luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-03-27 18:10:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
glib/glib/gbytes.c
Philip Withnall df8592268a
gbytes: Add an assertion to placate static analysis 
Otherwise `scan-build` thinks it’s possible for the `GBytes` to be
double-freed, which would indeed happen if `try_steal_and_unref()` were
to return `NULL` on this branch.

It’s not actually possible for it to return `NULL` here though, as if
`bytes->data` were `NULL`, the function would have already returned
higher up.

Fixes this `scan-build` failure:
https://gitlab.gnome.org/GNOME/glib/-/jobs/4359929

Signed-off-by: Philip Withnall <pwithnall@gnome.org>
2024-10-01 13:15:15 +01:00

655 lines
18 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
* Copyright © 2009, 2010 Codethink Limited
* Copyright © 2011 Collabora Ltd.
*
* SPDX-License-Identifier: LGPL-2.1-or-later
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
* Author: Ryan Lortie <desrt@desrt.ca>
* Stef Walter <stefw@collabora.co.uk>
*/
#include "config.h"
#include "gbytes.h"
#include <glib/garray.h>
#include <glib/gstrfuncs.h>
#include <glib/gatomic.h>
#include <glib/gtestutils.h>
#include <glib/gmem.h>
#include <glib/gmessages.h>
#include <glib/grefcount.h>
#include <string.h>
#if GLIB_SIZEOF_VOID_P == 8
# define G_BYTES_MAX_INLINE (128 - sizeof(GBytesInline))
#else
# define G_BYTES_MAX_INLINE (64 - sizeof(GBytesInline))
#endif
/**
* GBytes: (copy-func g_bytes_ref) (free-func g_bytes_unref)
*
* A simple refcounted data type representing an immutable sequence of zero or
* more bytes from an unspecified origin.
*
* The purpose of a #GBytes is to keep the memory region that it holds
* alive for as long as anyone holds a reference to the bytes. When
* the last reference count is dropped, the memory is released. Multiple
* unrelated callers can use byte data in the #GBytes without coordinating
* their activities, resting assured that the byte data will not change or
* move while they hold a reference.
*
* A #GBytes can come from many different origins that may have
* different procedures for freeing the memory region. Examples are
* memory from g_malloc(), from memory slices, from a #GMappedFile or
* memory from other allocators.
*
* #GBytes work well as keys in #GHashTable. Use g_bytes_equal() and
* g_bytes_hash() as parameters to g_hash_table_new() or g_hash_table_new_full().
* #GBytes can also be used as keys in a #GTree by passing the g_bytes_compare()
* function to g_tree_new().
*
* The data pointed to by this bytes must not be modified. For a mutable
* array of bytes see #GByteArray. Use g_bytes_unref_to_array() to create a
* mutable array for a #GBytes sequence. To create an immutable #GBytes from
* a mutable #GByteArray, use the g_byte_array_free_to_bytes() function.
*
* Since: 2.32
**/
/* Keep in sync with glib/tests/bytes.c */
struct _GBytes
{
gconstpointer data; /* may be NULL iff (size == 0) */
gsize size; /* may be 0 */
gatomicrefcount ref_count;
GDestroyNotify free_func;
gpointer user_data;
};
typedef struct
{
GBytes bytes;
/* Despite no guarantee about alignment in GBytes, it is nice to
* provide that to ensure that any code which predates support
* for inline data continues to work without disruption. malloc()
* on glibc systems would guarantee 2*sizeof(void*) aligned
* allocations and this matches that.
*/
gsize padding;
guint8 inline_data[];
} GBytesInline;
G_STATIC_ASSERT (G_STRUCT_OFFSET (GBytesInline, inline_data) == (6 * GLIB_SIZEOF_VOID_P));
/**
* g_bytes_new:
* @data: (transfer none) (array length=size) (element-type guint8) (nullable):
* the data to be used for the bytes
* @size: the size of @data
*
* Creates a new #GBytes from @data.
*
* @data is copied. If @size is 0, @data may be %NULL.
*
* As an optimization, g_bytes_new() may avoid an extra allocation by copying
* the data within the resulting bytes structure if sufficiently small (since GLib 2.84).
*
* Returns: (transfer full): a new #GBytes
*
* Since: 2.32
*/
GBytes *
g_bytes_new (gconstpointer data,
gsize size)
{
g_return_val_if_fail (data != NULL || size == 0, NULL);
if (size <= G_BYTES_MAX_INLINE)
{
GBytesInline *bytes;
bytes = g_malloc (sizeof *bytes + size);
bytes->bytes.data = bytes->inline_data;
bytes->bytes.size = size;
bytes->bytes.free_func = NULL;
bytes->bytes.user_data = NULL;
g_atomic_ref_count_init (&bytes->bytes.ref_count);
memcpy (bytes->inline_data, data, size);
return (GBytes *)bytes;
}
return g_bytes_new_take (g_memdup2 (data, size), size);
}
/**
* g_bytes_new_take:
* @data: (transfer full) (array length=size) (element-type guint8) (nullable):
* the data to be used for the bytes
* @size: the size of @data
*
* Creates a new #GBytes from @data.
*
* After this call, @data belongs to the #GBytes and may no longer be
* modified by the caller. The memory of @data has to be dynamically
* allocated and will eventually be freed with g_free().
*
* For creating #GBytes with memory from other allocators, see
* g_bytes_new_with_free_func().
*
* @data may be %NULL if @size is 0.
*
* Returns: (transfer full): a new #GBytes
*
* Since: 2.32
*/
GBytes *
g_bytes_new_take (gpointer data,
gsize size)
{
return g_bytes_new_with_free_func (data, size, g_free, data);
}
/**
* g_bytes_new_static: (skip)
* @data: (transfer full) (array length=size) (element-type guint8) (nullable):
* the data to be used for the bytes
* @size: the size of @data
*
* Creates a new #GBytes from static data.
*
* @data must be static (ie: never modified or freed). It may be %NULL if @size
* is 0.
*
* Returns: (transfer full): a new #GBytes
*
* Since: 2.32
*/
GBytes *
g_bytes_new_static (gconstpointer data,
gsize size)
{
return g_bytes_new_with_free_func (data, size, NULL, NULL);
}
/**
* g_bytes_new_with_free_func: (skip)
* @data: (array length=size) (element-type guint8) (nullable):
* the data to be used for the bytes
* @size: the size of @data
* @free_func: the function to call to release the data
* @user_data: data to pass to @free_func
*
* Creates a #GBytes from @data.
*
* When the last reference is dropped, @free_func will be called with the
* @user_data argument.
*
* @data must not be modified after this call is made until @free_func has
* been called to indicate that the bytes is no longer in use.
*
* @data may be %NULL if @size is 0.
*
* Returns: (transfer full): a new #GBytes
*
* Since: 2.32
*/
GBytes *
g_bytes_new_with_free_func (gconstpointer data,
gsize size,
GDestroyNotify free_func,
gpointer user_data)
{
GBytes *bytes;
g_return_val_if_fail (data != NULL || size == 0, NULL);
bytes = g_new (GBytes, 1);
bytes->data = data;
bytes->size = size;
bytes->free_func = free_func;
bytes->user_data = user_data;
g_atomic_ref_count_init (&bytes->ref_count);
return (GBytes *)bytes;
}
/**
* g_bytes_new_from_bytes:
* @bytes: a #GBytes
* @offset: offset which subsection starts at
* @length: length of subsection
*
* Creates a #GBytes which is a subsection of another #GBytes. The @offset +
* @length may not be longer than the size of @bytes.
*
* A reference to @bytes will be held by the newly created #GBytes until
* the byte data is no longer needed.
*
* Since 2.56, if @offset is 0 and @length matches the size of @bytes, then
* @bytes will be returned with the reference count incremented by 1. If @bytes
* is a slice of another #GBytes, then the resulting #GBytes will reference
* the same #GBytes instead of @bytes. This allows consumers to simplify the
* usage of #GBytes when asynchronously writing to streams.
*
* Returns: (transfer full): a new #GBytes
*
* Since: 2.32
*/
GBytes *
g_bytes_new_from_bytes (GBytes *bytes,
gsize offset,
gsize length)
{
gchar *base;
/* Note that length may be 0. */
g_return_val_if_fail (bytes != NULL, NULL);
g_return_val_if_fail (offset <= bytes->size, NULL);
g_return_val_if_fail (offset + length <= bytes->size, NULL);
/* Avoid an extra GBytes if all bytes were requested */
if (offset == 0 && length == bytes->size)
return g_bytes_ref (bytes);
base = (gchar *)bytes->data + offset;
/* Avoid referencing intermediate GBytes. In practice, this should
* only loop once.
*/
while (bytes->free_func == (gpointer)g_bytes_unref)
bytes = bytes->user_data;
g_return_val_if_fail (bytes != NULL, NULL);
g_return_val_if_fail (base >= (gchar *)bytes->data, NULL);
g_return_val_if_fail (base <= (gchar *)bytes->data + bytes->size, NULL);
g_return_val_if_fail (base + length <= (gchar *)bytes->data + bytes->size, NULL);
return g_bytes_new_with_free_func (base, length,
(GDestroyNotify)g_bytes_unref, g_bytes_ref (bytes));
}
/**
* g_bytes_get_data:
* @bytes: a #GBytes
* @size: (out) (optional): location to return size of byte data
*
* Get the byte data in the #GBytes. This data should not be modified.
*
* This function will always return the same pointer for a given #GBytes.
*
* %NULL may be returned if @size is 0. This is not guaranteed, as the #GBytes
* may represent an empty string with @data non-%NULL and @size as 0. %NULL will
* not be returned if @size is non-zero.
*
* Returns: (transfer none) (array length=size) (element-type guint8) (nullable):
* a pointer to the byte data, or %NULL
*
* Since: 2.32
*/
gconstpointer
g_bytes_get_data (GBytes *bytes,
gsize *size)
{
g_return_val_if_fail (bytes != NULL, NULL);
if (size)
*size = bytes->size;
return bytes->data;
}
/**
* g_bytes_get_size:
* @bytes: a #GBytes
*
* Get the size of the byte data in the #GBytes.
*
* This function will always return the same value for a given #GBytes.
*
* Returns: the size
*
* Since: 2.32
*/
gsize
g_bytes_get_size (GBytes *bytes)
{
g_return_val_if_fail (bytes != NULL, 0);
return bytes->size;
}
/**
* g_bytes_ref:
* @bytes: a #GBytes
*
* Increase the reference count on @bytes.
*
* Returns: the #GBytes
*
* Since: 2.32
*/
GBytes *
g_bytes_ref (GBytes *bytes)
{
g_return_val_if_fail (bytes != NULL, NULL);
g_atomic_ref_count_inc (&bytes->ref_count);
return bytes;
}
/**
* g_bytes_unref:
* @bytes: (nullable): a #GBytes
*
* Releases a reference on @bytes. This may result in the bytes being
* freed. If @bytes is %NULL, it will return immediately.
*
* Since: 2.32
*/
void
g_bytes_unref (GBytes *bytes)
{
if (bytes == NULL)
return;
if (g_atomic_ref_count_dec (&bytes->ref_count))
{
if (bytes->free_func != NULL)
bytes->free_func (bytes->user_data);
g_free (bytes);
}
}
/**
* g_bytes_equal:
* @bytes1: (type GLib.Bytes): a pointer to a #GBytes
* @bytes2: (type GLib.Bytes): a pointer to a #GBytes to compare with @bytes1
*
* Compares the two #GBytes values being pointed to and returns
* %TRUE if they are equal.
*
* This function can be passed to g_hash_table_new() as the @key_equal_func
* parameter, when using non-%NULL #GBytes pointers as keys in a #GHashTable.
*
* Returns: %TRUE if the two keys match.
*
* Since: 2.32
*/
gboolean
g_bytes_equal (gconstpointer bytes1,
gconstpointer bytes2)
{
const GBytes *b1 = bytes1;
const GBytes *b2 = bytes2;
g_return_val_if_fail (bytes1 != NULL, FALSE);
g_return_val_if_fail (bytes2 != NULL, FALSE);
return b1->size == b2->size &&
(b1->size == 0 || memcmp (b1->data, b2->data, b1->size) == 0);
}
/**
* g_bytes_hash:
* @bytes: (type GLib.Bytes): a pointer to a #GBytes key
*
* Creates an integer hash code for the byte data in the #GBytes.
*
* This function can be passed to g_hash_table_new() as the @key_hash_func
* parameter, when using non-%NULL #GBytes pointers as keys in a #GHashTable.
*
* Returns: a hash value corresponding to the key.
*
* Since: 2.32
*/
guint
g_bytes_hash (gconstpointer bytes)
{
const GBytes *a = bytes;
const signed char *p, *e;
guint32 h = 5381;
g_return_val_if_fail (bytes != NULL, 0);
for (p = (signed char *)a->data, e = (signed char *)a->data + a->size; p != e; p++)
h = (h << 5) + h + *p;
return h;
}
/**
* g_bytes_compare:
* @bytes1: (type GLib.Bytes): a pointer to a #GBytes
* @bytes2: (type GLib.Bytes): a pointer to a #GBytes to compare with @bytes1
*
* Compares the two #GBytes values.
*
* This function can be used to sort GBytes instances in lexicographical order.
*
* If @bytes1 and @bytes2 have different length but the shorter one is a
* prefix of the longer one then the shorter one is considered to be less than
* the longer one. Otherwise the first byte where both differ is used for
* comparison. If @bytes1 has a smaller value at that position it is
* considered less, otherwise greater than @bytes2.
*
* Returns: a negative value if @bytes1 is less than @bytes2, a positive value
* if @bytes1 is greater than @bytes2, and zero if @bytes1 is equal to
* @bytes2
*
*
* Since: 2.32
*/
gint
g_bytes_compare (gconstpointer bytes1,
gconstpointer bytes2)
{
const GBytes *b1 = bytes1;
const GBytes *b2 = bytes2;
gint ret;
g_return_val_if_fail (bytes1 != NULL, 0);
g_return_val_if_fail (bytes2 != NULL, 0);
ret = memcmp (b1->data, b2->data, MIN (b1->size, b2->size));
if (ret == 0 && b1->size != b2->size)
ret = b1->size < b2->size ? -1 : 1;
return ret;
}
static gpointer
try_steal_and_unref (GBytes *bytes,
GDestroyNotify free_func,
gsize *size)
{
gpointer result;
if (bytes->free_func != free_func || bytes->data == NULL ||
bytes->user_data != bytes->data)
return NULL;
/* Are we the only reference? */
if (g_atomic_ref_count_compare (&bytes->ref_count, 1))
{
*size = bytes->size;
result = (gpointer)bytes->data;
g_assert (result != NULL); /* otherwise the case of @bytes being freed cant be distinguished */
g_free (bytes);
return result;
}
return NULL;
}
/**
* g_bytes_unref_to_data:
* @bytes: (transfer full): a #GBytes
* @size: (out): location to place the length of the returned data
*
* Unreferences the bytes, and returns a pointer the same byte data
* contents.
*
* As an optimization, the byte data is returned without copying if this was
* the last reference to bytes and bytes was created with g_bytes_new(),
* g_bytes_new_take() or g_byte_array_free_to_bytes() and the buffer was larger
* than the size #GBytes may internalize within its allocation. In all other
* cases the data is copied.
*
* Returns: (transfer full) (array length=size) (element-type guint8)
* (not nullable): a pointer to the same byte data, which should be
* freed with g_free()
*
* Since: 2.32
*/
gpointer
g_bytes_unref_to_data (GBytes *bytes,
gsize *size)
{
gpointer result;
g_return_val_if_fail (bytes != NULL, NULL);
g_return_val_if_fail (size != NULL, NULL);
/*
* Optimal path: if this is was the last reference, then we can return
* the data from this GBytes without copying.
*/
result = try_steal_and_unref (bytes, g_free, size);
if (result == NULL)
{
/*
* Copy: Non g_malloc (or compatible) allocator, or static memory,
* so we have to copy, and then unref.
*/
result = g_memdup2 (bytes->data, bytes->size);
*size = bytes->size;
g_bytes_unref (bytes);
}
return result;
}
/**
* g_bytes_unref_to_array:
* @bytes: (transfer full): a #GBytes
*
* Unreferences the bytes, and returns a new mutable #GByteArray containing
* the same byte data.
*
* As an optimization, the byte data is transferred to the array without copying
* if this was the last reference to bytes and bytes was created with
* g_bytes_new(), g_bytes_new_take() or g_byte_array_free_to_bytes() and the
* buffer was larger than the size #GBytes may internalize within its allocation.
* In all other cases the data is copied.
*
* Do not use it if @bytes contains more than %G_MAXUINT
* bytes. #GByteArray stores the length of its data in #guint, which
* may be shorter than #gsize, that @bytes is using.
*
* Returns: (transfer full): a new mutable #GByteArray containing the same byte data
*
* Since: 2.32
*/
GByteArray *
g_bytes_unref_to_array (GBytes *bytes)
{
gpointer data;
gsize size;
g_return_val_if_fail (bytes != NULL, NULL);
data = g_bytes_unref_to_data (bytes, &size);
return g_byte_array_new_take (data, size);
}
/**
* g_bytes_get_region:
* @bytes: a #GBytes
* @element_size: a non-zero element size
* @offset: an offset to the start of the region within the @bytes
* @n_elements: the number of elements in the region
*
* Gets a pointer to a region in @bytes.
*
* The region starts at @offset many bytes from the start of the data
* and contains @n_elements many elements of @element_size size.
*
* @n_elements may be zero, but @element_size must always be non-zero.
* Ideally, @element_size is a static constant (eg: sizeof a struct).
*
* This function does careful bounds checking (including checking for
* arithmetic overflows) and returns a non-%NULL pointer if the
* specified region lies entirely within the @bytes. If the region is
* in some way out of range, or if an overflow has occurred, then %NULL
* is returned.
*
* Note: it is possible to have a valid zero-size region. In this case,
* the returned pointer will be equal to the base pointer of the data of
* @bytes, plus @offset. This will be non-%NULL except for the case
* where @bytes itself was a zero-sized region. Since it is unlikely
* that you will be using this function to check for a zero-sized region
* in a zero-sized @bytes, %NULL effectively always means "error".
*
* Returns: (nullable): the requested region, or %NULL in case of an error
*
* Since: 2.70
*/
gconstpointer
g_bytes_get_region (GBytes *bytes,
gsize element_size,
gsize offset,
gsize n_elements)
{
gsize total_size;
gsize end_offset;
g_return_val_if_fail (element_size > 0, NULL);
/* No other assertion checks here. If something is wrong then we will
* simply crash (via NULL dereference or divide-by-zero).
*/
if (!g_size_checked_mul (&total_size, element_size, n_elements))
return NULL;
if (!g_size_checked_add (&end_offset, offset, total_size))
return NULL;
/* We now have:
*
* 0 <= offset <= end_offset
*
* So we need only check that end_offset is within the range of the
* size of @bytes and we're good to go.
*/
if (end_offset > bytes->size)
return NULL;
/* We now have:
*
* 0 <= offset <= end_offset <= bytes->size
*/
return ((guchar *) bytes->data) + offset;
}
Reference in New Issue View Git Blame Copy Permalink