[issue2270] RTP parser fails on RFC 3550 header extensions

Ronald S. Bultje Wed, 06 Oct 2010 08:18:23 -0700

Ronald S. Bultje <rsbul...@gmail.com> added the comment:

> +    /* RFC 3550 Section 5.3.1 RTP Header Extension handling */
> +    if (ext) {
> +        if (len < 4)
> +            return -1;
> +        // retrieve header extension length (number of 32-bit words)
> +        ext = AV_RB16(buf + 2);
> +
> +        // add header extension itself to extension length
> +        ext++;
> +
> +        // convert header extension length to bytes
> +        ext <<= 2;


ext = (AV_RB16(..) + 1) << 2;, this isn't barbie-code.

+        // abort if extension length exceeds remaining buffer length
+        if (len < ext)
+            return -1;
+
+        // skip past RTP header extension
+        len -= ext;
+        buf += ext;
+    }

Rest OK.

________________________________________________
FFmpeg issue tracker <iss...@roundup.ffmpeg.org>
<https://roundup.ffmpeg.org/issue2270>
________________________________________________

[issue2270] RTP parser fails on RFC 3550 header extensions

Reply via email to