RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-03-01 10:11:01 +00:00
Code Issues Projects Releases Wiki Activity

srtp: Don't require more input data than what actually is needed

Browse Source 
The theoretical minimum for a (not totally well formed) RTCP packet
is 8 bytes, so we shouldn't require 12 bytes as minimum input.

Also return AVERROR_INVALIDDATA instead of 0 if something that is
not a proper packet is given.

Signed-off-by: Martin Storsjö <martin@martin.st>
This commit is contained in:
Martin Storsjö 2013-01-18 12:35:31 +02:00
parent a2a991b2dd
commit b4bb1d493c
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libavformat/srtp.c
View File

@ -243,8 +243,8 @@ int ff_srtp_encrypt(struct SRTPContext *s, const uint8_t *in, int len,
int rtcp, hmac_size, padding; int rtcp, hmac_size, padding;
uint8_t *buf; uint8_t *buf;
if (len < 12) if (len < 8)
return 0; return AVERROR_INVALIDDATA;
rtcp = RTP_PT_IS_RTCP(in[1]); rtcp = RTP_PT_IS_RTCP(in[1]);
hmac_size = rtcp ? s->rtcp_hmac_size : s->rtp_hmac_size; hmac_size = rtcp ? s->rtcp_hmac_size : s->rtp_hmac_size;
@ -267,6 +267,10 @@ int ff_srtp_encrypt(struct SRTPContext *s, const uint8_t *in, int len,
} else { } else {
int ext, csrc; int ext, csrc;
int seq = AV_RB16(buf + 2); int seq = AV_RB16(buf + 2);
if (len < 12)
return AVERROR_INVALIDDATA;
ssrc = AV_RB32(buf + 8); ssrc = AV_RB32(buf + 8);
if (seq < s->seq_largest) if (seq < s->seq_largest)