admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

dcsctp: Avoid integer overflow in HEARTBEAT-ACK v2

Browse Source 
This is a follow-up to change 232904 that also validates that the
timestamp from the heartbeat ack isn't negative (which the fuzzer
managed to set it to).

Bug: chromium:1252515
Change-Id: Idaac570589dbdaaee67b7785f6232b60226e88e1
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/234582
Reviewed-by: Florent Castelli <orphis@webrtc.org>
Commit-Queue: Victor Boivie <boivie@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#35168}
This commit is contained in:
Victor Boivie 2021-10-08 11:53:32 +02:00 committed by WebRTC LUCI CQ
parent 2bcdb5d63a
commit 3179fb2931
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net/dcsctp/socket/heartbeat_handler.cc
View File

@ -154,7 +154,7 @@ void HeartbeatHandler::HandleHeartbeatAck(HeartbeatAckChunk chunk) {
}
TimeMs now = ctx_->callbacks().TimeMillis();
if (info->created_at() <= now) {
if (info->created_at() > TimeMs(0) && info->created_at() <= now) {
ctx_->ObserveRTT(now - info->created_at());
}