[Asterisk-code-review] res rtp asterisk.c: Validate RTCP packets before processing ... (asterisk[13])
George Joseph
asteriskteam at digium.com
Wed Sep 13 10:32:45 CDT 2017
George Joseph has posted comments on this change. ( https://gerrit.asterisk.org/6443 )
Change subject: res_rtp_asterisk.c: Validate RTCP packets before processing them.
......................................................................
Patch Set 4:
(3 comments)
https://gerrit.asterisk.org/#/c/6443/4/res/res_rtp_asterisk.c
File res/res_rtp_asterisk.c:
https://gerrit.asterisk.org/#/c/6443/4/res/res_rtp_asterisk.c@4688
PS4, Line 4688: first_word & RTCP_VERSION_MASK) == RTCP_VERSION
> This is exactly what the RFC check tests in addition to
> accumulating the length fields. No other bits can be validated
> after the first RTCP packet header in a combination packet.
What do you mean "can be validated"? Can't we even check that the packet type is valid in the next packet?
https://gerrit.asterisk.org/#/c/6443/4/res/res_rtp_asterisk.c@4755
PS4, Line 4755: /* We don't know what min_length should be so disable the check */
: min_length = length;
> Really? Doing this does disable the length check for unknown
> packet types.
Yeah but we keep processing.. Why not just short circuit here?
https://gerrit.asterisk.org/#/c/6443/4/res/res_rtp_asterisk.c@4766
PS4, Line 4766: /* Get the RTCP record SSRC if defined for the record */
: ssrc_valid = 1;
: switch (pt) {
: case RTCP_PT_SR:
: case RTCP_PT_RR:
: rtcp_report = ast_rtp_rtcp_report_alloc(rc);
: if (!rtcp_report) {
: return &ast_null_frame;
: }
: rtcp_report->reception_report_count = rc;
:
: ssrc = ntohl(rtcpheader[i + 1]);
: rtcp_report->ssrc = ssrc;
: break;
: case RTCP_PT_FUR:
: case RTCP_PT_PSFB:
: ssrc = ntohl(rtcpheader[i + 1]);
: break;
: case RTCP_PT_SDES:
: case RTCP_PT_BYE:
: default:
: ssrc = 0;
: ssrc_valid = 0;
: break;
: }
> Because it cannot be combined with the previous switch statement.
> Or do you think I should duplicate the length check code and
> message?
Nah, I don't think you have to duplicate it. It just _seems_ that both switch statements have a lot of fallthroughs that do nothing. Both could probably be replaced with a few "if" statements.
--
To view, visit https://gerrit.asterisk.org/6443
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: comment
Gerrit-Change-Id: I67d89e3c27db83efa0e6b52734f73c88ac2939e2
Gerrit-Change-Number: 6443
Gerrit-PatchSet: 4
Gerrit-Owner: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Sean Bright <sean.bright at gmail.com>
Gerrit-Comment-Date: Wed, 13 Sep 2017 15:32:45 +0000
Gerrit-HasComments: Yes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20170913/1e3fb0ac/attachment.html>
More information about the asterisk-code-review
mailing list