[FFmpeg-trac] #9567(avformat:new): libavformat doesn't correctly decrypt video with hls sample-aes encryption

FFmpeg trac at avcodec.org
Thu Dec 23 04:51:12 EET 2021


#9567: libavformat doesn't correctly decrypt video with hls sample-aes encryption
----------------------------------+--------------------------------------
             Reporter:  haruka    |                     Type:  defect
               Status:  new       |                 Priority:  normal
            Component:  avformat  |                  Version:  git-master
             Keywords:            |               Blocked By:
             Blocking:            |  Reproduced by developer:  0
Analyzed by developer:  0         |
----------------------------------+--------------------------------------
 Summary of the bug:
 The most obvious bug is in the function `decrypt_video_frame` in
 `libavformat/hls_sample_encryption.c`.

 If encrypted NALU length is greater than decrypted, it means there were
 scep bytes removed so we need to move back the following NALUs. However,
 the `memmove` currently moves nothing and after shrinking the packet at
 the end, the last few bytes will get truncated and the resulting video
 stream will not be correctly decoded.

 How to reproduce:
 Trying to play some SAMPLE-AES encrypted TS streams using ffplay should be
 the easiest way to test it.
 Apple has a test stream but it's walled behind Apple ID login (any Apple
 ID should be fine):

 https://developer.apple.com/services-
 account/download?path=/Developer_Tools/FairPlay_Streaming_Test_Streams/FairPlay_Streaming_Test_Content_v1.0.zip
-- 
Ticket URL: <https://trac.ffmpeg.org/ticket/9567>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker


More information about the FFmpeg-trac mailing list