From 042fb984d0a90fb0ab119f95ae8b275fb588a474 Mon Sep 17 00:00:00 2001
From: Nanang Izzuddin <nanang@teluu.com>
Date: Tue, 28 Sep 2010 08:26:51 +0000
Subject: Fix #1135: added RTP padding checks and RTP payload length adjustment
 according to padding length.

Payload padding in outgoing RTP investigation results:
 - the RTP does not specify RTP payload alignment.
 - most codecs also do not specify RTP payload alignment, usually only octet-alignment is specified and this seems to be done.
 - SRTP, RFC3711 states:
   - None of the pre-defined SRTP encryption transforms uses any padding; for these, the RTP and SRTP payload sizes match exactly.
   - Message authentication codes define their own padding.
   - Encryption transforms that use padding are vulnerable to subtle attacks, especially when message authentication is not used.

So, currently payload padding in outgoing RTP is not necessary.




git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3325 74dad513-b988-da41-8d7b-12977e46ad98
---
 pjmedia/src/pjmedia/rtp.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/pjmedia/src/pjmedia/rtp.c b/pjmedia/src/pjmedia/rtp.c
index f2a66cd3..4afe6c71 100644
--- a/pjmedia/src/pjmedia/rtp.c
+++ b/pjmedia/src/pjmedia/rtp.c
@@ -180,6 +180,15 @@ PJ_DEF(pj_status_t) pjmedia_rtp_decode_rtp( pjmedia_rtp_session *ses,
     /* Find and set payload. */
     *payload = ((pj_uint8_t*)pkt) + offset;
     *payloadlen = pkt_len - offset;
+ 
+    /* Remove payload padding if any */
+    if ((*hdr)->p && *payloadlen > 0) {
+	pj_uint8_t pad_len;
+
+	pad_len = ((pj_uint8_t*)(*payload))[*payloadlen - 1];
+	if (pad_len <= *payloadlen)
+	    *payloadlen -= pad_len;
+    }
 
     return PJ_SUCCESS;
 }
-- 
cgit v1.2.3