From: Sean Bright <sean.bright@gmail.com>
Date: Fri, 11 Dec 2020 20:49:48 +0000 (-0500)
Subject: res_rtp_asterisk.c: Fix signed mismatch that leads to overflow
X-Git-Tag: 18.3.0-rc1~42
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5a6f2f913b99613419f82b14aca60792760f7485;p=thirdparty%2Fasterisk.git

res_rtp_asterisk.c: Fix signed mismatch that leads to overflow

ASTERISK-29205 #close

Change-Id: Ib7aa65644e8df76e2378d7613ee7cf751b9d0bea
---

diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index dfec8f55cb..29ffffc149 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -6932,7 +6932,7 @@ static int rtp_transport_wide_cc_feedback_produce(const void *data)
 			/* If there is no more room left for storing packets stop now, we leave 20
 			 * extra bits at the end just in case.
 			 */
-			if ((sizeof(bdata) - (packet_len + delta_len + 20)) < 0) {
+			if (packet_len + delta_len + 20 > sizeof(bdata)) {
 				res = -1;
 				break;
 			}
@@ -6966,7 +6966,7 @@ static int rtp_transport_wide_cc_feedback_produce(const void *data)
 		previous_packet = statistics;
 
 		/* If there is no more room left in the packet stop handling of any subsequent packets */
-		if ((sizeof(bdata) - (packet_len + delta_len + 20)) < 0) {
+		if (packet_len + delta_len + 20 > sizeof(bdata)) {
 			break;
 		}
 	}