udptl: Correct FEC to not consider negative sequence numbers as missing

When using FEC, with span=3 and entries=4 Asterisk will attempt to repair
the packet with sequence number 5, as it will see that packet -4 is
missing. The result is Asterisk sending garbage packets that can kill a
fax.

This patch adds a check to see if the sequence number is valid before
checking if the packet is missing.

Review: https://reviewboard.asterisk.org/r/3657/

#ASTERISK-23908 #close
Reported by: Torrey Searle
patches:
  udptl_fec.patch uploaded by Torrey Searle (License 5334)
........

Merged revisions 417318 from http://svn.asterisk.org/svn/asterisk/branches/1.8

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@417320 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/main/udptl.c b/main/udptl.c
index fdc636299e00305a83a0e1bba6097fedb3895b7b..7a3e363910d92b73e52c4dfab203b4e7779f6378 100644 (file)
--- a/main/udptl.c
+++ b/main/udptl.c
@@ -493,6 +493,12 @@ static int udptl_rx_packet(struct ast_udptl *s, uint8_t *buf, unsigned int len)
                                int k;
                                int which;
                                int limit = (l + m) & UDPTL_BUF_MASK;
+
+                               /* only repair buffers that actually exist! */
+                               if (seq_no <= (s->rx[l].fec_span * s->rx[l].fec_entries) - m) {
+                                       continue;
+                               }
+
                                for (which = -1, k = (limit - s->rx[l].fec_span * s->rx[l].fec_entries) & UDPTL_BUF_MASK; k != limit; k = (k + s->rx[l].fec_entries) & UDPTL_BUF_MASK) {
                                        if (s->rx[k].buf_len <= 0)
                                                which = (which == -1) ? k : -2;