116c84e1b0
This is a bug that was introduced in https://codereview.webrtc.org/1230503003, where the variable "int temp_bufsize" was changed to a size_t. If the packet buffer was flushed while inserting a packet, temp_bufsize became negative, which was tested later in an if-statement. Now, with size_t instead, it would just become very large, and the if-statement would never see a negative value. The effect was that the packet size in samples could be updated with a very large positive number, causing an overflow which triggered rtc::checked_cast in StatisticsCalculator::GetNetworkStatistics, line 220. Also adding a test to reproduce the crash. Without the fix, the test results in the above mentioned checked_cast to trigger. With the fix, everything works fine. BUG=chromium:525260 Review URL: https://codereview.webrtc.org/1307893004 Cr-Commit-Position: refs/heads/master@{#9802}
Name: WebRTC URL: http://www.webrtc.org Version: 90 License: BSD License File: LICENSE Description: WebRTC provides real time voice and video processing functionality to enable the implementation of PeerConnection/MediaStream. Third party code used in this project is described in the file LICENSE_THIRD_PARTY.