[Bug 756653] New: srtpdec: buffer validations may fail if SRTP packets have padding flag set
GStreamer (GNOME Bugzilla)
bugzilla at gnome.org
Thu Oct 15 09:56:11 PDT 2015
https://bugzilla.gnome.org/show_bug.cgi?id=756653
Bug ID: 756653
Summary: srtpdec: buffer validations may fail if SRTP packets
have padding flag set
Classification: Platform
Product: GStreamer
Version: 1.6.0
OS: Linux
Status: NEW
Severity: normal
Priority: Normal
Component: gst-plugins-bad
Assignee: gstreamer-bugs at lists.freedesktop.org
Reporter: mparisdiaz at gmail.com
QA Contact: gstreamer-bugs at lists.freedesktop.org
GNOME version: ---
Hello,
I have come across that srtpdec may fail when buffers are validated if the SRTP
packets have padding flag set.
The problem is that srtpdec is using gst_rtp_buffer_map [1] to verify that the
incoming GstBuffer is an RTP packet, but gst_rtp_buffer_map tries to map an
encrypted RTP packet (SRTP).
If the padding flag is set [2], it gets the padding len from the last octet of
the packet, but this is not the real padding value because all payload
(included the padding) is encrypted [3].
I think that a proper solution is add an extra map function for only mapping
the header of the RTP packet and use it into srtpdec.
This will solve the problem and, in addition, it will be more efficient that
mapping the whole RTP buffer when only header is relevant for the user.
Refs:
[1]
http://cgit.freedesktop.org/gstreamer/gst-plugins-bad/tree/ext/srtp/gstsrtpdec.c?h=1.6#n628
[2]
http://cgit.freedesktop.org/gstreamer/gst-plugins-base/tree/gst-libs/gst/rtp/gstrtpbuffer.c?h=1.6#n403
[3] http://tools.ietf.org/html/rfc3711#section-3.1
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
More information about the gstreamer-bugs
mailing list