R3944Realms/srs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
SRS is a simple, high-efficiency, real-time media server supporting RTMP, WebRTC, HLS, HTTP-FLV, HTTP-TS, SRT, MPEG-DASH, and GB28181, with codec support for H.264, H.265, AV1, VP9, AAC, Opus, and G.711.
8,941 Commits 16 Branches 113 Tags 351 MiB
C++ 87.5%
Go 5.5%
JavaScript 3%
Shell 1.9%
HTML 1.9%
develop
Go to file
Winlin 0f980d49a6
RTMP: Fix chunk timestamp/basic-header decoding and harden packet unmarshal. v8.0.3 (#4680) 
Fixes three RTMP chunk-stream decoding bugs in the proxy and hardens AMF0 command-packet unmarshalling against malformed input, backed by a new protocol unit-test suite.

All changes are confined to the `internal/rtmp` package. No public API, log format, or emitted wire format changes — these are decode-correctness and robustness fixes only.

**3-byte chunk basic header decode (`readBasicHeader`) **

The 3-byte basic-header form (cid 64–65599) was selected by testing `cid == 1` *after* `cid` had already been overwritten with `64 + t`, so it was never detected. Capture the original marker before overwriting and test that instead.

**Extended-timestamp handling (`chunkStream`, `readMessageHeader`)**

- Use the extended timestamp as a delta for fmt=1/2 chunks (and a fmt=3 first chunk continuing them), required when the delta is ≥ `0xffffff`. Timestamp computation is unified into a single post-step: extended timestamp when present, otherwise the 3-byte header delta; fmt=0 absolute, fmt=1/2 accumulated.
- Detect Type-3 chunks that omit the extended timestamp. FMLE/FMS/Flash follow the RTMP 2012 spec and always send it on Type-3 chunks; librtmp/ffmpeg may not. Switched from an unconditional 4-byte read to `Peek` + conditional `Discard`: if the peeked value differs from the stored one on a non-first chunk, those 4 bytes are payload and are left in the reader.
- Split the single `extendedTimestamp` bool into `hasExtendedTimestamp` (bool) and `extendedTimestamp` (the last raw value, used for the detection above).

**Packet unmarshal hardening**
- Add an `advanceBytes(p, n)` helper that bounds-checks each `p = p[field.Size():]` advance, turning a slice-out-of-range panic into a clean error on truncated/untrusted input. Applied in `CallPacket`, `CreateStreamResPacket`, `PublishPacket`, and `PlayPacket`.
- Reset the optional `CommandObject` / `Args` to nil before probing for their presence, so a stale constructor default (e.g. Null) isn't counted by `Size()` and can't overflow a later advance.

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-29 07:17:32 -04:00
.claude Proxy: Refactor for testability; add SRT/WHIP E2E and unit tests. v7.0.148 (#4675) 2026-05-17 12:09:07 -04:00
.codex Proxy: Refactor for testability; add SRT/WHIP E2E and unit tests. v7.0.148 (#4675) 2026-05-17 12:09:07 -04:00
.github Enable default configure test. 2025-10-28 10:04:53 -04:00
.kiro Proxy: Refactor for testability; add SRT/WHIP E2E and unit tests. v7.0.148 (#4675) 2026-05-17 12:09:07 -04:00
.openclaw Proxy: Refactor for testability; add SRT/WHIP E2E and unit tests. v7.0.148 (#4675) 2026-05-17 12:09:07 -04:00
.run Heartbeat: Report ports for proxy server. v5.0.215 v6.0.156 v7.0.15 (#4171) 2024-09-09 10:37:41 +08:00
.vscode Proxy: restructure repo as Go project with proxy as first module (#4652) 2026-03-22 08:11:28 -04:00
cmake OpenClaw: add and refine ST knowledge-base and learning/review skills (#4643) 2026-03-05 09:57:08 -05:00
cmd/proxy Move build output to bin/, replace godotenv with custom .env parser, and update docs. v7.0.143 (#4661) 2026-04-12 14:26:33 -04:00
docs Proxy: Fix RTC/SRT reader leak, legacy WHEP unwrap, WHEP perf guide. v8.0.1 (#4676) 2026-05-17 21:13:21 -04:00
internal RTMP: Fix chunk timestamp/basic-header decoding and harden packet unmarshal. v8.0.3 (#4680) 2026-05-29 07:17:32 -04:00
memory Proxy: Fix RTC/SRT reader leak, legacy WHEP unwrap, WHEP perf guide. v8.0.1 (#4676) 2026-05-17 21:13:21 -04:00
skills RTMP: Fix chunk timestamp/basic-header decoding and harden packet unmarshal. v8.0.3 (#4680) 2026-05-29 07:17:32 -04:00
trunk RTMP: Fix chunk timestamp/basic-header decoding and harden packet unmarshal. v8.0.3 (#4680) 2026-05-29 07:17:32 -04:00
.clang-format AI: Add utest to cover process module 2025-10-15 07:52:46 -04:00
.codecov.yml AI: Improve converage for app rtc module. 2025-09-27 09:40:57 -04:00
.gitignore Proxy: Refactor for testability; add SRT/WHIP E2E and unit tests. v7.0.148 (#4675) 2026-05-17 12:09:07 -04:00
CONTRIBUTING.md Update CHANGELOG for #4309. v7.0.31 2025-04-26 06:58:00 -04:00
Dockerfile AI: Add utest to cover listener module. 2025-10-10 09:50:19 -04:00
go.mod Proxy: Harden internal/env tests and add counterfeiter fakes. v7.0.144 (#4665) 2026-04-18 20:33:07 -04:00
go.sum Proxy: Harden internal/env tests and add counterfeiter fakes. v7.0.144 (#4665) 2026-04-18 20:33:07 -04:00
LICENSE update copyright to 2025. v5.0.218 v6.0.159 v7.0.21 (#4271) 2025-01-14 17:35:18 +08:00
Makefile Proxy: Harden internal/env tests and add counterfeiter fakes. v7.0.144 (#4665) 2026-04-18 20:33:07 -04:00
README.md Code name: Free. v8.0.0 2026-05-17 12:34:04 -04:00
SECURITY.md Update SECURITY policy. 2023-01-30 14:20:37 +08:00

README.md

SRS(Simple Realtime Server)

SRS/8.0 (Free) is a simple, high-efficiency, and real-time video server, supporting RTMP/WebRTC/HLS/HTTP-FLV/SRT/MPEG-DASH/GB28181, Linux/macOS, X86_64/ARMv7/AARCH64/M1/RISCV/LOONGARCH/MIPS, with codec support for H.264, H.265, AV1, VP9, AAC, Opus, and G.711, and essential features.

SRS Overview

Note: For more details on the single-node architecture for SRS, please visit the following link.

SRS is licenced under MIT, and some third-party libraries are distributed under their licenses.

Usage

Please check the Getting Started guide in English or Chinese. We highly recommend using SRS with docker:

docker run --rm -it -p 1935:1935 -p 1985:1985 -p 8080:8080 \
    -p 8000:8000/udp -p 10080:10080/udp ossrs/srs:6

Tips: If you're in China, use this image registry.cn-hangzhou.aliyuncs.com/ossrs/srs:6 for faster speed.

Open http://localhost:8080/ to verify, and then stream using the following FFmpeg command:

ffmpeg -re -i ./doc/source.flv -c copy -f flv -y rtmp://localhost/live/livestream

Alternatively, stream by OBS using the following configuration:

  • Service: Custom
  • Server: rtmp://localhost/live
  • Stream Key: livestream

Play the following streams using media players:

If you'd like to use WebRTC, convert RTMP to WebRTC, or convert WebRTC to RTMP, please check out the wiki documentation in either English or Chinese.

To learn more about RTMP, HLS, HTTP-FLV, SRT, MPEG-DASH, WebRTC protocols, clustering, HTTP API, DVR, and transcoding, please check the documents in English or Chinese.

If you want to use an IDE, VSCode is recommended. VSCode supports macOS, and Linux platforms. The settings are ready. All you need to do is open the folder with VSCode and enjoy the efficiency brought by the IDE. See VSCode README for details.

Sponsor

Would you like additional assistance from us? By becoming a sponsor or backer of SRS, we can provide you with the support you need:

  • Backer: $5 per month, online text chat support through Discord.
  • Sponsor: $100 per month, online text chat plus online meeting support.

Please visit OpenCollective to become a backer or sponsor, and send us a direct message on Discord. We are currently providing support to the developers listed below:

At SRS, our goal is to create a free, open-source community that helps developers all over the world build high-quality streaming and RTC platforms for their businesses.

Contributing

The maintainers, and contributors are listed here. The maintainers who made significant contributions and maintained parts of SRS are listed below, ranked by the number of commits:

  • Winlin: Founder of the project, focusing on ST and Issues/PR. Responsible for architecture and maintenance.
  • XiaoZhihong: Concentrates on WebRTC/QUIC and SRT, with expertise in network QoS. Contributed to ARM on ST and was the original contributor for WebRTC.
  • ChenHaibo: Specializes in GB28181 and HTTP API, contributing to patches for FFmpeg with WHIP.
  • ZhangJunqin: Focused on H.265, Prometheus Exporter, and API module.
  • XiaLixin: Specializes in GB28181, with expertise in live streaming and WebRTC.
  • Jacob Su: Jacob Su has contributed to various modules of SRS.
  • ShiWei: Specializes in SRT and H.265, maintaining SRT and FLV patches for FFmpeg. An expert in codecs and FFmpeg.
  • ChenGuanghua: Focused on WebRTC/QoS and introduced the Asan toolchain to SRS.
  • LiPeng: Concentrates on WebRTC and contributes to memory management and smart pointers.
  • ZhaoWenjie: One of the earliest contributors, focusing on HDS. Has expertise in client technology.
  • WuPengqiang: Focused on H.265, initially contributed to the FFmpeg module in SRS for transcoding AAC with OPUS for WebRTC.

A huge THANK YOU goes out to:

We're really thankful to everyone in the community for helping us find bugs and improve the project. To stay in touch and keep helping our community, please check out this guide.

LICENSE

SRS is licenced under MIT, and some third-party libraries are distributed under their licenses.

Releases

Features

Please read FEATURES.

Changelog

Please read CHANGELOG.

Performance

Please read PERFORMANCE.

Architecture

Please read ARCHITECTURE.

Ports

Please read PORTS.

APIs

Please read APIS.

Mirrors

Please read MIRRORS.

Dockers

Please read DOCKERS.