1
0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2024-12-04 14:46:30 -05:00

Fix: Fixed invalid post data sent by the yp code

This commit is contained in:
Philipp Schafft 2022-03-22 01:39:21 +00:00
parent 43bf1eb4ed
commit 220ccbe1e0
4 changed files with 100 additions and 61 deletions

View File

@ -1528,6 +1528,27 @@ int util_replace_string(char **dst, const char *src)
return 0;
}
bool util_replace_string_url_escape(char **dst, const char *src)
{
char *n;
if (!dst)
return false;
if (src) {
n = util_url_escape(src);
if (!n)
return false;
} else {
n = NULL;
}
free(*dst);
*dst = n;
return true;
}
int util_strtolower(char *str)
{
if (!str)

View File

@ -5,7 +5,7 @@
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* and others (see AUTHORS for details).
* Copyright 2012-2020 Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>
* Copyright 2012-2022 Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>
*
* This program is distributed under the GNU General Public License, version 2.
* A copy of this license is included with this source.
@ -16,6 +16,7 @@
/* for FILE* */
#include <stdio.h>
#include <stdbool.h>
#include "common/net/sock.h"
#include "icecasttypes.h"
@ -130,5 +131,6 @@ char *util_conv_string (const char *string, const char *in_charset, const char *
int get_line(FILE *file, char *buf, size_t siz);
int util_replace_string(char **dst, const char *src);
bool util_replace_string_url_escape(char **dst, const char *src); /* returns true on success */
int util_strtolower(char *str);
#endif /* __UTIL_H__ */

105
src/yp.c
View File

@ -8,7 +8,7 @@
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* and others (see AUTHORS for details).
* Copyright 2013-2018, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
* Copyright 2013-2022, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
*/
/* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */
@ -39,8 +39,22 @@
#define CATMODULE "yp"
struct yp_server
{
typedef enum {
YP_SERVER_NAME,
YP_SERVER_DESC,
YP_SERVER_GENRE,
YP_SERVER_URL,
YP_BITRATE,
YP_AUDIO_INFO,
YP_SERVER_TYPE,
YP_CURRENT_SONG,
YP_CLUSTER_PASSWORD,
YP_SUBTYPE,
YP_AUDIO_SAMPLERATE,
YP_AUDIO_CHANNELS
} yp_param_type_t;
struct yp_server {
char *url;
char *server_id;
unsigned url_timeout;
@ -54,10 +68,7 @@ struct yp_server
char curl_error[CURL_ERROR_SIZE];
};
typedef struct ypdata_tag
{
typedef struct ypdata_tag {
int remove;
int release;
int cmd_ok;
@ -75,8 +86,10 @@ typedef struct ypdata_tag
char *server_genre; /* do_yp_add: genre */
char *bitrate; /* do_yp_add: audio_bitrate || ice-bitrate */
char *server_desc; /* do_yp_add: server_description */
char *subtype; /* do_yp_add: subtype; do_yp_touch: subtype */
char *audio_info; /* do_yp_add: audio_info */
char *subtype; /* update_yp_info: subtype*/
char *audio_samplerate; /* update_yp_info: audio_samplerate */
char *audio_channels; /* update_yp_info: audio_channels */
/* ---[ END from stats ]--- */
struct yp_server *server;
@ -101,7 +114,8 @@ static volatile unsigned client_limit = 0;
static volatile char *server_version = NULL;
static void *yp_update_thread(void *arg);
static void add_yp_info(ypdata_t *yp, void *info, int type);
static void update_yp_info(ypdata_t *yp);
static void add_yp_info(ypdata_t *yp, void *info, yp_param_type_t type);
static int do_yp_remove(ypdata_t *yp, char *s, unsigned len);
static int do_yp_add(ypdata_t *yp, char *s, unsigned len);
static int do_yp_touch(ypdata_t *yp, char *s, unsigned len);
@ -396,20 +410,19 @@ static int do_yp_add (ypdata_t *yp, char *s, unsigned len)
add_yp_info(yp, value, YP_SERVER_DESC);
free(value);
value = stats_get_value(yp->mount, "subtype");
add_yp_info(yp, value, YP_SUBTYPE);
free(value);
value = stats_get_value(yp->mount, "audio_info");
add_yp_info(yp, value, YP_AUDIO_INFO);
free(value);
update_yp_info(yp);
ret = snprintf(s, len, "action=add&admin=%s&sn=%s&genre=%s&cpswd=%s&desc="
"%s&url=%s&listenurl=%s&type=%s&stype=%s&b=%s&%s\r\n",
"%s&url=%s&listenurl=%s&type=%s&stype=%s&b=%s&samplerate=%s&channels=%s&audioinfo=%s",
admin,
yp->server_name, yp->server_genre, yp->cluster_password,
yp->server_desc, yp->url, yp->listen_url,
yp->server_type, yp->subtype, yp->bitrate, yp->audio_info);
yp->server_type, yp->subtype, yp->bitrate,
yp->audio_samplerate, yp->audio_channels, yp->audio_info);
free(admin);
if (ret >= (signed)len)
@ -464,11 +477,7 @@ static int do_yp_touch (ypdata_t *yp, char *s, unsigned len)
}
free(val);
val = stats_get_value(yp->mount, "subtype");
if (val) {
add_yp_info(yp, val, YP_SUBTYPE);
free(val);
}
update_yp_info(yp);
ret = snprintf (s, len, "action=touch&sid=%s&st=%s"
"&listeners=%u&max_listeners=%u&stype=%s\r\n",
@ -571,6 +580,8 @@ static ypdata_t *create_yp_entry (struct yp_server *server, const char *mount)
yp->current_song = strdup("");
yp->audio_info = strdup("");
yp->subtype = strdup("");
yp->audio_samplerate = strdup("");
yp->audio_channels = strdup("");
yp->process = do_yp_add;
url = malloc (len);
@ -789,50 +800,68 @@ static void yp_destroy_ypdata(ypdata_t *ypdata)
}
}
static void add_yp_info(ypdata_t *yp, void *info, int type)
static void update_yp_info(ypdata_t *yp)
{
char *escaped;
char * val;
if ((val = stats_get_value(yp->mount, "subtype"))) {
add_yp_info(yp, val, YP_SUBTYPE);
free(val);
}
if ((val = stats_get_value(yp->mount, "audio_samplerate"))) {
add_yp_info(yp, val, YP_AUDIO_SAMPLERATE);
free(val);
}
if ((val = stats_get_value(yp->mount, "audio_channels"))) {
add_yp_info(yp, val, YP_AUDIO_CHANNELS);
free(val);
}
}
static void add_yp_info(ypdata_t *yp, void *info, yp_param_type_t type)
{
if (!info)
return;
escaped = util_url_escape(info);
if (escaped == NULL)
return;
switch (type) {
case YP_SERVER_NAME:
util_replace_string(&(yp->server_name), escaped);
util_replace_string_url_escape(&(yp->server_name), info);
break;
case YP_SERVER_DESC:
util_replace_string(&(yp->server_desc), escaped);
util_replace_string_url_escape(&(yp->server_desc), info);
break;
case YP_SERVER_GENRE:
util_replace_string(&(yp->server_genre), escaped);
util_replace_string_url_escape(&(yp->server_genre), info);
break;
case YP_SERVER_URL:
util_replace_string(&(yp->url), escaped);
util_replace_string_url_escape(&(yp->url), info);
break;
case YP_BITRATE:
util_replace_string(&(yp->bitrate), escaped);
util_replace_string_url_escape(&(yp->bitrate), info);
break;
case YP_AUDIO_INFO:
util_replace_string(&(yp->audio_info), escaped);
util_replace_string_url_escape(&(yp->audio_info), info);
break;
case YP_SERVER_TYPE:
util_replace_string(&(yp->server_type), escaped);
util_replace_string_url_escape(&(yp->server_type), info);
break;
case YP_CURRENT_SONG:
util_replace_string(&(yp->current_song), escaped);
util_replace_string_url_escape(&(yp->current_song), info);
break;
case YP_CLUSTER_PASSWORD:
util_replace_string(&(yp->cluster_password), escaped);
util_replace_string_url_escape(&(yp->cluster_password), info);
break;
case YP_SUBTYPE:
util_replace_string(&(yp->subtype), escaped);
util_replace_string_url_escape(&(yp->subtype), info);
break;
case YP_AUDIO_SAMPLERATE:
util_replace_string_url_escape(&(yp->audio_samplerate), info);
break;
case YP_AUDIO_CHANNELS:
util_replace_string_url_escape(&(yp->audio_channels), info);
break;
default:
free(escaped);
}
}

View File

@ -8,7 +8,7 @@
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* and others (see AUTHORS for details).
* Copyright 2014-2018, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
* Copyright 2014-2022, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
*/
/* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */
@ -17,19 +17,6 @@
#include "icecasttypes.h"
#define YP_SERVER_NAME 1
#define YP_SERVER_DESC 2
#define YP_SERVER_GENRE 3
#define YP_SERVER_URL 4
#define YP_BITRATE 5
#define YP_AUDIO_INFO 6
#define YP_SERVER_TYPE 7
#define YP_CURRENT_SONG 8
#define YP_CLUSTER_PASSWORD 9
#define YP_SUBTYPE 10
#define YP_ADD_ALL -1
#ifdef USE_YP
void yp_add (const char *mount);
void yp_remove (const char *mount);