| Commit message (Collapse) | Author | Files | Lines |
|
The function decodeFirstFrame() allocates memory based on data from
the mp3 header. This can make the buffer size allocation overflow, or
lead to a DoS attack with a very large buffer. Cap this buffer at 8
million frames, which should really be enough for reasonable files.
|
|
The assertion on "!client_is_expired(client)" was wrong, because
writing the command response may cause the client to become expired.
Replace that assertion with a check.
|
|
A crafted mp4 file could cause an integer overflow in mp4_decode
function in src/inputPlugins/mp4_plugin.c. mp4ff_num_samples()
function returns some tainted value. sizeof(float) * numSamples is an
integer overflow operation if numSamples is too huge, so xmalloc will
allocate a small memory region. I constructe a mp4 file, and use
faad2 to open the file. mp4ff_num_samples() returns -1. So I think mpd
bears from the same problem.
|
|
Seeing the token "client" repeatedly in the same blocks of code
adds to mental fatigue and makes it harder to follow code
because there's fewer unique tokens to distinguish.
"cl" is unique within mpd and conveys enough information
to be useful to anybody reading the code.
|
|
Remove one comparison by changing branch order.
|
|
Since the caller chain doesn't care about the return value (except for
COMMAND_RETURN_KILL, COMMAND_RETURN_CLOSE), just return 0 if there is
nothing special. This saves one local variable initialization, and
one access to it.
Also remove one unreachable "return 1" from client_read().
|
|
Don't close the client within client_process_line(), return
COMMAND_RETURN_CLOSE instead. This is the signal for the caller chain
to actually close it. This makes dealing with the client pointer a
lot safer, since the caller always knows whether it is still valid.
|
|
It's easier to reuse the variable if it has a more generic name.
|
|
Don't update client data if it is going to be closed anyway.
|
|
Instead of letting ALSA block for us (and potentially allowing
something stupid on certain hardware or drivers), we do the
sleeping ourselves. We calculate the sleep to be a fraction of
period_time to avoid oversleeping (and thus audible skipping).
|
|
The writer can be far ahead of the reader during HTTP stalls; so
stop spamming the logs with this message.
|
|
client->fd becomes -1 when the client expires. Don't use FD_ISSET()
with this expired client; doing so would cause a crash due to SIGBUS.
|
|
Since client->fd==-1 has become our "expired" flag, it may already be
-1 when client_close() is called. Don't assert that it is still
non-negative, and call client_set_expired() instead.
|
|
The previous patch enabled these warnings. In Eric's branch, they
were worked around with a generic deconst_ptr() function. There are
several places where we can add "const" to pointers, and in others,
libraries want non-const strings. In the latter, convert string
literals to "static char[]" variables - this takes the same space, and
seems safer than deconsting a string literal.
|
|
print_playlist_result() had an assert(0) at the end, in case there was
an invalid result value. With NDEBUG, this resulted in a function not
returning a value - add a dummy "return -1" at the end to keep gcc
quiet.
|
|
String literals (including those defined in CPP macros) can be
concatenated at compile time. This saves some CPU cycles in
vsnprintf() at run time.
|
|
No protocol code in the audio output library.
|
|
The "volume" library shouldn't talk to the client. Move error
handling to command.c.
|
|
Move another ocurrence of error handling over to command.c.
|
|
This patch continues the work of the previous patch: don't pass a file
descriptor at all to traverseAllIn(). Since this fd was only used to
report "directory not found" errors, we can easily move that check to
the caller. This is a great relief, since it removes the dependency
on a client connection from a lot of enumeration functions.
|
|
Database traversal should be generic, and not bound to a client
connection. This is the first step: no file descriptor for the
callback functions forEachSong() and forEachDir(). If a callback
needs the file descriptor, it has to be passed in the void*data
pointer somehow; some callbacks might need a new struct for passing
more than one parameter. This might look a bit cumbersome right now,
but our goal is to have a clean API.
|
|
Continuing the effort of removing protocol specific calls from the
core libraries: let the command.c code call commandError() based on
PlaylistInfo's return value.
|
|
Return an "enum playlist_result" value instead of calling
commandError() in storedPlaylist.c.
|
|
The playlist library shouldn't talk to the client if possible.
Introduce the "enum playlist_result" type which the caller
(i.e. command.c) may use to generate an error message.
|
|
Make them both return void.
|
|
Client's input values should be validated by the command
implementation, and the core libraries shouldn't talk to the client
directly if possible. Thus, setPlaylistRepeatStatus() and
setPlaylistRandomStatus() don't get the file descriptor, and cannot
fail (return void).
|
|
When an error occurs after the file has been opened, the function will
never close the FILE object.
|
|
The "fspath" argument of writeStoredPlaylistToPath() must never be
NULL. There should be an assertion on that, instead of a run-time
check.
[ew: fspath => utf8path]
|
|
The function valid_playlist_name() checks the name, but it insists on
reporting an eventual error to the client. The new function
is_valid_playlist_name() is more generic: it just returns a boolean,
and does not care what the caller will use it for. The old function
valid_playlist_name() will be removed later.
|
|
The usual bunch of const pointer conversions.
|
|
With a large music database, the linear string collection in
tagTracker.c becomes very slow. We implemented that in a
quick'n'dirty fashion when we removed tree.c, and now we rewrite it
using the fast hashed string set.
|
|
Due to a minor typo, the string set had duplicate values, because
strset_add() didn't check the base slot properly.
|
|
"struct strset" is a hashed string set: you can add strings to this
library, and it stores them as a set of unique strings. You can get
the size of the set, and you can enumerate through all values.
This will be used to replace the linear tagTracker library.
|
|
The way we used non-blocking mode was HORRIBLE.
It was non-blocking to ALSA, but we end up blocking in a busy
loop that does absolutely NOTHING but retry. We don't check
for playback cancellation (like we do in decoders) or anything.
This is seriously broken and I can imagine it affects people on
fast CPUs more because we do asynchronous output buffering and
our ALSA device will always have data ready.
|
|
Print out {buffer,period}_{size,time}. Not sure if this
is going to help. I've been searching everywhere looking
for a possible clue as to what's causing the high CPU
usage problems...
Also, add device information to some messages I missed earlier.
|
|
|
|
Lets not use deprecated functions. It's apparently
possible to not care about the sw_params stuff at all!
|
|
This is safer than the patch in
http://www.musicpd.org/mantis/view.php?id=1542
with multiple audio outputs enabled.
Sadly, I only noticed that patch/problem when I googled for
"snd_config_update_free_global"
|
|
|
|
|
|
|
|
We never use it for anything anyways as we release the device
entirely on pause.
|
|
This saves me precious terminal space
|
|
|
|
That's the name of this project.
|
|
Apparently snd_pcm_hw_params_can_resume() can return false even
though my hardware does in fact support resuming. So stop
carrying that value in the canResume flag and just try to resume
when we're in the suspended state; falling back to
snd_pcm_prepare only if resuming fails. libao does something
similar on resume, too.
While we're at it, use the E() macro which will enable us to
have better error reporting.
|
|
Hibernating my laptop while MPD is playing results in ugliness
about "alsa device foo was suspend" constantly printed to the
logs.
|
|
Given the length of the ALSA command names, I only want
to see them once per-section of code, if at all...
|
|
When random is enabled and a user explicitly specifies
a certain song on the playlist should be played; we need
to re-randomize the internal ordering.
To reproduce this, assuming a four song playlist:
play <song_a>
next => <song_b>
next => <song_c>
next => <song_d>
play <song_a>
next => <song_b>
next => <song_c>
next => <song_d>
...
That is, the "next" command restarts song_{b,c,d} the second
time "play" starts playing song_a.
Thus, the second time "play" is called, the ordering of
song_{b,c,d} needs to be reshuffled.
Reported-by: Qball
|
|
Gah, it seems like doing sizeof here either way is error
prone. Too easy to leave out a '*' character we can
forget.
|