[FFmpeg-devel] [patch]MMS protocol over TCP

Sun Apr 11 18:33:28 CEST 2010

Hi

On Fri, Apr 9, 2010 at 2:36 AM, Michael Niedermayer <michaelni at gmx.at>wrote:

> On Thu, Apr 08, 2010 at 09:08:34PM +0800, zhentan feng wrote:
> > Hi
> >
> > On Thu, Apr 8, 2010 at 3:04 AM, Michael Niedermayer <michaelni at gmx.at
> >wrote:
> >
> > > On Thu, Apr 08, 2010 at 01:52:26AM +0800, zhentan feng wrote:
> > > [...]
> > > [...]
> > > > ===================================================================
> > > > --- mmst.c    (revision 5735)
> > > > +++ mmst.c    (working copy)
> > > > @@ -321,6 +321,8 @@
> > > >                              mms->asf_header =
> > > av_realloc(mms->asf_header,
> > > >                                                mms->asf_header_size
> > > >                                                + mms->pkt_buf_len);
> > > > +                            if (!mms->asf_header)
> > > > +                                return -1;
> > >
> > > thats probably a memleak and should return ENOMEM
> > >
> > >
> > fixed.
> >
> > > [...]
> > > > @@ -563,10 +563,14 @@
> > > >      int err = AVERROR(EIO);
> > > >      int ret;
> > > >
> > > > +    h->is_streamed = 1;
> > > > +    h->priv_data = av_mallocz(sizeof(MMSContext));
> > > > +    mms = (MMSContext *) h->priv_data;
> > >
> > > that cast should be unneeded
> > >
> > > fixed.
> >
> > I attached the new version patch below.
> > zhentan
> > --
> > Best wishes~
>
> [...]
> > +
> > +/** Add prefixes to MMST command packet. */
> > +static void insert_command_prefixes(MMSContext *mms,
> > +        uint32_t prefix1, uint32_t prefix2)
> > +{
> > +    ByteIOContext *context= &mms->outgoing_packet_data;
> > +
> > +    put_le32(context, prefix1); // first prefix
> > +    put_le32(context, prefix2); // second prefix
> > +}
> > +
> > +/** Send a prepared MMST command packet. */
> > +static int send_command_packet(MMSContext *mms)
> > +{
> > +    ByteIOContext *context= &mms->outgoing_packet_data;
> > +    int exact_length= url_ftell(context);
> > +    int first_length= exact_length - 16;
> > +    int len8= first_length/8;
> > +    int write_result;
> > +
> > +    // update packet length fields.
> > +    url_fseek(context, 8, SEEK_SET);
> > +    put_le32(context, first_length);
> > +    url_fseek(context, 16, SEEK_SET);
> > +    put_le32(context, len8);
> > +    url_fseek(context, 32, SEEK_SET);
> > +    put_le32(context, len8-2);
>
> why dont you just write into the buffer with a uint8_t pointer
> using intreadwrite.h / bytestream.h ?
>
>
>
> [...]
>
> > +static void handle_packet_stream_changing_type(MMSContext *mms)
> > +{
> > +    ByteIOContext pkt;
> > +    dprintf(NULL, "Stream changing!\n");
> > +
> > +    // 40 is the packet header size, without the prefixea.s
> > +    init_put_byte(&pkt, mms->incoming_buffer+40,
> > +            mms->incoming_buffer_length-40, 0, NULL, NULL, NULL, NULL);
> > +    get_le32(&pkt);                                 // prefix 1
> > +    mms->header_packet_id= (get_le32(&pkt) & 0xff); // prefix 2
> > +    dprintf(NULL, "Changed header prefix to 0x%x",
> mms->header_packet_id);
> > +}
>
> thats an interresting way to read 1 byte of an array
>
>
> [...]
> > +/** Read incoming MMST media, header or command packet. */
> > +static MMSSCPacketType get_tcp_server_response(MMSContext *mms)
> > +{
> > +    int read_result;
> > +    MMSSCPacketType packet_type= -1;
> > +    int done;
> > +
> > +    do {
> > +        done= 1;
> > +        if((read_result= url_read_complete(mms->mms_hd,
> mms->incoming_buffer, 8))==8) {
> > +            // handle command packet.
> > +            if(AV_RL32(mms->incoming_buffer + 4)==0xb00bface) {
> > +                mms->incoming_flags= mms->incoming_buffer[3];
> > +                read_result= url_read_complete(mms->mms_hd,
> mms->incoming_buffer+8, 4);
> > +                if(read_result == 4) {
>
> > +                    int length_remaining=
> AV_RL32(mms->incoming_buffer+8) + 4;
> > +
> > +                    dprintf(NULL, "Length remaining is %d\n",
> length_remaining);
> > +                    // read the rest of the packet.
> > +                    if (length_remaining > sizeof(mms->incoming_buffer)
> - 12) {
> > +                        dprintf("Incoming message len %d exceeds buffer
> len %d\n",
> > +                            length_remaining,
> sizeof(mms->incoming_buffer) - 12);
> > +                        break;
> > +                    }
>
> doesnt catch negative values
>
>
> > +                    read_result = url_read_complete(mms->mms_hd,
> mms->incoming_buffer + 12,
> > +                                                  length_remaining) ;
> > +                    if (read_result == length_remaining) {
> > +                        mms->incoming_buffer_length=
> length_remaining+12;
> > +                        packet_type= AV_RL16(mms->incoming_buffer+36);
> > +
> > +                    } else {
> > +                        dprintf(NULL, "3 read returned %d!\n",
> read_result);
> > +                    }
> > +                } else {
> > +                    dprintf(NULL, "2 read returned %d!\n", read_result);
> > +                }
> > +            } else {
> > +                int length_remaining;
> > +                int packet_id_type;
> > +                int tmp;
> > +
> > +                assert(mms->pkt_buf_len==0);
> > +
> > +                //** VERIFY LENGTH REMAINING HAS SPACE
> > +                // note we cache the first 8 bytes,
> > +                // then fill up the buffer with the others
> > +                tmp                       = AV_RL16(mms->incoming_buffer
> + 6);
> > +                length_remaining          = (tmp - 8) & 0xffff;
> > +                mms->incoming_packet_seq  =
> AV_RL32(mms->incoming_buffer);
> > +                packet_id_type            = mms->incoming_buffer[4];
> > +                mms->incoming_flags       = mms->incoming_buffer[5];
> > +                mms->pkt_buf_len          = length_remaining;
> > +                mms->pkt_read_ptr         = mms->incoming_buffer;
> > +
> > +                if (length_remaining > sizeof(mms->incoming_buffer)) {
> > +                    dprintf("Incoming data len %d exceeds buffer len
> %d\n",
> > +                            length_remaining,
> sizeof(mms->incoming_buffer));
> > +                    break;
> > +                }
>
> the length_remaining variables is used before checking it
>
> [...]
>
>
here is the latest patch mmst_8.patch.
thanks
zhentan
-- 
Best wishes~
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mmst_8.patch
Type: application/octet-stream
Size: 26693 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20100412/c8d1509c/attachment.obj>