• Fabrice Bellet's avatar
    agent: make candidate username and password immutable · 5a644f45
    Fabrice Bellet authored
    With this patch we prevent the username and the password of a candidate
    to be modified during a session, as required by the RFC, sect 9.1.2.
    This is also needed from a memory management point of view, because the
    password string pointer may be recorded in the components stun agent
    sent_ids[] struct key member, and freeing these values there may cause
    an use-after-free condition, when an inbound stun is received from this
    candidate. This behavior has been observed with pidgin, xmpp, and
    farstream when a same remote candidates are "updated" several times,
    even if the credentials don't change in this case.
    Reviewed-by: Olivier Crête's avatarOlivier Crête <olivier.crete@collabora.com>
    Differential Revision: https://phabricator.freedesktop.org/D1917
    5a644f45
Name
Last commit
Last update
agent Loading commit data...
docs Loading commit data...
examples Loading commit data...
gst Loading commit data...
m4 Loading commit data...
nice Loading commit data...
random Loading commit data...
scripts Loading commit data...
socket Loading commit data...
stun Loading commit data...
tests Loading commit data...
win32/vs9 Loading commit data...
.arcconfig Loading commit data...
.gitignore Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
COPYING.LGPL Loading commit data...
COPYING.MPL Loading commit data...
ChangeLog Loading commit data...
Makefile.am Loading commit data...
NEWS Loading commit data...
README Loading commit data...
README.win32 Loading commit data...
TODO Loading commit data...
autogen.sh Loading commit data...
common.mk Loading commit data...
configure.ac Loading commit data...