Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-02-03 11:00:14 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixed potential integer overflow / Out of bounds read in RsVOIPDataItem.cc

Browse Source
This commit is contained in:
csoler 2016-01-11 20:26:19 -05:00
parent 98f0c101b9
commit 6e9d96efd8
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/VOIP/services/rsVOIPItems.cc
View File

@ -447,6 +447,9 @@ RsVOIPDataItem::RsVOIPDataItem(void *data, uint32_t pktsize)
ok &= getRawUInt32(data, rssize, &offset, &flags); ok &= getRawUInt32(data, rssize, &offset, &flags);
ok &= getRawUInt32(data, rssize, &offset, &data_size); ok &= getRawUInt32(data, rssize, &offset, &data_size);
if(data_size > rssize || rssize - data_size < offset)
throw std::runtime_error("Not enough space.") ;
voip_data = malloc(data_size) ; voip_data = malloc(data_size) ;
memcpy(voip_data,&((uint8_t*)data)[offset],data_size) ; memcpy(voip_data,&((uint8_t*)data)[offset],data_size) ;
offset += data_size ; offset += data_size ;