Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(375)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: media/webm/webm_cluster_parser.cc

Issue 11139008: Change WebM parser to treat IVs from encrypted WebM as raw data. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Addressing comments. Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « media/filters/pipeline_integration_test.cc ('k') | media/webm/webm_constants.h » ('j') | media/webm/webm_constants.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: media/webm/webm_cluster_parser.cc
diff --git a/media/webm/webm_cluster_parser.cc b/media/webm/webm_cluster_parser.cc
index fb1c69b874739719169085cbdcf4278862e95a61..abf267a2ff0a5065915141d193e47189d856e359 100644
--- a/media/webm/webm_cluster_parser.cc
+++ b/media/webm/webm_cluster_parser.cc
@@ -7,7 +7,6 @@
#include <vector>
#include "base/logging.h"
-#include "base/sys_byteorder.h"
#include "media/base/data_buffer.h"
#include "media/base/decrypt_config.h"
#include "media/webm/webm_constants.h"
@@ -17,9 +16,9 @@ namespace media {
// Generates a 16 byte CTR counter block. The CTR counter block format is a
xhwang 2012/10/15 16:39:00 With |iv_size|, update this comment?
fgalligan1 2012/10/15 20:01:07 Done.
// CTR IV appended with a CTR block counter. |iv| is an 8 byte CTR IV.
// Returns a string of kDecryptionKeySize bytes.
-static std::string GenerateCounterBlock(uint64 iv) {
- std::string counter_block(reinterpret_cast<char*>(&iv), sizeof(iv));
- counter_block.append(DecryptConfig::kDecryptionKeySize - sizeof(iv), 0);
+static std::string GenerateCounterBlock(const uint8* iv, size_t iv_size) {
+ std::string counter_block(reinterpret_cast<const char*>(iv), iv_size);
+ counter_block.append(DecryptConfig::kDecryptionKeySize - iv_size, 0);
return counter_block;
}
@@ -185,6 +184,7 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
int block_duration,
int flags,
const uint8* data, int size) {
+ DCHECK_GT(size, -1);
ddorwin 2012/10/15 02:32:49 DCHECK_GE(size, 0); seems better
fgalligan1 2012/10/15 16:20:27 Done.
if (cluster_timecode_ == -1) {
DVLOG(1) << "Got a block before cluster timecode.";
return false;
@@ -228,6 +228,10 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
// encrypted WebM request for comments specification is here
// http://wiki.webmproject.org/encryption/webm-encryption-rfc
if (!encryption_key_id.empty()) {
+ if (static_cast<size_t>(size) < sizeof(uint8)) {
+ DVLOG(1) << "Got an encrypted block with no data.";
ddorwin 2012/10/15 02:32:49 It's not yet "encrypted", right?
fgalligan1 2012/10/15 16:20:27 No. I changed it too "Got a block from an encrypte
+ return false;
+ }
uint8 signal_byte = data[0];
int data_offset = sizeof(signal_byte);
@@ -237,10 +241,12 @@ bool WebMClusterParser::OnBlock(int track_num, int timecode,
std::string counter_block;
if (signal_byte & kWebMFlagEncryptedFrame) {
- uint64 network_iv;
- memcpy(&network_iv, data + data_offset, sizeof(network_iv));
- data_offset += sizeof(network_iv);
- counter_block = GenerateCounterBlock(base::NetToHost64(network_iv));
+ if (static_cast<size_t>(size) < sizeof(signal_byte) + kWebMIvSize) {
+ DVLOG(1) << "Got an encrypted block with not enough data " << size;
+ return false;
+ }
+ counter_block = GenerateCounterBlock(data + data_offset, kWebMIvSize);
+ data_offset += kWebMIvSize;
}
// TODO(fgalligan): Revisit if DecryptConfig needs to be set on unencrypted
« no previous file with comments | « media/filters/pipeline_integration_test.cc ('k') | media/webm/webm_constants.h » ('j') | media/webm/webm_constants.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698