[udp_send] Refuse to stream files with invalid chunk tables.
authorAndre Noll <maan@systemlinux.org>
Thu, 23 Apr 2009 15:18:03 +0000 (17:18 +0200)
committerAndre Noll <maan@systemlinux.org>
Thu, 23 Apr 2009 15:18:03 +0000 (17:18 +0200)
If an audio file contains a chunk so large that even the maximal
possible number of slices is not sufficient to put this chunk into
a single FEC group, we must refuse to send this file. It's likely a
corrupt file anyway.

The old code in num_slices() was buggy as it returned the number of
slices needed to send the file as an uint8_t, so the return value
was actually the number of needed slices mod 256. This could trigger
the assert() in setup_next_fec_group() which checks that the group
contains at least one chunk.

This patch changes num_slices() to detect this situation more
reliably. As it is likely caused by a bad audio file rather than by a
networking problem, we do _not_ kick the fec client, but deactivate
it for the current file only. This requires the new "error" member
of struct fec_client which indicates a temporarily disabled fec client.

error.h
vss.c

diff --git a/error.h b/error.h
index 94a4120..17f3703 100644 (file)
--- a/error.h
+++ b/error.h
@@ -347,6 +347,7 @@ extern const char **para_errlist[];
 
 #define VSS_ERRORS \
        PARA_ERROR(NOFD, "did not receive open fd from afs"), \
+       PARA_ERROR(BAD_CT, "invalid chunk table or bad FEC configuration")
 
 
 #define CRYPT_ERRORS \
diff --git a/vss.c b/vss.c
index 10780cb..6304fc5 100644 (file)
--- a/vss.c
+++ b/vss.c
@@ -124,13 +124,15 @@ struct fec_group {
        /** The group duration divided by the number of slices. */
        struct timeval slice_duration;
        /** Group contains the audio file header that occupies that many slices. */
-       unsigned num_header_slices;
+       uint8_t num_header_slices;
 };
 
 /**
  * Describes one connected FEC client.
  */
 struct fec_client {
+       /** If negative, this client is temporarily disabled. */
+       int error;
        /** Parameters requested by the client. */
        struct fec_client_parms *fcp;
        /** Used by the core FEC code. */
@@ -215,15 +217,24 @@ static int need_audio_header(struct fec_client *fc, struct vss_task *vsst)
        return 1;
 }
 
-static uint8_t num_slices(long unsigned bytes, struct fec_client *fc)
+static int num_slices(long unsigned bytes, struct fec_client *fc, uint8_t *result)
 {
-       uint16_t m = fc->fcp->max_slice_bytes - FEC_HEADER_SIZE;
-       return (bytes + m - 1) / m;
+       unsigned long m = fc->fcp->max_slice_bytes - FEC_HEADER_SIZE;
+       unsigned rv, redundant_slices = fc->fcp->slices_per_group
+               - fc->fcp->data_slices_per_group;
+
+       if (!m)
+               return -E_BAD_CT;
+       rv = (bytes + m - 1) / m;
+       if (rv + redundant_slices > 255)
+               return -E_BAD_CT;
+       *result = rv;
+       return 1;
 }
 
 static int setup_next_fec_group(struct fec_client *fc, struct vss_task *vsst)
 {
-       int i, k, data_slices;
+       int ret, i, k, data_slices;
        size_t len;
        const char *buf, *start_buf;
        struct timeval tmp, *chunk_tv = vss_chunk_time();
@@ -236,12 +247,15 @@ static int setup_next_fec_group(struct fec_client *fc, struct vss_task *vsst)
        if (fc->first_stream_chunk < 0) {
                uint32_t largest = afh_get_largest_chunk_size(&mmd->afd.afhi)
                        + vsst->header_len;
-               uint8_t needed = num_slices(largest, fc), want;
+               uint8_t needed, want;
+
+               ret = num_slices(largest, fc, &needed);
+               if (ret < 0)
+                       return ret;
                if (needed > fc->fcp->data_slices_per_group)
                        PARA_WARNING_LOG("fec parms insufficient for this audio file\n");
                want = PARA_MAX(needed, fc->fcp->data_slices_per_group);
                if (want != k) {
-                       int ret;
                        fec_free(fc->parms);
                        fc->src_data = para_realloc(fc->src_data, want * sizeof(char *));
                        ret = fec_new(want, want + fc->fcp->slices_per_group
@@ -266,9 +280,11 @@ static int setup_next_fec_group(struct fec_client *fc, struct vss_task *vsst)
        }
        if (g->first_chunk >= mmd->afd.afhi.chunks_total)
                return 0;
-       if (need_audio_header(fc, vsst))
-               g->num_header_slices = num_slices(vsst->header_len, fc);
-       else
+       if (need_audio_header(fc, vsst)) {
+               ret = num_slices(vsst->header_len, fc, &g->num_header_slices);
+               if (ret < 0)
+                       return ret;
+       } else
                g->num_header_slices = 0;
        afh_get_chunk(g->first_chunk, &mmd->afd.afhi, vsst->map, &start_buf,
                &len);
@@ -338,11 +354,18 @@ static int setup_next_fec_group(struct fec_client *fc, struct vss_task *vsst)
 
 static int compute_next_fec_slice(struct fec_client *fc, struct vss_task *vsst)
 {
+       assert(fc->error >= 0);
        if (fc->first_stream_chunk < 0 || fc->current_slice_num
                        == fc->fcp->slices_per_group + fc->num_extra_slices) {
                int ret = setup_next_fec_group(fc, vsst);
-               if (ret <= 0)
-                       return ret;
+               if (ret == 0)
+                       return 0;
+               if (ret < 0) {
+                       PARA_ERROR_LOG("%s\n", para_strerror(-ret));
+                       PARA_ERROR_LOG("FEC client temporarily disabled\n");
+                       fc->error = ret;
+                       return fc->error;
+               }
        }
        write_fec_header(fc, vsst);
        fec_encode(fc->parms, fc->src_data, fc->enc_buf + FEC_HEADER_SIZE,
@@ -447,6 +470,8 @@ static void compute_slice_timeout(struct timeval *timeout)
        list_for_each_entry(fc, &fec_client_list, node) {
                struct timeval diff;
 
+               if (fc->error < 0)
+                       continue;
                if (next_slice_is_due(fc, &diff)) {
                        timeout->tv_sec = 0;
                        timeout->tv_usec = 0;
@@ -468,6 +493,9 @@ static void set_eof_barrier(struct vss_task *vsst)
                goto out;
        list_for_each_entry(fc, &fec_client_list, node) {
                struct timeval group_duration;
+
+               if (fc->error < 0)
+                       continue;
                tv_scale(fc->group.num_chunks, chunk_tv, &group_duration);
                if (tv_diff(&timeout, &group_duration, NULL) < 0)
                        timeout = group_duration;
@@ -665,8 +693,10 @@ static void vss_pre_select(struct sched *s, struct task *t)
                for (i = 0; senders[i].name; i++)
                        if (senders[i].shutdown_clients)
                                senders[i].shutdown_clients();
-               list_for_each_entry_safe(fc, tmp, &fec_client_list, node)
+               list_for_each_entry_safe(fc, tmp, &fec_client_list, node) {
                        fc->first_stream_chunk = -1;
+                       fc->error = 0;
+               }
                mmd->stream_start.tv_sec = 0;
                mmd->stream_start.tv_usec = 0;
        }
@@ -809,6 +839,8 @@ static void vss_send(struct vss_task *vsst)
                        &due, 1) < 0)
                return;
        list_for_each_entry_safe(fc, tmp_fc, &fec_client_list, node) {
+               if (fc->error < 0)
+                       continue;
                if (!next_slice_is_due(fc, NULL))
                        continue;
                if (compute_next_fec_slice(fc, vsst) <= 0)