projects / platform / upstream / gstreamer.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cfdb48b) | patch
rtcpbuffer: prevent overflow of 16bit header length.
authorPascal Buhler <pabuhler@cisco.com>
Wed, 12 Oct 2011 09:28:10 +0000 (11:28 +0200)
committerTim-Philipp Müller <tim.muller@collabora.co.uk>
Thu, 5 Jan 2012 11:12:25 +0000 (11:12 +0000)
commit0febae7443b165ceaa69641e95d7069f26719e59
treec9fb283b8bf1bea0156249fa45eabe1b7e97480etree | snapshot
parentcfdb48ba8f46128baeb8ce249bcf9013d5fe0b3ecommit | diff
rtcpbuffer: prevent overflow of 16bit header length.

RTCP header can be  (2^16 + 1) * 4 bytes long, so when validating a bogus
packet it was possible to get a 16bit overflow resulting in a length of 0.
This would put the gst_rtcp_buffer_validate_data function in a endless loop.

https://bugzilla.gnome.org/show_bug.cgi?id=667313
gst-libs/gst/rtp/gstrtcpbuffer.c diff | blob | history
Domain: Multimedia / Media Common;