[FFmpeg-cvslog] srtp: Improve the minimum encryption buffer size check

[Martin Storsjö]

ffmpeg | branch: master | Martin Storsjö <martin at martin.st> | Fri Jan 18 12:33:02 2013 +0200| [a2a991b2ddf951454ffceb7bcedc9db93e26c610] | committer: Martin Storsjö

srtp: Improve the minimum encryption buffer size check

This clarifies where the limit number comes from, and only
requires exactly as much padding space as will be needed.

Signed-off-by: Martin Storsjö <martin at martin.st>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a2a991b2ddf951454ffceb7bcedc9db93e26c610
---

 libavformat/srtp.c |   16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/libavformat/srtp.c b/libavformat/srtp.c
index d90f8bc..192285f 100644
--- a/libavformat/srtp.c
+++ b/libavformat/srtp.c
@@ -240,20 +240,24 @@ int ff_srtp_encrypt(struct SRTPContext *s, const uint8_t *in, int len,
     uint8_t iv[16] = { 0 }, hmac[20];
     uint64_t index;
     uint32_t ssrc;
-    int rtcp, hmac_size;
+    int rtcp, hmac_size, padding;
     uint8_t *buf;
 
-    if (len + 14 > outlen)
-        return 0;
     if (len < 12)
         return 0;
 
+    rtcp = RTP_PT_IS_RTCP(in[1]);
+    hmac_size = rtcp ? s->rtcp_hmac_size : s->rtp_hmac_size;
+    padding = hmac_size;
+    if (rtcp)
+        padding += 4; // For the RTCP index
+
+    if (len + padding > outlen)
+        return 0;
+
     memcpy(out, in, len);
     buf = out;
 
-    rtcp = RTP_PT_IS_RTCP(buf[1]);
-    hmac_size = rtcp ? s->rtcp_hmac_size : s->rtp_hmac_size;
-
     if (rtcp) {
         ssrc = AV_RB32(buf + 4);
         index = s->rtcp_index++;