5.1 Security Considerations for Implementers

For any packet that contains fields that specify other field lengths, implementers ensure that the length values do not exceed the size of the packet itself. For example, MSB_MSG_IND_STREAMINFO is one packet that has multiple length fields.

Implementers do not assume that the ASF data in the MSB_MSG_IND_STREAMINFO and MSB_MSG_IND_PACKET packets can be trusted. Use caution when parsing variable-length fields, ensuring that length information, if any, does not cause the size of buffers to be exceeded.