libsrtp: add patches that fix 2 CVEs

[feed/telephony.git] / libs / libsrtp / patches / 1010-CVE-2015-6360-1.patch

Index: srtp-1.4.4~dfsg/srtp/srtp.c
===================================================================
--- srtp-1.4.4~dfsg.orig/srtp/srtp.c    2016-01-17 19:49:52.000000000 +0100
+++ srtp-1.4.4~dfsg/srtp/srtp.c 2016-01-17 22:50:43.000000000 +0100
@@ -938,6 +938,8 @@
       srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
       enc_start += (ntohs(xtn_hdr->length) + 1);
     }  
+    if (!((uint8_t*)enc_start < (uint8_t*)hdr + (*pkt_octet_len - tag_len)))
+       return err_status_parse_err;
     enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len 
                               - ((enc_start - (uint32_t *)hdr) << 2));
   } else {