Andre Noll [Thu, 28 Dec 2017 14:52:31 +0000 (15:52 +0100)]
crypt: Rename RSA functions.
This renames the functions and constants of the public crypto API
which deal with RSA to have the common "apc" (asymmetric pubkey
cryptosystem) prefix. This hides RSA as an implementation detail
and makes it clear that the functions/constants are related to apc.
Pure renaming, no semantic change. The only other changes are a new
comment to crypt.h and a \ref statement in the doxygen comment of
apc_free_pubkey().
Andre Noll [Thu, 28 Dec 2017 00:41:14 +0000 (01:41 +0100)]
crypt: Deduplicate get_public_key().
The openssl and grypt implementations of this function share quite
some code. This patch factors out the common code into the new
decode_ssh_key() helper of crypt_common.c. Both implementations are
changed to call the new helper.
As a side effect of this change, all callers of is_ssh_rsa_key()
and check_ssh_key_header() now reside in crypt_common.c, so we can
make these two functions static and remove their declarations from
crypt_backend.h.
Andre Noll [Wed, 27 Dec 2017 20:59:33 +0000 (21:59 +0100)]
crypt.h: Remove two unused constants.
These should have been removed already last year in commit d9f54f43
(crypto: Remove support for ASN public keys), since that commit made
the constants obsolete.
Andre Noll [Wed, 27 Dec 2017 20:47:40 +0000 (21:47 +0100)]
Rename crypt.c -> openssl.c.
The old name made sense back when we had only one crypto backend. These
days paraslash can be compiled against either openssl or gcrypt,
so the new name makes it clear that the file is only compiled in if
the openssl library was selected as the crypto backend.
Andre Noll [Mon, 29 Jan 2018 22:21:11 +0000 (23:21 +0100)]
server: Avoid use of uninitialized memory.
change_current_mood() receives an errmsg pointer which the callers
expect to be initialized with an error string if (and only if) the
function returns negative.
However, most error paths miss to initialize the pointer which results
in undefined behaviour in the caller which attempts to free(3)
uninitialized memory. The gcc AddressSanitizer and valgrind both
catch this:
gcc:
==14788==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0x081af250 in thread T0
Andre Noll [Sun, 31 Dec 2017 20:56:35 +0000 (21:56 +0100)]
daemon: Fix log reload for relative paths.
If the argument to --logfile is a relative path, it is interpreted
as relative to the current working directory. In daemon mode, the
current working directory is changed to / during startup. Hence,
when para_server re-opens the log file after it received SIGHUP, the
logfile path will now be interpreted as relative to the the root of
the file system.
Fix this by remembering the original current working directory.
Opening "." as recommended in getcwd(3) is not an option here since the
whole point of changing the cwd to / is to prevent the daemon from
keeping the cwd busy.
Andre Noll [Sun, 31 Dec 2017 19:32:52 +0000 (20:32 +0100)]
Improve daemon_open_log_or_die().
If the log file can not be re-opened, the error message is lost
because the log file has already been closed when PARA_EMERG_LOG() is
called. We can do better by deferring the call to daemon_close_log()
until the new log file has been opened.
With the patch applied, the reason why the (new) log file could not
be opened is logged to the old file.
Andre Noll [Sun, 31 Dec 2017 19:27:57 +0000 (20:27 +0100)]
server: Close logfile later on SIGHUP.
The call to daemon_open_log_or_die() will close the log file just
before it is reopened. This is better because that way any errors
which occur in between won't get lost.
Andre Noll [Sun, 31 Dec 2017 15:27:25 +0000 (16:27 +0100)]
server: Simplify afs socket cookie code.
Currently, the afs_socket_cookie value is passed to afs_init() and
is stored in the commmand task structure of the afs process. This
is unnecessary since the variable defined in server.c is non-static,
and declared as extern in afs.c. We may thus refer to this variable
from afs.c.
The variable was also documented twice. Get rid of one comment.
Andre Noll [Tue, 30 Jan 2018 18:56:16 +0000 (19:56 +0100)]
mixer: Remove default moods for sleep.
The documented behavior of the sleep subcommand is to not fade out
if no fade out mood was given. The current code, however, tries to
switch to the default m/fade. This fails if this mood does not exist,
causing the sleep subcommand to terminate. By removing the default
value we get the documented behaviour.
The --fo-mood and --sleep-mood suffer from the same issue and can be
fixed in the same way.
Andre Noll [Thu, 11 Jan 2018 08:05:13 +0000 (09:05 +0100)]
build: Error out early if flex or bison are not found.
The configure script tests for these executables, but we happily
proceed even if they are not found. For the m4 executable we got
the check right, however. Introduce a general helper that calls
AC_PATH_PROG() to locate an executable and aborts if it is not found.
Andre Noll [Sat, 27 Jan 2018 11:08:04 +0000 (12:08 +0100)]
aft: Avoid implicit fallthrough in switch statement.
The missing return statement causes gcc-7 to complain:
aft.c:2579:3: warning: this statement may fall through [-Wimplicit-fallthrough=]
And indeed, this fall through was not intended when the code in
question was introduced some months ago in commit a7a8d30e (Update
status items on blob events).
The issue is benign though, because also after falling through we
return 0.
Andre Noll [Fri, 29 Dec 2017 14:08:15 +0000 (15:08 +0100)]
play: Print help text if no audio files are given.
This is more helpful than the lopsub error message. Since
handle_help_flags() already checked the arg count, the call to
lls_check_arg_count() can be removed.
Andre Noll [Sun, 14 Jan 2018 21:12:32 +0000 (22:12 +0100)]
play: Always check arg count and init keymap.
Currently we miss to do so if the config file does not exist or
is empty. This triggers the following assertion if, in addition,
no non-option arguments given:
This is because we try to allocate a zero sized buffer in main() due
to lls_num_inputs() returning 0. Fix this by changing the target of
the goto in handle_help_flags().
This bug was introduced during the conversion to lopsub.
Andre Noll [Sun, 31 Dec 2017 14:04:16 +0000 (15:04 +0100)]
Merge branch 'maint'
A conflict in init_random_seed_or_die() of gcrypt.c. The fix added
in the maint branch conflicted against the master branch which also
modified the function to bump the required libgcrypt version.
* maint:
resample filter: Don't discard const.
gcrypt: Seed PRNG in init_random_seed_or_die().
bash_completion: Get rid of weird retry logic.
Andre Noll [Fri, 29 Dec 2017 13:50:28 +0000 (14:50 +0100)]
resample filter: Don't discard const.
Newer versions of libsamplerate made the data_in pointer const. This
causes the following warning:
In file included from resample_filter.c:6:0:
/usr/local/include/samplerate.h:177:6: note: expected 'float *' but argument is of type 'const float *'
void src_short_to_float_array (const short *in, float *out, int len) ;
^
resample_filter.c:173:7: warning: passing argument 1 of 'free' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
In file included from para.h:11:0,
from resample_filter.c:10:
/usr/include/stdlib.h:460:13: note: expected 'void *' but argument is of type 'const float *'
extern void free (void *__ptr) __THROW;
The problem is that we first convert the input from int16 to float
and use the data_in pointer as the target for the conversion.
Fix this by introducing a temporary non-const variable for the
converted input.
Andre Noll [Thu, 16 Nov 2017 01:18:50 +0000 (02:18 +0100)]
crypt.c: Plug memory leak in get_public_key().
If server.users refers to an existing file which is not a ssh public
key, we leak 4 bytes of memory:
==27302== 4 bytes in 1 blocks are definitely lost in loss record 1 of 8
==27302== at 0x402C201: malloc (vg_replace_malloc.c:299)
==27302== by 0x8052FF3: para_malloc (string.c:63)
==27302== by 0x8066532: get_public_key (crypt.c:151)
==27302== by 0x80569D1: user_list_init (user_list.c:90)
==27302== by 0x804D74D: parse_config_or_die (server.c:279)
==27302== by 0x804C719: server_init (server.c:554)
==27302== by 0x804C719: main (server.c:655)
Andre Noll [Thu, 28 Dec 2017 15:48:48 +0000 (16:48 +0100)]
gcrypt: Seed PRNG in init_random_seed_or_die().
The function is supposed to call srandom(3) to set the seed for a new
sequence of pseudo-random integers to be returned by random(3). The
openssl crypto backend does this, but the gcrypt one does not.
This is not a fatal flaw as we don't use random(3) for any
cryptographic purpose. Let's fix it anyway.
Andre Noll [Sun, 5 Nov 2017 18:38:44 +0000 (19:38 +0100)]
bash_completion: Get rid of weird retry logic.
It's totally unclear what this is supposed to do, as the commit which
introduced it six years ago does not say anything about the space
character being the only "proper" value.
Removing the check fixes an issue that only happens on the first
completion attempt: if a unique completion is possible, the completer
prints this completion as if there were multiple completions possible
instead of completing the command line.
Andre Noll [Tue, 8 Aug 2017 11:08:27 +0000 (13:08 +0200)]
server: Disable com_tasks().
This server subcommand will break once we terminate the scheduler
before calling the command handler. The command was only a debugging
aid anyway, and the output was not very interesting to begin with. In
particular, it did not include the tasks of the afs process, and
always showed the same three tasks (command, vss and status).
We keep the subcommand for backward compatibility, but this commit
changes it to be a no-op. Scheduled for removal in v0.7.0.
Andre Noll [Mon, 7 Aug 2017 18:33:55 +0000 (20:33 +0200)]
server: Move afs_pid out of mmd struct.
The afs_pid variable is read-only after it has been initialized. Hence
it does not qualify for being part of the shared memory area which
contains the mmd struct. Make it a global variable instead.
Andre Noll [Sun, 6 Aug 2017 21:45:38 +0000 (23:45 +0200)]
server: Don't pass peername to handle_connect().
The only reason we pass it is that handle_connect() can print a
log message containing the peer name. However, we already log this
information right after the connection was accepted.
Andre Noll [Sun, 6 Aug 2017 14:26:14 +0000 (16:26 +0200)]
vss: Reduce indentation level in vss_send().
If the current chunk is not due yet, we return from the function.
Reversing the logic of the test allows to reduce indentation by
one level. No semantic change.
Andre Noll [Sun, 6 Aug 2017 12:21:15 +0000 (14:21 +0200)]
vss: Propagate return value of afh_get_chunk().
With dynamic chunks, afh_get_chunk() may fail. Currently
vss_get_chunk() prints an error message in this case and returns
the null pointer. However, some callers of vss_get_chunk() happily
dereference the returned pointer without checking for NULL.
This patch modifies vss_get_chunk() to return int and teaches all
callers to check the return value. For the udp and dccp transport,
we disable the fec client temporarily in the error case while for
the http transport we log the error (but otherwise ignore it), and
try to continue with the next chunk.
This flaw was noticed by the clang static analyzer.
Andre Noll [Mon, 14 Aug 2017 00:10:44 +0000 (02:10 +0200)]
fd.c: Change return value of file_exists() to bool.
file_exists() is in fact a misnomer, since it simply calls stat(2),
which may fail for many reasons besides ENOENT. But that's another
issue for another patch..
Andre Noll [Sun, 10 Sep 2017 12:15:50 +0000 (14:15 +0200)]
Shorten copyright notice.
The GPLv2 line does not add any additional information, so drop
it. This leaves a single line of legalese text for most files, which
is about the amount of screen real estate it deserves.
This patch was created with the following script (plus some manual
fixups):
awk '{
if (NR <= 5) {
gs = gensub(/.*Copyright.* ([0-9]+).*Andre Noll.*/, "\\1", "g")
if (gs != $0)
year = gs
next
}
if (NR == 6 && year != "")
printf("/* Copyright (C) %s Andre Noll <maan@tuebingen.mpg.de>, see file COPYING. */\n", year)
print
}'
Andre Noll [Sun, 10 Sep 2017 09:08:14 +0000 (11:08 +0200)]
Merge branch 'refs/heads/t/opus'
This series abstracts out the custom header concept of ogg/vorbis
streams and introduces a public API for it. The new API is employed
for ogg/opus streams to guarantee that fixed size audio format headers
are used for streaming.
Cooking for six weeks.
* refs/heads/t/opus:
opus_afh: Use custom header API to strip comment packet.
ogg: Abstract out custom header code.
Prefix public functions of ogg_afh_common.c with "oac".
afh_recv: Downgrade severity of log message.
Andre Noll [Sun, 3 Sep 2017 08:28:30 +0000 (10:28 +0200)]
Merge branch 'refs/heads/t/portable_io'
A small series with no user-visible impact. After this is merged,
no more casts are necessary for pointers passed to read_u*() and
write_u*() and their big-endian counterparts.
Cooking for five weeks.
* refs/heads/t/portable_io:
blob: Remove some unnecessary casts for arguments to read_u32().
crypt: Remove read_ssh_u32().
Let helpers in portable_io.h receive void * arguments.
Andre Noll [Fri, 11 Aug 2017 10:18:26 +0000 (12:18 +0200)]
audiod: Add log message for receiver errors.
If the receiver could not be opened, we return negative from
open_receiver() and audiod prints an error message which contains the
error string. However, this message is confusing because it does not
say that the error came from open_receiver(), much less which receiver
caused the error. The new log message should clarify this.
Andre Noll [Tue, 11 Jul 2017 14:08:32 +0000 (16:08 +0200)]
Version 2 moods.
This introduces a context-free grammar for moods. The parser for the
corresponding language (the version 2 mood parser) is generated by
flex and bison and will eventually replace the open-coded parser for
traditional (version 1) moods. Those are still supported, but the
server now logs a deprecation warning when a version 1 mood is loaded,
Loading a version 2 mood is a two step procedure. In the first step the
bison parser reads the mood definition stored in the moods table of the
afs database. If there are no errors, the parser returns an abstract
syntax tree which represents the syntactic structure of the mood
definition. In the second step the abstract syntax tree is evaluated
for each row of the audio file table in turn. If the evaluation
function returns true, the audio file is considered admissible. In
this case a reference to the row is added to the score table in the
same way the version 1 mood parser stores the set of admissible files.
The commit adds the following new files to the repository:
* yy/mp.lex: the lexer
* yy/mp.y: the bison parser
* yy/makefile: rules for building the parser, included from main Makefile
* mp.c: frontend (high-level API) and backend (helpers for yy/mp.[ch])
* mp.h: backend data structures and function prototypes
The frontend is only needed in the existing mood.c, which now also
contains the declarations of the frontend API so that mp.h needs only
be included by the lexer and the parser.
The comment at the top of mp.c gives an overview of the mood parser
API. All non-static functions of mp.c (both frontend and backend)
are fully documented. The section on moods of the user manual has
been rewritten and extended.
Since flex and bison are required to build para_server, the list
of optional software packages now mentions these tools, with links
to their home page. If either tool is not installed, the configure
script succeeds but para_server will not be built.
Andre Noll [Sun, 20 Aug 2017 13:54:25 +0000 (15:54 +0200)]
Merge branch 'refs/heads/t/si_update'
A single patch which teaches the afs event handler to trigger a status
item update when the image or lyrics table changes. This patch had a
bug which was only noticed after the branch had been merged to next.
Therefore the series contains a fixup commit.
Cooking for almost two months.
* refs/heads/t/si_update:
server: Avoid NULL pointer dereference in make_status_items().
Update status items on blob events.
Andre Noll [Sun, 30 Jul 2017 00:25:26 +0000 (02:25 +0200)]
Force status item update on mood/playlist changes.
This patch increments the mmd event counter whenever a new playlist
or mood is loaded. This instructs the stat command handlers to resend
the list of status items to all connected stat clients.
Andre Noll [Sun, 30 Jul 2017 00:04:47 +0000 (02:04 +0200)]
afs: Use correct error code for com_select().
If the argument does not start with "m/" or "p/" we have an invalid
argument rather than a syntax error. This removes the last user of
E_AFS_SYNTAX, so the error code can be removed as well.
Andre Noll [Sun, 9 Jul 2017 21:31:43 +0000 (23:31 +0200)]
mood.c: Don't try twice to activate an invalid mood.
(Re-)loading a mood by executing the "select" server command fails
if the mood definition is invalid. In this case we first try to
switch back to the old mood, and if this also fails, fall back to
the dummy mood.
If the mood which is currently active has been replaced by an invalid
mood, switching back to the old mood is pointless because this will
try to load the same invalid mood again.
This commit modifies the select callback to load the old mood only
if it is different from the new mood.
Andre Noll [Sun, 6 Aug 2017 12:05:36 +0000 (14:05 +0200)]
vss: Remove self-made prefaulting.
It used to help a bit on a very old laptop with broken IDE hardware,
see commit 7bba6232 (vss: Mmap audio files using MAP_POPULATE) from
six years ago. But even there it did not eliminate buffer underruns
completely. Our prefault code is too ugly to live, and its benefits
are questionable at best, so let's get rid of it.
We still map the audio file with MAP_POPOLATE, which should be enough
get the full audio file cached before chunks are sent.
Andre Noll [Sat, 5 Aug 2017 16:01:41 +0000 (18:01 +0200)]
build: Prefer AC_CHECK_TYPE() over AC_LINK_IFELSE().
Both invocations of AC_LINK_IFELSE() check if a C structure is
defined. We don't need to run the linker for that, saving a few cycles
on Linux systems where both structures are defined.
Andre Noll [Sun, 6 Aug 2017 13:13:04 +0000 (15:13 +0200)]
wma_afh: Add some assert() statements.
The clang static analyzer seems to have a hard time proving that if
convert_utf8_to_utf16() returns non-negative, the destination pointer
is non-null. This patch should help it.
Andre Noll [Sun, 6 Aug 2017 20:50:15 +0000 (22:50 +0200)]
server: Perform hostname lookup in client process.
When a connection arrives at the TCP command socket, the server process
looks up the remote name before it forks the child process. This is bad
because the server process can not afford to sleep, but name lookup may
take some time, for example if a DNS server is currently unavailable.
We may as well look up the hostname after the fork in the child
process, where blocking operations are not a problem.
Andre Noll [Sun, 6 Aug 2017 19:24:03 +0000 (21:24 +0200)]
server: Fix memory leak in com_check().
parse_mood_line() is called by the select command to set up a mood
item structure for each line of the mood definition. The item is stored
in one of the three lists of the mood structure provided by the caller.
The check command also calls parse_mood_line() to verify the mood
definitions. However, since it does not create a new mood, it does
not allocate a mood structure and passes a null pointer instead.
parse_mood_line() frees the mood item in the error case, but misses
to do so if a successfully parsed mood line was not added to any of
the three lists because the mood pointer is NULL, leaking the mood
item. This commit plugs the leak by adjusting the condition on which
to free the mood item.
This bug was introduced 10 years ago when mood checking was implemented
in commit 02baea14. It was found by code inspection.
Andre Noll [Mon, 7 Aug 2017 17:51:15 +0000 (19:51 +0200)]
server: Rename init_vss_task() to vss_init().
The function not only initializes the vss task but also the three
senders. Moreover, all other public functions of vss.c are also
prefixed with vss_. Finally, the new name is shorter.
Andre Noll [Mon, 7 Aug 2017 21:01:16 +0000 (23:01 +0200)]
server: Fix comment of empty_status_items().
The function is not "used by vss", it is not even visible from vss.c
as it is a static function defined in command.c. De-doxyfy the comment
while at it.
Andre Noll [Mon, 7 Aug 2017 17:17:42 +0000 (19:17 +0200)]
server: Kill two pointless variables in vss.c.
Both variables are set but never used. The two variables were
introduced back in the CVS days and have been pointless for the whole
git history since 2006.
Andre Noll [Fri, 28 Jul 2017 21:13:52 +0000 (23:13 +0200)]
Improve documentation of signal_init_or_die().
Prefix the reference to para_install_sighandler() with \ref to make
sure doxygen warns if the reference becomes stale, and fix the man
section of exit(): it is not a system call (but _exit() is).
Andre Noll [Sun, 30 Jul 2017 21:11:38 +0000 (23:11 +0200)]
stdin/stdout: Only set nonblock flags for non-tty fds.
Although the ->post_select methods of all paraslash executables perform
I/O only when select(2) reports that the file descriptor is ready,
we set the O_NONBLOCK flag for all monitored fds. This is considered
good practice because, in general, it might happen that a subsequent
read(2) call blocks even if select(2) indicates that the fd is ready
for reading. For example, an fd corresponding to a TCP socket might
be flagged as ready for reading if a network packet with incorrect
checksum has arrived, but a subsequent read(2) blocks until the packet
has been retransmitted.
However, stdin and stdout often correspond to a terminal device where
the above scenario won't happen. Moreover, for terminals it's essential
to reset the O_NONBLOCK flag to the old value on exit because the
shell refers to the same file description and thus shares the file
status flags, including O_NONBLOCK. Many terminal applications, for
example dialog(1), expect stdout to be set to blocking mode and fail
in arcane ways if O_NONBLOCK is set.
When the stdin and stdout tasks are about to exit, they reset the
file status flags back to the original values. However if "para_client
stat" is killed with SIGINT, SIGTERM or SIGKILL, or put to sleep with
SIGSTOP, the O_NONBLOCK flag remains set because para_client does not
handle signals at all. para_recv, para_filter and para_write suffer
from the same issue. Adding signal handling to these programs would
not help in the SIGSTOP case because this signal can not be caught.
This patch modifies stdin.c and stdout.c to no longer set O_NONBLOCK
for fd 0 and fd 1 if these fds are associated with a terminal
device. This is much easier and should do the job as well.
Andre Noll [Wed, 26 Jul 2017 18:45:27 +0000 (20:45 +0200)]
udp sender: Send EOF package only once.
We already have the per target ->sent_fec_eof flag, but we only set it
after the EOF packet was sent *successfully*. It's pointless to send
the packet more than once, so this patch modifies udp_close_target() to
set the flag regardless of whether the write(2) call succeeded.
Andre Noll [Mon, 24 Jul 2017 22:18:50 +0000 (00:18 +0200)]
server: Fix segfault in com_sender().
Commit 1709cc8f (server: Convert non-afs commands to lopsub) from
one year ago dropped the terminating NULL pointer from the array
of sender commands, presumably because the array size is declared
as the NUM_SENDER_CMDS enum constant, and this constant can be used
to iterate over all sender subcommands.
However, the loop in check_sender_args() of command.c does not
terminate the loop after NUM_SENDER_CMDS elements but only when it
encounters a NULL pointer. Hence, without the terminating NULL, the
code reads beyond the end of the array. The resulting invalid memory
access causes the command handler process to segfault.
Fix this by changing the termination condition of the loop to check
the loop variable against NUM_SENDER_CMDS.
Andre Noll [Mon, 24 Jul 2017 20:41:40 +0000 (22:41 +0200)]
mood.c: Fix documentation of int_sqrt().
As pointed out by Peter Zijlstra on lkml, int_sqrt() is not
rough nor any approximation; it calculates the exact value of
floor(sqrt()). Document this.
Andre Noll [Mon, 24 Jul 2017 20:10:42 +0000 (22:10 +0200)]
mood: Speed up int_sqrt().
Following a recent discussion on lkml, the choice of the initial
value for the square root is sub-optimal. The change introduced
in this commit was proposed by Peter Zijlstra who also measured a
significant speed improvement for both the hot and the cold cache case.
The speed improvements for the hot-cache case were confirmed on a
32 bit system by running a simple test program which calculates the
square root of 10000000 random numbers. With the new initial value,
the running time went down by 23%. This matters because when a new
mood is loaded, int_sqrt() is called four times per admissible file.
The new initial value is computed in terms of the position of the
most significant bit set in the given argument to int_sqrt(). While
ffs(3) (find first set bit) is in POSIX.1‐2008, there is no fls(3)
(find last set bit), so we have to introduce our own implementation.
We chose an open-coded version because this turned out to be faster
than reversing the bits and calling ffs(3).
Andre Noll [Mon, 24 Jul 2017 20:29:01 +0000 (22:29 +0200)]
mood: Add notice about int_sqrt().
While the algorithm probably predates Linux, the implementation was
copied from the Linux source tree in 2007. The commit which introduced
the function back then (f6f50d03, "Merge the new afs code.") should
have mentioned this.
De-doxify the function as it is static and hence not part of the html
generated by doxygen.
Andre Noll [Mon, 24 Jul 2017 15:26:44 +0000 (17:26 +0200)]
vss: Avoid use after free in vss_send().
In vss_send() we increment the current slice number for the fec
client after fc->send_fec() has sent a slice. This results in a use
after free in case of a write error because ->send_fec() frees the
fec client structure on write errors. Valgrind complains about this
with the splat below.
To avoid this, the fc pointer must not be dereferenced after
->send_fec() has been called. This patch increases the current slice
number *before* the call to ->send_fec(). This works because the fec
clients do not care about this number.
The bug was introduced eight years ago in commit 625c5cd (Add forward
error correction code to the udp sender/receiver).
==8615== Invalid read of size 1
==8615== at 0x805022B: vss_send (vss.c:1051)
==8615== by 0x805022B: vss_post_select (vss.c:1168)
==8615== by 0x8061DC7: call_post_select (sched.c:84)
==8615== by 0x8061DC7: sched_post_select (sched.c:110)
==8615== by 0x8061DC7: schedule (sched.c:163)
==8615== by 0x804CBFD: main (server.c:607)
==8615== Address 0x4670168 is 80 bytes inside a block of size 116 free'd
==8615== at 0x402D221: free (vg_replace_malloc.c:530)
==8615== by 0x8062D7C: udp_delete_target (udp_send.c:80)
==8615== by 0x80630DC: udp_send_fec (udp_send.c:305)
==8615== by 0x805022A: vss_send (vss.c:1049)
==8615== by 0x805022A: vss_post_select (vss.c:1168)
==8615== by 0x8061DC7: call_post_select (sched.c:84)
==8615== by 0x8061DC7: sched_post_select (sched.c:110)
==8615== by 0x8061DC7: schedule (sched.c:163)
==8615== by 0x804CBFD: main (server.c:607)
==8615== Block was alloc'd at
==8615== at 0x402C1F0: malloc (vg_replace_malloc.c:299)
==8615== by 0x8052D7E: para_malloc (string.c:67)
==8615== by 0x8052FBD: para_calloc (string.c:90)
==8615== by 0x804F48F: vss_add_fec_client (vss.c:686)
==8615== by 0x8063433: udp_com_add (udp_send.c:342)
==8615== by 0x8063688: udp_init_target_list (udp_send.c:395)
==8615== by 0x806371D: udp_send_init (udp_send.c:442)
==8615== by 0x805062A: init_vss_task (vss.c:1195)
==8615== by 0x804CA57: server_init (server.c:537)
==8615== by 0x804CA57: main (server.c:605)
Andre Noll [Mon, 17 Jul 2017 21:07:06 +0000 (23:07 +0200)]
opus_afh: Use custom header API to strip comment packet.
Currently we define the header of an ogg/opus file as the first two ogg
pages. This is problematic for two reasons: (a) the metadata packet
(ogg packet #2) may be arbitrary large and should not be sent over
the network as it is not needed for decoding the audio stream, and (b)
the second ogg page may contain, in addition to the metadata packet,
opus encoded audio packets which should not be part of the header.
This patch employs the recently added custom header API to avoid both
problems in the same way the ogg/vorbis audio format handler does:
we create a custom header which contains the unmodified ID header
packet and a dummy metadata packet.
Andre Noll [Mon, 17 Jul 2017 23:02:50 +0000 (01:02 +0200)]
ogg: Abstract out custom header code.
The ogg/vorbis audio format handler employs the callback mechanism of
oac_get_file_info() to replace the metadata packet of an ogg/vorbis
stream by a fixed sized dummy packet. The same approach should also be
used for the ogg/opus audio format handler because ogg/opus metadata
can be arbitrary large too.
As a preparation for modifying the ogg/opus audio format
handler to skip the metadata header in this way, this commit
makes the infrastructure available to all audio format handlers
which employ the ogg container format by providing a public
interface in ogg_afh_common.c. The central data structure is struct
oac_custom_header, which replaces the former vorbis_get_header_data
structure. The layout of the new structure is only known to
ogg_afh_common.c. Users of this API need to call the accessor functions
declared in ogg_afh_common.h.
Only the ogg/vorbis audio format handler is converted to the new API.
A subsequent patch will make the ogg/opus audio format handler the
second user.