ref: 3acc9f1c414b3032531e1db73e77bb4af0f8ed38
parent: d36842808af48e19a4335fb513801cd9c7ea6464
author: Sigrid Solveig Haflínudóttir <[email protected]>
date: Wed Jul 28 09:36:51 EDT 2021
loop: validate (and debug print) chunk size
--- a/rtmp.c
+++ b/rtmp.c
@@ -485,6 +485,12 @@
case PktChunkSz:
if(amfi32get(r->pk.data, r->pk.data+r->pk.sz, &r->chunk) == nil)
goto err;
+ if(r->chunk < 2){
+ werrstr("invalid chunk size: %d", r->chunk);
+ goto err;
+ }
+ if(debug)
+ fprint(2, "new chunk size: %d bytes\n", r->chunk);
break;
case PktBytesReadReport:
case PktControl: