Audio plugin host https://kx.studio/carla
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

alloc.h 6.1KB

9 years ago
9 years ago
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209
  1. /* alloc - Convenience routines for safely allocating memory
  2. * Copyright (C) 2007-2009 Josh Coalson
  3. * Copyright (C) 2011-2014 Xiph.Org Foundation
  4. *
  5. * Redistribution and use in source and binary forms, with or without
  6. * modification, are permitted provided that the following conditions
  7. * are met:
  8. *
  9. * - Redistributions of source code must retain the above copyright
  10. * notice, this list of conditions and the following disclaimer.
  11. *
  12. * - Redistributions in binary form must reproduce the above copyright
  13. * notice, this list of conditions and the following disclaimer in the
  14. * documentation and/or other materials provided with the distribution.
  15. *
  16. * - Neither the name of the Xiph.org Foundation nor the names of its
  17. * contributors may be used to endorse or promote products derived from
  18. * this software without specific prior written permission.
  19. *
  20. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  21. * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  22. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  23. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR
  24. * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  25. * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  26. * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  27. * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  28. * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  29. * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  30. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  31. */
  32. #ifndef FLAC__SHARE__ALLOC_H
  33. #define FLAC__SHARE__ALLOC_H
  34. #ifdef HAVE_CONFIG_H
  35. # include <config.h>
  36. #endif
  37. /* WATCHOUT: for c++ you may have to #define __STDC_LIMIT_MACROS 1 real early
  38. * before #including this file, otherwise SIZE_MAX might not be defined
  39. */
  40. #include <limits.h> /* for SIZE_MAX */
  41. #if HAVE_STDINT_H
  42. #include <stdint.h> /* for SIZE_MAX in case limits.h didn't get it */
  43. #endif
  44. #include <stdlib.h> /* for size_t, malloc(), etc */
  45. #include "compat.h"
  46. #ifndef SIZE_MAX
  47. # ifndef SIZE_T_MAX
  48. # ifdef _MSC_VER
  49. # ifdef _WIN64
  50. # define SIZE_T_MAX 0xffffffffffffffffui64
  51. # else
  52. # define SIZE_T_MAX 0xffffffff
  53. # endif
  54. # else
  55. # error
  56. # endif
  57. # endif
  58. # define SIZE_MAX SIZE_T_MAX
  59. #endif
  60. /* avoid malloc()ing 0 bytes, see:
  61. * https://www.securecoding.cert.org/confluence/display/seccode/MEM04-A.+Do+not+make+assumptions+about+the+result+of+allocating+0+bytes?focusedCommentId=5407003
  62. */
  63. static inline void *safe_malloc_(size_t size)
  64. {
  65. /* malloc(0) is undefined; FLAC src convention is to always allocate */
  66. if(!size)
  67. size++;
  68. return malloc(size);
  69. }
  70. static inline void *safe_calloc_(size_t nmemb, size_t size)
  71. {
  72. if(!nmemb || !size)
  73. return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */
  74. return calloc(nmemb, size);
  75. }
  76. /*@@@@ there's probably a better way to prevent overflows when allocating untrusted sums but this works for now */
  77. static inline void *safe_malloc_add_2op_(size_t size1, size_t size2)
  78. {
  79. size2 += size1;
  80. if(size2 < size1)
  81. return 0;
  82. return safe_malloc_(size2);
  83. }
  84. static inline void *safe_malloc_add_3op_(size_t size1, size_t size2, size_t size3)
  85. {
  86. size2 += size1;
  87. if(size2 < size1)
  88. return 0;
  89. size3 += size2;
  90. if(size3 < size2)
  91. return 0;
  92. return safe_malloc_(size3);
  93. }
  94. static inline void *safe_malloc_add_4op_(size_t size1, size_t size2, size_t size3, size_t size4)
  95. {
  96. size2 += size1;
  97. if(size2 < size1)
  98. return 0;
  99. size3 += size2;
  100. if(size3 < size2)
  101. return 0;
  102. size4 += size3;
  103. if(size4 < size3)
  104. return 0;
  105. return safe_malloc_(size4);
  106. }
  107. void *safe_malloc_mul_2op_(size_t size1, size_t size2) ;
  108. static inline void *safe_malloc_mul_3op_(size_t size1, size_t size2, size_t size3)
  109. {
  110. if(!size1 || !size2 || !size3)
  111. return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */
  112. if(size1 > SIZE_MAX / size2)
  113. return 0;
  114. size1 *= size2;
  115. if(size1 > SIZE_MAX / size3)
  116. return 0;
  117. return malloc(size1*size3);
  118. }
  119. /* size1*size2 + size3 */
  120. static inline void *safe_malloc_mul2add_(size_t size1, size_t size2, size_t size3)
  121. {
  122. if(!size1 || !size2)
  123. return safe_malloc_(size3);
  124. if(size1 > SIZE_MAX / size2)
  125. return 0;
  126. return safe_malloc_add_2op_(size1*size2, size3);
  127. }
  128. /* size1 * (size2 + size3) */
  129. static inline void *safe_malloc_muladd2_(size_t size1, size_t size2, size_t size3)
  130. {
  131. if(!size1 || (!size2 && !size3))
  132. return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */
  133. size2 += size3;
  134. if(size2 < size3)
  135. return 0;
  136. if(size1 > SIZE_MAX / size2)
  137. return 0;
  138. return malloc(size1*size2);
  139. }
  140. static inline void *safe_realloc_add_2op_(void *ptr, size_t size1, size_t size2)
  141. {
  142. size2 += size1;
  143. if(size2 < size1)
  144. return 0;
  145. return realloc(ptr, size2);
  146. }
  147. static inline void *safe_realloc_add_3op_(void *ptr, size_t size1, size_t size2, size_t size3)
  148. {
  149. size2 += size1;
  150. if(size2 < size1)
  151. return 0;
  152. size3 += size2;
  153. if(size3 < size2)
  154. return 0;
  155. return realloc(ptr, size3);
  156. }
  157. static inline void *safe_realloc_add_4op_(void *ptr, size_t size1, size_t size2, size_t size3, size_t size4)
  158. {
  159. size2 += size1;
  160. if(size2 < size1)
  161. return 0;
  162. size3 += size2;
  163. if(size3 < size2)
  164. return 0;
  165. size4 += size3;
  166. if(size4 < size3)
  167. return 0;
  168. return realloc(ptr, size4);
  169. }
  170. static inline void *safe_realloc_mul_2op_(void *ptr, size_t size1, size_t size2)
  171. {
  172. if(!size1 || !size2)
  173. return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) semantics */
  174. if(size1 > SIZE_MAX / size2)
  175. return 0;
  176. return realloc(ptr, size1*size2);
  177. }
  178. /* size1 * (size2 + size3) */
  179. static inline void *safe_realloc_muladd2_(void *ptr, size_t size1, size_t size2, size_t size3)
  180. {
  181. if(!size1 || (!size2 && !size3))
  182. return realloc(ptr, 0); /* preserve POSIX realloc(ptr, 0) semantics */
  183. size2 += size3;
  184. if(size2 < size3)
  185. return 0;
  186. return safe_realloc_mul_2op_(ptr, size1, size2);
  187. }
  188. #endif