free( buf );
if( ret != enclen )
{
- msg_Err( p_thread, errmsg );
+ msg_Err( p_thread, "%s", errmsg );
return 0;
}
return 1;
/* Build bytes read packet */
rtmp_body = rtmp_body_new( -1 );
- tmp_buffer = (uint8_t *) malloc( sizeof( uint32_t ) * sizeof( uint8_t ) );
+ tmp_buffer = (uint8_t *) malloc( sizeof( uint32_t ) );
if( !tmp_buffer ) return NULL;
reply = hton32( reply );
return rtmp_packet;
}
+/* This function must be cancellation-safe! */
rtmp_packet_t *
rtmp_read_net_packet( rtmp_control_thread_t *p_thread )
{
int length_header;
int stream_index;
- int bytes_left;
+ size_t bytes_left;
uint8_t p_read[12];
rtmp_packet_t *header;
ssize_t i_ret;
if( i_ret != 1 )
goto error;
- length_header = rtmp_decode_header_size( (vlc_object_t *) p_thread,
+ length_header = rtmp_decode_header_size( VLC_OBJECT(p_thread),
p_read[0] & RTMP_HEADER_SIZE_MASK );
stream_index = p_read[0] & RTMP_HEADER_STREAM_INDEX_MASK;
header = p_thread->rtmp_headers_recv+stream_index;
i_ret = net_Read( p_thread, p_thread->fd, NULL,
header->body->body + header->body->length_body, bytes_left, true );
- if( i_ret != bytes_left )
+ if( i_ret != (ssize_t)bytes_left )
goto error;
header->body->length_body += bytes_left;
if( header->length_body == header->body->length_body )
{
rtmp_packet_t *rpkt = (rtmp_packet_t*)malloc(sizeof(rtmp_packet_t));
- if( !rpkt ) goto error;
+ if( !rpkt ) return NULL;
rpkt->stream_index = stream_index;
rpkt->timestamp = header->timestamp;
i++; /* Pass over AMF_DATATYPE_STRING */
string = amf_decode_string( &i );
+ if( !string )
+ {
+ msg_Err(p_thread,"Seriously broken stream");
+ return;
+ }
i++; /* Pass over AMF_DATATYPE_NUMBER */
number = amf_decode_number( &i );
msg_Dbg( p_thread, "key: %s value: %s", string, string2 );
if( strcmp( "code", string ) == 0 )
{
+#warning Locking bugs here.
if( strcmp( "NetConnection.Connect.Success", string2 ) == 0 )
{
p_thread->result_connect = 0;
}
else if( strcmp( "NetConnection.Connect.InvalidApp", string2 ) == 0 )
{
- p_thread->b_die = 1;
-
vlc_mutex_lock( &p_thread->lock );
vlc_cond_signal( &p_thread->wait );
vlc_mutex_unlock( &p_thread->lock );
length = ntoh16( *(uint16_t *) *buffer );
*buffer += sizeof( uint16_t );
+#error This size is wrong and breaks just about everything.
+ if( length > sizeof( *buffer ) / sizeof( uint8_t ))
+ return NULL;
+
out = (char *) malloc( length + 1 ); /* '\0' terminated */
if( !out ) return NULL;