Properly handle bad characters in stream names

* Factor out path_utils.c:sanitize_stream_name() for path name and MQTT topics
* Factor out url_utils.c:simple_url_escape() for URLs
* Call url_decode() in http_request_extract_path_param()
* Remove duplicate calls to url_decode()
* Remove duplicate url_decode() prototype in web/web_server.h
* Use MAX_STREAM_NAME and MAX_PATH_LENGTH consistently instead of integer literals
* Remove inconsistent MAX_STREAM_NAME_LENGTH from storage_manager.c
* Add and use MAX_TOPIC_LENGTH in MQTT instead of integer literals

This is a general cleanup of string handling around paths and URLs in addition
to specifically handling input validation and encoding of stream names.

Author: dpw13

include/core/path_utils.h

@@ -0,0 +1,16 @@
+#ifndef LIGHTNVR_PATH_UTILS_H
+#define LIGHTNVR_PATH_UTILS_H
+
+#include <stddef.h>
+
+/**
+ * Sanitize a stream name for use as a path or object name.
+ * Replaces non-alphanumeric characters with underscores and lowercases.
+ *
+ * @param input The input string
+ * @param output The output buffer
+ * @param output_size The size of the output buffer
+ */
+void sanitize_stream_name(const char *input, char *output, size_t output_size);
+
+#endif /* LIGHTNVR_PATH_UTILS_H */

include/core/url_utils.h

@@ -73,4 +73,18 @@ int url_build_onvif_device_service_url(const char *url, int onvif_port,
  */
 int url_redact_for_logging(const char *url, char *out_url, size_t out_size);
 
+/**
+ * Format the URL for the API endpoint with query parameters (simple method)
+ *
+ * This is the method that works according to user feedback
+ * URL encode the stream_url to handle special characters
+ * TODO: it's unclear why we wouldn't use curl_easy_escape here
+ *
+ * @param input The input string
+ * @param output The output buffer
+ * @param output_size The size of the output buffer
+ */
+void simple_url_escape(const char *input, char *output, size_t output_size);
+
+
 #endif /* LIGHTNVR_URL_UTILS_H */

include/database/db_streams.h

@@ -110,11 +110,11 @@ int set_stream_retention_config(const char *stream_name, const stream_retention_
 /**
  * Get all stream names for retention policy processing
  *
- * @param names Array of stream name buffers (each should be at least 64 chars)
+ * @param names Array of stream name buffers (each should be MAX_STREAM_NAME chars)
  * @param max_count Maximum number of stream names to return
  * @return Number of streams found, or -1 on error
  */
-int get_all_stream_names(char names[][64], int max_count);
+int get_all_stream_names(char names[][MAX_STREAM_NAME], int max_count);
 
 /**
  * Get storage usage for a stream in bytes

include/video/packet_buffer.h

@@ -75,7 +75,7 @@ typedef struct {
     time_t newest_packet_time;  // Timestamp of newest packet in buffer
 
     // Disk-based buffer (if mode is DISK or HYBRID)
-    char disk_buffer_path[512]; // Path to disk buffer directory
+    char disk_buffer_path[MAX_PATH_LENGTH]; // Path to disk buffer directory
     FILE *disk_buffer_file;     // File handle for disk buffer
 
     // Thread safety

include/video/pre_detection_buffer.h

@@ -14,6 +14,8 @@
 #ifndef LIGHTNVR_PRE_DETECTION_BUFFER_H
 #define LIGHTNVR_PRE_DETECTION_BUFFER_H
 
+#include "core/config.h"
+
 #include <stdint.h>
 #include <stdbool.h>
 #include <time.h>
@@ -50,7 +52,7 @@ typedef enum {
  * Segment information for HLS-based strategies
  */
 typedef struct {
-    char path[512];                     // Path to segment file
+    char path[MAX_PATH_LENGTH];                     // Path to segment file
     time_t timestamp;                   // Creation timestamp
     float duration;                     // Estimated duration in seconds
     size_t size_bytes;                  // File size

include/web/request_response.h

@@ -73,7 +73,7 @@ typedef void (*request_handler_t)(const http_request_t *request, http_response_t
 const char* http_request_get_header(const http_request_t *req, const char *name);
 
 /**
- * @brief Get a query parameter value from the request
+ * @brief Get a URL-decoded query parameter value from the request
  * @param req HTTP request
  * @param name Parameter name
  * @param value Buffer to store the value
@@ -92,7 +92,7 @@ int http_request_get_query_param(const http_request_t *req, const char *name, ch
 int http_request_get_body_str(const http_request_t *req, char *buf, size_t buf_len);
 
 /**
- * @brief Extract a path parameter from the URI (e.g., /api/streams/:id)
+ * @brief Extract a URL-decoded path parameter from the URI (e.g., /api/streams/:id)
  * @param req HTTP request
  * @param prefix URL prefix to strip (e.g., "/api/streams/")
  * @param param_buf Buffer to store the extracted parameter

include/web/web_server.h

@@ -30,9 +30,6 @@ const char *get_request_header(const http_request_t *request, const char *name);
 int set_response_header(http_response_t *response, const char *name, const char *value);
 int get_web_server_stats(int *active_connections, double *requests_per_second, uint64_t *bytes_sent, uint64_t *bytes_received);
 
-// URL utilities
-int url_decode(const char *src, char *dst, size_t dst_size);
-
 // Helper functions
 void cleanup_request(http_request_t *request);
 void cleanup_response(http_response_t *response);

src/core/logger.c

@@ -15,6 +15,7 @@
 #include <libgen.h>
 #include <syslog.h>
 
+#include "core/config.h"
 #include "core/logger.h"
 #include "core/logger_json.h"
 
@@ -550,8 +551,8 @@ int log_rotate(size_t max_size, int max_files) {
     }
 
     // Rotate log files
-    char old_path[512];
-    char new_path[512];
+    char old_path[MAX_PATH_LENGTH];
+    char new_path[MAX_PATH_LENGTH];
 
     // Remove oldest log file if it exists
     snprintf(old_path, sizeof(old_path), "%s.%d", logger.log_filename, max_files);

src/core/logger_json.c

@@ -10,6 +10,7 @@
 #include <libgen.h>
 #include <time.h>
 
+#include "core/config.h"
 #include "core/logger.h"
 #include "core/logger_json.h"
 #include <cjson/cJSON.h>
@@ -444,8 +445,8 @@ int json_log_rotate(size_t max_size, int max_files) {
     }
 
     // Rotate log files
-    char old_path[512];
-    char new_path[512];
+    char old_path[MAX_PATH_LENGTH];
+    char new_path[MAX_PATH_LENGTH];
 
     // Remove oldest log file if it exists
     snprintf(old_path, sizeof(old_path), "%s.%d", json_logger.log_filename, max_files);

src/core/mqtt_client.c

@@ -13,10 +13,13 @@
 
 #include "core/mqtt_client.h"
 #include "core/logger.h"
+#include "core/path_utils.h"
 #include "core/version.h"
 #include "database/db_streams.h"
 #include "video/go2rtc/go2rtc_snapshot.h"
 
+#define MAX_TOPIC_LENGTH 512
+
 // MQTT client state
 static struct mosquitto *mosq = NULL;
 static const config_t *mqtt_config = NULL;
@@ -129,7 +132,7 @@ int mqtt_init(const config_t *config) {
 
     // Set up Last Will and Testament for HA availability tracking
     if (config->mqtt_ha_discovery) {
-        char lwt_topic[512];
+        char lwt_topic[MAX_TOPIC_LENGTH];
         snprintf(lwt_topic, sizeof(lwt_topic), "%s/availability", config->mqtt_topic_prefix);
         rc = mosquitto_will_set(mosq, lwt_topic, (int)strlen("offline"), "offline",
                                 config->mqtt_qos, true);
@@ -217,15 +220,15 @@ static void on_connect(struct mosquitto *m, void *userdata, int rc) {
 
         // Publish availability "online" for HA discovery
         if (mqtt_config && mqtt_config->mqtt_ha_discovery) {
-            char avail_topic[512];
+            char avail_topic[MAX_TOPIC_LENGTH];
             snprintf(avail_topic, sizeof(avail_topic), "%s/availability",
                      mqtt_config->mqtt_topic_prefix);
             mqtt_publish_raw(avail_topic, "online", true);
             log_info("MQTT: Published availability 'online' to %s", avail_topic);
 
             // Subscribe to HA birth topic so we can re-publish discovery
             // when Home Assistant restarts
-            char status_topic[512];
+            char status_topic[MAX_TOPIC_LENGTH];
             snprintf(status_topic, sizeof(status_topic), "%s/status",
                      mqtt_config->mqtt_ha_discovery_prefix);
             int sub_rc = mosquitto_subscribe(m, NULL, status_topic, 0);
@@ -290,7 +293,7 @@ static void on_message(struct mosquitto *m, void *userdata, const struct mosquit
 
     // Check if this is the HA birth message (status topic → "online")
     if (mqtt_config && mqtt_config->mqtt_ha_discovery) {
-        char status_topic[512];
+        char status_topic[MAX_TOPIC_LENGTH];
         snprintf(status_topic, sizeof(status_topic), "%s/status",
                  mqtt_config->mqtt_ha_discovery_prefix);
 
@@ -348,7 +351,7 @@ int mqtt_publish_detection(const char *stream_name, const detection_result_t *re
     }
 
     // Build topic: {prefix}/detections/{stream_name}
-    char topic[512];
+    char topic[MAX_TOPIC_LENGTH];
     snprintf(topic, sizeof(topic), "%s/detections/%s",
              mqtt_config->mqtt_topic_prefix, stream_name);
 
@@ -470,25 +473,6 @@ int mqtt_publish_binary(const char *topic, const void *data, size_t len, bool re
     return 0;
 }
 
-/**
- * Sanitize a stream name for use as a Home Assistant unique_id / object_id.
- * Replaces non-alphanumeric characters with underscores and lowercases.
- */
-static void sanitize_stream_name(const char *input, char *output, size_t output_size) {
-    size_t i = 0;
-    for (; i < output_size - 1 && input[i] != '\0'; i++) {
-        char c = input[i];
-        if ((c >= 'a' && c <= 'z') || (c >= '0' && c <= '9')) {
-            output[i] = c;
-        } else if (c >= 'A' && c <= 'Z') {
-            output[i] = (char)(c + ('a' - 'A'));
-        } else {
-            output[i] = '_';
-        }
-    }
-    output[i] = '\0';
-}
-
 /**
  * Build the common HA device JSON block for lightNVR.
  * Caller must free the returned cJSON object.
@@ -555,12 +539,12 @@ int mqtt_publish_ha_discovery(void) {
             continue;
         }
 
-        char safe_name[256];
+        char safe_name[MAX_STREAM_NAME];
         sanitize_stream_name(streams[i].name, safe_name, sizeof(safe_name));
 
         // --- 1. Camera entity (snapshot image via MQTT) ---
         {
-            char topic[512];
+            char topic[MAX_TOPIC_LENGTH];
             snprintf(topic, sizeof(topic), "%s/camera/lightnvr/%s/config", prefix, safe_name);
 
             cJSON *payload = cJSON_CreateObject();
@@ -570,11 +554,9 @@ int mqtt_publish_ha_discovery(void) {
             snprintf(unique_id, sizeof(unique_id), "lightnvr_%s_camera", safe_name);
             cJSON_AddStringToObject(payload, "unique_id", unique_id);
 
-            char name[256];
-            snprintf(name, sizeof(name), "%s", streams[i].name);
-            cJSON_AddStringToObject(payload, "name", name);
+            cJSON_AddStringToObject(payload, "name", streams[i].name);
 
-            char image_topic[512];
+            char image_topic[MAX_TOPIC_LENGTH];
             snprintf(image_topic, sizeof(image_topic), "%s/cameras/%s/snapshot",
                      topic_prefix, safe_name);
             cJSON_AddStringToObject(payload, "topic", image_topic);
@@ -584,7 +566,7 @@ int mqtt_publish_ha_discovery(void) {
 
             // Availability
             cJSON *avail = cJSON_CreateObject();
-            char avail_topic[512];
+            char avail_topic[MAX_TOPIC_LENGTH];
             snprintf(avail_topic, sizeof(avail_topic), "%s/availability", topic_prefix);
             cJSON_AddStringToObject(avail, "topic", avail_topic);
             cJSON_AddStringToObject(avail, "payload_available", "online");
@@ -616,7 +598,7 @@ int mqtt_publish_ha_discovery(void) {
 
         // --- 2. Binary sensor for motion detection ---
         {
-            char topic[512];
+            char topic[MAX_TOPIC_LENGTH];
             snprintf(topic, sizeof(topic), "%s/binary_sensor/lightnvr/%s_motion/config",
                      prefix, safe_name);
 
@@ -631,7 +613,7 @@ int mqtt_publish_ha_discovery(void) {
             snprintf(name, sizeof(name), "%s Motion", streams[i].name);
             cJSON_AddStringToObject(payload, "name", name);
 
-            char state_topic[512];
+            char state_topic[MAX_TOPIC_LENGTH];
             snprintf(state_topic, sizeof(state_topic), "%s/cameras/%s/motion",
                      topic_prefix, safe_name);
             cJSON_AddStringToObject(payload, "state_topic", state_topic);
@@ -641,7 +623,7 @@ int mqtt_publish_ha_discovery(void) {
 
             // Availability
             cJSON *avail = cJSON_CreateObject();
-            char avail_topic[512];
+            char avail_topic[MAX_TOPIC_LENGTH];
             snprintf(avail_topic, sizeof(avail_topic), "%s/availability", topic_prefix);
             cJSON_AddStringToObject(avail, "topic", avail_topic);
             cJSON_AddStringToObject(avail, "payload_available", "online");
@@ -673,7 +655,7 @@ int mqtt_publish_ha_discovery(void) {
 
         // --- 3. Sensor for detection count (generic) ---
         {
-            char topic[512];
+            char topic[MAX_TOPIC_LENGTH];
             snprintf(topic, sizeof(topic), "%s/sensor/lightnvr/%s_detection_count/config",
                      prefix, safe_name);
 
@@ -688,15 +670,15 @@ int mqtt_publish_ha_discovery(void) {
             snprintf(name, sizeof(name), "%s Detections", streams[i].name);
             cJSON_AddStringToObject(payload, "name", name);
 
-            char state_topic[512];
+            char state_topic[MAX_TOPIC_LENGTH];
             snprintf(state_topic, sizeof(state_topic), "%s/cameras/%s/detection_count",
                      topic_prefix, safe_name);
             cJSON_AddStringToObject(payload, "state_topic", state_topic);
             cJSON_AddStringToObject(payload, "icon", "mdi:motion-sensor");
 
             // Availability
             cJSON *avail = cJSON_CreateObject();
-            char avail_topic[512];
+            char avail_topic[MAX_TOPIC_LENGTH];
             snprintf(avail_topic, sizeof(avail_topic), "%s/availability", topic_prefix);
             cJSON_AddStringToObject(avail, "topic", avail_topic);
             cJSON_AddStringToObject(avail, "payload_available", "online");
@@ -728,7 +710,7 @@ int mqtt_publish_ha_discovery(void) {
 
         // --- Publish initial states so entities don't show "Unknown" ---
         {
-            char topic[512];
+            char topic[MAX_TOPIC_LENGTH];
 
             // Motion: initially OFF
             snprintf(topic, sizeof(topic), "%s/cameras/%s/motion",
@@ -832,7 +814,7 @@ void mqtt_set_motion_state(const char *stream_name, const detection_result_t *re
 
     // Publish motion ON
     if (should_publish_on) {
-        char topic[512];
+        char topic[MAX_TOPIC_LENGTH];
         snprintf(topic, sizeof(topic), "%s/cameras/%s/motion",
                  mqtt_config->mqtt_topic_prefix, safe_name);
         mqtt_publish_raw(topic, "ON", false);
@@ -841,7 +823,7 @@ void mqtt_set_motion_state(const char *stream_name, const detection_result_t *re
 
     // Publish detection count
     {
-        char topic[512];
+        char topic[MAX_TOPIC_LENGTH];
         snprintf(topic, sizeof(topic), "%s/cameras/%s/detection_count",
                  mqtt_config->mqtt_topic_prefix, safe_name);
         char count_str[16];
@@ -851,7 +833,7 @@ void mqtt_set_motion_state(const char *stream_name, const detection_result_t *re
 
     // Publish per-object-class counts
     for (int i = 0; i < num_labels; i++) {
-        char topic[512];
+        char topic[MAX_TOPIC_LENGTH];
         snprintf(topic, sizeof(topic), "%s/cameras/%s/%s",
                  mqtt_config->mqtt_topic_prefix, safe_name, labels_copy[i]);
         char count_str[16];
@@ -889,7 +871,7 @@ static void *ha_snapshot_thread_func(void *arg) {
             if (go2rtc_get_snapshot(streams[i].name, &jpeg_data, &jpeg_size)) {
                 char safe_name[256];
                 sanitize_stream_name(streams[i].name, safe_name, sizeof(safe_name));
-                char topic[512];
+                char topic[MAX_TOPIC_LENGTH];
                 snprintf(topic, sizeof(topic), "%s/cameras/%s/snapshot",
                          mqtt_config->mqtt_topic_prefix, safe_name);
                 mqtt_publish_binary(topic, jpeg_data, jpeg_size, false);
@@ -944,7 +926,7 @@ static void *ha_motion_thread_func(void *arg) {
                 pthread_mutex_unlock(&motion_mutex);
 
                 // Publish motion OFF
-                char topic[512];
+                char topic[MAX_TOPIC_LENGTH];
                 snprintf(topic, sizeof(topic), "%s/cameras/%s/motion",
                          mqtt_config->mqtt_topic_prefix, safe_name);
                 mqtt_publish_raw(topic, "OFF", false);