Comments (6)
This is just wrong, len-off does not represent anything useful. Please elaborate on why you think the correction is needed if you disagree.
from ice4j.
The current constraints are inaccurate, which can be illustrated with, for instance, len == 0
and off == 0
.
len - off
represents how many bytes of buf
can be read from position off
without IndexOutOfBoundsException
. I assume here that 0 <= off <= len
.
In the first case (from line 130), buf[j]
is read with with: off <= j < off + googleTurnSslTcp.length
; thus the following constraint must be ensured: off + googleTurnSslTcp.length <= buf.length == len
, which is len - off >= googleTurnSslTcp.length
.
In the second case (from line 158) buf[j]
is read with: off + 6 <= j < off + 6 + magicCookie.length == off + 10
; thus the following constraint must be ensured: off + 10 <= buf.length == len
, which is len - off >= 10
.
If one of those two constraints is violated, an IndexOutOfBoundsException
will be thrown.
Note that len - off >= 10
is preferred over len >= 10 + off
, because the 10 + off
may wrap around and thus be negative, while len - off
is alway positive and smaller than len
.
from ice4j.
@bgrozev You may consider re-opining this issue.
from ice4j.
@bgrozev You may consider re-opining this issue.
Feel free to re-open these yourself if you think it's necessary. We do appreciate the feedback!
from ice4j.
len - off represents how many bytes of buf can be read from position off without IndexOutOfBoundsException
This is not true. The number of bytes that can be read without an IndexOutOfBoundsException depends only the "length" field of the byte[]. The number of bytes represented by a (byte[], int off, int len) triplet or a DatagramPacket or a RawPacket in libjitsi are given simply by "len" (or DatagramPacket.getLength() or RawPacket.getLength()).
You can verify this for example with the following code:
byte[] buf = new byte[]{0, 1, 2, 3, 4, 5, 6};
DatagramPacket p = new DatagramPacket(buf, 2, 3);
DatagramSocket s = new DatagramSocket(12345);
p.setAddress(InetAddress.getByName("1.2.3.4"));
p.setPort(12345);
s.send(p);
The packet represents a buffer with 3 bytes, starting at offset 2, and you can observe a UDP packet being sent with payload of 0x020304.
from ice4j.
Now I think you are right.
But https://docs.oracle.com/javase/7/docs/api/java/net/DatagramPacket.html is still unclear to me.
public DatagramPacket(byte[] buf, int offset, int length)
says:
The length argument must be less than or equal to buf.length.
but offset
is not even considered, which I feel wrong.
public void setLength(int length)
says:
The length must be lesser or equal to the offset plus the length of the packet's buffer.
but the stated length <= offset + buf.length
seems wrong to me; instead, length + offset <= buf.length
(according to your argument) makes definitively more sense to me.
However, according to http://developer.classpath.org/doc/java/net/DatagramPacket-source.html:
380: public synchronized void setLength(int length)
381: {
382: if (length < 0)
383: throw new IllegalArgumentException("Invalid length: " + length);
384: if (offset + length > buffer.length)
385: throw new IllegalArgumentException("Potential buffer overflow - offset: "
386: + offset + " length: " + length);
...
the constraint is really offset + length <= buffer.length
, as you claim.
Thus this ticket is invalid, indeed.
from ice4j.
Related Issues (20)
- Using ice4j behind NLB in a VPC at AWS (Kubernetes) HOT 13
- NullPointerException with multiple network interfaces and NAT HOT 20
- Question: Is NOMINATE_BEST_RTT implemented? HOT 2
- ice4j unmaintained on Maven repo HOT 8
- ConcurrentModificationException HOT 2
- I can't manage to make org.ice4j.ice.harvest.DISABLE_LINK_LOCAL_ADDRESSES work HOT 2
- NullPointerException in MergingDatagraSocket HOT 3
- Java project can't import classes from 3.0-26-gf176d02 HOT 3
- QUESTION: How to connect faster? HOT 1
- Java 17: issues with classes in org.ice4j.socket.jdk8 HOT 3
- TURN(S) TCP support in ice4j HOT 7
- PseudoTcpSocket input stream doesn't support readNBytes
- Random instances of websocket disconnects in jitsi
- ice4j 3.0 does not generate the IPv4 srflx candidate when android device APN is set to IPv4/IPv6 HOT 3
- ice4j 3.0 cannot support video content-add when initial call starts with audio only HOT 2
- Contradicting candidate preferences HOT 1
- Add support of multiple streams with the same media type. HOT 6
- Parsing a Session Description on Android causes a NullPointerException. HOT 7
- unresolved address error while harvesting STUN candidates HOT 3
- Remove all mailinglist dead links HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ice4j.