From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id E063844752 for ; Mon, 26 Dec 2022 13:21:27 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 92E6368BA04; Mon, 26 Dec 2022 15:21:24 +0200 (EET) Received: from nef.ens.fr (nef2.ens.fr [129.199.96.40]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 74C9068B4E4 for ; Mon, 26 Dec 2022 15:21:18 +0200 (EET) X-ENS-nef-client: 129.199.129.80 ( name = phare.normalesup.org ) Received: from phare.normalesup.org (phare.normalesup.org [129.199.129.80]) by nef.ens.fr (8.14.4/1.01.28121999) with ESMTP id 2BQDLH6w013819 ; Mon, 26 Dec 2022 14:21:17 +0100 Received: by phare.normalesup.org (Postfix, from userid 1001) id 43E09EB5B7; Mon, 26 Dec 2022 14:21:17 +0100 (CET) Date: Mon, 26 Dec 2022 14:21:17 +0100 From: Nicolas George To: FFmpeg development discussions and patches Message-ID: References: MIME-Version: 1.0 In-Reply-To: X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (nef.ens.fr [129.199.96.32]); Mon, 26 Dec 2022 14:21:17 +0100 (CET) Subject: Re: [FFmpeg-devel] [PATCH] fftools/ffmpeg_ffplay_ffprobe_cmdutils: add -mask_url to replace the protocol address in the command with the asterisk (*) X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: "wangqinghua \(I\)" Content-Type: multipart/mixed; boundary="===============0746411575427105336==" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: --===============0746411575427105336== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="8XWXOYP8BIJZUZuw" Content-Disposition: inline --8XWXOYP8BIJZUZuw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Wujian(Chin) (12022-12-26): > The issue has been modified. Please review again, thank you! >=20 > Signed-off-by: wujian_nanjing > --- > doc/fftools-common-opts.texi | 11 +++++++ > fftools/cmdutils.c | 77 ++++++++++++++++++++++++++++++++++++++= ++++-- > fftools/cmdutils.h | 25 ++++++++++++++ > fftools/ffmpeg.c | 10 +++--- > fftools/ffplay.c | 9 ++++-- > fftools/ffprobe.c | 10 +++--- > 6 files changed, 128 insertions(+), 14 deletions(-) >=20 > diff --git a/doc/fftools-common-opts.texi b/doc/fftools-common-opts.texi > index d914570..724c028 100644 > --- a/doc/fftools-common-opts.texi > +++ b/doc/fftools-common-opts.texi > @@ -363,6 +363,17 @@ for testing. Do not use it unless you know what you'= re doing. > ffmpeg -cpucount 2 > @end example > =20 > +@item -mask_url -i @var{url} (@emph{output}) > +If the protocol address contains the user name and password, the ps -ef Start with what the option does. > +command exposes plaintext. You can add the -mask_url parameter option is > +added to replace the protocol address in the command line with the > +asterisk (*). Because other users can run the ps -ef command to view sen= sitive > +information such as the user name and password in the protocol address, > +which is insecure. > +@example > +ffmpeg -mask_url -i rtsp://username:password-ip:port/stream/test > +@end example > + > @item -max_alloc @var{bytes} > Set the maximum size limit for allocating a block on the heap by ffmpeg's > family of malloc functions. Exercise @strong{extreme caution} when using > diff --git a/fftools/cmdutils.c b/fftools/cmdutils.c > index a1de621..0f80910 100644 > --- a/fftools/cmdutils.c > +++ b/fftools/cmdutils.c > @@ -61,6 +61,74 @@ AVDictionary *format_opts, *codec_opts; > =20 > int hide_banner =3D 0; > =20 > +void mask_param(int argc, char **argv) > +{ > + int i, j; > + for (i =3D 1; i < argc; i++) { > + char *match =3D strstr(argv[i], "://"); Still leaving credentials in options visible. > + if (match) { > + int total =3D strlen(argv[i]); > + for (j =3D 0; j < total; j++) { > + argv[i][j] =3D '*'; > + } > + } > + } > +} > + > +char **copy_argv(int argc, char **argv) > +{ > + char **argv_copy; > + argv_copy =3D av_mallocz(argc * sizeof(char *)); > + if (!argv_copy) { > + av_log(NULL, AV_LOG_FATAL, "argv_copy malloc failed\n"); > + exit_program(1); > + } > + > + for (int i =3D 0; i < argc; i++) { > + int length =3D strlen(argv[i]) + 1; > + argv_copy[i] =3D av_mallocz(length * sizeof(*argv_copy)); > + if (!argv_copy[i]) { > + av_log(NULL, AV_LOG_FATAL, "argv_copy[%d] malloc failed\n", = i); > + exit_program(1); > + } > + memcpy(argv_copy[i], argv[i], length); > + } > + return argv_copy; > +} > + > +char **handle_arg_param(int argc, int mask_flag, char **argv) > +{ > + char **argv_copy; > + argv_copy =3D copy_argv(argc, argv); > + if (mask_flag) > + mask_param(argc, argv); > + return argv_copy; > +} > + > +int get_mask_flag(int *argc, char ***argv) > +{ > + for (int i =3D 1; i < *argc; i++) { > + if (strcmp((*argv)[i], "-mask_url")) { > + continue; > + } > + > + for (int j =3D i + 1; j < *argc; j++) { > + (*argv)[j - 1] =3D (*argv)[j]; > + } > + (*argc)--; > + return 1; > + } > + > + return 0; > +} Still unacceptable. > + > +void free_argv_copy(int argc, char **argv) > +{ > + for (int i =3D 0; i < argc; i++) > + av_free(argv[i]); > + av_free(argv); > +} > + > void uninit_opts(void) > { > av_dict_free(&swr_opts); > @@ -215,13 +283,16 @@ static void prepare_app_arguments(int *argc_ptr, ch= ar ***argv_ptr) > if (win32_argv_utf8) { > *argc_ptr =3D win32_argc; > *argv_ptr =3D win32_argv_utf8; > + get_mask_flag(argc_ptr, argv_ptr); > return; > } > =20 > win32_argc =3D 0; > argv_w =3D CommandLineToArgvW(GetCommandLineW(), &win32_argc); > - if (win32_argc <=3D 0 || !argv_w) > + if (win32_argc <=3D 0 || !argv_w) { > + get_mask_flag(argc_ptr, argv_ptr); > return; > + } > =20 > /* determine the UTF-8 buffer size (including NULL-termination symbo= ls) */ > for (i =3D 0; i < win32_argc; i++) > @@ -232,6 +303,7 @@ static void prepare_app_arguments(int *argc_ptr, char= ***argv_ptr) > argstr_flat =3D (char *)win32_argv_utf8 + sizeof(char *) * (win3= 2_argc + 1); > if (!win32_argv_utf8) { > LocalFree(argv_w); > + get_mask_flag(argc_ptr, argv_ptr); > return; > } > =20 > @@ -246,6 +318,7 @@ static void prepare_app_arguments(int *argc_ptr, char= ***argv_ptr) > =20 > *argc_ptr =3D win32_argc; > *argv_ptr =3D win32_argv_utf8; > + get_mask_flag(argc_ptr, argv_ptr); > } > #else > static inline void prepare_app_arguments(int *argc_ptr, char ***argv_ptr) > @@ -696,10 +769,8 @@ int split_commandline(OptionParseContext *octx, int = argc, char *argv[], > { > int optindex =3D 1; > int dashdash =3D -2; > - > /* perform system-dependent conversions for arguments list */ > prepare_app_arguments(&argc, &argv); > - > init_parse_context(octx, groups, nb_groups); > av_log(NULL, AV_LOG_DEBUG, "Splitting the commandline.\n"); > =20 > diff --git a/fftools/cmdutils.h b/fftools/cmdutils.h > index 4496221..08c4da7 100644 > --- a/fftools/cmdutils.h > +++ b/fftools/cmdutils.h > @@ -50,6 +50,31 @@ extern AVDictionary *format_opts, *codec_opts; > extern int hide_banner; > =20 > /** > + * Using to mask sensitive info. > + */ > +void mask_param(int argc, char **argv); > + > +/** > + * Using to copy ori argv. > + */ > +char **copy_argv(int argc, char **argv); > + > +/** > + * Handle argv and argv_copy. > + */ > +char **handle_arg_param(int argc, int mask_flag, char **argv); > + > +/** > + * Get mask flag. > + */ > +int get_mask_flag(int *argc, char ***argv); > + > +/** > + * Free argv. > + */ > +void free_argv_copy(int argc, char **argv); > + > +/** > * Register a program-specific cleanup routine. > */ > void register_exit(void (*cb)(int ret)); > diff --git a/fftools/ffmpeg.c b/fftools/ffmpeg.c > index 881d6f0..d16eb36 100644 > --- a/fftools/ffmpeg.c > +++ b/fftools/ffmpeg.c > @@ -3865,9 +3865,9 @@ static int64_t getmaxrss(void) > =20 > int main(int argc, char **argv) > { > - int ret; > + int ret, mask_flag; > BenchmarkTimeStamps ti; > - > + char **argv_copy; > init_dynload(); > =20 > register_exit(ffmpeg_cleanup); > @@ -3877,15 +3877,16 @@ int main(int argc, char **argv) > av_log_set_flags(AV_LOG_SKIP_REPEATED); > parse_loglevel(argc, argv, options); > =20 > + mask_flag =3D get_mask_flag(&argc, &argv); > #if CONFIG_AVDEVICE > avdevice_register_all(); > #endif > avformat_network_init(); > =20 > show_banner(argc, argv, options); > - > + argv_copy =3D handle_arg_param(argc, mask_flag, argv); > /* parse options and open all input/output files */ > - ret =3D ffmpeg_parse_options(argc, argv); > + ret =3D ffmpeg_parse_options(argc, argv_copy); > if (ret < 0) > exit_program(1); > =20 > @@ -3920,5 +3921,6 @@ int main(int argc, char **argv) > exit_program(69); > =20 > exit_program(received_nb_signals ? 255 : main_return_code); > + free_argv_copy(argc, argv_copy); > return main_return_code; > } > diff --git a/fftools/ffplay.c b/fftools/ffplay.c > index fc7e1c2..559e417 100644 > --- a/fftools/ffplay.c > +++ b/fftools/ffplay.c > @@ -3663,10 +3663,12 @@ void show_help_default(const char *opt, const cha= r *arg) > /* Called from the main */ > int main(int argc, char **argv) > { > - int flags; > + int flags, mask_flag; > + char **argv_copy; > VideoState *is; > =20 > init_dynload(); > + mask_flag =3D get_mask_flag(&argc, &argv); > =20 > av_log_set_flags(AV_LOG_SKIP_REPEATED); > parse_loglevel(argc, argv, options); > @@ -3682,7 +3684,8 @@ int main(int argc, char **argv) > =20 > show_banner(argc, argv, options); > =20 > - parse_options(NULL, argc, argv, options, opt_input_file); > + argv_copy =3D handle_arg_param(argc, mask_flag, argv); > + parse_options(NULL, argc, argv_copy, options, opt_input_file); > =20 > if (!input_filename) { > show_usage(); > @@ -3759,6 +3762,6 @@ int main(int argc, char **argv) > event_loop(is); > =20 > /* never returns */ > - > + free_argv_copy(argc, argv_copy); > return 0; > } > diff --git a/fftools/ffprobe.c b/fftools/ffprobe.c > index d2f126d..49375bd 100644 > --- a/fftools/ffprobe.c > +++ b/fftools/ffprobe.c > @@ -4035,9 +4035,10 @@ int main(int argc, char **argv) > WriterContext *wctx; > char *buf; > char *w_name =3D NULL, *w_args =3D NULL; > - int ret, input_ret, i; > - > + int ret, input_ret, i, mask_flag; > + char **argv_copy; > init_dynload(); > + mask_flag =3D get_mask_flag(&argc, &argv); > =20 > #if HAVE_THREADS > ret =3D pthread_mutex_init(&log_mutex, NULL); > @@ -4056,8 +4057,8 @@ int main(int argc, char **argv) > #endif > =20 > show_banner(argc, argv, options); > - parse_options(NULL, argc, argv, options, opt_input_file); > - > + argv_copy =3D handle_arg_param(argc, mask_flag, argv); > + parse_options(NULL, argc, argv_copy, options, opt_input_file); > if (do_show_log) > av_log_set_callback(log_callback); > =20 > @@ -4173,6 +4174,7 @@ end: > av_freep(&print_format); > av_freep(&read_intervals); > av_hash_freep(&hash); > + free_argv_copy(argc, argv_copy); > =20 > uninit_opts(); > for (i =3D 0; i < FF_ARRAY_ELEMS(sections); i++) --=20 Nicolas George --8XWXOYP8BIJZUZuw Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE6ooRQGBoNzw0KnwPcZVLI8pNxgwFAmOpn8sACgkQcZVLI8pN xgxfJA/6AhMz7/mzlMnjlJ7il4rKpeKh0OgOX9hC+HtDGrXx6dFJSDD3ct+9B9CA Nowqp1TkO/DFGrtdw+RnE0M3W+9wClk/GARArZHPmTisZepTXKREQDUN7vp3lZ+z SG9x7iFCgdomBZy3bWQrgnCtUwRtccPMZ0S+Ah1zZCdvHvDWYmgXEJNdmW5nO4hx fohs7vVlOXTAoZoiz3AIiWKtljHW7RAIS2K/PL9eWz1vIidkE7t0BpdEAHQnFflO F3x+gdD0KO/26m9iRjzdGhKhRNA74/nBIWAc/Uy3lPvOvryO8J4losgm6GerGE6w u8vg6MI6de2N20xe7doyZcY4VJ35TtAXMj0paDHkAPnmhN1EPhgBPxYmJh6nXkSd g3RnBsrIAx0zzev9Id9IhrAzHguBNLebMh+iYvGiS91Fr3Gs86AkwusbTdth9+Qc NWGdIfvc10geXFsU9dWDos9h5XRLW+L3PmZwiJM/ik4RcfXBH/pK+puWYiT7H1+M /CUVf/ATackIlZbCK7vU0GO6n03RC/OaG1StXf5t2TRY9aZpJKbKubQKQFPZ42rk jrOEZl+uOKt5Z/9O2eGSYKtQKyj/WBXP4ZL2I6/E8B6lIKnlmuGWiYSMAv7IGouy VMFbd86CQsciGQ6DYROP4giGZsyu/wvF9OP4OMW3Dc0aS17dfPo= =7fCo -----END PGP SIGNATURE----- --8XWXOYP8BIJZUZuw-- --===============0746411575427105336== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". --===============0746411575427105336==--