diff options
author | Param Reddappagari <param@google.com> | 2011-10-04 12:15:40 -0700 |
---|---|---|
committer | Param Reddappagari <param@google.com> | 2011-10-04 13:36:22 -0700 |
commit | 386ce4d9144fc190797f4e43a31aeaf76ca2e373 (patch) | |
tree | cae97fc7609a02fb297c4c3681eec80403924fb9 /googlepatches/google-7-srtp-security-fix.patch | |
parent | 6f01b87ea3fbcb62220c07fc2bc9a0cb08f45706 (diff) | |
download | srtp-386ce4d9144fc190797f4e43a31aeaf76ca2e373.tar.gz |
Checkin open source version of lib SRTP.android-sdk-adt_r20android-sdk-adt_r16.0.1android-sdk-4.0.3_r1android-sdk-4.0.3-tools_r1android-cts-verifier-4.0_r1android-cts-verifier-4.0.3_r1android-cts-4.1_r4android-cts-4.1_r2android-cts-4.1_r1android-cts-4.0_r1android-cts-4.0.3_r2android-cts-4.0.3_r1android-4.1.2_r2.1android-4.1.2_r2android-4.1.2_r1android-4.1.1_r6.1android-4.1.1_r6android-4.1.1_r5android-4.1.1_r4android-4.1.1_r3android-4.1.1_r2android-4.1.1_r1.1android-4.1.1_r1android-4.0.4_r2.1android-4.0.4_r2android-4.0.4_r1.2android-4.0.4_r1.1android-4.0.4_r1android-4.0.3_r1.1android-4.0.3_r1android-4.0.2_r1android-4.0.1_r1.2android-4.0.1_r1.1android-4.0.1_r1tools_r20jb-releasejb-mr0-releasejb-devics-plus-aospics-mr1-releaseics-mr1ics-mr0-releaseics-mr0ics-factoryrom-2-release
Change-Id: I49aa21dabceca035612ac3c463a5d06a178737f3
Diffstat (limited to 'googlepatches/google-7-srtp-security-fix.patch')
-rw-r--r-- | googlepatches/google-7-srtp-security-fix.patch | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/googlepatches/google-7-srtp-security-fix.patch b/googlepatches/google-7-srtp-security-fix.patch new file mode 100644 index 0000000..54e3e9e --- /dev/null +++ b/googlepatches/google-7-srtp-security-fix.patch @@ -0,0 +1,91 @@ +diff --git a/google3/third_party/libsrtp/crypto/include/integers.h b/google3/third_party/libsrtp/crypto/include/integers.h +index 7010efd..3515d13 100644 +--- a/google3/third_party/libsrtp/crypto/include/integers.h ++++ b/google3/third_party/libsrtp/crypto/include/integers.h +@@ -98,7 +98,6 @@ typedef unsigned short int uint16_t; + typedef unsigned int uint32_t; + #endif + +- + #ifdef NO_64BIT_MATH + typedef double uint64_t; + /* assert that sizeof(double) == 8 */ +diff --git a/google3/third_party/libsrtp/include/srtp.h b/google3/third_party/libsrtp/include/srtp.h +index 7f17853..bbaac95 100644 +--- a/google3/third_party/libsrtp/include/srtp.h ++++ b/google3/third_party/libsrtp/include/srtp.h +@@ -50,10 +50,6 @@ + extern "C" { + #endif + +-#ifdef _MSC_VER +-#pragma pack(4) +-#endif +- + #include "crypto_kernel.h" + + /** +@@ -930,10 +926,6 @@ srtp_install_event_handler(srtp_event_handler_func_t func); + #define SRTCP_E_BYTE_BIT 0x80 + #define SRTCP_INDEX_MASK 0x7fffffff + +-#ifdef _MSC_VER +-#pragma pack() +-#endif +- + #ifdef __cplusplus + } + #endif +diff --git a/google3/third_party/libsrtp/srtp/srtp.c b/google3/third_party/libsrtp/srtp/srtp.c +index 6010dd4..3fc52ee 100644 +--- a/google3/third_party/libsrtp/srtp/srtp.c ++++ b/google3/third_party/libsrtp/srtp/srtp.c +@@ -1657,6 +1657,8 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) { + srtp_stream_ctx_t *stream; + int prefix_len; + uint32_t seq_num; ++ int e_bit_in_packet; /* whether the E-bit was found in the packet */ ++ int sec_serv_confidentiality; /* whether confidentiality was requested */ + + /* we assume the hdr is 32-bit aligned to start */ + /* +@@ -1694,7 +1696,10 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) { + return err_status_no_ctx; + } + } +- ++ ++ sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf || ++ stream->rtcp_services == sec_serv_conf_and_auth; ++ + /* get tag length from stream context */ + tag_len = auth_get_tag_length(stream->rtcp_auth); + +@@ -1714,8 +1719,12 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) { + */ + trailer = (uint32_t *) ((char *) hdr + + *pkt_octet_len -(tag_len + sizeof(srtcp_trailer_t))); +- if (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) { +- enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; ++ e_bit_in_packet = (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT; ++ if (e_bit_in_packet != sec_serv_confidentiality) { ++ return err_status_cant_check; ++ } ++ if (sec_serv_confidentiality) { ++ enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; + } else { + enc_octet_len = 0; + enc_start = NULL; /* this indicates that there's no encryption */ +diff --git a/google3/third_party/libsrtp/test/srtp_driver.c b/google3/third_party/libsrtp/test/srtp_driver.c +index f6a84f9..3c97072 100644 +--- a/google3/third_party/libsrtp/test/srtp_driver.c ++++ b/google3/third_party/libsrtp/test/srtp_driver.c +@@ -1246,7 +1246,7 @@ srtp_create_big_policy(srtp_policy_t **list) { + * loop over policy list, mallocing a new list and copying values + * into it (and incrementing the SSRC value as we go along) + */ +- tmp = NULL; ++ tmp = p = NULL; + while (policy_array[i] != NULL) { + p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t)); + if (p == NULL) |