mirrors/coturn
1
0
Fork 0
mirror of https://github.com/coturn/coturn.git synced 2025-10-29 14:01:01 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #773 from haseebq/performance_fix

Browse Source 
Fix for performance regression caused by CVE-2020-4067 fix
This commit is contained in:
Gustavo Garcia 2022-08-10 11:41:08 +02:00 committed by GitHub
commit f74f50c86d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/apps/relay/ns_ioalib_engine_impl.c
View File

@ -297,15 +297,15 @@ static stun_buffer_list_elem *new_blist_elem(ioa_engine_handle e)
if(!ret) {
ret = (stun_buffer_list_elem *)malloc(sizeof(stun_buffer_list_elem));
if (ret) {
ret->next = NULL;
} else {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: Cannot allocate memory for STUN buffer!\n", __FUNCTION__);
}
}
if(ret) {
bzero(&ret->buf, sizeof(stun_buffer));
ret->buf.len = 0;
ret->buf.offset = 0;
ret->buf.coffset = 0;
ret->next = NULL;
} else {
TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "%s: Cannot allocate memory for STUN buffer!\n", __FUNCTION__);
}
return ret;

8
src/client/ns_turn_msg.c
View File

@ -1448,8 +1448,10 @@ int stun_attr_add_str(uint8_t* buf, size_t *len, uint16_t attr, const uint8_t* a
int clen = stun_get_command_message_len_str(buf,*len);
int newlen = clen + 4 + alen;
int newlenrem4=newlen & 0x00000003;
int paddinglen = 0;
if(newlenrem4) {
newlen=newlen+(4-newlenrem4);
paddinglen=4-newlenrem4;
newlen=newlen+paddinglen;
}
if(newlen>=MAX_STUN_MESSAGE_SIZE) return -1;
else {
@ -1463,6 +1465,10 @@ int stun_attr_add_str(uint8_t* buf, size_t *len, uint16_t attr, const uint8_t* a
attr_start_16t[0]=nswap16(attr);
attr_start_16t[1]=nswap16(alen);
if(alen>0) bcopy(avalue,attr_start+4,alen);
// Write 0 padding to not leak data
bzero(attr_start+4+alen, paddinglen);
return 0;
}
}