return true; +} + +static bool __turn_url_has_valid_prefix(const char *url) +{ + if (!g_str_has_prefix(url, "turn://") && !g_str_has_prefix(url, "turns://")) { + LOG_ERROR("TURN url[%s] must have 'turn(s)://'", url); + return false; + } + + return true; +} + gchar *_check_and_encode_turn_url(const char *url) { g_auto(GStrv) str_arr = g_strsplit(url, "@", 2); g_auto(GStrv) str_arr2 = g_strsplit(str_arr[0], ":", 0); g_autofree gchar *password = NULL; + if (!__turn_url_has_valid_prefix(url)) + return NULL; + if (g_strv_length(str_arr2) > 3) { /* NOTE: assume id has ':' character */ password = g_uri_escape_string(str_arr2[3], NULL, FALSE); return g_strdup_printf("%s:%s%s%s:%s@%s",