From c995df45427efb149701548ea2d77a4d155b04e5 Mon Sep 17 00:00:00 2001 From: Pascal Buhler Date: Wed, 7 Feb 2018 23:57:58 +0100 Subject: Validate mki index when looking up keys If the mki index is not valid then a NULL session key should be returned not just defaulting to first. This allows the protect functions to return with error bad mki. --- srtp/srtp.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'srtp') diff --git a/srtp/srtp.c b/srtp/srtp.c index 70a93a0..1c449fe 100644 --- a/srtp/srtp.c +++ b/srtp/srtp.c @@ -800,9 +800,10 @@ srtp_session_keys_t *srtp_get_session_keys_with_mki_index( unsigned int mki_index) { if (use_mki) { - if (mki_index < stream->num_master_keys) { - return &stream->session_keys[mki_index]; + if (mki_index >= stream->num_master_keys) { + return NULL; } + return &stream->session_keys[mki_index]; } return &stream->session_keys[0]; @@ -2123,6 +2124,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, session_keys = srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); + if (session_keys == NULL) + return srtp_err_status_bad_mki; + /* * Check if this is an AEAD stream (GCM mode). If so, then dispatch * the request to our AEAD handler. @@ -3927,6 +3931,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, session_keys = srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); + if (session_keys == NULL) + return srtp_err_status_bad_mki; + /* * Check if this is an AEAD stream (GCM mode). If so, then dispatch * the request to our AEAD handler. -- cgit v1.2.3