From ea368dd5592828277d967336ba90e3c8d639c790 Mon Sep 17 00:00:00 2001
From: rdb <git@rdb.name>
Date: Tue, 26 Jan 2016 11:32:51 +0100
Subject: [PATCH] Bam reader robustness; allow threaded bam reading from Python

---
 panda/src/pgraph/pandaNode.cxx |  3 +++
 panda/src/putil/bamReader.cxx  | 25 +++++++++++++++++++++++++
 panda/src/putil/bamReader.h    |  6 +++---
 3 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/panda/src/pgraph/pandaNode.cxx b/panda/src/pgraph/pandaNode.cxx
index d4c683f7ad..e7bd9d80c7 100644
--- a/panda/src/pgraph/pandaNode.cxx
+++ b/panda/src/pgraph/pandaNode.cxx
@@ -4465,6 +4465,9 @@ complete_pointers(TypedWritable **p_list, BamReader *manager) {
   set_fancy_bit(FB_effects, !_effects->is_empty());
   set_fancy_bit(FB_tag, !_tag_data.empty());
 
+  // Mark the bounds stale.
+  ++_next_update;
+
   return pi;
 }
 
diff --git a/panda/src/putil/bamReader.cxx b/panda/src/putil/bamReader.cxx
index 1230bbc9a6..1dca417c6f 100644
--- a/panda/src/putil/bamReader.cxx
+++ b/panda/src/putil/bamReader.cxx
@@ -142,6 +142,12 @@ init() {
     _file_stdfloat_double = scan.get_bool();
   }
 
+  if (scan.get_current_index() > header.get_length()) {
+    bam_cat.error()
+      << "Bam header is too short.\n";
+    return false;
+  }
+
   return true;
 }
 
@@ -1230,6 +1236,12 @@ p_read_object() {
 
   int object_id = read_object_id(scan);
 
+  if (scan.get_current_index() > dg.get_length()) {
+    bam_cat.error()
+      << "Found truncated datagram in bam stream\n";
+    return 0;
+  }
+
   // There are two cases (not counting the special _remove_flag case,
   // above).  Either this is a new object definition, or this is a
   // reference to an object that was previously defined.
@@ -1271,6 +1283,12 @@ p_read_object() {
       created_obj._ptr->fillin(scan, this);
       _now_creating = was_creating;
 
+      if (scan.get_remaining_size() > 0) {
+        bam_cat.warning()
+          << "Skipping " << scan.get_remaining_size() << " remaining bytes "
+          << "in datagram containing type " << type << "\n";
+      }
+
     } else {
       // We are receiving a new object.  Now we can call the factory
       // to create the object.
@@ -1371,6 +1389,13 @@ p_read_object() {
         }
       }
     }
+
+    // Sanity check that we read the expected number of bytes.
+    if (scan.get_current_index() > dg.get_length()) {
+      bam_cat.error()
+        << "End of datagram reached while reading bam object "
+        << type << ": " << (void *)created_obj._ptr << "\n";
+    }
   }
 
   return object_id;
diff --git a/panda/src/putil/bamReader.h b/panda/src/putil/bamReader.h
index 30a9dd157c..f70bb4e9b9 100644
--- a/panda/src/putil/bamReader.h
+++ b/panda/src/putil/bamReader.h
@@ -143,9 +143,9 @@ PUBLISHED:
 
   INLINE const LoaderOptions &get_loader_options() const;
   INLINE void set_loader_options(const LoaderOptions &options);
-  
-  TypedWritable *read_object();
-  bool read_object(TypedWritable *&ptr, ReferenceCount *&ref_ptr);
+
+  BLOCKING TypedWritable *read_object();
+  BLOCKING bool read_object(TypedWritable *&ptr, ReferenceCount *&ref_ptr);
 
   INLINE bool is_eof() const;
   bool resolve();