Skip to content

V
vlc-2-2
Commit f832dd02 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont
Browse files
Options

SRTP: integer overflow 

(cherry picked from commit ab9f28ff688eae845bc2deb62bf50072d4a4690b)
parent 7e421f7c
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
modules/access/rtp/srtp.c
View file @ f832dd02
......@@ -496,7 +496,7 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
{
/* Sequence in the future, good */
s->rtp.window = s->rtp.window << diff;
s->rtp.window |= 1;
s->rtp.window |= UINT64_C(1);
s->rtp_seq = seq, s->rtp_roc = roc;
}
else
......@@ -505,7 +505,7 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
diff = -diff;
if ((diff >= 64) || ((s->rtp.window >> diff) & 1))
return EACCES; /* Replay attack */
s->rtp.window |= 1 << diff;
s->rtp.window |= UINT64_C(1) << diff;
}
/* Encrypt/Decrypt */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment