[Asterisk-code-review] rtp engine: rtcp report to json can overflow the ssrc intege... (asterisk[15])

Kevin Harwell asteriskteam at digium.com
Mon Sep 17 12:18:18 CDT 2018


Hello Richard Mudgett, Jenkins2, 

I'd like you to reexamine a change. Please visit

    https://gerrit.asterisk.org/10150

to look at the new patch set (#3).

Change subject: rtp_engine: rtcp_report_to_json can overflow the ssrc integer value
......................................................................

rtp_engine: rtcp_report_to_json can overflow the ssrc integer value

When writing an RTCP report to json the code attempts to pack the "ssrc" and
"source_ssrc" unsigned integer values as a signed int value type. This of course
means if the ssrc's unsigned value is greater than that which can fit into a
signed integer value it gets converted to a negative number. Subsequently, the
negative value goes out in the json report.

This patch now packs the value as a json_int_t, which is the widest integer type
available on a given system. This should make it so the value no longer
overflows.

Note, this was caught by two failing tests hep/rtcp-receiver/ and
hep/rtcp-sender.

Change-Id: I2af275286ee5e795b79f0c3d450d9e4b28e958b0
---
M include/asterisk/json.h
M main/json.c
M main/rtp_engine.c
3 files changed, 23 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/50/10150/3
-- 
To view, visit https://gerrit.asterisk.org/10150
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 15
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I2af275286ee5e795b79f0c3d450d9e4b28e958b0
Gerrit-Change-Number: 10150
Gerrit-PatchSet: 3
Gerrit-Owner: Kevin Harwell <kharwell at digium.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20180917/983034ae/attachment.html>


More information about the asterisk-code-review mailing list