udptl: Correct FEC to not consider negative sequence numbers as missing

When using FEC, with span=3 and entries=4 Asterisk will attempt to repair
the packet with sequence number 5, as it will see that packet -4 is
missing. The result is Asterisk sending garbage packets that can kill a
fax.

This patch adds a check to see if the sequence number is valid before
checking if the packet is missing.

Review: https://reviewboard.asterisk.org/r/3657/

#ASTERISK-23908 #close
Reported by: Torrey Searle
patches:
  udptl_fec.patch uploaded by Torrey Searle (License 5334)
........

Merged revisions 417318 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 417320 from http://svn.asterisk.org/svn/asterisk/branches/11

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@417324 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/main/udptl.c b/main/udptl.c
index c8fee019b54149e34d6fa2dbf1ea6a480d177883..89ea0a88e618348a37885886b62d7d8398fcec58 100644 (file)
--- a/main/udptl.c
+++ b/main/udptl.c
@@ -535,6 +535,12 @@ static int udptl_rx_packet(struct ast_udptl *s, uint8_t *buf, unsigned int len)
                                int k;
                                int which;
                                int limit = (l + m) & UDPTL_BUF_MASK;
+
+                               /* only repair buffers that actually exist! */
+                               if (seq_no <= (s->rx[l].fec_span * s->rx[l].fec_entries) - m) {
+                                       continue;
+                               }
+
                                for (which = -1, k = (limit - s->rx[l].fec_span * s->rx[l].fec_entries) & UDPTL_BUF_MASK; k != limit; k = (k + s->rx[l].fec_entries) & UDPTL_BUF_MASK) {
                                        if (s->rx[k].buf_len <= 0)
                                                which = (which == -1) ? k : -2;