Mercurial > integration > autoland / changeset / cc5e3d514f2827b5a851277e962eeba6ba6c77a5
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1480088: Added length check for uplfec. r=dminor
authorNils Ohlmeier [:drno] <drno@ohlmeier.org>
Mon, 22 Jul 2019 10:31:55 +0000 (2019-07-22)
changeset 483722 cc5e3d514f2827b5a851277e962eeba6ba6c77a5
parent 483721 17267dd9b2281d253c06133e990ba2ed330a7519
child 483723 a858e44115324243417d830fafa8a4a8eb57e5a0
push id90561
push usernohlmeier@mozilla.com
push dateMon, 22 Jul 2019 15:03:37 +0000 (2019-07-22)
treeherderautoland@cc5e3d514f28 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdminor
bugs1480088
milestone70.0a1
first release with
nightly linux32
69ac304560c9 / 70.0a1 / 20190723034754 / files
nightly linux64
69ac304560c9 / 70.0a1 / 20190723034754 / files
nightly mac
69ac304560c9 / 70.0a1 / 20190723034754 / files
nightly win32
69ac304560c9 / 70.0a1 / 20190723034754 / files
nightly win64
69ac304560c9 / 70.0a1 / 20190723034754 / files
last release without
nightly linux32
db8f3ee41bdf / 70.0a1 / 20190722093634 / files
nightly linux64
db8f3ee41bdf / 70.0a1 / 20190722093634 / files
nightly mac
db8f3ee41bdf / 70.0a1 / 20190722093634 / files
nightly win32
db8f3ee41bdf / 70.0a1 / 20190722093634 / files
nightly win64
db8f3ee41bdf / 70.0a1 / 20190722093634 / files
Bug 1480088: Added length check for uplfec. r=dminor Differential Revision: https://phabricator.services.mozilla.com/D38786
media/webrtc/trunk/webrtc/modules/rtp_rtcp/source/ulpfec_receiver_impl.cc file | annotate | diff | comparison | revisions 
--- a/media/webrtc/trunk/webrtc/modules/rtp_rtcp/source/ulpfec_receiver_impl.cc
+++ b/media/webrtc/trunk/webrtc/modules/rtp_rtcp/source/ulpfec_receiver_impl.cc
@@ -75,16 +75,21 @@ int32_t UlpfecReceiverImpl::AddReceivedR
     const uint8_t* incoming_rtp_packet,
     size_t packet_length,
     uint8_t ulpfec_payload_type) {
   if (header.ssrc != ssrc_) {
     RTC_LOG(LS_WARNING)
         << "Received RED packet with different SSRC than expected; dropping.";
     return -1;
   }
+  if (packet_length > IP_PACKET_SIZE) {
+    RTC_LOG(LS_WARNING) << "Received RED packet with length exceeds maximum IP "
+                           "packet size; dropping.";
+    return -1;
+  }
 
   rtc::CritScope cs(&crit_sect_);
 
   uint8_t red_header_length = 1;
   size_t payload_data_length = packet_length - header.headerLength;
 
   if (payload_data_length == 0) {
     RTC_LOG(LS_WARNING) << "Corrupt/truncated FEC packet.";
autoland
Deployed from 0549d7aefb93 at 2025-06-12T15:23:35Z.