various security fixes and precautionary checks
[libav.git] / libavformat / aviobuf.c
1 /*
2 * Buffered I/O for ffmpeg system
3 * Copyright (c) 2000,2001 Fabrice Bellard
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 #include "avformat.h"
20 #include "avio.h"
21 #include <stdarg.h>
22
23 #define IO_BUFFER_SIZE 32768
24
25 int init_put_byte(ByteIOContext *s,
26 unsigned char *buffer,
27 int buffer_size,
28 int write_flag,
29 void *opaque,
30 int (*read_packet)(void *opaque, uint8_t *buf, int buf_size),
31 int (*write_packet)(void *opaque, uint8_t *buf, int buf_size),
32 int (*seek)(void *opaque, offset_t offset, int whence))
33 {
34 s->buffer = buffer;
35 s->buffer_size = buffer_size;
36 s->buf_ptr = buffer;
37 s->write_flag = write_flag;
38 if (!s->write_flag)
39 s->buf_end = buffer;
40 else
41 s->buf_end = buffer + buffer_size;
42 s->opaque = opaque;
43 s->write_packet = write_packet;
44 s->read_packet = read_packet;
45 s->seek = seek;
46 s->pos = 0;
47 s->must_flush = 0;
48 s->eof_reached = 0;
49 s->error = 0;
50 s->is_streamed = 0;
51 s->max_packet_size = 0;
52 s->update_checksum= NULL;
53 return 0;
54 }
55
56
57 #ifdef CONFIG_ENCODERS
58 static void flush_buffer(ByteIOContext *s)
59 {
60 if (s->buf_ptr > s->buffer) {
61 if (s->write_packet && !s->error){
62 int ret= s->write_packet(s->opaque, s->buffer, s->buf_ptr - s->buffer);
63 if(ret < 0){
64 s->error = ret;
65 }
66 }
67 if(s->update_checksum){
68 s->checksum= s->update_checksum(s->checksum, s->checksum_ptr, s->buf_ptr - s->checksum_ptr);
69 s->checksum_ptr= s->buffer;
70 }
71 s->pos += s->buf_ptr - s->buffer;
72 }
73 s->buf_ptr = s->buffer;
74 }
75
76 void put_byte(ByteIOContext *s, int b)
77 {
78 *(s->buf_ptr)++ = b;
79 if (s->buf_ptr >= s->buf_end)
80 flush_buffer(s);
81 }
82
83 void put_buffer(ByteIOContext *s, const unsigned char *buf, int size)
84 {
85 int len;
86
87 while (size > 0) {
88 len = (s->buf_end - s->buf_ptr);
89 if (len > size)
90 len = size;
91 memcpy(s->buf_ptr, buf, len);
92 s->buf_ptr += len;
93
94 if (s->buf_ptr >= s->buf_end)
95 flush_buffer(s);
96
97 buf += len;
98 size -= len;
99 }
100 }
101
102 void put_flush_packet(ByteIOContext *s)
103 {
104 flush_buffer(s);
105 s->must_flush = 0;
106 }
107 #endif //CONFIG_ENCODERS
108
109 offset_t url_fseek(ByteIOContext *s, offset_t offset, int whence)
110 {
111 offset_t offset1;
112
113 if (whence != SEEK_CUR && whence != SEEK_SET)
114 return -EINVAL;
115
116 #ifdef CONFIG_ENCODERS
117 if (s->write_flag) {
118 if (whence == SEEK_CUR) {
119 offset1 = s->pos + (s->buf_ptr - s->buffer);
120 if (offset == 0)
121 return offset1;
122 offset += offset1;
123 }
124 offset1 = offset - s->pos;
125 if (!s->must_flush &&
126 offset1 >= 0 && offset1 < (s->buf_end - s->buffer)) {
127 /* can do the seek inside the buffer */
128 s->buf_ptr = s->buffer + offset1;
129 } else {
130 if (!s->seek)
131 return -EPIPE;
132 flush_buffer(s);
133 s->must_flush = 1;
134 s->buf_ptr = s->buffer;
135 s->seek(s->opaque, offset, SEEK_SET);
136 s->pos = offset;
137 }
138 } else
139 #endif //CONFIG_ENCODERS
140 {
141 if (whence == SEEK_CUR) {
142 offset1 = s->pos - (s->buf_end - s->buffer) + (s->buf_ptr - s->buffer);
143 if (offset == 0)
144 return offset1;
145 offset += offset1;
146 }
147 offset1 = offset - (s->pos - (s->buf_end - s->buffer));
148 if (offset1 >= 0 && offset1 <= (s->buf_end - s->buffer)) {
149 /* can do the seek inside the buffer */
150 s->buf_ptr = s->buffer + offset1;
151 } else {
152 if (!s->seek)
153 return -EPIPE;
154 s->buf_ptr = s->buffer;
155 s->buf_end = s->buffer;
156 if (s->seek(s->opaque, offset, SEEK_SET) == (offset_t)-EPIPE)
157 return -EPIPE;
158 s->pos = offset;
159 }
160 s->eof_reached = 0;
161 }
162 return offset;
163 }
164
165 void url_fskip(ByteIOContext *s, offset_t offset)
166 {
167 url_fseek(s, offset, SEEK_CUR);
168 }
169
170 offset_t url_ftell(ByteIOContext *s)
171 {
172 return url_fseek(s, 0, SEEK_CUR);
173 }
174
175 int url_feof(ByteIOContext *s)
176 {
177 return s->eof_reached;
178 }
179
180 int url_ferror(ByteIOContext *s)
181 {
182 return s->error;
183 }
184
185 #ifdef CONFIG_ENCODERS
186 void put_le32(ByteIOContext *s, unsigned int val)
187 {
188 put_byte(s, val);
189 put_byte(s, val >> 8);
190 put_byte(s, val >> 16);
191 put_byte(s, val >> 24);
192 }
193
194 void put_be32(ByteIOContext *s, unsigned int val)
195 {
196 put_byte(s, val >> 24);
197 put_byte(s, val >> 16);
198 put_byte(s, val >> 8);
199 put_byte(s, val);
200 }
201
202 /* IEEE format is assumed */
203 void put_be64_double(ByteIOContext *s, double val)
204 {
205 union {
206 double d;
207 uint64_t ull;
208 } u;
209 u.d = val;
210 put_be64(s, u.ull);
211 }
212
213 void put_strz(ByteIOContext *s, const char *str)
214 {
215 if (str)
216 put_buffer(s, (const unsigned char *) str, strlen(str) + 1);
217 else
218 put_byte(s, 0);
219 }
220
221 void put_le64(ByteIOContext *s, uint64_t val)
222 {
223 put_le32(s, (uint32_t)(val & 0xffffffff));
224 put_le32(s, (uint32_t)(val >> 32));
225 }
226
227 void put_be64(ByteIOContext *s, uint64_t val)
228 {
229 put_be32(s, (uint32_t)(val >> 32));
230 put_be32(s, (uint32_t)(val & 0xffffffff));
231 }
232
233 void put_le16(ByteIOContext *s, unsigned int val)
234 {
235 put_byte(s, val);
236 put_byte(s, val >> 8);
237 }
238
239 void put_be16(ByteIOContext *s, unsigned int val)
240 {
241 put_byte(s, val >> 8);
242 put_byte(s, val);
243 }
244
245 void put_tag(ByteIOContext *s, const char *tag)
246 {
247 while (*tag) {
248 put_byte(s, *tag++);
249 }
250 }
251 #endif //CONFIG_ENCODERS
252
253 /* Input stream */
254
255 static void fill_buffer(ByteIOContext *s)
256 {
257 int len;
258
259 /* no need to do anything if EOF already reached */
260 if (s->eof_reached)
261 return;
262
263 if(s->update_checksum){
264 s->checksum= s->update_checksum(s->checksum, s->checksum_ptr, s->buf_end - s->checksum_ptr);
265 s->checksum_ptr= s->buffer;
266 }
267
268 len = s->read_packet(s->opaque, s->buffer, s->buffer_size);
269 if (len <= 0) {
270 /* do not modify buffer if EOF reached so that a seek back can
271 be done without rereading data */
272 s->eof_reached = 1;
273 if(len<0)
274 s->error= len;
275 } else {
276 s->pos += len;
277 s->buf_ptr = s->buffer;
278 s->buf_end = s->buffer + len;
279 }
280 }
281
282 unsigned long get_checksum(ByteIOContext *s){
283 s->checksum= s->update_checksum(s->checksum, s->checksum_ptr, s->buf_ptr - s->checksum_ptr);
284 s->update_checksum= NULL;
285 return s->checksum;
286 }
287
288 void init_checksum(ByteIOContext *s, unsigned long (*update_checksum)(unsigned long c, const uint8_t *p, unsigned int len), unsigned long checksum){
289 s->update_checksum= update_checksum;
290 if(s->update_checksum){
291 s->checksum= s->update_checksum(checksum, NULL, 0);
292 s->checksum_ptr= s->buf_ptr;
293 }
294 }
295
296 /* NOTE: return 0 if EOF, so you cannot use it if EOF handling is
297 necessary */
298 /* XXX: put an inline version */
299 int get_byte(ByteIOContext *s)
300 {
301 if (s->buf_ptr < s->buf_end) {
302 return *s->buf_ptr++;
303 } else {
304 fill_buffer(s);
305 if (s->buf_ptr < s->buf_end)
306 return *s->buf_ptr++;
307 else
308 return 0;
309 }
310 }
311
312 /* NOTE: return URL_EOF (-1) if EOF */
313 int url_fgetc(ByteIOContext *s)
314 {
315 if (s->buf_ptr < s->buf_end) {
316 return *s->buf_ptr++;
317 } else {
318 fill_buffer(s);
319 if (s->buf_ptr < s->buf_end)
320 return *s->buf_ptr++;
321 else
322 return URL_EOF;
323 }
324 }
325
326 int get_buffer(ByteIOContext *s, unsigned char *buf, int size)
327 {
328 int len, size1;
329
330 size1 = size;
331 while (size > 0) {
332 len = s->buf_end - s->buf_ptr;
333 if (len > size)
334 len = size;
335 if (len == 0) {
336 fill_buffer(s);
337 len = s->buf_end - s->buf_ptr;
338 if (len == 0)
339 break;
340 } else {
341 memcpy(buf, s->buf_ptr, len);
342 buf += len;
343 s->buf_ptr += len;
344 size -= len;
345 }
346 }
347 return size1 - size;
348 }
349
350 int get_partial_buffer(ByteIOContext *s, unsigned char *buf, int size)
351 {
352 int len;
353
354 if(size<0)
355 return -1;
356
357 len = s->buf_end - s->buf_ptr;
358 if (len == 0) {
359 fill_buffer(s);
360 len = s->buf_end - s->buf_ptr;
361 }
362 if (len > size)
363 len = size;
364 memcpy(buf, s->buf_ptr, len);
365 s->buf_ptr += len;
366 return len;
367 }
368
369 unsigned int get_le16(ByteIOContext *s)
370 {
371 unsigned int val;
372 val = get_byte(s);
373 val |= get_byte(s) << 8;
374 return val;
375 }
376
377 unsigned int get_le32(ByteIOContext *s)
378 {
379 unsigned int val;
380 val = get_byte(s);
381 val |= get_byte(s) << 8;
382 val |= get_byte(s) << 16;
383 val |= get_byte(s) << 24;
384 return val;
385 }
386
387 uint64_t get_le64(ByteIOContext *s)
388 {
389 uint64_t val;
390 val = (uint64_t)get_le32(s);
391 val |= (uint64_t)get_le32(s) << 32;
392 return val;
393 }
394
395 unsigned int get_be16(ByteIOContext *s)
396 {
397 unsigned int val;
398 val = get_byte(s) << 8;
399 val |= get_byte(s);
400 return val;
401 }
402
403 unsigned int get_be32(ByteIOContext *s)
404 {
405 unsigned int val;
406 val = get_byte(s) << 24;
407 val |= get_byte(s) << 16;
408 val |= get_byte(s) << 8;
409 val |= get_byte(s);
410 return val;
411 }
412
413 double get_be64_double(ByteIOContext *s)
414 {
415 union {
416 double d;
417 uint64_t ull;
418 } u;
419
420 u.ull = get_be64(s);
421 return u.d;
422 }
423
424 char *get_strz(ByteIOContext *s, char *buf, int maxlen)
425 {
426 int i = 0;
427 char c;
428
429 while ((c = get_byte(s))) {
430 if (i < maxlen-1)
431 buf[i++] = c;
432 }
433
434 buf[i] = 0; /* Ensure null terminated, but may be truncated */
435
436 return buf;
437 }
438
439 uint64_t get_be64(ByteIOContext *s)
440 {
441 uint64_t val;
442 val = (uint64_t)get_be32(s) << 32;
443 val |= (uint64_t)get_be32(s);
444 return val;
445 }
446
447 /* link with avio functions */
448
449 #ifdef CONFIG_ENCODERS
450 static int url_write_packet(void *opaque, uint8_t *buf, int buf_size)
451 {
452 URLContext *h = opaque;
453 return url_write(h, buf, buf_size);
454 }
455 #else
456 #define url_write_packet NULL
457 #endif //CONFIG_ENCODERS
458
459 static int url_read_packet(void *opaque, uint8_t *buf, int buf_size)
460 {
461 URLContext *h = opaque;
462 return url_read(h, buf, buf_size);
463 }
464
465 static int url_seek_packet(void *opaque, int64_t offset, int whence)
466 {
467 URLContext *h = opaque;
468 return url_seek(h, offset, whence);
469 //return 0;
470 }
471
472 int url_fdopen(ByteIOContext *s, URLContext *h)
473 {
474 uint8_t *buffer;
475 int buffer_size, max_packet_size;
476
477
478 max_packet_size = url_get_max_packet_size(h);
479 if (max_packet_size) {
480 buffer_size = max_packet_size; /* no need to bufferize more than one packet */
481 } else {
482 buffer_size = IO_BUFFER_SIZE;
483 }
484 buffer = av_malloc(buffer_size);
485 if (!buffer)
486 return -ENOMEM;
487
488 if (init_put_byte(s, buffer, buffer_size,
489 (h->flags & URL_WRONLY || h->flags & URL_RDWR), h,
490 url_read_packet, url_write_packet, url_seek_packet) < 0) {
491 av_free(buffer);
492 return AVERROR_IO;
493 }
494 s->is_streamed = h->is_streamed;
495 s->max_packet_size = max_packet_size;
496 return 0;
497 }
498
499 /* XXX: must be called before any I/O */
500 int url_setbufsize(ByteIOContext *s, int buf_size)
501 {
502 uint8_t *buffer;
503 buffer = av_malloc(buf_size);
504 if (!buffer)
505 return -ENOMEM;
506
507 av_free(s->buffer);
508 s->buffer = buffer;
509 s->buffer_size = buf_size;
510 s->buf_ptr = buffer;
511 if (!s->write_flag)
512 s->buf_end = buffer;
513 else
514 s->buf_end = buffer + buf_size;
515 return 0;
516 }
517
518 /* NOTE: when opened as read/write, the buffers are only used for
519 reading */
520 int url_fopen(ByteIOContext *s, const char *filename, int flags)
521 {
522 URLContext *h;
523 int err;
524
525 err = url_open(&h, filename, flags);
526 if (err < 0)
527 return err;
528 err = url_fdopen(s, h);
529 if (err < 0) {
530 url_close(h);
531 return err;
532 }
533 return 0;
534 }
535
536 int url_fclose(ByteIOContext *s)
537 {
538 URLContext *h = s->opaque;
539
540 av_free(s->buffer);
541 memset(s, 0, sizeof(ByteIOContext));
542 return url_close(h);
543 }
544
545 URLContext *url_fileno(ByteIOContext *s)
546 {
547 return s->opaque;
548 }
549
550 #ifdef CONFIG_ENCODERS
551 /* XXX: currently size is limited */
552 int url_fprintf(ByteIOContext *s, const char *fmt, ...)
553 {
554 va_list ap;
555 char buf[4096];
556 int ret;
557
558 va_start(ap, fmt);
559 ret = vsnprintf(buf, sizeof(buf), fmt, ap);
560 va_end(ap);
561 put_buffer(s, buf, strlen(buf));
562 return ret;
563 }
564 #endif //CONFIG_ENCODERS
565
566 /* note: unlike fgets, the EOL character is not returned and a whole
567 line is parsed. return NULL if first char read was EOF */
568 char *url_fgets(ByteIOContext *s, char *buf, int buf_size)
569 {
570 int c;
571 char *q;
572
573 c = url_fgetc(s);
574 if (c == EOF)
575 return NULL;
576 q = buf;
577 for(;;) {
578 if (c == EOF || c == '\n')
579 break;
580 if ((q - buf) < buf_size - 1)
581 *q++ = c;
582 c = url_fgetc(s);
583 }
584 if (buf_size > 0)
585 *q = '\0';
586 return buf;
587 }
588
589 /*
590 * Return the maximum packet size associated to packetized buffered file
591 * handle. If the file is not packetized (stream like http or file on
592 * disk), then 0 is returned.
593 *
594 * @param h buffered file handle
595 * @return maximum packet size in bytes
596 */
597 int url_fget_max_packet_size(ByteIOContext *s)
598 {
599 return s->max_packet_size;
600 }
601
602 #ifdef CONFIG_ENCODERS
603 /* buffer handling */
604 int url_open_buf(ByteIOContext *s, uint8_t *buf, int buf_size, int flags)
605 {
606 return init_put_byte(s, buf, buf_size,
607 (flags & URL_WRONLY || flags & URL_RDWR),
608 NULL, NULL, NULL, NULL);
609 }
610
611 /* return the written or read size */
612 int url_close_buf(ByteIOContext *s)
613 {
614 put_flush_packet(s);
615 return s->buf_ptr - s->buffer;
616 }
617
618 /* output in a dynamic buffer */
619
620 typedef struct DynBuffer {
621 int pos, size, allocated_size;
622 uint8_t *buffer;
623 int io_buffer_size;
624 uint8_t io_buffer[1];
625 } DynBuffer;
626
627 static int dyn_buf_write(void *opaque, uint8_t *buf, int buf_size)
628 {
629 DynBuffer *d = opaque;
630 int new_size, new_allocated_size;
631
632 /* reallocate buffer if needed */
633 new_size = d->pos + buf_size;
634 new_allocated_size = d->allocated_size;
635 if(new_size < d->pos || new_size > INT_MAX/2)
636 return -1;
637 while (new_size > new_allocated_size) {
638 if (!new_allocated_size)
639 new_allocated_size = new_size;
640 else
641 new_allocated_size += new_allocated_size / 2 + 1;
642 }
643
644 if (new_allocated_size > d->allocated_size) {
645 d->buffer = av_realloc(d->buffer, new_allocated_size);
646 if(d->buffer == NULL)
647 return -1234;
648 d->allocated_size = new_allocated_size;
649 }
650 memcpy(d->buffer + d->pos, buf, buf_size);
651 d->pos = new_size;
652 if (d->pos > d->size)
653 d->size = d->pos;
654 return buf_size;
655 }
656
657 static int dyn_packet_buf_write(void *opaque, uint8_t *buf, int buf_size)
658 {
659 unsigned char buf1[4];
660 int ret;
661
662 /* packetized write: output the header */
663 buf1[0] = (buf_size >> 24);
664 buf1[1] = (buf_size >> 16);
665 buf1[2] = (buf_size >> 8);
666 buf1[3] = (buf_size);
667 ret= dyn_buf_write(opaque, buf1, 4);
668 if(ret < 0)
669 return ret;
670
671 /* then the data */
672 return dyn_buf_write(opaque, buf, buf_size);
673 }
674
675 static int dyn_buf_seek(void *opaque, offset_t offset, int whence)
676 {
677 DynBuffer *d = opaque;
678
679 if (whence == SEEK_CUR)
680 offset += d->pos;
681 else if (whence == SEEK_END)
682 offset += d->size;
683 if (offset < 0 || offset > 0x7fffffffLL)
684 return -1;
685 d->pos = offset;
686 return 0;
687 }
688
689 static int url_open_dyn_buf_internal(ByteIOContext *s, int max_packet_size)
690 {
691 DynBuffer *d;
692 int io_buffer_size, ret;
693
694 if (max_packet_size)
695 io_buffer_size = max_packet_size;
696 else
697 io_buffer_size = 1024;
698
699 if(sizeof(DynBuffer) + io_buffer_size < io_buffer_size)
700 return -1;
701 d = av_malloc(sizeof(DynBuffer) + io_buffer_size);
702 if (!d)
703 return -1;
704 d->io_buffer_size = io_buffer_size;
705 d->buffer = NULL;
706 d->pos = 0;
707 d->size = 0;
708 d->allocated_size = 0;
709 ret = init_put_byte(s, d->io_buffer, io_buffer_size,
710 1, d, NULL,
711 max_packet_size ? dyn_packet_buf_write : dyn_buf_write,
712 max_packet_size ? NULL : dyn_buf_seek);
713 if (ret == 0) {
714 s->max_packet_size = max_packet_size;
715 }
716 return ret;
717 }
718
719 /*
720 * Open a write only memory stream.
721 *
722 * @param s new IO context
723 * @return zero if no error.
724 */
725 int url_open_dyn_buf(ByteIOContext *s)
726 {
727 return url_open_dyn_buf_internal(s, 0);
728 }
729
730 /*
731 * Open a write only packetized memory stream with a maximum packet
732 * size of 'max_packet_size'. The stream is stored in a memory buffer
733 * with a big endian 4 byte header giving the packet size in bytes.
734 *
735 * @param s new IO context
736 * @param max_packet_size maximum packet size (must be > 0)
737 * @return zero if no error.
738 */
739 int url_open_dyn_packet_buf(ByteIOContext *s, int max_packet_size)
740 {
741 if (max_packet_size <= 0)
742 return -1;
743 return url_open_dyn_buf_internal(s, max_packet_size);
744 }
745
746 /*
747 * Return the written size and a pointer to the buffer. The buffer
748 * must be freed with av_free().
749 * @param s IO context
750 * @param pointer to a byte buffer
751 * @return the length of the byte buffer
752 */
753 int url_close_dyn_buf(ByteIOContext *s, uint8_t **pbuffer)
754 {
755 DynBuffer *d = s->opaque;
756 int size;
757
758 put_flush_packet(s);
759
760 *pbuffer = d->buffer;
761 size = d->size;
762 av_free(d);
763 return size;
764 }
765 #endif //CONFIG_ENCODERS