Changeset 10812 for trunk/module-newcamd.c
- Timestamp:
- 06/25/15 17:37:10 (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/module-newcamd.c
r10781 r10812 1249 1249 int32_t pi; 1250 1250 ECM_REQUEST *er; 1251 1251 uint16_t ecmlen; 1252 1253 if(len < 5) 1254 { return; } 1255 1256 ecmlen = SCT_LEN((&buf[2])); 1257 if(ecmlen < 3 || ecmlen > MAX_ECM_SIZE || ecmlen+2 > len) 1258 { 1259 return; 1260 } 1261 1252 1262 if(!(er = get_ecmtask())) 1253 1263 { 1254 1264 return; 1255 1265 } 1266 1256 1267 // save client ncd_msgid 1257 1268 er->msgid = cl->ncd_msgid; 1258 er->ecmlen = (((buf[3] & 0x0F) << 8) | buf[4]) + 3;1269 er->ecmlen = ecmlen; 1259 1270 cs_log_dbg(D_CLIENT, "ncd_process_ecm: er->msgid=%d len=%d ecmlen=%d", er->msgid, len, er->ecmlen); 1260 1271 er->srvid = cl->ncd_header[4] << 8 | cl->ncd_header[5]; … … 1271 1282 } 1272 1283 1273 static void newcamd_process_emm(uchar *buf )1284 static void newcamd_process_emm(uchar *buf, int32_t len) 1274 1285 { 1275 1286 int32_t ok = 1; … … 1278 1289 EMM_PACKET epg; 1279 1290 1291 if(len < 3) 1292 { return; } 1293 1280 1294 memset(&epg, 0, sizeof(epg)); 1281 1295 1282 1296 epg.emmlen = buf[2] + 3; 1297 if(epg.emmlen > MAX_EMM_SIZE || epg.emmlen > len) 1298 { return; } 1299 1283 1300 caid = cfg.ncd_ptab.ports[cl->port_idx].ncd->ncd_ftab.filts[0].caid; 1284 1301 epg.caid[0] = (uchar)(caid >> 8); … … 1488 1505 default: 1489 1506 if(mbuf[2] > 0x81 && mbuf[2] < 0x90) 1490 { newcamd_process_emm(mbuf + 2 ); }1507 { newcamd_process_emm(mbuf + 2, len - 2); } 1491 1508 else 1492 1509 {
Note:
See TracChangeset
for help on using the changeset viewer.