sdp: limit mid length to 16 bytes
which is the maxium length allowed by one-byte header extensions
BUG=webrtc:12517
Change-Id: I003105d3566a34b5b7affb84ffe69b7705973ee3
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/237400
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Philipp Hancke <philipp.hancke@googlemail.com>
Cr-Commit-Position: refs/heads/main@{#35333}
diff --git a/pc/peer_connection_signaling_unittest.cc b/pc/peer_connection_signaling_unittest.cc
index 13b54d9..dbb0cab 100644
--- a/pc/peer_connection_signaling_unittest.cc
+++ b/pc/peer_connection_signaling_unittest.cc
@@ -1031,6 +1031,43 @@
}
}
+TEST_P(PeerConnectionSignalingTest, MidAttributeMaxLength) {
+ auto caller = CreatePeerConnection();
+
+ std::string sdp =
+ "v=0\r\n"
+ "o=- 8403615332048243445 2 IN IP4 127.0.0.1\r\n"
+ "s=-\r\n"
+ "t=0 0\r\n"
+ "m=video 9 UDP/TLS/RTP/SAVPF 102\r\n"
+ "c=IN IP4 0.0.0.0\r\n"
+ "a=rtcp:9 IN IP4 0.0.0.0\r\n"
+ "a=ice-ufrag:IZeV\r\n"
+ "a=ice-pwd:uaZhQD4rYM/Tta2qWBT1Bbt4\r\n"
+ "a=ice-options:trickle\r\n"
+ "a=fingerprint:sha-256 "
+ "D8:6C:3D:FA:23:E2:2C:63:11:2D:D0:86:BE:C4:D0:65:F9:42:F7:1C:06:04:27:E6:"
+ "1C:2C:74:01:8D:50:67:23\r\n"
+ "a=setup:actpass\r\n"
+ // Too long mid attribute.
+ "a=mid:01234567890123456\r\n"
+ "a=sendrecv\r\n"
+ "a=msid:stream track\r\n"
+ "a=rtcp-mux\r\n"
+ "a=rtcp-rsize\r\n"
+ "a=rtpmap:102 VP8/90000\r\n"
+ "a=rtcp-fb:102 goog-remb\r\n"
+ "a=rtcp-fb:102 transport-cc\r\n"
+ "a=rtcp-fb:102 ccm fir\r\n"
+ "a=rtcp-fb:102 nack\r\n"
+ "a=rtcp-fb:102 nack pli\r\n"
+ "a=ssrc:1224551896 cname:/exJcmhSLpyu9FgV\r\n";
+ std::unique_ptr<webrtc::SessionDescriptionInterface> remote_description =
+ webrtc::CreateSessionDescription(SdpType::kOffer, sdp, nullptr);
+
+ EXPECT_FALSE(caller->SetRemoteDescription(std::move(remote_description)));
+}
+
INSTANTIATE_TEST_SUITE_P(PeerConnectionSignalingTest,
PeerConnectionSignalingTest,
Values(SdpSemantics::kPlanB,
diff --git a/pc/sdp_offer_answer.cc b/pc/sdp_offer_answer.cc
index 1795cde..35d8461 100644
--- a/pc/sdp_offer_answer.cc
+++ b/pc/sdp_offer_answer.cc
@@ -123,6 +123,9 @@
// The length of RTCP CNAMEs.
static const int kRtcpCnameLength = 16;
+// The maximum length of the MID attribute.
+static constexpr size_t kMidMaxSize = 16;
+
const char kDefaultStreamId[] = "default";
// NOTE: Duplicated in peer_connection.cc:
static const char kDefaultAudioSenderId[] = "defaulta0";
@@ -448,6 +451,11 @@
LOG_AND_RETURN_ERROR(RTCErrorType::INVALID_PARAMETER,
"A media section is missing a MID attribute.");
}
+ if (content.name.size() > kMidMaxSize) {
+ LOG_AND_RETURN_ERROR(RTCErrorType::INVALID_PARAMETER,
+ "The MID attribute exceeds the maximum supported "
+ "length of 16 characters.");
+ }
if (!mids.insert(content.name).second) {
LOG_AND_RETURN_ERROR(RTCErrorType::INVALID_PARAMETER,
"Duplicate a=mid value '" + content.name + "'.");
