diff options
Diffstat (limited to 'googlepatches/google-11-srtp-replay-fix.patch')
-rw-r--r-- | googlepatches/google-11-srtp-replay-fix.patch | 107 |
1 files changed, 107 insertions, 0 deletions
diff --git a/googlepatches/google-11-srtp-replay-fix.patch b/googlepatches/google-11-srtp-replay-fix.patch new file mode 100644 index 0000000..46d3f7f --- /dev/null +++ b/googlepatches/google-11-srtp-replay-fix.patch @@ -0,0 +1,107 @@ +==== //depot/google3/third_party/libsrtp/README.google#8 - None ==== +# action=edit type=text +--- google3/third_party/libsrtp/README.google 2011-02-22 19:05:30.000000000 -0800 ++++ google3/third_party/libsrtp/README.google 2011-05-27 17:56:49.000000000 -0700 +@@ -21,4 +21,6 @@ + - all patches are stored individually in the googlepatches subdirectory + - iOS related changes. + undefine HAVE_BYTESWAP_H in config.h +- Fix debug build compile errors: added static keyword to inline methods and undefined DEBUG before #define DEBUG +\ No newline at end of file ++ Fix debug build compile errors: added static keyword to inline methods and undefined DEBUG before #define DEBUG ++- Fixed a bug related to replay detection when sequence number rolls back ++ arround 0. (Currently contacting libsrtp developers for upstream.) +==== //depot/google3/third_party/libsrtp/crypto/replay/rdbx.c#5 - None ==== +# action=edit type=text +--- google3/third_party/libsrtp/crypto/replay/rdbx.c 2010-02-25 06:36:30.000000000 -0800 ++++ google3/third_party/libsrtp/crypto/replay/rdbx.c 2011-05-27 17:56:49.000000000 -0700 +@@ -145,7 +145,16 @@ + if (local_seq < seq_num_median) { + if (s - local_seq > seq_num_median) { + guess_roc = local_roc - 1; +- difference = seq_num_max - s + local_seq; ++ // The return value is the relative difference from local_seq to s. ++ // The original value is negation of its purpose. According to document ++ // http://www.ietf.org/rfc/rfc3711.txt, when this condition is true, the ++ // resulting new index should be (local_roc-1, s). But original logic ++ // will end up positive difference and rdbx_check would pass. Hence after ++ // rdbx_add_index would make local index to be the wrong value because ++ // local index should not be updated in this case. For example, when ++ // local index is (1, 100) and next sequence is 65530, the wrong updated ++ // index would be (1, 205). ++ difference = s - local_seq - seq_num_max; + } else { + guess_roc = local_roc; + difference = s - local_seq; +==== //depot/google3/third_party/libsrtp/test/rdbx_driver.c#5 - None ==== +# action=edit type=text +--- google3/third_party/libsrtp/test/rdbx_driver.c 2010-02-25 06:36:30.000000000 -0800 ++++ google3/third_party/libsrtp/test/rdbx_driver.c 2011-05-27 17:56:49.000000000 -0700 +@@ -226,7 +226,7 @@ + * test sequential insertion + */ + printf("\ttesting sequential insertion..."); +- for (idx=0; idx < num_trials; idx++) { ++ for (idx=0; idx < (uint32_t)num_trials; idx++) { + status = rdbx_check_add(&rdbx, idx); + if (status) + return status; +@@ -245,7 +245,7 @@ + printf("warning: no false positive tests performed\n"); + } + printf("\ttesting for false positives..."); +- for (idx=0; idx < num_fp_trials; idx++) { ++ for (idx=0; idx < (uint32_t)num_fp_trials; idx++) { + status = rdbx_check_expect_failure(&rdbx, idx); + if (status) + return status; +@@ -269,12 +269,34 @@ + ut_init(&utc); + + printf("\ttesting non-sequential insertion..."); +- for (idx=0; idx < num_trials; idx++) { ++ for (idx=0; idx < (uint32_t)num_trials; idx++) { + ircvd = ut_next_index(&utc); + status = rdbx_check_unordered(&rdbx, ircvd); + if (status) + return status; + } ++ printf("passed\n"); ++ ++ /* ++ * test a replay condition close to zero. ++ */ ++ rdbx_uninit(&rdbx); ++ ++ if (rdbx_init(&rdbx, ws) != err_status_ok) { ++ printf("replay_init failed\n"); ++ return err_status_init_fail; ++ } ++ ++ printf("\ttesting replay close to zero..."); ++ status = rdbx_check_add(&rdbx, 1); ++ if (status) ++ return status; ++ status = rdbx_check_expect_failure(&rdbx, 64500); ++ if (status) ++ return status; ++ status = rdbx_check_add(&rdbx, 2); ++ if (status) ++ return status; + printf("passed\n"); + + rdbx_uninit(&rdbx); +@@ -303,7 +325,7 @@ + + failures = 0; + timer = clock(); +- for(i=0; i < num_trials; i++) { ++ for(i=0; i < (uint32_t)num_trials; i++) { + + delta = index_guess(&rdbx.index, &est, i); + +@@ -321,4 +343,3 @@ + + return (double) CLOCKS_PER_SEC * num_trials / timer; + } +- |