Thanks for bringing this to our attention. There are actually two bugs here:
Bug 1:
if (length > 511) length = 511;
Each "511" should be "255" (duh!)
Bug 2:
// Pad the trailing bytes to a 4-byte boundary:
while ((length)%4 > 0) fData[2 + length++] = '\0';
This code shouldn't be the
On Thu, Mar 11, 2010 at 9:16 AM, Doug Porter wrote:
> Jeremy Noring writes:
> >
> > Actually, on second glance, the only realistic option is to
> > shorten length, because only a single byte is allotted to the
> > size field in fData[1]. (note that length is cast to unsigned
> > char). So in R
Jeremy Noring writes:
>
> Actually, on second glance, the only realistic option is to
> shorten length, because only a single byte is allotted to the
> size field in fData[1]. (note that length is cast to unsigned
> char). So in RTCP.cpp, I'd change this line:
>
> if (length > 251) length = 25
On Thu, Mar 11, 2010 at 8:43 AM, Jeremy Noring wrote:
> In RTCP.cpp,
>
> SDESItem::SDESItem(unsigned char tag, unsigned char const* value) {
> unsigned length = strlen((char const*)value);
> if (length > 511) length = 511;
>
> fData[0] = tag;
> fData[1] = (unsigned char)length;
> memmov
In RTCP.cpp,
SDESItem::SDESItem(unsigned char tag, unsigned char const* value) {
unsigned length = strlen((char const*)value);
if (length > 511) length = 511;
fData[0] = tag;
fData[1] = (unsigned char)length;
memmove(&fData[2], value, length);
// Pad the trailing bytes to a 4-byte bo
