summaryrefslogtreecommitdiffstats
path: root/stream
diff options
context:
space:
mode:
authorwm4 <wm4@nowhere>2019-09-18 20:47:40 +0200
committerwm4 <wm4@nowhere>2019-09-18 20:47:40 +0200
commitb04ddcdc0b24c8d594bcb001c964035aa7ebd008 (patch)
tree508007f6a17621b9257f579b323f1ac2f78d0ef4 /stream
parentfa0a905ea07bd5691b8853806bae550749e47d30 (diff)
downloadmpv-b04ddcdc0b24c8d594bcb001c964035aa7ebd008.tar.bz2
mpv-b04ddcdc0b24c8d594bcb001c964035aa7ebd008.tar.xz
stream: stop randomly corrupting memory
The intent of the line above the modified one code was raising the amount of read data, so that many stream_peek() calls with small len values would not degrade performance by effectively turning every stream_peak() into an unbuffered read call to the stream implementation. So this confusing looking MPMAX() was correct, but "chunk" could still get beyond the buffer. So just fix that and limit "chunk" correctly. I'm not sure whether the commit referenced below accidentally removed some intricate guarantee that this couldn't happen, since the code was around since 2013. It could have relied on TOTAL_BUFFER_SIZE > STREAM_BUFFER_SIZE. But not sure. I've rewritten all this code in my own branch a year ago, so who knows. Fixes: 162e0f5ad92116d Fixes: #6948
Diffstat (limited to 'stream')
-rw-r--r--stream/stream.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/stream/stream.c b/stream/stream.c
index c318554feb..1f50c70344 100644
--- a/stream/stream.c
+++ b/stream/stream.c
@@ -402,7 +402,8 @@ struct bstr stream_peek(stream_t *s, int len)
// Fill rest of the buffer.
while (buf_valid < len) {
int chunk = MPMAX(len - buf_valid, STREAM_BUFFER_SIZE);
- assert(buf_valid + chunk <= TOTAL_BUFFER_SIZE);
+ if (buf_valid + chunk > TOTAL_BUFFER_SIZE)
+ chunk = TOTAL_BUFFER_SIZE - buf_valid;
int read = stream_read_unbuffered(s, &s->buffer[buf_valid], chunk);
if (read == 0)
break; // EOF