mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2024-11-27 20:21:24 +00:00
Code Issues 1 Projects Releases Wiki Activity

rtcpbuffer: prevent overflow of 16bit header length.

Browse source 
RTCP header can be  (2^16 + 1) * 4 bytes long, so when validating a bogus
packet it was possible to get a 16bit overflow resulting in a length of 0.
This would put the gst_rtcp_buffer_validate_data function in a endless loop.

https://bugzilla.gnome.org/show_bug.cgi?id=667313
This commit is contained in:
Pascal Buhler 2011-10-12 11:28:10 +02:00 committed by Tim-Philipp Müller
parent cfdb48ba8f
commit 0febae7443
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
gst-libs/gst/rtp/gstrtcpbuffer.c
View file

@ -111,7 +111,7 @@ gboolean
gst_rtcp_buffer_validate_data (guint8 * data, guint len) gst_rtcp_buffer_validate_data (guint8 * data, guint len)
{ {
guint16 header_mask; guint16 header_mask;
guint16 header_len; guint header_len;
guint8 version; guint8 version;
guint data_len; guint data_len;
gboolean padding; gboolean padding;