[Live-devel] Fix for a possible buffer overflow in SDESItem

[Doug Porter]

Jeremy Noring <jnoring at logitech.com> writes:
> 
> Actually, on second glance, the only realistic option is to
> shorten length, because only a single byte is allotted to the
> size field in fData[1].  (note that length is cast to unsigned
> char).  So in RTCP.cpp, I'd change this line:
> 
> if (length > 251) length = 251;

The text of an SDES item can be up to 255 octets (IETF RFC 3550
section 6.5).

-- 
dsp