DISTRHO
/
JUCE
mirror of https://github.com/DISTRHO/JUCE
1
0
Fork 0
Code Releases 1 Activity
The JUCE cross-platform C++ framework, with DISTRHO/KXStudio specific changes
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14070 Commits
9 Branches
4.5GB
Tree: e6509fcb51
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e6509fcb51'
${ noResults }
JUCE/modules/juce_audio_formats/codecs/flac/alloc.h

322 lines
8.5KB
Raw Blame History 

  1. /* alloc - Convenience routines for safely allocating memory

  2.  * Copyright (C) 2007-2009  Josh Coalson

  3.  * Copyright (C) 2011-2023  Xiph.Org Foundation

  4.  *

  5.  * Redistribution and use in source and binary forms, with or without

  6.  * modification, are permitted provided that the following conditions

  7.  * are met:

  8.  *

  9.  * - Redistributions of source code must retain the above copyright

  10.  * notice, this list of conditions and the following disclaimer.

  11.  *

  12.  * - Redistributions in binary form must reproduce the above copyright

  13.  * notice, this list of conditions and the following disclaimer in the

  14.  * documentation and/or other materials provided with the distribution.

  15.  *

  16.  * - Neither the name of the Xiph.org Foundation nor the names of its

  17.  * contributors may be used to endorse or promote products derived from

  18.  * this software without specific prior written permission.

  19.  *

  20.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

  21.  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

  22.  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR

  23.  * A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR

  24.  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,

  25.  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,

  26.  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR

  27.  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF

  28.  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING

  29.  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

  30.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  31.  */

  32. 

  33. #ifndef FLAC__SHARE__ALLOC_H

  34. #define FLAC__SHARE__ALLOC_H

  35. 

  36. #ifdef HAVE_CONFIG_H

  37. #  include <config.h>

  38. #endif

  39. 

  40. /* WATCHOUT: for c++ you may have to #define __STDC_LIMIT_MACROS 1 real early

  41.  * before #including this file,  otherwise SIZE_MAX might not be defined

  42.  */

  43. 

  44. // JUCE: removed as JUCE already includes standard headers and including

  45. // these in FlacNamespace will cause problems

  46. 

  47. //#include <limits.h> /* for SIZE_MAX */

  48. //#if HAVE_STDINT_H

  49. //#include <stdint.h> /* for SIZE_MAX in case limits.h didn't get it */

  50. //#endif

  51. //#include <stdlib.h> /* for size_t, malloc(), etc */

  52. #include "compat.h"

  53. 

  54. #ifndef SIZE_MAX

  55. # ifndef SIZE_T_MAX

  56. #  ifdef _MSC_VER

  57. #   ifdef _WIN64

  58. #    define SIZE_T_MAX FLAC__U64L(0xffffffffffffffff)

  59. #   else

  60. #    define SIZE_T_MAX 0xffffffff

  61. #   endif

  62. #  else

  63. #   error

  64. #  endif

  65. # endif

  66. # define SIZE_MAX SIZE_T_MAX

  67. #endif

  68. 

  69. #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

  70. extern int alloc_check_threshold, alloc_check_counter;

  71. 

  72. static inline int alloc_check() {

  73. 	if(alloc_check_threshold == INT32_MAX)

  74. 		return 0;

  75. 	else if(alloc_check_counter++ == alloc_check_threshold)

  76. 		return 1;

  77. 	else

  78. 		return 0;

  79. }

  80. 

  81. #endif

  82. 

  83. /* avoid malloc()ing 0 bytes, see:

  84.  * https://www.securecoding.cert.org/confluence/display/seccode/MEM04-A.+Do+not+make+assumptions+about+the+result+of+allocating+0+bytes?focusedCommentId=5407003

  85. */

  86. 

  87. static inline void *safe_malloc_(size_t size)

  88. {

  89. #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

  90. 	/* Fail if requested */

  91. 	if(alloc_check())

  92. 		return NULL;

  93. #endif

  94. 	/* malloc(0) is undefined; FLAC src convention is to always allocate */

  95. 	if(!size)

  96. 		size++;

  97. 	return malloc(size);

  98. }

  99. 

  100. #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

  101. static inline void *malloc_(size_t size)

  102. {

  103. 	/* Fail if requested */

  104. 	if(alloc_check())

  105. 		return NULL;

  106. 	return malloc(size);

  107. }

  108. #else

  109. #define malloc_ malloc

  110. #endif

  111. 

  112. 

  113. 

  114. static inline void *safe_calloc_(size_t nmemb, size_t size)

  115. {

  116. #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

  117. 	/* Fail if requested */

  118. 	if(alloc_check())

  119. 		return NULL;

  120. #endif

  121. 	if(!nmemb || !size)

  122. 		return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */

  123. 	return calloc(nmemb, size);

  124. }

  125. 

  126. /*@@@@ there's probably a better way to prevent overflows when allocating untrusted sums but this works for now */

  127. 

  128. static inline void *safe_malloc_add_2op_(size_t size1, size_t size2)

  129. {

  130. 	size2 += size1;

  131. 	if(size2 < size1)

  132. 		return 0;

  133. 	return safe_malloc_(size2);

  134. }

  135. 

  136. static inline void *safe_malloc_add_3op_(size_t size1, size_t size2, size_t size3)

  137. {

  138. 	size2 += size1;

  139. 	if(size2 < size1)

  140. 		return 0;

  141. 	size3 += size2;

  142. 	if(size3 < size2)

  143. 		return 0;

  144. 	return safe_malloc_(size3);

  145. }

  146. 

  147. static inline void *safe_malloc_add_4op_(size_t size1, size_t size2, size_t size3, size_t size4)

  148. {

  149. 	size2 += size1;

  150. 	if(size2 < size1)

  151. 		return 0;

  152. 	size3 += size2;

  153. 	if(size3 < size2)

  154. 		return 0;

  155. 	size4 += size3;

  156. 	if(size4 < size3)

  157. 		return 0;

  158. 	return safe_malloc_(size4);

  159. }

  160. 

  161. void *safe_malloc_mul_2op_(size_t size1, size_t size2) ;

  162. 

  163. static inline void *safe_malloc_mul_3op_(size_t size1, size_t size2, size_t size3)

  164. {

  165. 	if(!size1 || !size2 || !size3)

  166. 		return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */

  167. 	if(size1 > SIZE_MAX / size2)

  168. 		return 0;

  169. 	size1 *= size2;

  170. 	if(size1 > SIZE_MAX / size3)

  171. 		return 0;

  172. 	return malloc_(size1*size3);

  173. }

  174. 

  175. /* size1*size2 + size3 */

  176. static inline void *safe_malloc_mul2add_(size_t size1, size_t size2, size_t size3)

  177. {

  178. 	if(!size1 || !size2)

  179. 		return safe_malloc_(size3);

  180. 	if(size1 > SIZE_MAX / size2)

  181. 		return 0;

  182. 	return safe_malloc_add_2op_(size1*size2, size3);

  183. }

  184. 

  185. /* size1 * (size2 + size3) */

  186. static inline void *safe_malloc_muladd2_(size_t size1, size_t size2, size_t size3)

  187. {

  188. 	if(!size1 || (!size2 && !size3))

  189. 		return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */

  190. 	size2 += size3;

  191. 	if(size2 < size3)

  192. 		return 0;

  193. 	if(size1 > SIZE_MAX / size2)

  194. 		return 0;

  195. 	return malloc_(size1*size2);

  196. }

  197. 

  198. static inline void *safe_realloc_(void *ptr, size_t size)

  199. {

  200. 	void *oldptr;

  201. 	void *newptr;

  202. #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

  203. 	/* Fail if requested */

  204. 	if(alloc_check() && size > 0) {

  205. 		free(ptr);

  206. 		return NULL;

  207. 	}

  208. #endif

  209. 	oldptr = ptr;

  210. 	newptr = realloc(ptr, size);

  211. 	if(size > 0 && newptr == 0)

  212. 		free(oldptr);

  213. 	return newptr;

  214. }

  215. 

  216. #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

  217. static inline void *realloc_(void *ptr, size_t size)

  218. {

  219. 	/* Fail if requested */

  220. 	if(alloc_check())

  221. 		return NULL;

  222. 	return realloc(ptr, size);

  223. }

  224. #else

  225. #define realloc_ realloc

  226. #endif

  227. 

  228. 

  229. static inline void *safe_realloc_nofree_add_2op_(void *ptr, size_t size1, size_t size2)

  230. {

  231. 	size2 += size1;

  232. 	if(size2 < size1)

  233. 		return 0;

  234. 	return realloc_(ptr, size2);

  235. }

  236. 

  237. static inline void *safe_realloc_add_3op_(void *ptr, size_t size1, size_t size2, size_t size3)

  238. {

  239. 	size2 += size1;

  240. 	if(size2 < size1) {

  241. 		free(ptr);

  242. 		return 0;

  243. 	}

  244. 	size3 += size2;

  245. 	if(size3 < size2) {

  246. 		free(ptr);

  247. 		return 0;

  248. 	}

  249. 	return safe_realloc_(ptr, size3);

  250. }

  251. 

  252. static inline void *safe_realloc_nofree_add_3op_(void *ptr, size_t size1, size_t size2, size_t size3)

  253. {

  254. 	size2 += size1;

  255. 	if(size2 < size1)

  256. 		return 0;

  257. 	size3 += size2;

  258. 	if(size3 < size2)

  259. 		return 0;

  260. 	return realloc_(ptr, size3);

  261. }

  262. 

  263. static inline void *safe_realloc_nofree_add_4op_(void *ptr, size_t size1, size_t size2, size_t size3, size_t size4)

  264. {

  265. 	size2 += size1;

  266. 	if(size2 < size1)

  267. 		return 0;

  268. 	size3 += size2;

  269. 	if(size3 < size2)

  270. 		return 0;

  271. 	size4 += size3;

  272. 	if(size4 < size3)

  273. 		return 0;

  274. 	return realloc_(ptr, size4);

  275. }

  276. 

  277. static inline void *safe_realloc_mul_2op_(void *ptr, size_t size1, size_t size2)

  278. {

  279. 	if(!size1 || !size2)

  280. 		return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) semantics */

  281. 	if(size1 > SIZE_MAX / size2) {

  282. 		free(ptr);

  283. 		return 0;

  284. 	}

  285. 	return safe_realloc_(ptr, size1*size2);

  286. }

  287. 

  288. static inline void *safe_realloc_nofree_mul_2op_(void *ptr, size_t size1, size_t size2)

  289. {

  290. 	if(!size1 || !size2)

  291. 		return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) semantics */

  292. 	if(size1 > SIZE_MAX / size2)

  293. 		return 0;

  294. 	return realloc_(ptr, size1*size2);

  295. }

  296. 

  297. /* size1 * (size2 + size3) */

  298. static inline void *safe_realloc_muladd2_(void *ptr, size_t size1, size_t size2, size_t size3)

  299. {

  300. 	if(!size1 || (!size2 && !size3))

  301. 		return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) semantics */

  302. 	size2 += size3;

  303. 	if(size2 < size3) {

  304. 		free(ptr);

  305. 		return 0;

  306. 	}

  307. 	return safe_realloc_mul_2op_(ptr, size1, size2);

  308. }

  309. 

  310. /* size1 * (size2 + size3) */

  311. static inline void *safe_realloc_nofree_muladd2_(void *ptr, size_t size1, size_t size2, size_t size3)

  312. {

  313. 	if(!size1 || (!size2 && !size3))

  314. 		return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) semantics */

  315. 	size2 += size3;

  316. 	if(size2 < size3)

  317. 		return 0;

  318. 	return safe_realloc_nofree_mul_2op_(ptr, size1, size2);

  319. }

  320. 

  321. #endif