From 6544f79e8abf914d713d7710e11477992b60fb52 Mon Sep 17 00:00:00 2001 From: Kinsey Moore Date: Mon, 21 Jan 2013 18:27:58 +0000 Subject: [PATCH] Prevent segfault for interpolated iLBC frames When iLBC is being used with a jitter buffer and the jb has to interpolate frames, it generates frames with a null pointer and a non-zero datalen. This is now handled properly. (closes issue ASTERISK-20914) Reported By: John McEleney Patches: ASTERISK-20914-1.8.diff uploaded by Matt Jordan (license 6283) git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@379718 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- codecs/codec_ilbc.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/codecs/codec_ilbc.c b/codecs/codec_ilbc.c index f0e3ecb377..dcf4d62b1b 100644 --- a/codecs/codec_ilbc.c +++ b/codecs/codec_ilbc.c @@ -85,27 +85,29 @@ static int ilbctolin_framein(struct ast_trans_pvt *pvt, struct ast_frame *f) /* Assuming there's space left, decode into the current buffer at the tail location. Read in as many frames as there are */ int x,i; + int datalen = f->datalen; int16_t *dst = pvt->outbuf.i16; float tmpf[ILBC_SAMPLES]; - if (!f->data.ptr && f->datalen) { - ast_log(LOG_DEBUG, "issue 16070, ILIB ERROR. data = NULL datalen = %d src = %s\n", f->datalen, f->src ? f->src : "no src set"); + if (!f->data.ptr && datalen) { + ast_log(LOG_DEBUG, "issue 16070, ILIB ERROR. data = NULL datalen = %d src = %s\n", datalen, f->src ? f->src : "no src set"); f->datalen = 0; + datalen = 0; } - if (f->datalen == 0) { /* native PLC, set fake f->datalen and clear plc_mode */ - f->datalen = ILBC_FRAME_LEN; + if (datalen == 0) { /* native PLC, set fake datalen and clear plc_mode */ + datalen = ILBC_FRAME_LEN; f->samples = ILBC_SAMPLES; plc_mode = 0; /* do native plc */ pvt->samples += ILBC_SAMPLES; } - if (f->datalen % ILBC_FRAME_LEN) { - ast_log(LOG_WARNING, "Huh? An ilbc frame that isn't a multiple of 50 bytes long from %s (%d)?\n", f->src, f->datalen); + if (datalen % ILBC_FRAME_LEN) { + ast_log(LOG_WARNING, "Huh? An ilbc frame that isn't a multiple of 50 bytes long from %s (%d)?\n", f->src, datalen); return -1; } - for (x=0; x < f->datalen ; x += ILBC_FRAME_LEN) { + for (x=0; x < datalen ; x += ILBC_FRAME_LEN) { if (pvt->samples + ILBC_SAMPLES > BUFFER_SAMPLES) { ast_log(LOG_WARNING, "Out of buffer space\n"); return -1;