block: fix invalid memory access in block_Fifo(Count|Size)

The function remain fundamentally ToCToU-prone, but at least they now
follow the memory model.

diff --git a/include/vlc_block.h b/include/vlc_block.h
index 75f98ff4bd59bf3dad9356f9e84ebe53942efe69..34a107c7d9e16ce132f769610690c4a4169a86a1 100644 (file)
--- a/include/vlc_block.h
+++ b/include/vlc_block.h
@@ -315,7 +315,7 @@ VLC_API size_t block_FifoPut( block_fifo_t *, block_t * );
 VLC_API void block_FifoWake( block_fifo_t * );
 VLC_API block_t * block_FifoGet( block_fifo_t * ) VLC_USED;
 VLC_API block_t * block_FifoShow( block_fifo_t * );
-size_t block_FifoSize( const block_fifo_t *p_fifo ) VLC_USED;
-VLC_API size_t block_FifoCount( const block_fifo_t *p_fifo ) VLC_USED;
+size_t block_FifoSize(block_fifo_t *) VLC_USED;
+VLC_API size_t block_FifoCount(block_fifo_t *) VLC_USED;
 
 #endif /* VLC_BLOCK_H */

diff --git a/src/misc/block.c b/src/misc/block.c
index 3e953f167ab8f5d78aed4996b7f4dbf932ad99dc..0a408cc26d15766b7d531542638b7a36cd2f65b4 100644 (file)
--- a/src/misc/block.c
+++ b/src/misc/block.c
@@ -723,14 +723,24 @@ block_t *block_FifoShow( block_fifo_t *p_fifo )
     return b;
 }
 
-/* FIXME: not thread-safe */
-size_t block_FifoSize( const block_fifo_t *p_fifo )
+/* FIXME: not (really) thread-safe */
+size_t block_FifoSize (block_fifo_t *fifo)
 {
-    return p_fifo->i_size;
+    size_t size;
+
+    vlc_mutex_lock (&fifo->lock);
+    size = fifo->i_size;
+    vlc_mutex_unlock (&fifo->lock);
+    return size;
 }
 
-/* FIXME: not thread-safe */
-size_t block_FifoCount( const block_fifo_t *p_fifo )
+/* FIXME: not (really) thread-safe */
+size_t block_FifoCount (block_fifo_t *fifo)
 {
-    return p_fifo->i_depth;
+    size_t depth;
+
+    vlc_mutex_lock (&fifo->lock);
+    depth = fifo->i_depth;
+    vlc_mutex_unlock (&fifo->lock);
+    return depth;
 }