aboutsummaryrefslogtreecommitdiffstats
path: root/src (unfollow)
Commit message (Collapse)AuthorFilesLines
2008-09-17mp3: fix buffer overflow when max_frames is too largeMax Kellermann1-0/+5
The function decodeFirstFrame() allocates memory based on data from the mp3 header. This can make the buffer size allocation overflow, or lead to a DoS attack with a very large buffer. Cap this buffer at 8 million frames, which should really be enough for reasonable files.
2008-09-17client: check expired after client_process_line()Max Kellermann1-1/+2
The assertion on "!client_is_expired(client)" was wrong, because writing the command response may cause the client to become expired. Replace that assertion with a check.
2008-09-12mp4: fix potential integer overflow bug in the mp4_decode() functionTerry1-0/+7
A crafted mp4 file could cause an integer overflow in mp4_decode function in src/inputPlugins/mp4_plugin.c. mp4ff_num_samples() function returns some tainted value. sizeof(float) * numSamples is an integer overflow operation if numSamples is too huge, so xmalloc will allocate a small memory region. I constructe a mp4 file, and use faad2 to open the file. mp4ff_num_samples() returns -1. So I think mpd bears from the same problem.
2008-09-12client: shorten names of the struct client variablesEric Wong1-210/+209
Seeing the token "client" repeatedly in the same blocks of code adds to mental fatigue and makes it harder to follow code because there's fewer unique tokens to distinguish. "cl" is unique within mpd and conveys enough information to be useful to anybody reading the code.
2008-09-10client: simplified client_read()Max Kellermann1-3/+5
Remove one comparison by changing branch order.
2008-09-10client: client_input_received() returns 0Max Kellermann1-4/+2
Since the caller chain doesn't care about the return value (except for COMMAND_RETURN_KILL, COMMAND_RETURN_CLOSE), just return 0 if there is nothing special. This saves one local variable initialization, and one access to it. Also remove one unreachable "return 1" from client_read().
2008-09-10client: check for COMMAND_RETURN_CLOSEMax Kellermann1-15/+14
Don't close the client within client_process_line(), return COMMAND_RETURN_CLOSE instead. This is the signal for the caller chain to actually close it. This makes dealing with the client pointer a lot safer, since the caller always knows whether it is still valid.
2008-09-10client: renamed local variable "selret" to "ret"Max Kellermann1-4/+5
It's easier to reuse the variable if it has a more generic name.
2008-09-10client: moved CLOSE/KILL check after client_process_line()Max Kellermann1-4/+3
Don't update client data if it is going to be closed anyway.
2008-09-10alsa: re-enable-nonblocking, but sleep if busyEric Wong1-7/+9
Instead of letting ALSA block for us (and potentially allowing something stupid on certain hardware or drivers), we do the sleeping ourselves. We calculate the sleep to be a fraction of period_time to avoid oversleeping (and thus audible skipping).
2008-09-09metadata_pipe: kill "writer is ahead of reader" messageEric Wong1-4/+1
The writer can be far ahead of the reader during HTTP stalls; so stop spamming the logs with this message.
2008-09-09client: don't check FD_ISSET(client->fd) on expired clientMax Kellermann1-1/+2
client->fd becomes -1 when the client expires. Don't use FD_ISSET() with this expired client; doing so would cause a crash due to SIGBUS.
2008-09-09client: removed assert(client->fd)>=0Max Kellermann1-4/+2
Since client->fd==-1 has become our "expired" flag, it may already be -1 when client_close() is called. Don't assert that it is still non-negative, and call client_set_expired() instead.
2008-09-09fix -Wcast-qual -Wwrite-strings warningsMax Kellermann5-27/+42
The previous patch enabled these warnings. In Eric's branch, they were worked around with a generic deconst_ptr() function. There are several places where we can add "const" to pointers, and in others, libraries want non-const strings. In the latter, convert string literals to "static char[]" variables - this takes the same space, and seems safer than deconsting a string literal.
2008-09-09playlist: return -1 after assert(0)Max Kellermann1-0/+1
print_playlist_result() had an assert(0) at the end, in case there was an invalid result value. With NDEBUG, this resulted in a function not returning a value - add a dummy "return -1" at the end to keep gcc quiet.
2008-09-09command: concatenate strings at compile timeMax Kellermann1-27/+33
String literals (including those defined in CPP macros) can be concatenated at compile time. This saves some CPU cycles in vsnprintf() at run time.
2008-09-09audio: don't pass "fd" to {en,dis}ableAudioDevice()Max Kellermann3-18/+21
No protocol code in the audio output library.
2008-09-09volume: don't pass "fd" to changeVolumeLevel()Max Kellermann3-21/+26
The "volume" library shouldn't talk to the client. Move error handling to command.c.
2008-09-09directory: printDirectoryInfo() does not call commandError()Max Kellermann2-4/+4
Move another ocurrence of error handling over to command.c.
2008-09-09directory: don't pass fd to traverseAllIn()Max Kellermann6-32/+69
This patch continues the work of the previous patch: don't pass a file descriptor at all to traverseAllIn(). Since this fd was only used to report "directory not found" errors, we can easily move that check to the caller. This is a great relief, since it removes the dependency on a client connection from a lot of enumeration functions.
2008-09-09directory: don't pass fd to traverseAllIn() callbacksMax Kellermann4-51/+81
Database traversal should be generic, and not bound to a client connection. This is the first step: no file descriptor for the callback functions forEachSong() and forEachDir(). If a callback needs the file descriptor, it has to be passed in the void*data pointer somehow; some callbacks might need a new struct for passing more than one parameter. This might look a bit cumbersome right now, but our goal is to have a clean API.
2008-09-09playlist: PlaylistInfo() does not call commandError()Max Kellermann2-6/+15
Continuing the effort of removing protocol specific calls from the core libraries: let the command.c code call commandError() based on PlaylistInfo's return value.
2008-09-09playlist: don't pass "fd" to storedPlaylist.c functionsMax Kellermann6-150/+126
Return an "enum playlist_result" value instead of calling commandError() in storedPlaylist.c.
2008-09-09playlist: don't pass "fd" to playlist.c functionsMax Kellermann4-185/+245
The playlist library shouldn't talk to the client if possible. Introduce the "enum playlist_result" type which the caller (i.e. command.c) may use to generate an error message.
2008-09-09playlist: showPlaylist() and shufflePlaylist() cannot failMax Kellermann3-10/+8
Make them both return void.
2008-09-09playlist: moved "repeat" and "random" value checks to command.cMax Kellermann3-24/+26
Client's input values should be validated by the command implementation, and the core libraries shouldn't talk to the client directly if possible. Thus, setPlaylistRepeatStatus() and setPlaylistRandomStatus() don't get the file descriptor, and cannot fail (return void).
2008-09-09playlist: fix FILE* leak in appendSongToStoredPlaylistByPath()Max Kellermann1-0/+2
When an error occurs after the file has been opened, the function will never close the FILE object.
2008-09-09playlist: replaced run-time check with assertionMax Kellermann1-1/+3
The "fspath" argument of writeStoredPlaylistToPath() must never be NULL. There should be an assertion on that, instead of a run-time check. [ew: fspath => utf8path]
2008-09-09playlist: added is_valid_playlist_name()Max Kellermann2-3/+10
The function valid_playlist_name() checks the name, but it insists on reporting an eventual error to the client. The new function is_valid_playlist_name() is more generic: it just returns a boolean, and does not care what the caller will use it for. The old function valid_playlist_name() will be removed later.
2008-09-09dbUtils, playlist, directory: pass constant pointersMax Kellermann6-37/+38
The usual bunch of const pointer conversions.
2008-09-09use strset.h instead of tagTracker.hMax Kellermann6-173/+84
With a large music database, the linear string collection in tagTracker.c becomes very slow. We implemented that in a quick'n'dirty fashion when we removed tree.c, and now we rewrite it using the fast hashed string set.
2008-09-09strset: fix duplicate valuesMax Kellermann1-1/+1
Due to a minor typo, the string set had duplicate values, because strset_add() didn't check the base slot properly.
2008-09-09added string set libraryMax Kellermann3-0/+195
"struct strset" is a hashed string set: you can add strings to this library, and it stores them as a set of unique strings. You can get the size of the set, and you can enumerate through all values. This will be used to replace the linear tagTracker library.
2008-09-08alsa: use blocking instead of non-blocking writeEric Wong1-1/+6
The way we used non-blocking mode was HORRIBLE. It was non-blocking to ALSA, but we end up blocking in a busy loop that does absolutely NOTHING but retry. We don't check for playback cancellation (like we do in decoders) or anything. This is seriously broken and I can imagine it affects people on fast CPUs more because we do asynchronous output buffering and our ALSA device will always have data ready.
2008-09-08alsa: show more debugging informationEric Wong1-10/+14
Print out {buffer,period}_{size,time}. Not sure if this is going to help. I've been searching everywhere looking for a possible clue as to what's causing the high CPU usage problems... Also, add device information to some messages I missed earlier.
2008-09-08alsa: cleanup the mmap logic a bitEric Wong1-8/+6
2008-09-08alsa: snd_pcm_sw_params_set_xfer_align is deprecatedEric Wong1-3/+0
Lets not use deprecated functions. It's apparently possible to not care about the sw_params stuff at all!
2008-09-07alsa: only run snd_config_update_free_global once atexitEric Wong1-3/+7
This is safer than the patch in http://www.musicpd.org/mantis/view.php?id=1542 with multiple audio outputs enabled. Sadly, I only noticed that patch/problem when I googled for "snd_config_update_free_global"
2008-09-07alsa: move bitformat reading code out of the wayEric Wong1-16/+12
2008-09-07alsa: always print the period_time we setEric Wong1-2/+1
2008-09-07alsa: avoid unnecessary heap usage if we don't set a device nameEric Wong1-11/+12
2008-09-07alsa: get rid of the needless canPause flagEric Wong1-3/+0
We never use it for anything anyways as we release the device entirely on pause.
2008-09-07alsa: avoid reassigning ad->writeiEric Wong1-7/+4
This saves me precious terminal space
2008-09-07alsa: add reasoning for the non-portable macroEric Wong1-0/+2
2008-09-07alsa: capitalize "ALSA" consistently in messagesEric Wong1-16/+9
That's the name of this project.
2008-09-07alsa: optimistically try resuming from suspendEric Wong1-11/+12
Apparently snd_pcm_hw_params_can_resume() can return false even though my hardware does in fact support resuming. So stop carrying that value in the canResume flag and just try to resume when we're in the suspended state; falling back to snd_pcm_prepare only if resuming fails. libao does something similar on resume, too. While we're at it, use the E() macro which will enable us to have better error reporting.
2008-09-07alsa: extra debugging outputs to fix suspend/hibernateEric Wong1-3/+9
Hibernating my laptop while MPD is playing results in ugliness about "alsa device foo was suspend" constantly printed to the logs.
2008-09-07alsa: cleanup debug assignment of the "cmd" variableEric Wong1-66/+50
Given the length of the ALSA command names, I only want to see them once per-section of code, if at all...
2008-09-07playlist: re-randomize when explicitly playing a new songEric Wong1-0/+1
When random is enabled and a user explicitly specifies a certain song on the playlist should be played; we need to re-randomize the internal ordering. To reproduce this, assuming a four song playlist: play <song_a> next => <song_b> next => <song_c> next => <song_d> play <song_a> next => <song_b> next => <song_c> next => <song_d> ... That is, the "next" command restarts song_{b,c,d} the second time "play" starts playing song_a. Thus, the second time "play" is called, the ordering of song_{b,c,d} needs to be reshuffled. Reported-by: Qball
2008-09-05tag: oops, of course items is now ** and not *Eric Wong1-2/+2
Gah, it seems like doing sizeof here either way is error prone. Too easy to leave out a '*' character we can forget.