From 213e4d2dcc9c6eabc5dd47a3a955d914a5942999 Mon Sep 17 00:00:00 2001 From: Thibaut Mattern Date: Fri, 25 Apr 2003 21:46:49 +0000 Subject: Invalid packet length detection. Now detects an error with these streams: mmst://sr-wm.qbrick.com/02038_p1-wm-High mmst://sr-wm.qbrick.com/02038_p2-musik-wm-High (It fixes the deadlock) CVS patchset: 4678 CVS date: 2003/04/25 21:46:49 --- src/input/mms.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/input/mms.c b/src/input/mms.c index db549948b..d5d58c1e9 100644 --- a/src/input/mms.c +++ b/src/input/mms.c @@ -17,7 +17,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA * - * $Id: mms.c,v 1.23 2003/04/13 16:34:51 miguelfreitas Exp $ + * $Id: mms.c,v 1.24 2003/04/25 21:46:49 tmattern Exp $ * * based on work from major mms * utility functions to handle communication with an mms server @@ -381,11 +381,12 @@ static int get_answer (mms_t *this) { int command = 0x1b; while (command == 0x1b) { - int len, length; + int len; + uint32_t length; len = xine_read_abort (this->stream, this->s, this->buf, 12); if (len != 12) { - printf ("\nalert! eof\n"); + printf ("\nlibmms: alert! eof\n"); return 0; } @@ -394,10 +395,14 @@ static int get_answer (mms_t *this) { #ifdef LOG printf ("\n\npacket length: %d\n", length); #endif - + if (length > (BUF_SIZE - 12)) { + printf ("libmms: invalid packet length: %d\n", length); + return 0; + } + len = xine_read_abort (this->stream, this->s, this->buf+12, length+4) ; if (len<=0) { - printf ("alert! eof\n"); + printf ("libmms: alert! eof\n"); return 0; } -- cgit v1.2.3