Commit b4bb1d49 authored by Martin Storsjö's avatar Martin Storsjö

srtp: Don't require more input data than what actually is needed

The theoretical minimum for a (not totally well formed) RTCP packet
is 8 bytes, so we shouldn't require 12 bytes as minimum input.

Also return AVERROR_INVALIDDATA instead of 0 if something that is
not a proper packet is given.
Signed-off-by: 's avatarMartin Storsjö <martin@martin.st>
parent a2a991b2
......@@ -243,8 +243,8 @@ int ff_srtp_encrypt(struct SRTPContext *s, const uint8_t *in, int len,
int rtcp, hmac_size, padding;
uint8_t *buf;
if (len < 12)
return 0;
if (len < 8)
return AVERROR_INVALIDDATA;
rtcp = RTP_PT_IS_RTCP(in[1]);
hmac_size = rtcp ? s->rtcp_hmac_size : s->rtp_hmac_size;
......@@ -267,6 +267,10 @@ int ff_srtp_encrypt(struct SRTPContext *s, const uint8_t *in, int len,
} else {
int ext, csrc;
int seq = AV_RB16(buf + 2);
if (len < 12)
return AVERROR_INVALIDDATA;
ssrc = AV_RB32(buf + 8);
if (seq < s->seq_largest)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment