Closed
Bug 1480173
Opened 7 years ago
Closed 7 years ago
Overflow in FEC Processing (Project Zero)
Categories
(Core :: WebRTC: Audio/Video, defect, P1)
Core
WebRTC: Audio/Video
Tracking
()
RESOLVED
DUPLICATE
of bug 1480088
People
(Reporter: drno, Unassigned)
References
()
Details
Project Zero found a problem in processing RED packets: https://bugs.chromium.org/p/project-zero/issues/detail?id=1573
By default RED support is preffed off in Firefox.
As the Chrome bug is again not public yet going from the stack trace in the Project Zero report it looks like Firefox is affected:
https://searchfox.org/mozilla-central/rev/196560b95f191b48ff7cba7c2ba9237bba6b5b6a/media/webrtc/trunk/webrtc/modules/rtp_rtcp/source/ulpfec_receiver_impl.cc#173
Because the buffer size is fixed to 1500 bytes:
https://searchfox.org/mozilla-central/rev/196560b95f191b48ff7cba7c2ba9237bba6b5b6a/media/webrtc/trunk/webrtc/modules/rtp_rtcp/source/forward_error_correction.h#42
https://searchfox.org/mozilla-central/rev/196560b95f191b48ff7cba7c2ba9237bba6b5b6a/media/webrtc/trunk/webrtc/modules/rtp_rtcp/include/rtp_rtcp_defines.h#24
|
||
Updated•7 years ago
|
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
|
|
||
Updated•3 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•