From d3ad46c3ff7d74afb893fd034c2221331885941d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?I=C3=B1aki=20Baz=20Castillo?= Date: Fri, 13 Aug 2021 15:24:58 +0200 Subject: [PATCH] Fix wrong size_t* to int* conversion in 64bit Big-Endian hosts - Fixes #636 - Ensure that we have RTP or RTCP packet length into a `int` variable since `srtp_(un)protect_xxxx()` methods expect a pointer to `int` and modify the length referenced by the given pointer. --- worker/include/RTC/SrtpSession.hpp | 8 ++++---- worker/src/RTC/PipeTransport.cpp | 32 ++++++++++++++++++++---------- worker/src/RTC/PlainTransport.cpp | 32 ++++++++++++++++++++---------- worker/src/RTC/SrtpSession.cpp | 28 +++++++++++--------------- worker/src/RTC/WebRtcTransport.cpp | 32 ++++++++++++++++++++---------- 5 files changed, 79 insertions(+), 53 deletions(-) diff --git a/worker/include/RTC/SrtpSession.hpp b/worker/include/RTC/SrtpSession.hpp index 48e24e6a9d..9b1e5096ae 100644 --- a/worker/include/RTC/SrtpSession.hpp +++ b/worker/include/RTC/SrtpSession.hpp @@ -36,10 +36,10 @@ namespace RTC ~SrtpSession(); public: - bool EncryptRtp(const uint8_t** data, size_t* len); - bool DecryptSrtp(uint8_t* data, size_t* len); - bool EncryptRtcp(const uint8_t** data, size_t* len); - bool DecryptSrtcp(uint8_t* data, size_t* len); + bool EncryptRtp(const uint8_t** data, int* len); + bool DecryptSrtp(uint8_t* data, int* len); + bool EncryptRtcp(const uint8_t** data, int* len); + bool DecryptSrtcp(uint8_t* data, int* len); void RemoveStream(uint32_t ssrc) { srtp_remove_stream(this->session, uint32_t{ htonl(ssrc) }); diff --git a/worker/src/RTC/PipeTransport.cpp b/worker/src/RTC/PipeTransport.cpp index c5da43e411..4169d58f1d 100644 --- a/worker/src/RTC/PipeTransport.cpp +++ b/worker/src/RTC/PipeTransport.cpp @@ -449,9 +449,9 @@ namespace RTC } const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (HasSrtp() && !this->srtpSendSession->EncryptRtp(&data, &len)) + if (HasSrtp() && !this->srtpSendSession->EncryptRtp(&data, &intLen)) { if (cb) { @@ -462,6 +462,8 @@ namespace RTC return; } + auto len = static_cast(intLen); + this->tuple->Send(data, len, cb); // Increase send transmission. @@ -476,11 +478,13 @@ namespace RTC return; const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &len)) + if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &intLen)) return; + auto len = static_cast(intLen); + this->tuple->Send(data, len); // Increase send transmission. @@ -495,11 +499,13 @@ namespace RTC return; const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &len)) + if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &intLen)) return; + auto len = static_cast(intLen); + this->tuple->Send(data, len); // Increase send transmission. @@ -583,9 +589,11 @@ namespace RTC return; // Decrypt the SRTP packet. - if (HasSrtp() && !this->srtpRecvSession->DecryptSrtp(const_cast(data), &len)) + auto intLen = static_cast(len); + + if (HasSrtp() && !this->srtpRecvSession->DecryptSrtp(const_cast(data), &intLen)) { - RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, len); + RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, static_cast(intLen)); if (!packet) { @@ -606,7 +614,7 @@ namespace RTC return; } - RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, len); + RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, static_cast(intLen)); if (!packet) { @@ -641,7 +649,9 @@ namespace RTC return; // Decrypt the SRTCP packet. - if (HasSrtp() && !this->srtpRecvSession->DecryptSrtcp(const_cast(data), &len)) + auto intLen = static_cast(len); + + if (HasSrtp() && !this->srtpRecvSession->DecryptSrtcp(const_cast(data), &intLen)) { return; } @@ -654,7 +664,7 @@ namespace RTC return; } - RTC::RTCP::Packet* packet = RTC::RTCP::Packet::Parse(data, len); + RTC::RTCP::Packet* packet = RTC::RTCP::Packet::Parse(data, static_cast(intLen)); if (!packet) { diff --git a/worker/src/RTC/PlainTransport.cpp b/worker/src/RTC/PlainTransport.cpp index 8a375df2c3..c88e6a7088 100644 --- a/worker/src/RTC/PlainTransport.cpp +++ b/worker/src/RTC/PlainTransport.cpp @@ -634,9 +634,9 @@ namespace RTC } const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (HasSrtp() && !this->srtpSendSession->EncryptRtp(&data, &len)) + if (HasSrtp() && !this->srtpSendSession->EncryptRtp(&data, &intLen)) { if (cb) { @@ -647,6 +647,8 @@ namespace RTC return; } + auto len = static_cast(intLen); + this->tuple->Send(data, len, cb); // Increase send transmission. @@ -661,11 +663,13 @@ namespace RTC return; const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &len)) + if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &intLen)) return; + auto len = static_cast(intLen); + if (this->rtcpMux) this->tuple->Send(data, len); else if (this->rtcpTuple) @@ -683,11 +687,13 @@ namespace RTC return; const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &len)) + if (HasSrtp() && !this->srtpSendSession->EncryptRtcp(&data, &intLen)) return; + auto len = static_cast(intLen); + if (this->rtcpMux) this->tuple->Send(data, len); else if (this->rtcpTuple) @@ -775,9 +781,11 @@ namespace RTC return; // Decrypt the SRTP packet. - if (HasSrtp() && !this->srtpRecvSession->DecryptSrtp(const_cast(data), &len)) + auto intLen = static_cast(len); + + if (HasSrtp() && !this->srtpRecvSession->DecryptSrtp(const_cast(data), &intLen)) { - RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, len); + RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, static_cast(intLen)); if (!packet) { @@ -798,7 +806,7 @@ namespace RTC return; } - RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, len); + RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, static_cast(intLen)); if (!packet) { @@ -871,7 +879,9 @@ namespace RTC return; // Decrypt the SRTCP packet. - if (HasSrtp() && !this->srtpRecvSession->DecryptSrtcp(const_cast(data), &len)) + auto intLen = static_cast(len); + + if (HasSrtp() && !this->srtpRecvSession->DecryptSrtcp(const_cast(data), &intLen)) { return; } @@ -949,7 +959,7 @@ namespace RTC return; } - RTC::RTCP::Packet* packet = RTC::RTCP::Packet::Parse(data, len); + RTC::RTCP::Packet* packet = RTC::RTCP::Packet::Parse(data, static_cast(intLen)); if (!packet) { diff --git a/worker/src/RTC/SrtpSession.cpp b/worker/src/RTC/SrtpSession.cpp index fd351d9a3a..bd3f06ed7e 100644 --- a/worker/src/RTC/SrtpSession.cpp +++ b/worker/src/RTC/SrtpSession.cpp @@ -146,22 +146,21 @@ namespace RTC } } - bool SrtpSession::EncryptRtp(const uint8_t** data, size_t* len) + bool SrtpSession::EncryptRtp(const uint8_t** data, int* len) { MS_TRACE(); // Ensure that the resulting SRTP packet fits into the encrypt buffer. - if (*len + SRTP_MAX_TRAILER_LEN > EncryptBufferSize) + if (static_cast(*len) + SRTP_MAX_TRAILER_LEN > EncryptBufferSize) { - MS_WARN_TAG(srtp, "cannot encrypt RTP packet, size too big (%zu bytes)", *len); + MS_WARN_TAG(srtp, "cannot encrypt RTP packet, size too big (%i bytes)", *len); return false; } std::memcpy(EncryptBuffer, *data, *len); - srtp_err_status_t err = - srtp_protect(this->session, static_cast(EncryptBuffer), reinterpret_cast(len)); + srtp_err_status_t err = srtp_protect(this->session, static_cast(EncryptBuffer), len); if (DepLibSRTP::IsError(err)) { @@ -176,12 +175,11 @@ namespace RTC return true; } - bool SrtpSession::DecryptSrtp(uint8_t* data, size_t* len) + bool SrtpSession::DecryptSrtp(uint8_t* data, int* len) { MS_TRACE(); - srtp_err_status_t err = - srtp_unprotect(this->session, static_cast(data), reinterpret_cast(len)); + srtp_err_status_t err = srtp_unprotect(this->session, static_cast(data), len); if (DepLibSRTP::IsError(err)) { @@ -193,22 +191,21 @@ namespace RTC return true; } - bool SrtpSession::EncryptRtcp(const uint8_t** data, size_t* len) + bool SrtpSession::EncryptRtcp(const uint8_t** data, int* len) { MS_TRACE(); // Ensure that the resulting SRTCP packet fits into the encrypt buffer. - if (*len + SRTP_MAX_TRAILER_LEN > EncryptBufferSize) + if (static_cast(*len) + SRTP_MAX_TRAILER_LEN > EncryptBufferSize) { - MS_WARN_TAG(srtp, "cannot encrypt RTCP packet, size too big (%zu bytes)", *len); + MS_WARN_TAG(srtp, "cannot encrypt RTCP packet, size too big (%i bytes)", *len); return false; } std::memcpy(EncryptBuffer, *data, *len); - srtp_err_status_t err = srtp_protect_rtcp( - this->session, static_cast(EncryptBuffer), reinterpret_cast(len)); + srtp_err_status_t err = srtp_protect_rtcp(this->session, static_cast(EncryptBuffer), len); if (DepLibSRTP::IsError(err)) { @@ -223,12 +220,11 @@ namespace RTC return true; } - bool SrtpSession::DecryptSrtcp(uint8_t* data, size_t* len) + bool SrtpSession::DecryptSrtcp(uint8_t* data, int* len) { MS_TRACE(); - srtp_err_status_t err = - srtp_unprotect_rtcp(this->session, static_cast(data), reinterpret_cast(len)); + srtp_err_status_t err = srtp_unprotect_rtcp(this->session, static_cast(data), len); if (DepLibSRTP::IsError(err)) { diff --git a/worker/src/RTC/WebRtcTransport.cpp b/worker/src/RTC/WebRtcTransport.cpp index 52095b10a1..d527a1dd62 100644 --- a/worker/src/RTC/WebRtcTransport.cpp +++ b/worker/src/RTC/WebRtcTransport.cpp @@ -751,9 +751,9 @@ namespace RTC } const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); - if (!this->srtpSendSession->EncryptRtp(&data, &len)) + if (!this->srtpSendSession->EncryptRtp(&data, &intLen)) { if (cb) { @@ -764,6 +764,8 @@ namespace RTC return; } + auto len = static_cast(intLen); + this->iceServer->GetSelectedTuple()->Send(data, len, cb); // Increase send transmission. @@ -778,7 +780,7 @@ namespace RTC return; const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); // Ensure there is sending SRTP session. if (!this->srtpSendSession) @@ -788,9 +790,11 @@ namespace RTC return; } - if (!this->srtpSendSession->EncryptRtcp(&data, &len)) + if (!this->srtpSendSession->EncryptRtcp(&data, &intLen)) return; + auto len = static_cast(intLen); + this->iceServer->GetSelectedTuple()->Send(data, len); // Increase send transmission. @@ -805,7 +809,7 @@ namespace RTC return; const uint8_t* data = packet->GetData(); - size_t len = packet->GetSize(); + auto intLen = static_cast(packet->GetSize()); // Ensure there is sending SRTP session. if (!this->srtpSendSession) @@ -815,9 +819,11 @@ namespace RTC return; } - if (!this->srtpSendSession->EncryptRtcp(&data, &len)) + if (!this->srtpSendSession->EncryptRtcp(&data, &intLen)) return; + auto len = static_cast(intLen); + this->iceServer->GetSelectedTuple()->Send(data, len); // Increase send transmission. @@ -984,9 +990,11 @@ namespace RTC } // Decrypt the SRTP packet. - if (!this->srtpRecvSession->DecryptSrtp(const_cast(data), &len)) + auto intLen = static_cast(len); + + if (!this->srtpRecvSession->DecryptSrtp(const_cast(data), &intLen)) { - RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, len); + RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, static_cast(intLen)); if (!packet) { @@ -1007,7 +1015,7 @@ namespace RTC return; } - RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, len); + RTC::RtpPacket* packet = RTC::RtpPacket::Parse(data, static_cast(intLen)); if (!packet) { @@ -1053,10 +1061,12 @@ namespace RTC } // Decrypt the SRTCP packet. - if (!this->srtpRecvSession->DecryptSrtcp(const_cast(data), &len)) + auto intLen = static_cast(len); + + if (!this->srtpRecvSession->DecryptSrtcp(const_cast(data), &intLen)) return; - RTC::RTCP::Packet* packet = RTC::RTCP::Packet::Parse(data, len); + RTC::RTCP::Packet* packet = RTC::RTCP::Packet::Parse(data, static_cast(intLen)); if (!packet) {