sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#14008 handle HMAC() returning error

Browse Source 
If HMAC() fails, the value of the output string would be left
uninitialised. Handle this case.

Change-Id: I79fc3d03237ae4a5924e59f749d6818db7bf8ab2
Warned-by: coverity
mr10.4
Richard Fuchs 4 years ago
parent 5b2fec710e
commit 5005cc36d7
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File

8
daemon/crypto.c
Unescape View File

@ -836,8 +836,12 @@ static int hmac_sha1_rtp(struct crypto_context *c, char *out, str *in, uint64_t
static int hmac_sha1_rtcp(struct crypto_context *c, char *out, str *in) {
unsigned char hmac[20];
HMAC(EVP_sha1(), c->session_auth_key, c->params.crypto_suite->srtcp_auth_key_len,
(unsigned char *) in->s, in->len, hmac, NULL);
if (!HMAC(EVP_sha1(), c->session_auth_key, c->params.crypto_suite->srtcp_auth_key_len,
(unsigned char *) in->s, in->len, hmac, NULL))
{
memset(out, 0, c->params.crypto_suite->srtcp_auth_tag);
return 1;
}
assert(sizeof(hmac) >= c->params.crypto_suite->srtcp_auth_tag);
memcpy(out, hmac, c->params.crypto_suite->srtcp_auth_tag);

Write Preview
Loading…
Cancel
Save