vlc/vlc-2.1 | branch: master | Rémi Denis-Courmont <[email protected]> | Sat Nov 15 12:47:29 2014 +0200| [475d1f59b3816cdc9b74331daf4ecccc63987f0c] | committer: Jean-Baptiste Kempf
SRTP: integer overflow (cherry picked from commit ab9f28ff688eae845bc2deb62bf50072d4a4690b) Signed-off-by: Jean-Baptiste Kempf <[email protected]> > http://git.videolan.org/gitweb.cgi/vlc/vlc-2.1.git/?a=commit;h=475d1f59b3816cdc9b74331daf4ecccc63987f0c --- modules/access/rtp/srtp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/access/rtp/srtp.c b/modules/access/rtp/srtp.c index 1f8de38..9447f34 100644 --- a/modules/access/rtp/srtp.c +++ b/modules/access/rtp/srtp.c @@ -496,7 +496,7 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len) { /* Sequence in the future, good */ s->rtp.window = s->rtp.window << diff; - s->rtp.window |= 1; + s->rtp.window |= UINT64_C(1); s->rtp_seq = seq, s->rtp_roc = roc; } else @@ -505,7 +505,7 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len) diff = -diff; if ((diff >= 64) || ((s->rtp.window >> diff) & 1)) return EACCES; /* Replay attack */ - s->rtp.window |= 1 << diff; + s->rtp.window |= UINT64_C(1) << diff; } /* Encrypt/Decrypt */ _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
