libs/pjproject/patches/0170-stun-integer-underflow.patch

   1 From 15663e3f37091069b8c98a7fce680dc04bc8e865 Mon Sep 17 00:00:00 2001
   2 From: sauwming <ming@teluu.com>
   3 Date: Tue, 10 Aug 2021 11:53:25 +0800
   4 Subject: [PATCH] Merge pull request from GHSA-2qpg-f6wf-w984
   5
   6 ---
   7  pjnath/src/pjnath/stun_msg.c | 3 +++
   8  1 file changed, 3 insertions(+)
   9
  10 --- a/pjnath/src/pjnath/stun_msg.c
  11 +++ b/pjnath/src/pjnath/stun_msg.c
  12 @@ -1763,6 +1763,9 @@ static pj_status_t decode_errcode_attr(p
  13      /* Get pointer to the string in the message */
  14      value.ptr = ((char*)buf + ATTR_HDR_LEN + 4);
  15      value.slen = attr->hdr.length - 4;
  16 +    /* Make sure the length is never negative */
  17 +    if (value.slen < 0)
  18 +       value.slen = 0;
  19
  20      /* Copy the string to the attribute */
  21      pj_strdup(pool, &attr->reason, &value);