Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(9)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1238033003: Prevent OOB reads for truncated H264 STAP-A packets. (Closed)

Created:
5 years, 5 months ago by pbos-webrtc
Modified:
5 years, 4 months ago
Reviewers:
stefan-webrtc
CC:
webrtc-reviews_webrtc.org, tterriberry_mozilla.com, stefan-webrtc, mflodman
Base URL:
https://chromium.googlesource.com/external/webrtc.git@master
Target Ref:
refs/pending/heads/master
Project:
webrtc
Visibility:
Public.

Description

Prevent OOB reads for truncated H264 STAP-A packets. BUG=webrtc:4771, webrtc:4834 R=stefan@webrtc.org Committed: https://crrev.com/f1828e8ed96ae1aa3ea9dc1eb96e2e703d2e78cf Cr-Commit-Position: refs/heads/master@{#9650}

Patch Set 1 #

Total comments: 2

Patch Set 2 : verify stap-a nalu lengths in parser #

Patch Set 3 : fix #

Total comments: 2

Patch Set 4 : added logging + todos #

Unified diffs Side-by-side diffs Delta from patch set Stats (+117 lines, -0 lines) Patch
M webrtc/modules/rtp_rtcp/source/rtp_format_h264.cc View 1 2 3 2 chunks +22 lines, -0 lines 0 comments Download
M webrtc/modules/video_coding/main/source/session_info.cc View 1 2 3 1 chunk +2 lines, -0 lines 0 comments Download
M webrtc/test/call_test.cc View 1 1 chunk +1 line, -0 lines 0 comments Download
A webrtc/video/packet_injection_tests.cc View 1 2 3 1 chunk +91 lines, -0 lines 0 comments Download
M webrtc/webrtc_tests.gypi View 1 1 chunk +1 line, -0 lines 0 comments Download

Messages

Total messages: 16 (4 generated)
pbos-webrtc
PTAL https://codereview.webrtc.org/1238033003/diff/1/webrtc/modules/video_coding/main/source/session_info.cc File webrtc/modules/video_coding/main/source/session_info.cc (right): https://codereview.webrtc.org/1238033003/diff/1/webrtc/modules/video_coding/main/source/session_info.cc#newcode163 webrtc/modules/video_coding/main/source/session_info.cc:163: packet->sizeBytes = required_length - kH264NALHeaderLengthInBytes; Was this part ...
5 years, 5 months ago (2015-07-17 14:08:53 UTC) #1
commit-bot: I haz the power
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1238033003/1
5 years, 5 months ago (2015-07-17 14:09:08 UTC) #3
commit-bot: I haz the power
Dry run: Try jobs failed on following builders: linux on tryserver.webrtc (JOB_FAILED, http://build.chromium.org/p/tryserver.webrtc/builders/linux/builds/8622) (exceeded global ...
5 years, 5 months ago (2015-07-17 14:18:09 UTC) #5
stefan-webrtc
https://codereview.webrtc.org/1238033003/diff/1/webrtc/modules/video_coding/main/source/session_info.cc File webrtc/modules/video_coding/main/source/session_info.cc (right): https://codereview.webrtc.org/1238033003/diff/1/webrtc/modules/video_coding/main/source/session_info.cc#newcode147 webrtc/modules/video_coding/main/source/session_info.cc:147: length + (packet->insertStartCode ? kH264StartCodeLengthBytes : 0); As discussed, ...
5 years, 5 months ago (2015-07-23 12:36:04 UTC) #6
pbos-webrtc
verify stap-a nalu lengths in parser
5 years, 4 months ago (2015-07-28 14:01:10 UTC) #7
pbos-webrtc
fix
5 years, 4 months ago (2015-07-28 14:16:05 UTC) #8
pbos-webrtc
PTAL, the incorrect accounting for NALU headers in frame_buffer.cc should be in a follow-up CL. ...
5 years, 4 months ago (2015-07-28 14:17:55 UTC) #9
stefan-webrtc
lgtm, but fix the comments https://codereview.webrtc.org/1238033003/diff/40001/webrtc/modules/rtp_rtcp/source/rtp_format_h264.cc File webrtc/modules/rtp_rtcp/source/rtp_format_h264.cc (right): https://codereview.webrtc.org/1238033003/diff/40001/webrtc/modules/rtp_rtcp/source/rtp_format_h264.cc#newcode44 webrtc/modules/rtp_rtcp/source/rtp_format_h264.cc:44: while (length_remaining > 0) ...
5 years, 4 months ago (2015-07-28 14:22:19 UTC) #10
pbos-webrtc
added logging + todos
5 years, 4 months ago (2015-07-28 14:29:01 UTC) #11
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1238033003/60001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1238033003/60001
5 years, 4 months ago (2015-07-28 14:29:12 UTC) #14
commit-bot: I haz the power
Committed patchset #4 (id:60001)
5 years, 4 months ago (2015-07-28 15:21:03 UTC) #15
commit-bot: I haz the power
5 years, 4 months ago (2015-07-28 15:21:13 UTC) #16
Message was sent while issue was closed. 
Patchset 4 (id:??) landed as
https://crrev.com/f1828e8ed96ae1aa3ea9dc1eb96e2e703d2e78cf
Cr-Commit-Position: refs/heads/master@{#9650}

Powered by Google App Engine
This is Rietveld 408576698