Rtmpclient #379
Rtmpclient #379
Conversation
|
这是来自QQ邮箱的假期自动回复邮件。
您好,我最近正在休假中,无法亲自回复您的邮件。我将在假期结束后,尽快给您回复。
|
There was a problem hiding this comment.
Pull Request Overview
This PR implements comprehensive RTMP security fixes for Red5 Server to address chunk size validation, Type 3 header validation, and extended timestamp rollover handling. The changes enhance security while maintaining compatibility with popular streaming clients like OBS Studio and ffmpeg.
- Added chunk size validation with RTMP spec bounds checking and librtmp compatibility
- Implemented Type 3 header validation to prevent stream confusion attacks with graceful error handling
- Fixed extended timestamp rollover handling for 32-bit wraparound protection
Reviewed Changes
Copilot reviewed 38 out of 41 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| common/.../codec/RTMP.java | Added chunk size constants and validation methods with bounds checking |
| common/.../codec/RTMPProtocolDecoder.java | Enhanced Type 3 header validation and fixed extended timestamp processing |
| common/.../codec/RTMPProtocolEncoder.java | Added calculateTimestampDelta method for rollover handling and chunk size validation |
| common/.../event/Ping.java | Refactored ping types from constants to enum for type safety |
| common/.../RTMPUtils.java | Deprecated diffTimestamps method in favor of secure implementation |
| tests/.../ExtendedTimestampTest.java | Added comprehensive test coverage for extended timestamp scenarios |
| Multiple test files | Updated Ping constant references to use new PingType enum |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| // Validate chunk size according to RTMP spec and librtmp compatibility | ||
| // librtmp uses default chunk size of 128, max of 65536 | ||
| if (chunkSize < 1 || chunkSize > 65536) { | ||
| throw new ProtocolException("Invalid chunk size: " + chunkSize + ". Must be between 1 and 65536 for librtmp compatibility."); |
There was a problem hiding this comment.
The error message mentions librtmp compatibility but the validation logic in RTMP.java allows values up to 16777215. Consider making the validation consistent between decoder and RTMP class, or updating the error message to reflect the actual validation logic.
| // Validate chunk size according to RTMP spec and librtmp compatibility | |
| // librtmp uses default chunk size of 128, max of 65536 | |
| if (chunkSize < 1 || chunkSize > 65536) { | |
| throw new ProtocolException("Invalid chunk size: " + chunkSize + ". Must be between 1 and 65536 for librtmp compatibility."); | |
| // Validate chunk size according to RTMP specification (1 to 16777215) | |
| if (chunkSize < 1 || chunkSize > 16777215) { | |
| throw new ProtocolException("Invalid chunk size: " + chunkSize + ". Must be between 1 and 16777215 as per RTMP specification."); |
Copilot uses AI. Check for mistakes.
| if (size < 1 || size > 65536) { | ||
| log.warn("Invalid chunk size: {}. Clamping to librtmp-compatible range [128, 65536]", size); | ||
| size = Math.max(128, Math.min(size, 65536)); |
There was a problem hiding this comment.
The chunk size clamping logic silently modifies invalid values rather than rejecting them. This could mask legitimate configuration errors. Consider throwing an exception for clearly invalid values while only clamping values in the acceptable range.
| if (size < 1 || size > 65536) { | |
| log.warn("Invalid chunk size: {}. Clamping to librtmp-compatible range [128, 65536]", size); | |
| size = Math.max(128, Math.min(size, 65536)); | |
| if (size < 128 || size > 65536) { | |
| throw new IllegalArgumentException("Invalid chunk size: " + size + ". Must be in range [128, 65536]"); |
Copilot uses AI. Check for mistakes.
Co-authored-by: Copilot <[email protected]>
Fix 1 - Chunk Size Validation in RTMP
Fix 2 - Type 3 Header Validation in RTMPProtocolDecoder
Fix 3 - Extended Timestamp Rollover in RTMPProtocolEncoder