<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;
mso-fareast-language:EN-US;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="DE-AT" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Hi all,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-GB">When upgrading to v2024.11.28, multicast streams with SRTP sometimes fail due to an uninitialized variable; Clients are not able to decode SRTP and discard all packets.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Short: SRTPCryptographicContext constructor does not initialize fSendingROC.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Long:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">PassiveServerMediaSubsession::sdpLines() is called from ServerMediaSession::generateSDPDescription() twice.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">The first time (to determine existence), the cryptographic context of the sink of PassiveServerMediaSubsession is NULL, so the RTPSink::srtpROC() returns 0; However, PassiveServerMediaSubsession::sdpLines() then performs
a fRTPSink.setupForSRTP(), which initializes the cryptographic context. At this point, the fSendingROC member is uninitialized.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">ServerMediaSession::generateSDPDescription() then calls PassiveServerMediaSubsession::sdpLines() a second time (to actually fill SDP), and then references this cryptographic context. Uninitialized memory is returned,
letting PassiveServerMediaSubsession::sdpLines() to re-create SDPLines with a bogus ROC.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Only later, when RTP is to be sent, SRTPCryptographicContext::processOutgoingSRTPPacket() initializes fSendingROC for the first call.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Proposed solutions:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">a) SRTPCryptographicContext::sendingROC() should return fMIKEYState.initialROC() if nothing was sent yet (simpler, but introduces duplication)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">b) constructor should initialize fSendingROC with fMIKEYState.initialROC() – which would also allow for the removal of the initialization in processOutgoingSRTPPacket().<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Note: The IDE (CLion) also warns about further, uninitialized members in SRTPCryptographicContext – though I haven’t followed up on their implications.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Thank you,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB">Christian<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-GB" style="font-family:"Tahoma",sans-serif;mso-ligatures:none;mso-fareast-language:DE-AT">Christian Haas
</span></b><span lang="EN-GB" style="font-family:"Tahoma",sans-serif;mso-ligatures:none;mso-fareast-language:DE-AT"><br>
OneATM - Tower Solutions R&D - Software Engineer <br>
<br>
<span style="color:#004182">FREQUENTIS AG<o:p></o:p></span></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="mso-ligatures:none;mso-fareast-language:DE-AT"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Tahoma",sans-serif;mso-ligatures:none;mso-fareast-language:DE-AT">Innovationsstrasse 1<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Tahoma",sans-serif;mso-ligatures:none;mso-fareast-language:DE-AT">1100 Vienna, Austria<br>
Mobile: +43-664-60 850 - 3471</span><span lang="EN-GB" style="mso-ligatures:none;mso-fareast-language:DE-AT"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB" style="font-family:"Tahoma",sans-serif;mso-ligatures:none;mso-fareast-language:DE-AT">Fax: +43-1-811 50 - 77 - 3471<br>
Web: <a href="http://www.frequentis.com/"><span style="color:blue">www.frequentis.com</span></a>
<br>
E-mail: </span><u><span style="font-family:"Tahoma",sans-serif;color:blue;mso-ligatures:none;mso-fareast-language:DE-AT"><a href="mailto:christian.haas@frequentis.com"><span lang="EN-GB">christian.haas</span>@frequentis.com</a></span></u><span style="font-family:"Tahoma",sans-serif;mso-ligatures:none;mso-fareast-language:DE-AT">
<span lang="EN-GB"><br>
<br>
Handelsgericht Wien (Vienna Commercial Court): FN 72115b <br>
ATU 14715600<o:p></o:p></span></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
</div>
</body>
</html>