[Bug 667313] rtcpbuffer: prevent overflow of 16bit header length.
GStreamer (bugzilla.gnome.org)
bugzilla at gnome.org
Thu Jan 5 03:16:02 PST 2012
https://bugzilla.gnome.org/show_bug.cgi?id=667313
GStreamer | gst-plugins-base | git
Tim-Philipp Müller <t.i.m> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |t.i.m at zen.co.uk
Target Milestone|HEAD |0.10.36
--- Comment #1 from Tim-Philipp Müller <t.i.m at zen.co.uk> 2012-01-05 11:15:56 UTC ---
This patch didn't apply because your _validate() function has an extra guint32
flags argument. If this is a generally useful change, we could do this in 0.11,
for what it's worth..
commit 0febae7443b165ceaa69641e95d7069f26719e59
Author: Pascal Buhler <pabuhler at cisco.com>
Date: Wed Oct 12 11:28:10 2011 +0200
rtcpbuffer: prevent overflow of 16bit header length.
RTCP header can be (2^16 + 1) * 4 bytes long, so when validating a bogus
packet it was possible to get a 16bit overflow resulting in a length of 0.
This would put the gst_rtcp_buffer_validate_data function in a endless
loop.
https://bugzilla.gnome.org/show_bug.cgi?id=667313
--
Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list