x/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-06-11 08:13:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

avformat/rtpenc_xiph: bail out when the max payload size underflows

Browse Source 
Reported by Franciszek Kalinowski (isec.pl / striga.ai) and Bartosz Smigielski.
This commit is contained in:
Franciszek Kalinowski
2026-05-21 01:15:30 +00:00
committed by michaelni
co-authored by michaelni
parent a44cae9025
commit 0857141823
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libavformat/rtpenc_xiph.c
+4
View File
@@ -38,6 +38,10 @@ void ff_rtp_send_xiph(AVFormatContext *s1, const uint8_t *buff, int size)
uint8_t *q;
max_pkt_size = s->max_payload_size - 6; // ident+frag+tdt/vdt+pkt_num+pkt_length
if (max_pkt_size <= 0) {
av_log(s1, AV_LOG_ERROR, "Max payload size too small for Xiph RTP\n");
return;
}
// set xiph data type
switch (*buff) {