From 9ab45f37c6fa866762fae8bb01f72eacdc75abd3 Mon Sep 17 00:00:00 2001
From: Robin Gareus <robin@gareus.org>
Date: Tue, 28 Aug 2012 15:42:35 +0000
Subject: LV2 worker: prevent corruption of ringbuffer

git-svn-id: svn://localhost/ardour2/branches/3.0@13146 d708f5d6-7413-0410-9779-e7cbd77b26cf
---
 libs/ardour/worker.cc | 49 +++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 45 insertions(+), 4 deletions(-)

(limited to 'libs/ardour/worker.cc')

diff --git a/libs/ardour/worker.cc b/libs/ardour/worker.cc
index 67c72ffeba..d48ac959ba 100644
--- a/libs/ardour/worker.cc
+++ b/libs/ardour/worker.cc
@@ -44,11 +44,14 @@ Worker::~Worker()
 bool
 Worker::schedule(uint32_t size, const void* data)
 {
+	if (_requests->write_space() < size + sizeof(size)) {
+		return false;
+	}
 	if (_requests->write((const uint8_t*)&size, sizeof(size)) != sizeof(size)) {
 		return false;
 	}
 	if (_requests->write((const uint8_t*)data, size) != size) {
-		return false;  // FIXME: corruption
+		return false;
 	}
 	_sem.post();
 	return true;
@@ -57,11 +60,34 @@ Worker::schedule(uint32_t size, const void* data)
 bool
 Worker::respond(uint32_t size, const void* data)
 {
+	if (_requests->write_space() < size + sizeof(size)) {
+		return false;
+	}
 	if (_responses->write((const uint8_t*)&size, sizeof(size)) != sizeof(size)) {
 		return false;
 	}
 	if (_responses->write((const uint8_t*)data, size) != size) {
-		return false;  // FIXME: corruption
+		return false;
+	}
+	return true;
+}
+
+bool
+Worker::verify_message_completeness(RingBuffer<uint8_t>* rb)
+{
+	uint32_t read_space = rb->read_space();
+	uint32_t size;
+	RingBuffer<uint8_t>::rw_vector vec;
+	rb->get_read_vector (&vec);
+	if (vec.len[0] >= sizeof(size)) {
+		memcpy (&size, vec.buf[0], sizeof (size));
+	} else {
+		memcpy (&size, vec.buf[0], vec.len[0]);
+		memcpy (&size + vec.len[0], vec.buf[1], sizeof(size) - vec.len[0]);
+	}
+	if (read_space < size+sizeof(size)) {
+		/* message from writer is yet incomplete. respond next cycle */
+		return false;
 	}
 	return true;
 }
@@ -71,7 +97,12 @@ Worker::emit_responses()
 {
 	uint32_t read_space = _responses->read_space();
 	uint32_t size       = 0;
-	while (read_space > sizeof(size)) {
+	while (read_space >= sizeof(size)) {
+		if (!verify_message_completeness(_responses)) {
+			/* message from writer is yet incomplete. respond next cycle */
+			return;
+		}
+		/* read and send response */
 		_responses->read((uint8_t*)&size, sizeof(size));
 		_responses->read(_response, size);
 		_workee->work_response(size, _response);
@@ -90,7 +121,17 @@ Worker::run()
 			return;
 		}
 
-		uint32_t size = 0;
+		uint32_t size = _requests->read_space();
+		if (size < sizeof(size)) {
+			PBD::error << "Worker: no work-data on ring buffer" << endmsg;
+			continue;
+		}
+		while (!verify_message_completeness(_requests)) {
+			::usleep(2000);
+			if (_exit) {
+				return;
+			}
+		}
 		if (_requests->read((uint8_t*)&size, sizeof(size)) < sizeof(size)) {
 			PBD::error << "Worker: Error reading size from request ring"
 			           << endmsg;
-- 
cgit v1.2.3