diff --git a/include/securec.h b/include/securec.h index e0a977e275c400445b2bd61d9858c25c15785739..d933056006898b113f93d80a85a56f69bb88db20 100644 --- a/include/securec.h +++ b/include/securec.h @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -11,8 +11,8 @@ * Description: The user of this secure c library should include this header file in you source code. * This header file declare all supported API prototype of the library, * such as memcpy_s, strcpy_s, wcscpy_s,strcat_s, strncat_s, sprintf_s, scanf_s, and so on. - * Author: lishunda * Create: 2014-02-25 + * Notes: Do not modify this file by yourself. */ #ifndef SECUREC_H_5D13A042_DC3F_4ED9_A8D1_882811274C27 @@ -58,12 +58,12 @@ typedef int errno_t; #endif #ifndef EINVAL -/* The src buffer is not correct and destination buffer cant not be reset */ +/* The src buffer is not correct and destination buffer can not be reset */ #define EINVAL 22 #endif #ifndef EINVAL_AND_RESET -/* Once the error is detected, the dest buffer must be reseted! Value is 22 or 128 */ +/* Once the error is detected, the dest buffer must be reset! Value is 22 or 128 */ #define EINVAL_AND_RESET 150 #endif @@ -73,12 +73,12 @@ typedef int errno_t; #endif #ifndef ERANGE_AND_RESET -/* Once the error is detected, the dest buffer must be reseted! Value is 34 or 128 */ +/* Once the error is detected, the dest buffer must be reset! Value is 34 or 128 */ #define ERANGE_AND_RESET 162 #endif #ifndef EOVERLAP_AND_RESET -/* Once the buffer overlap is detected, the dest buffer must be reseted! Value is 54 or 128 */ +/* Once the buffer overlap is detected, the dest buffer must be reset! Value is 54 or 128 */ #define EOVERLAP_AND_RESET 182 #endif @@ -106,24 +106,24 @@ typedef int errno_t; #ifdef __cplusplus extern "C" { #endif - /* - * Description: The GetHwSecureCVersion function get SecureC Version string and version number. - * Parameter: verNumber - to store version number (for example value is 0x500 | 0xa) - * Return: version string - */ - SECUREC_API const char *GetHwSecureCVersion(unsigned short *verNumber); +/* + * Description: The GetHwSecureCVersion function get SecureC Version string and version number. + * Parameter: verNumber - to store version number (for example value is 0x500 | 0xa) + * Return: version string + */ +SECUREC_API const char *GetHwSecureCVersion(unsigned short *verNumber); #if SECUREC_ENABLE_MEMSET - /* - * Description: The memset_s function copies the value of c (converted to an unsigned char) into each of - * the first count characters of the object pointed to by dest. - * Parameter: dest - destination address - * Parameter: destMax - The maximum length of destination buffer - * Parameter: c - the value to be copied - * Parameter: count - copies count bytes of value to dest - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t memset_s(void *dest, size_t destMax, int c, size_t count); +/* + * Description: The memset_s function copies the value of c (converted to an unsigned char) into each of + * the first count characters of the object pointed to by dest. + * Parameter: dest - destination address + * Parameter: destMax - The maximum length of destination buffer + * Parameter: c - the value to be copied + * Parameter: count - copies count bytes of value to dest + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t memset_s(void *dest, size_t destMax, int c, size_t count); #endif #ifndef SECUREC_ONLY_DECLARE_MEMSET @@ -133,450 +133,449 @@ extern "C" { #if !SECUREC_ONLY_DECLARE_MEMSET #if SECUREC_ENABLE_MEMMOVE - /* - * Description: The memmove_s function copies n characters from the object pointed to by src - * into the object pointed to by dest. - * Parameter: dest - destination address - * Parameter: destMax - The maximum length of destination buffer - * Parameter: src - source address - * Parameter: count - copies count bytes from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t memmove_s(void *dest, size_t destMax, const void *src, size_t count); +/* + * Description: The memmove_s function copies n characters from the object pointed to by src + * into the object pointed to by dest. + * Parameter: dest - destination address + * Parameter: destMax - The maximum length of destination buffer + * Parameter: src - source address + * Parameter: count - copies count bytes from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t memmove_s(void *dest, size_t destMax, const void *src, size_t count); #endif #if SECUREC_ENABLE_MEMCPY - /* - * Description: The memcpy_s function copies n characters from the object pointed to - * by src into the object pointed to by dest. - * Parameter: dest - destination address - * Parameter: destMax - The maximum length of destination buffer - * Parameter: src - source address - * Parameter: count - copies count bytes from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t memcpy_s(void *dest, size_t destMax, const void *src, size_t count); +/* + * Description: The memcpy_s function copies n characters from the object pointed to + * by src into the object pointed to by dest. + * Parameter: dest - destination address + * Parameter: destMax - The maximum length of destination buffer + * Parameter: src - source address + * Parameter: count - copies count bytes from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t memcpy_s(void *dest, size_t destMax, const void *src, size_t count); #endif #if SECUREC_ENABLE_STRCPY - /* - * Description: The strcpy_s function copies the string pointed to by strSrc (including - * the terminating null character) into the array pointed to by strDest - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) - * Parameter: strSrc - source address - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t strcpy_s(char *strDest, size_t destMax, const char *strSrc); +/* + * Description: The strcpy_s function copies the string pointed to by strSrc (including + * the terminating null character) into the array pointed to by strDest + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) + * Parameter: strSrc - source address + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t strcpy_s(char *strDest, size_t destMax, const char *strSrc); #endif #if SECUREC_ENABLE_STRNCPY - /* - * Description: The strncpy_s function copies not more than n successive characters (not including - * the terminating null character) from the array pointed to by strSrc to the array pointed to by strDest. - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) - * Parameter: strSrc - source address - * Parameter: count - copies count characters from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t strncpy_s(char *strDest, size_t destMax, const char *strSrc, size_t count); +/* + * Description: The strncpy_s function copies not more than n successive characters (not including + * the terminating null character) from the array pointed to by strSrc to the array pointed to by strDest. + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) + * Parameter: strSrc - source address + * Parameter: count - copies count characters from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t strncpy_s(char *strDest, size_t destMax, const char *strSrc, size_t count); #endif #if SECUREC_ENABLE_STRCAT - /* - * Description: The strcat_s function appends a copy of the string pointed to by strSrc (including - * the terminating null character) to the end of the string pointed to by strDest. - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating null wide character) - * Parameter: strSrc - source address - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t strcat_s(char *strDest, size_t destMax, const char *strSrc); +/* + * Description: The strcat_s function appends a copy of the string pointed to by strSrc (including + * the terminating null character) to the end of the string pointed to by strDest. + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating null wide character) + * Parameter: strSrc - source address + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t strcat_s(char *strDest, size_t destMax, const char *strSrc); #endif #if SECUREC_ENABLE_STRNCAT - /* - * Description: The strncat_s function appends not more than n successive characters (not including - * the terminating null character) - * from the array pointed to by strSrc to the end of the string pointed to by strDest. - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) - * Parameter: strSrc - source address - * Parameter: count - copies count characters from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t strncat_s(char *strDest, size_t destMax, const char *strSrc, size_t count); +/* + * Description: The strncat_s function appends not more than n successive characters (not including + * the terminating null character) + * from the array pointed to by strSrc to the end of the string pointed to by strDest. + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) + * Parameter: strSrc - source address + * Parameter: count - copies count characters from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t strncat_s(char *strDest, size_t destMax, const char *strSrc, size_t count); #endif #if SECUREC_ENABLE_VSPRINTF - /* - * Description: The vsprintf_s function is equivalent to the vsprintf function except for the parameter destMax - * and the explicit runtime-constraints violation - * Parameter: strDest - produce output according to a format ,write to the character string strDest. - * Parameter: destMax - The maximum length of destination buffer(including the terminating null wide characte) - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of characters printed(not including the terminating null byte '\0'), - * If an error occurred Return: -1. - */ - SECUREC_API int vsprintf_s(char *strDest, size_t destMax, const char *format, - va_list argList) SECUREC_ATTRIBUTE(3, 0); +/* + * Description: The vsprintf_s function is equivalent to the vsprintf function except for the parameter destMax + * and the explicit runtime-constraints violation + * Parameter: strDest - produce output according to a format,write to the character string strDest. + * Parameter: destMax - The maximum length of destination buffer(including the terminating null wide character) + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of characters printed(not including the terminating null byte '\0'), + * If an error occurred Return: -1. + */ +SECUREC_API int vsprintf_s(char *strDest, size_t destMax, const char *format, + va_list argList) SECUREC_ATTRIBUTE(3, 0); #endif #if SECUREC_ENABLE_SPRINTF - /* - * Description: The sprintf_s function is equivalent to the sprintf function except for the parameter destMax - * and the explicit runtime-constraints violation - * Parameter: strDest - produce output according to a format ,write to the character string strDest. - * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') - * Parameter: format - fromat string - * Return: the number of characters printed(not including the terminating null byte '\0'), - * If an error occurred Return: -1. - */ - SECUREC_API int sprintf_s(char *strDest, size_t destMax, const char *format, ...) SECUREC_ATTRIBUTE(3, 4); +/* + * Description: The sprintf_s function is equivalent to the sprintf function except for the parameter destMax + * and the explicit runtime-constraints violation + * Parameter: strDest - produce output according to a format ,write to the character string strDest. + * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') + * Parameter: format - format string + * Return: the number of characters printed(not including the terminating null byte '\0'), + * If an error occurred Return: -1. +*/ +SECUREC_API int sprintf_s(char *strDest, size_t destMax, const char *format, ...) SECUREC_ATTRIBUTE(3, 4); #endif #if SECUREC_ENABLE_VSNPRINTF - /* - * Description: The vsnprintf_s function is equivalent to the vsnprintf function except for - * the parameter destMax/count and the explicit runtime-constraints violation - * Parameter: strDest - produce output according to a format ,write to the character string strDest. - * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') - * Parameter: count - do not write more than count bytes to strDest(not including the terminating null byte '\0') - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of characters printed(not including the terminating null byte '\0'), - * If an error occurred Return: -1.Pay special attention to returning -1 when truncation occurs - */ - SECUREC_API int vsnprintf_s(char *strDest, size_t destMax, size_t count, const char *format, - va_list argList) SECUREC_ATTRIBUTE(4, 0); +/* + * Description: The vsnprintf_s function is equivalent to the vsnprintf function except for + * the parameter destMax/count and the explicit runtime-constraints violation + * Parameter: strDest - produce output according to a format ,write to the character string strDest. + * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') + * Parameter: count - do not write more than count bytes to strDest(not including the terminating null byte '\0') + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of characters printed(not including the terminating null byte '\0'), + * If an error occurred Return: -1.Pay special attention to returning -1 when truncation occurs. + */ +SECUREC_API int vsnprintf_s(char *strDest, size_t destMax, size_t count, const char *format, + va_list argList) SECUREC_ATTRIBUTE(4, 0); #endif #if SECUREC_ENABLE_SNPRINTF - /* - * Description: The snprintf_s function is equivalent to the snprintf function except for - * the parameter destMax/count and the explicit runtime-constraints violation - * Parameter: strDest - produce output according to a format ,write to the character string strDest. - * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') - * Parameter: count - do not write more than count bytes to strDest(not including the terminating null byte '\0') - * Parameter: format - fromat string - * Return: the number of characters printed(not including the terminating null byte '\0'), - * If an error occurred Return: -1.Pay special attention to returning -1 when truncation occurs - */ - SECUREC_API int snprintf_s(char *strDest, size_t destMax, size_t count, const char *format, - ...) SECUREC_ATTRIBUTE(4, 5); +/* + * Description: The snprintf_s function is equivalent to the snprintf function except for + * the parameter destMax/count and the explicit runtime-constraints violation + * Parameter: strDest - produce output according to a format ,write to the character string strDest. + * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') + * Parameter: count - do not write more than count bytes to strDest(not including the terminating null byte '\0') + * Parameter: format - format string + * Return: the number of characters printed(not including the terminating null byte '\0'), + * If an error occurred Return: -1.Pay special attention to returning -1 when truncation occurs. + */ +SECUREC_API int snprintf_s(char *strDest, size_t destMax, size_t count, const char *format, + ...) SECUREC_ATTRIBUTE(4, 5); #endif #if SECUREC_SNPRINTF_TRUNCATED - /* - * Description: The vsnprintf_truncated_s function is equivalent to the vsnprintf_s function except - * no count parameter and return value - * Parameter: strDest - produce output according to a format ,write to the character string strDest - * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of characters printed(not including the terminating null byte '\0'), - * If an error occurred Return: -1.Pay special attention to returning destMax - 1 when truncation occurs - */ - SECUREC_API int vsnprintf_truncated_s(char *strDest, size_t destMax, const char *format, - va_list argList) SECUREC_ATTRIBUTE(3, 0); - - /* - * Description: The snprintf_truncated_s function is equivalent to the snprintf_2 function except - * no count parameter and return value - * Parameter: strDest - produce output according to a format ,write to the character string strDest. - * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') - * Parameter: format - fromat string - * Return: the number of characters printed(not including the terminating null byte '\0'), - * If an error occurred Return: -1.Pay special attention to returning destMax - 1 when truncation occurs - */ - SECUREC_API int snprintf_truncated_s(char *strDest, size_t destMax, - const char *format, ...) SECUREC_ATTRIBUTE(3, 4); +/* + * Description: The vsnprintf_truncated_s function is equivalent to the vsnprintf_s function except + * no count parameter and return value + * Parameter: strDest - produce output according to a format ,write to the character string strDest + * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of characters printed(not including the terminating null byte '\0'), + * If an error occurred Return: -1.Pay special attention to returning destMax - 1 when truncation occurs +*/ +SECUREC_API int vsnprintf_truncated_s(char *strDest, size_t destMax, const char *format, + va_list argList) SECUREC_ATTRIBUTE(3, 0); + +/* + * Description: The snprintf_truncated_s function is equivalent to the snprintf_s function except + * no count parameter and return value + * Parameter: strDest - produce output according to a format,write to the character string strDest. + * Parameter: destMax - The maximum length of destination buffer(including the terminating null byte '\0') + * Parameter: format - format string + * Return: the number of characters printed(not including the terminating null byte '\0'), + * If an error occurred Return: -1.Pay special attention to returning destMax - 1 when truncation occurs. + */ +SECUREC_API int snprintf_truncated_s(char *strDest, size_t destMax, + const char *format, ...) SECUREC_ATTRIBUTE(3, 4); #endif #if SECUREC_ENABLE_SCANF - /* - * Description: The scanf_s function is equivalent to fscanf_s with the argument stdin - * interposed before the arguments to scanf_s - * Parameter: format - fromat string - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int scanf_s(const char *format, ...); +/* + * Description: The scanf_s function is equivalent to fscanf_s with the argument stdin + * interposed before the arguments to scanf_s + * Parameter: format - format string + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int scanf_s(const char *format, ...); #endif #if SECUREC_ENABLE_VSCANF - /* - * Description: The vscanf_s function is equivalent to scanf_s, with the variable argument list replaced by argList - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int vscanf_s(const char *format, va_list argList); +/* + * Description: The vscanf_s function is equivalent to scanf_s, with the variable argument list replaced by argList + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int vscanf_s(const char *format, va_list argList); #endif #if SECUREC_ENABLE_SSCANF - /* - * Description: The sscanf_s function is equivalent to fscanf_s, except that input is obtained from a - * string (specified by the argument buffer) rather than from a stream - * Parameter: buffer - read character from buffer - * Parameter: format - fromat string - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int sscanf_s(const char *buffer, const char *format, ...); +/* + * Description: The sscanf_s function is equivalent to fscanf_s, except that input is obtained from a + * string (specified by the argument buffer) rather than from a stream + * Parameter: buffer - read character from buffer + * Parameter: format - format string + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int sscanf_s(const char *buffer, const char *format, ...); #endif #if SECUREC_ENABLE_VSSCANF - /* - * Description: The vsscanf_s function is equivalent to sscanf_s, with the variable argument list - * replaced by argList - * Parameter: buffer - read character from buffer - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int vsscanf_s(const char *buffer, const char *format, va_list argList); +/* + * Description: The vsscanf_s function is equivalent to sscanf_s, with the variable argument list + * replaced by argList + * Parameter: buffer - read character from buffer + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int vsscanf_s(const char *buffer, const char *format, va_list argList); #endif #if SECUREC_ENABLE_FSCANF - /* - * Description: The fscanf_s function is equivalent to fscanf except that the c, s, and [ conversion specifiers - * apply to a pair of arguments (unless assignment suppression is indicated by a*) - * Parameter: stream - stdio file stream - * Parameter: format - fromat string - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int fscanf_s(FILE *stream, const char *format, ...); +/* + * Description: The fscanf_s function is equivalent to fscanf except that the c, s, and [ conversion specifiers + * apply to a pair of arguments (unless assignment suppression is indicated by a *) + * Parameter: stream - stdio file stream + * Parameter: format - format string + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int fscanf_s(FILE *stream, const char *format, ...); #endif #if SECUREC_ENABLE_VFSCANF - /* - * Description: The vfscanf_s function is equivalent to fscanf_s, with the variable argument list - * replaced by argList - * Parameter: stream - stdio file stream - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int vfscanf_s(FILE *stream, const char *format, va_list argList); +/* + * Description: The vfscanf_s function is equivalent to fscanf_s, with the variable argument list + * replaced by argList + * Parameter: stream - stdio file stream + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int vfscanf_s(FILE *stream, const char *format, va_list argList); #endif #if SECUREC_ENABLE_STRTOK - /* - * Description: The strtok_s function parses a string into a sequence of strToken, - * replace all characters in strToken string that match to strDelimit set with 0. - * On the first call to strtok_s the string to be parsed should be specified in strToken. - * In each subsequent call that should parse the same string, strToken should be NULL - * Parameter: strToken - the string to be delimited - * Parameter: strDelimit - specifies a set of characters that delimit the tokens in the parsed string - * Parameter: context - is a pointer to a char * variable that is used internally by strtok_s function - * Return: On the first call returns the address of the first non \0 character, otherwise NULL is returned. - * In subsequent calls, the strtoken is set to NULL, and the context set is the same as the previous call, - * return NULL if the *context string length is equal 0, otherwise return *context. - */ - SECUREC_API char *strtok_s(char *strToken, const char *strDelimit, char **context); +/* + * Description: The strtok_s function parses a string into a sequence of strToken, + * replace all characters in strToken string that match to strDelimit set with 0. + * On the first call to strtok_s the string to be parsed should be specified in strToken. + * In each subsequent call that should parse the same string, strToken should be NULL + * Parameter: strToken - the string to be delimited + * Parameter: strDelimit - specifies a set of characters that delimit the tokens in the parsed string + * Parameter: context - is a pointer to a char * variable that is used internally by strtok_s function + * Return: On the first call returns the address of the first non \0 character, otherwise NULL is returned. + * In subsequent calls, the strtoken is set to NULL, and the context set is the same as the previous call, + * return NULL if the *context string length is equal 0, otherwise return *context. + */ +SECUREC_API char *strtok_s(char *strToken, const char *strDelimit, char **context); #endif #if SECUREC_ENABLE_GETS && !SECUREC_IN_KERNEL - /* - * Description: The gets_s function reads at most one less than the number of characters specified - * by destMax from the stream pointed to by stdin, into the array pointed to by buffer - * Parameter: buffer - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) - * Return: buffer if there was no runtime-constraint violation,If an error occurred Return: NULL. - */ - SECUREC_API char *gets_s(char *buffer, size_t destMax); +/* + * Description: The gets_s function reads at most one less than the number of characters specified + * by destMax from the stream pointed to by stdin, into the array pointed to by buffer + * Parameter: buffer - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating null character) + * Return: buffer if there was no runtime-constraint violation,If an error occurred Return: NULL. + */ +SECUREC_API char *gets_s(char *buffer, size_t destMax); #endif #if SECUREC_ENABLE_WCHAR_FUNC #if SECUREC_ENABLE_MEMCPY - /* - * Description: The wmemcpy_s function copies n successive wide characters from the object pointed to - * by src into the object pointed to by dest. - * Parameter: dest - destination address - * Parameter: destMax - The maximum length of destination buffer - * Parameter: src - source address - * Parameter: count - copies count wide characters from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t wmemcpy_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t count); +/* + * Description: The wmemcpy_s function copies n successive wide characters from the object pointed to + * by src into the object pointed to by dest. + * Parameter: dest - destination address + * Parameter: destMax - The maximum length of destination buffer + * Parameter: src - source address + * Parameter: count - copies count wide characters from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t wmemcpy_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t count); #endif #if SECUREC_ENABLE_MEMMOVE - /* - * Description: The wmemmove_s function copies n successive wide characters from the object - * pointed to by src into the object pointed to by dest. - * Parameter: dest - destination address - * Parameter: destMax - The maximum length of destination buffer - * Parameter: src - source address - * Parameter: count - copies count wide characters from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t wmemmove_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t count); +/* + * Description: The wmemmove_s function copies n successive wide characters from the object + * pointed to by src into the object pointed to by dest. + * Parameter: dest - destination address + * Parameter: destMax - The maximum length of destination buffer + * Parameter: src - source address + * Parameter: count - copies count wide characters from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t wmemmove_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t count); #endif #if SECUREC_ENABLE_STRCPY - /* - * Description: The wcscpy_s function copies the wide string pointed to by strSrc (including theterminating - * null wide character) into the array pointed to by strDest - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer - * Parameter: strSrc - source address - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t wcscpy_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc); +/* + * Description: The wcscpy_s function copies the wide string pointed to by strSrc(including the terminating + * null wide character) into the array pointed to by strDest + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer + * Parameter: strSrc - source address + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t wcscpy_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc); #endif #if SECUREC_ENABLE_STRNCPY - /* - * Description: The wcsncpy_s function copies not more than n successive wide characters (not including the - * terminating null wide character) from the array pointed to by strSrc to the array pointed to by strDest - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating wide character) - * Parameter: strSrc - source address - * Parameter: count - copies count wide characters from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t wcsncpy_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc, size_t count); +/* + * Description: The wcsncpy_s function copies not more than n successive wide characters (not including the + * terminating null wide character) from the array pointed to by strSrc to the array pointed to by strDest + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating wide character) + * Parameter: strSrc - source address + * Parameter: count - copies count wide characters from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t wcsncpy_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc, size_t count); #endif #if SECUREC_ENABLE_STRCAT - /* - * Description: The wcscat_s function appends a copy of the wide string pointed to by strSrc (including the - * terminating null wide character) to the end of the wide string pointed to by strDest - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating wide character) - * Parameter: strSrc - source address - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t wcscat_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc); +/* + * Description: The wcscat_s function appends a copy of the wide string pointed to by strSrc (including the + * terminating null wide character) to the end of the wide string pointed to by strDest + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating wide character) + * Parameter: strSrc - source address + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t wcscat_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc); #endif #if SECUREC_ENABLE_STRNCAT - /* - * Description: The wcsncat_s function appends not more than n successive wide characters (not including the - * terminating null wide character) from the array pointed to by strSrc to the end of the wide string pointed to - * by strDest. - * Parameter: strDest - destination address - * Parameter: destMax - The maximum length of destination buffer(including the terminating wide character) - * Parameter: strSrc - source address - * Parameter: count - copies count wide characters from the src - * Return: EOK if there was no runtime-constraint violation - */ - SECUREC_API errno_t wcsncat_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc, size_t count); +/* + * Description: The wcsncat_s function appends not more than n successive wide characters (not including the + * terminating null wide character) from the array pointed to by strSrc to the end of the wide string pointed to + * by strDest. + * Parameter: strDest - destination address + * Parameter: destMax - The maximum length of destination buffer(including the terminating wide character) + * Parameter: strSrc - source address + * Parameter: count - copies count wide characters from the src + * Return: EOK if there was no runtime-constraint violation + */ +SECUREC_API errno_t wcsncat_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc, size_t count); #endif #if SECUREC_ENABLE_STRTOK - /* - * Description: The wcstok_s function is the wide-character equivalent of the strtok_s function - * Parameter: strToken - the string to be delimited - * Parameter: strDelimit - specifies a set of characters that delimit the tokens in the parsed string - * Parameter: context - is a pointer to a char * variable that is used internally by strtok_s function - * Return: a pointer to the first character of a token, or a null pointer if there is no token - * or there is a runtime-constraint violation. - */ - SECUREC_API wchar_t *wcstok_s(wchar_t *strToken, const wchar_t *strDelimit, wchar_t **context); +/* + * Description: The wcstok_s function is the wide-character equivalent of the strtok_s function + * Parameter: strToken - the string to be delimited + * Parameter: strDelimit - specifies a set of characters that delimit the tokens in the parsed string + * Parameter: context - is a pointer to a char * variable that is used internally by strtok_s function + * Return: a pointer to the first character of a token, or a null pointer if there is no token + * or there is a runtime-constraint violation. + */ +SECUREC_API wchar_t *wcstok_s(wchar_t *strToken, const wchar_t *strDelimit, wchar_t **context); #endif #if SECUREC_ENABLE_VSPRINTF - /* - * Description: The vswprintf_s function is the wide-character equivalent of the vsprintf_s function - * Parameter: strDest - produce output according to a format ,write to the character string strDest - * Parameter: destMax - The maximum length of destination buffer(including the terminating null ) - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of characters printed(not including the terminating null wide characte), - * If an error occurred Return: -1. - */ - SECUREC_API int vswprintf_s(wchar_t *strDest, size_t destMax, const wchar_t *format, va_list argList); +/* + * Description: The vswprintf_s function is the wide-character equivalent of the vsprintf_s function + * Parameter: strDest - produce output according to a format,write to the character string strDest + * Parameter: destMax - The maximum length of destination buffer(including the terminating null) + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of characters printed(not including the terminating null wide character), + * If an error occurred Return: -1. + */ +SECUREC_API int vswprintf_s(wchar_t *strDest, size_t destMax, const wchar_t *format, va_list argList); #endif #if SECUREC_ENABLE_SPRINTF - - /* - * Description: The swprintf_s function is the wide-character equivalent of the sprintf_s function - * Parameter: strDest - produce output according to a format ,write to the character string strDest - * Parameter: destMax - The maximum length of destination buffer(including the terminating null ) - * Parameter: format - fromat string - * Return: the number of characters printed(not including the terminating null wide characte), - * If an error occurred Return: -1. - */ - SECUREC_API int swprintf_s(wchar_t *strDest, size_t destMax, const wchar_t *format, ...); +/* + * Description: The swprintf_s function is the wide-character equivalent of the sprintf_s function + * Parameter: strDest - produce output according to a format,write to the character string strDest + * Parameter: destMax - The maximum length of destination buffer(including the terminating null) + * Parameter: format - format string + * Return: the number of characters printed(not including the terminating null wide character), + * If an error occurred Return: -1. + */ +SECUREC_API int swprintf_s(wchar_t *strDest, size_t destMax, const wchar_t *format, ...); #endif #if SECUREC_ENABLE_FSCANF - /* - * Description: The fwscanf_s function is the wide-character equivalent of the fscanf_s function - * Parameter: stream - stdio file stream - * Parameter: format - fromat string - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int fwscanf_s(FILE *stream, const wchar_t *format, ...); +/* + * Description: The fwscanf_s function is the wide-character equivalent of the fscanf_s function + * Parameter: stream - stdio file stream + * Parameter: format - format string + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int fwscanf_s(FILE *stream, const wchar_t *format, ...); #endif #if SECUREC_ENABLE_VFSCANF - /* - * Description: The vfwscanf_s function is the wide-character equivalent of the vfscanf_s function - * Parameter: stream - stdio file stream - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int vfwscanf_s(FILE *stream, const wchar_t *format, va_list argList); +/* + * Description: The vfwscanf_s function is the wide-character equivalent of the vfscanf_s function + * Parameter: stream - stdio file stream + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int vfwscanf_s(FILE *stream, const wchar_t *format, va_list argList); #endif #if SECUREC_ENABLE_SCANF - /* - * Description: The wscanf_s function is the wide-character equivalent of the scanf_s function - * Parameter: format - fromat string - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int wscanf_s(const wchar_t *format, ...); +/* + * Description: The wscanf_s function is the wide-character equivalent of the scanf_s function + * Parameter: format - format string + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int wscanf_s(const wchar_t *format, ...); #endif #if SECUREC_ENABLE_VSCANF - /* - * Description: The vwscanf_s function is the wide-character equivalent of the vscanf_s function - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int vwscanf_s(const wchar_t *format, va_list argList); +/* + * Description: The vwscanf_s function is the wide-character equivalent of the vscanf_s function + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int vwscanf_s(const wchar_t *format, va_list argList); #endif #if SECUREC_ENABLE_SSCANF - /* - * Description: The swscanf_s function is the wide-character equivalent of the sscanf_s function - * Parameter: buffer - read character from buffer - * Parameter: format - fromat string - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int swscanf_s(const wchar_t *buffer, const wchar_t *format, ...); +/* + * Description: The swscanf_s function is the wide-character equivalent of the sscanf_s function + * Parameter: buffer - read character from buffer + * Parameter: format - format string + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int swscanf_s(const wchar_t *buffer, const wchar_t *format, ...); #endif #if SECUREC_ENABLE_VSSCANF - /* - * Description: The vswscanf_s function is the wide-character equivalent of the vsscanf_s function - * Parameter: buffer - read character from buffer - * Parameter: format - fromat string - * Parameter: argList - instead of a variable number of arguments - * Return: the number of input items assigned, If an error occurred Return: -1. - */ - SECUREC_API int vswscanf_s(const wchar_t *buffer, const wchar_t *format, va_list argList); +/* + * Description: The vswscanf_s function is the wide-character equivalent of the vsscanf_s function + * Parameter: buffer - read character from buffer + * Parameter: format - format string + * Parameter: argList - instead of a variable number of arguments + * Return: the number of input items assigned, If an error occurred Return: -1. + */ +SECUREC_API int vswscanf_s(const wchar_t *buffer, const wchar_t *format, va_list argList); #endif #endif /* SECUREC_ENABLE_WCHAR_FUNC */ #endif - /* Those functions are used by macro ,must declare hare , also for without function declaration warning */ - extern errno_t strncpy_error(char *strDest, size_t destMax, const char *strSrc, size_t count); - extern errno_t strcpy_error(char *strDest, size_t destMax, const char *strSrc); +/* Those functions are used by macro,must declare hare, also for without function declaration warning */ +extern errno_t strncpy_error(char *strDest, size_t destMax, const char *strSrc, size_t count); +extern errno_t strcpy_error(char *strDest, size_t destMax, const char *strSrc); #if SECUREC_WITH_PERFORMANCE_ADDONS - /* Those functions are used by macro */ - extern errno_t memset_sOptAsm(void *dest, size_t destMax, int c, size_t count); - extern errno_t memset_sOptTc(void *dest, size_t destMax, int c, size_t count); - extern errno_t memcpy_sOptAsm(void *dest, size_t destMax, const void *src, size_t count); - extern errno_t memcpy_sOptTc(void *dest, size_t destMax, const void *src, size_t count); +/* Those functions are used by macro */ +extern errno_t memset_sOptAsm(void *dest, size_t destMax, int c, size_t count); +extern errno_t memset_sOptTc(void *dest, size_t destMax, int c, size_t count); +extern errno_t memcpy_sOptAsm(void *dest, size_t destMax, const void *src, size_t count); +extern errno_t memcpy_sOptTc(void *dest, size_t destMax, const void *src, size_t count); /* The strcpy_sp is a macro, not a function in performance optimization mode. */ #define strcpy_sp(dest, destMax, src) ((__builtin_constant_p((destMax)) && \ diff --git a/include/securectype.h b/include/securectype.h index 17cca940d83f611bdbbaeca2552ed3bb937a9113..69e79c2f9013e38bf42e87633f9bb3f16c930de8 100644 --- a/include/securectype.h +++ b/include/securectype.h @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,9 +10,14 @@ * See the Mulan PSL v2 for more details. * Description: Define internal used macro and data type. The marco of SECUREC_ON_64BITS * will be determined in this header file, which is a switch for part - * of code. Some macro are used to supress warning by MS compiler. - * Author: lishunda + * of code. Some macro are used to suppress warning by MS compiler. * Create: 2014-02-25 + * Notes: User can change the value of SECUREC_STRING_MAX_LEN and SECUREC_MEM_MAX_LEN + * macro to meet their special need, but The maximum value should not exceed 2G. + */ +/* + * [Standardize-exceptions]: Performance-sensitive + * [reason]: Strict parameter verification has been done before use */ #ifndef SECURECTYPE_H_A7BBB686_AADA_451B_B9F9_44DACDAE18A7 @@ -59,7 +64,7 @@ #ifdef _CRTIMP_ALTERNATIVE #undef _CRTIMP_ALTERNATIVE #endif -#define _CRTIMP_ALTERNATIVE /* Comment microsoft *_s function */ +#define _CRTIMP_ALTERNATIVE /* Comment Microsoft *_s function */ #endif /* Compile in kernel under macro control */ @@ -71,6 +76,15 @@ #endif #endif +/* make kernel symbols of functions available to loadable modules */ +#ifndef SECUREC_EXPORT_KERNEL_SYMBOL +#if SECUREC_IN_KERNEL +#define SECUREC_EXPORT_KERNEL_SYMBOL 1 +#else +#define SECUREC_EXPORT_KERNEL_SYMBOL 0 +#endif +#endif + #if SECUREC_IN_KERNEL #ifndef SECUREC_ENABLE_SCANF_FILE #define SECUREC_ENABLE_SCANF_FILE 0 @@ -375,16 +389,17 @@ #endif /* - * Add the -DSECUREC_SUPPORT_BUILTIN_EXPECT=0 compiler option, if complier can not support __builtin_expect. + * Add the -DSECUREC_SUPPORT_BUILTIN_EXPECT=0 compiler option, if compiler can not support __builtin_expect. */ #ifndef SECUREC_SUPPORT_BUILTIN_EXPECT #define SECUREC_SUPPORT_BUILTIN_EXPECT 1 #endif -#if SECUREC_SUPPORT_BUILTIN_EXPECT && defined(__GNUC__) && ((__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 3))) +#if SECUREC_SUPPORT_BUILTIN_EXPECT && defined(__GNUC__) && ((__GNUC__ > 3) || \ + (defined(__GNUC_MINOR__) && (__GNUC__ == 3 && __GNUC_MINOR__ > 3))) /* * This is a built-in function that can be used without a declaration, if warning for declaration not found occurred, - * you can add -DSECUREC_NEED_BUILTIN_EXPECT_DECLARE to complier options + * you can add -DSECUREC_NEED_BUILTIN_EXPECT_DECLARE to compiler options */ #ifdef SECUREC_NEED_BUILTIN_EXPECT_DECLARE long __builtin_expect(long exp, long c); @@ -438,7 +453,7 @@ long __builtin_expect(long exp, long c); #endif /* - * Codes should run under the macro SECUREC_COMPATIBLE_LINUX_FORMAT in unknow system on default, + * Codes should run under the macro SECUREC_COMPATIBLE_LINUX_FORMAT in unknown system on default, * and strtold. * The function strtold is referenced first at ISO9899:1999(C99), and some old compilers can * not support these functions. Here provides a macro to open these functions: @@ -470,14 +485,14 @@ long __builtin_expect(long exp, long c); /* For strncpy_s performance optimization */ #define SECUREC_STRNCPY_SM(dest, destMax, src, count) \ - (((void *)(dest) != NULL && (void *)(src) != NULL && (size_t)(destMax) > 0 && \ + (((void *)(dest) != NULL && (const void *)(src) != NULL && (size_t)(destMax) > 0 && \ (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN) && \ (SECUREC_TWO_MIN((size_t)(count), strlen(src)) + 1) <= (size_t)(destMax)) ? \ (((size_t)(count) < strlen(src)) ? (memcpy((dest), (src), (count)), *((char *)(dest) + (count)) = '\0', EOK) : \ (memcpy((dest), (src), strlen(src) + 1), EOK)) : (strncpy_error((dest), (destMax), (src), (count)))) #define SECUREC_STRCPY_SM(dest, destMax, src) \ - (((void *)(dest) != NULL && (void *)(src) != NULL && (size_t)(destMax) > 0 && \ + (((void *)(dest) != NULL && (const void *)(src) != NULL && (size_t)(destMax) > 0 && \ (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN) && \ (strlen(src) + 1) <= (size_t)(destMax)) ? (memcpy((dest), (src), strlen(src) + 1), EOK) : \ (strcpy_error((dest), (destMax), (src)))) @@ -486,7 +501,7 @@ long __builtin_expect(long exp, long c); #if defined(__GNUC__) #define SECUREC_STRCAT_SM(dest, destMax, src) ({ \ int catRet_ = EOK; \ - if ((void *)(dest) != NULL && (void *)(src) != NULL && (size_t)(destMax) > 0 && \ + if ((void *)(dest) != NULL && (const void *)(src) != NULL && (size_t)(destMax) > 0 && \ (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN)) { \ char *catTmpDst_ = (char *)(dest); \ size_t catRestSize_ = (destMax); \ @@ -518,7 +533,7 @@ long __builtin_expect(long exp, long c); #if defined(__GNUC__) #define SECUREC_STRNCAT_SM(dest, destMax, src, count) ({ \ int ncatRet_ = EOK; \ - if ((void *)(dest) != NULL && (void *)(src) != NULL && (size_t)(destMax) > 0 && \ + if ((void *)(dest) != NULL && (const void *)(src) != NULL && (size_t)(destMax) > 0 && \ (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN) && \ (((unsigned long long)(count) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN)) { \ char *ncatTmpDest_ = (char *)(dest); \ @@ -555,7 +570,7 @@ long __builtin_expect(long exp, long c); #define SECUREC_MEMCPY_SM(dest, destMax, src, count) \ (!(((size_t)(destMax) == 0) || \ (((unsigned long long)(destMax) & (unsigned long long)(-2)) > SECUREC_MEM_MAX_LEN) || \ - ((size_t)(count) > (size_t)(destMax)) || ((void *)(dest)) == NULL || ((void *)(src) == NULL)) ? \ + ((size_t)(count) > (size_t)(destMax)) || ((void *)(dest)) == NULL || ((const void *)(src) == NULL)) ? \ (memcpy((dest), (src), (count)), EOK) : \ (memcpy_s((dest), (destMax), (src), (count)))) diff --git a/src/fscanf_s.c b/src/fscanf_s.c index 2d1e735c3c8cec8d2c171a8eac2669588f77cc07..d3c7f06c12e730ae5576cefee203b87c23a887c5 100644 --- a/src/fscanf_s.c +++ b/src/fscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: fscanf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -31,7 +30,7 @@ * ... Optional arguments. * * - * ... The convered value stored in user assigned address + * ... The converted value stored in user assigned address * * * Each of these functions returns the number of fields successfully converted diff --git a/src/fwscanf_s.c b/src/fwscanf_s.c index ed2438b1d91b59cdede3669d3537da9cc0c6ee1a..bd0f12a966ade1359f4e19e60ec840a283a6d534 100644 --- a/src/fwscanf_s.c +++ b/src/fwscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: fwscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/gets_s.c b/src/gets_s.c index 18d785888cde0d9bdc01b1e9e2ccf9549f7a5b76..d12495aa08e514f81c30a5ba42115b99f3412083 100644 --- a/src/gets_s.c +++ b/src/gets_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: gets_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/input.inl b/src/input.inl index 06fff4157fc784e458f86722c842928b9333f221..9727d5e89808057d7e676d42646d7c2d7056bde7 100644 --- a/src/input.inl +++ b/src/input.inl @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -12,10 +12,14 @@ * This file provides a template function for ANSI and UNICODE compiling by * different type definition. The functions of SecInputS or * SecInputSW provides internal implementation for scanf family API, such as sscanf_s, fscanf_s. - * Author: lishunda * Create: 2014-02-25 + * Notes: The formatted input processing results of integers on different platforms are different. + */ +/* + * [Standardize-exceptions] Use unsafe function: Performance-sensitive + * [reason] Always used in the performance critical path, + * and sufficient input validation is performed before calling */ - #ifndef INPUT_INL_5D13A042_DC3F_4ED9_A8D1_882811274C27 #define INPUT_INL_5D13A042_DC3F_4ED9_A8D1_882811274C27 @@ -49,9 +53,9 @@ size_t destSize_ = (size_t)sizeof(dest); \ size_t srcSize_ = (size_t)sizeof(src); \ if (destSize_ != srcSize_) { \ - (void)memcpy((dest), (src), sizeof(va_list)); \ + SECUREC_MEMCPY_WARP_OPT((dest), (src), sizeof(va_list)); \ } else { \ - (void)memcpy(&(dest), &(src), sizeof(va_list)); \ + SECUREC_MEMCPY_WARP_OPT(&(dest), &(src), sizeof(va_list)); \ } \ } SECUREC_WHILE_ZERO #endif @@ -124,6 +128,13 @@ #define SECUREC_ARRAY_WIDTH_IS_WRONG(spec) ((spec).arrayWidth == 0 || (spec).arrayWidth > SECUREC_STRING_MAX_LEN) #endif +#ifdef SECUREC_ON_64BITS +/* Use 0xffffffffUL mask to pass integer as array length */ +#define SECUREC_GET_ARRAYWIDTH(argList) (((size_t)va_arg((argList), size_t)) & 0xffffffffUL) +#else /* !SECUREC_ON_64BITS */ +#define SECUREC_GET_ARRAYWIDTH(argList) ((size_t)va_arg((argList), size_t)) +#endif + typedef struct { #ifdef SECUREC_FOR_WCHAR unsigned char *table; /* Default NULL */ @@ -165,7 +176,7 @@ typedef struct { #if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT) && !(defined(SECUREC_ON_UNIX))) unsigned int beyondMax; /* Non-zero means beyond */ #endif - unsigned int numberState; /* Identifies whether to start processing numbers, 1 is can input number*/ + unsigned int numberState; /* Identifies whether to start processing numbers, 1 is can input number */ int width; /* Width number in format */ int widthSet; /* 0 is not set width in format */ int convChr; /* Lowercase format conversion characters */ @@ -260,11 +271,11 @@ SECUREC_INLINE int SecCanInputForBracket(int convChr, SecInt ch, const SecBracke /* The value of the wide character exceeds the size of two bytes */ return 0; } - return (int)(convChr == SECUREC_BRACE && bracketTable->table != NULL && - ((bracketTable->table[tableIndex] ^ bracketTable->mask) & tableValue) != 0); + return (int)(convChr == SECUREC_BRACE && + (((unsigned int)bracketTable->table[tableIndex] ^ (unsigned int)bracketTable->mask) & tableValue) != 0); #else return (int)(convChr == SECUREC_BRACE && - ((bracketTable->table[tableIndex] ^ bracketTable->mask) & tableValue) != 0); + (((unsigned int)bracketTable->table[tableIndex] ^ (unsigned int)bracketTable->mask) & tableValue) != 0); #endif } @@ -310,23 +321,31 @@ SECUREC_INLINE void SecUnGetChar(SecInt ch, SecFileStream *stream, int *counter) /* * Convert a floating point string to a floating point number */ -SECUREC_INLINE void SecAssignFloat(const char *floatStr, int numberWidth, void *argPtr) +SECUREC_INLINE int SecAssignNarrowFloat(const char *floatStr, const SecScanSpec *spec) { char *endPtr = NULL; double d; #if SECUREC_SUPPORT_STRTOLD - if (numberWidth == SECUREC_NUM_WIDTH_LONG_LONG) { + if (spec->numberWidth == SECUREC_NUM_WIDTH_LONG_LONG) { long double d2 = strtold(floatStr, &endPtr); - *(long double UNALIGNED *)(argPtr) = d2; - return; + if (endPtr == floatStr) { + return -1; + } + *(long double UNALIGNED *)(spec->argPtr) = d2; + return 0; } #endif d = strtod(floatStr, &endPtr); - if (numberWidth > SECUREC_NUM_WIDTH_INT) { - *(double UNALIGNED *)(argPtr) = (double)d; + /* cannot detect if endPtr points to the end of floatStr,because strtod handles only two characters for 1.E */ + if (endPtr == floatStr) { + return -1; + } + if (spec->numberWidth > SECUREC_NUM_WIDTH_INT) { + *(double UNALIGNED *)(spec->argPtr) = (double)d; } else { - *(float UNALIGNED *)(argPtr) = (float)d; + *(float UNALIGNED *)(spec->argPtr) = (float)d; } + return 0; } #ifdef SECUREC_FOR_WCHAR @@ -334,13 +353,13 @@ SECUREC_INLINE void SecAssignFloat(const char *floatStr, int numberWidth, void * * Convert a floating point wchar string to a floating point number * Success ret 0 */ -SECUREC_INLINE int SecAssignFloatW(const SecFloatSpec *floatSpec, const SecScanSpec *spec) +SECUREC_INLINE int SecAssignWideFloat(const SecFloatSpec *floatSpec, const SecScanSpec *spec) { + int retVal; /* Convert float string */ size_t mbsLen; - size_t tempFloatStrLen = (size_t)(floatSpec->floatStrTotalLen + 1) * sizeof(wchar_t); + size_t tempFloatStrLen = (size_t)(floatSpec->floatStrUsedLen + 1) * sizeof(wchar_t); char *tempFloatStr = (char *)SECUREC_MALLOC(tempFloatStrLen); - if (tempFloatStr == NULL) { return -1; } @@ -354,14 +373,23 @@ SECUREC_INLINE int SecAssignFloatW(const SecFloatSpec *floatSpec, const SecScan return -1; } tempFloatStr[mbsLen] = '\0'; - SecAssignFloat(tempFloatStr, spec->numberWidth, spec->argPtr); + retVal = SecAssignNarrowFloat(tempFloatStr, spec); SECUREC_FREE(tempFloatStr); - return 0; + return retVal; } #endif +SECUREC_INLINE int SecAssignFloat(const SecFloatSpec *floatSpec, const SecScanSpec *spec) +{ +#ifdef SECUREC_FOR_WCHAR + return SecAssignWideFloat(floatSpec, spec); +#else + return SecAssignNarrowFloat(floatSpec->floatStr, spec); +#endif +} + /* - * Init SecFloatSpec befor parse format + * Init SecFloatSpec before parse format */ SECUREC_INLINE void SecInitFloatSpec(SecFloatSpec *floatSpec) { @@ -373,7 +401,7 @@ SECUREC_INLINE void SecInitFloatSpec(SecFloatSpec *floatSpec) SECUREC_INLINE void SecFreeFloatSpec(SecFloatSpec *floatSpec, int *doneCount) { - /* LSD 2014.3.6 add, clear the stack data */ + /* 2014.3.6 add, clear the stack data */ if (memset_s(floatSpec->buffer, sizeof(floatSpec->buffer), 0, sizeof(floatSpec->buffer)) != EOK) { *doneCount = 0; /* This code just to meet the coding requirements */ } @@ -569,7 +597,7 @@ SECUREC_INLINE int SecInputFloat(SecFileStream *stream, SecScanSpec *spec, SecFl #if (!defined(SECUREC_FOR_WCHAR) && SECUREC_HAVE_WCHART && SECUREC_HAVE_MBTOWC) || \ (!defined(SECUREC_FOR_WCHAR) && defined(SECUREC_COMPATIBLE_VERSION)) -/* LSD only multi-bytes string need isleadbyte() function */ +/* only multi-bytes string need isleadbyte() function */ SECUREC_INLINE int SecIsLeadByte(SecInt ch) { unsigned int c = (unsigned int)ch; @@ -823,7 +851,7 @@ SECUREC_INLINE void SecAddEndingZero(void *ptr, const SecScanSpec *spec) SECUREC_INLINE void SecDecodeClearArg(SecScanSpec *spec, va_list argList) { va_list argListSave; /* Backup for argList value, this variable don't need initialized */ - (void)memset(&argListSave, 0, sizeof(va_list)); /* To clear e530 argListSave not initialized */ + (void)SECUREC_MEMSET_FUNC_OPT(&argListSave, 0, sizeof(va_list)); /* To clear e530 argListSave not initialized */ #if defined(va_copy) va_copy(argListSave, argList); #elif defined(__va_copy) /* For vxworks */ @@ -855,9 +883,6 @@ void SecClearDestBuf(const char *buffer, const char *format, va_list argList) SecScanSpec spec; int convChr = 0; const SecUnsignedChar *fmt = (const SecUnsignedChar *)format; - if (fmt == NULL) { - return; - } /* Find first % */ while (*fmt != SECUREC_CHAR('\0') && *fmt != SECUREC_CHAR('%')) { @@ -882,7 +907,7 @@ void SecClearDestBuf(const char *buffer, const char *format, va_list argList) return; } - if (buffer != NULL && *buffer != SECUREC_CHAR('\0') && convChr != 's') { + if (*buffer != SECUREC_CHAR('\0') && convChr != 's') { /* * When buffer not empty just clear %s. * Example call sscanf by argment of (" \n", "%s", s, sizeof(s)) @@ -975,12 +1000,12 @@ static void SecDecodeNumberDecimal(SecScanSpec *spec) if (spec->number == SECUREC_MUL_TEN(decimalEdge)) { /* This code is specially converted to unsigned long type for compatibility */ SecUnsignedInt64 number64As = (unsigned long)SECUREC_MAX_64BITS_VALUE - spec->number; - if (number64As < (SecUnsignedInt64)((SecUnsignedInt)spec->ch - SECUREC_CHAR('0'))) { + if (number64As < (SecUnsignedInt64)(SecUnsignedInt)spec->ch - (SecUnsignedInt)SECUREC_CHAR('0')) { spec->beyondMax = 1; } } #endif - spec->number += (unsigned long)((SecUnsignedInt)spec->ch - SECUREC_CHAR('0')); + spec->number += ((unsigned long)(SecUnsignedInt)spec->ch - (SecUnsignedInt)SECUREC_CHAR('0')); } /* @@ -1008,7 +1033,7 @@ static void SecDecodeNumberOctal(SecScanSpec *spec) } #endif spec->number = SECUREC_MUL_EIGHT(spec->number); - spec->number += (unsigned long)((SecUnsignedInt)spec->ch - SECUREC_CHAR('0')); + spec->number += ((unsigned long)(SecUnsignedInt)spec->ch - (SecUnsignedInt)SECUREC_CHAR('0')); } #if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT) && !(defined(SECUREC_ON_UNIX))) @@ -1150,12 +1175,12 @@ static void SecDecodeNumber64Decimal(SecScanSpec *spec) #if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT) && !(defined(SECUREC_ON_UNIX))) if (spec->number64 == SECUREC_MAX_64BITS_VALUE_CUT_LAST_DIGIT) { SecUnsignedInt64 number64As = (SecUnsignedInt64)SECUREC_MAX_64BITS_VALUE - spec->number64; - if (number64As < (SecUnsignedInt64)((SecUnsignedInt)spec->ch - SECUREC_CHAR('0'))) { + if (number64As < (SecUnsignedInt64)(SecUnsignedInt)spec->ch - (SecUnsignedInt)SECUREC_CHAR('0')) { spec->beyondMax = 1; } } #endif - spec->number64 += (SecUnsignedInt64)((SecUnsignedInt)spec->ch - SECUREC_CHAR('0')); + spec->number64 += ((SecUnsignedInt64)(SecUnsignedInt)spec->ch - (SecUnsignedInt)SECUREC_CHAR('0')); } /* @@ -1183,7 +1208,7 @@ static void SecDecodeNumber64Octal(SecScanSpec *spec) } #endif spec->number64 = SECUREC_MUL_EIGHT(spec->number64); - spec->number64 += (SecUnsignedInt64)((SecUnsignedInt)spec->ch - SECUREC_CHAR('0')); + spec->number64 += ((SecUnsignedInt64)(SecUnsignedInt)spec->ch - (SecUnsignedInt)SECUREC_CHAR('0')); } #define SECUREC_DECODE_NUMBER_FUNC_NUM 2 @@ -1194,13 +1219,13 @@ static void SecDecodeNumber64Octal(SecScanSpec *spec) SECUREC_INLINE int SecDecodeNumber(SecScanSpec *spec) { /* Function name cannot add address symbol, causing 546 alarm */ - static void (*secDecodeNumberHex[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { + static void (* const secDecodeNumberHex[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { SecDecodeNumberHex, SecDecodeNumber64Hex }; - static void (*secDecodeNumberOctal[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { + static void (* const secDecodeNumberOctal[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { SecDecodeNumberOctal, SecDecodeNumber64Octal }; - static void (*secDecodeNumberDecimal[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { + static void (* const secDecodeNumberDecimal[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { SecDecodeNumberDecimal, SecDecodeNumber64Decimal }; if (spec->convChr == 'x' || spec->convChr == 'p') { @@ -1348,7 +1373,8 @@ SECUREC_INLINE void SecSeekStream(SecFileStream *stream) if (curFilePos < stream->oriFilePos || (size_t)(unsigned long)(curFilePos - stream->oriFilePos) < stream->fileRealRead) { /* Try to remedy the problem */ - (void)fseek(stream->pf, (long)stream->fileRealRead, SEEK_CUR); + long adjustNum = (long)(stream->fileRealRead - (size_t)(unsigned long)(curFilePos - stream->oriFilePos)); + (void)fseek(stream->pf, adjustNum, SEEK_CUR); } } #else @@ -1368,7 +1394,7 @@ SECUREC_INLINE void SecSeekStream(SecFileStream *stream) */ SECUREC_INLINE void SecAdjustStream(SecFileStream *stream) { - if (stream != NULL && (stream->flag & SECUREC_FILE_STREAM_FLAG) != 0 && stream->base != NULL) { + if ((stream->flag & SECUREC_FILE_STREAM_FLAG) != 0 && stream->base != NULL) { SecSeekStream(stream); SECUREC_FREE(stream->base); stream->base = NULL; @@ -1398,7 +1424,7 @@ SECUREC_INLINE int SecDecodeLeadByte(SecScanSpec *spec, const SecUnsignedChar ** int ch2 = SecGetChar(stream, &(spec->charCount)); spec->ch = (SecInt)ch2; if (*fmt == SECUREC_CHAR('\0') || (int)(*fmt) != ch2) { - /* LSD in console mode, ungetc twice may cause problem */ + /* in console mode, ungetc twice may cause problem */ SecUnGetChar(ch2, stream, &(spec->charCount)); SecUnGetChar(ch1, stream, &(spec->charCount)); return -1; @@ -1437,6 +1463,16 @@ SECUREC_INLINE int SecDecodeLeadByte(SecScanSpec *spec, const SecUnsignedChar ** return -1; #endif } + +SECUREC_INLINE int SecFilterWcharInFormat(SecScanSpec *spec, const SecUnsignedChar **format, SecFileStream *stream) +{ + if (SecIsLeadByte(spec->ch) != 0) { + if (SecDecodeLeadByte(spec, format, stream) != 0) { + return -1; + } + } + return 0; +} #endif /* @@ -1605,7 +1641,7 @@ SECUREC_INLINE int SecInputForChar(SecScanSpec *spec, SecFileStream *stream) */ SECUREC_INLINE int SecInputNumberDigital(SecFileStream *stream, SecScanSpec *spec) { - static void (*secFinishNumber[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { + static void (* const secFinishNumber[SECUREC_DECODE_NUMBER_FUNC_NUM])(SecScanSpec *spec) = { SecFinishNumber, SecFinishNumber64 }; while (SECUREC_FILED_WIDTH_ENOUGH(spec)) { @@ -1824,10 +1860,8 @@ int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList) } ++format; #if !defined(SECUREC_FOR_WCHAR) && defined(SECUREC_COMPATIBLE_VERSION) - if (SecIsLeadByte(spec.ch) != 0) { - if (SecDecodeLeadByte(&spec, &format, stream) != 0) { - break; - } + if (SecFilterWcharInFormat(&spec, &format, stream) != 0) { + break; } #endif continue; @@ -1886,12 +1920,7 @@ int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList) continue; } /* Get the next argument, size of the array in characters */ -#ifdef SECUREC_ON_64BITS - /* Use 0xffffffffUL mask to Support pass integer as array length */ - spec.arrayWidth = ((size_t)(va_arg(argList, size_t))) & 0xffffffffUL; -#else /* !SECUREC_ON_64BITS */ - spec.arrayWidth = (size_t)va_arg(argList, size_t); -#endif + spec.arrayWidth = SECUREC_GET_ARRAYWIDTH(argList); if (SECUREC_ARRAY_WIDTH_IS_WRONG(spec)) { /* Do not clear buffer just go error */ ++errRet; @@ -1914,7 +1943,7 @@ int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList) continue; } #endif - (void)memset(bracketTable.table, 0, (size_t)SECUREC_BRACKET_TABLE_SIZE); + (void)SECUREC_MEMSET_FUNC_OPT(bracketTable.table, 0, (size_t)SECUREC_BRACKET_TABLE_SIZE); if (SecSetupBracketTable(&format, &bracketTable) != 0) { ++errRet; continue; @@ -1994,14 +2023,10 @@ int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList) paraIsNull = 1; continue; } -#ifdef SECUREC_FOR_WCHAR - if (SecAssignFloatW(&floatSpec, &spec) != 0) { + if (SecAssignFloat(&floatSpec, &spec) != 0) { ++errRet; continue; } -#else - SecAssignFloat(floatSpec.floatStr, spec.numberWidth, spec.argPtr); -#endif ++doneCount; } break; @@ -2047,7 +2072,6 @@ int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList) } #if SECUREC_ENABLE_SCANF_FILE -#if SECUREC_USE_STD_UNGETC /* * Get char from stream use std function */ @@ -2057,23 +2081,6 @@ SECUREC_INLINE SecInt SecGetCharFromStream(const SecFileStream *stream) ch = SECUREC_GETC(stream->pf); return ch; } -#else -/* - * Get char from stream or buffer - */ -SECUREC_INLINE SecInt SecGetCharFromStream(SecFileStream *stream) -{ - SecInt ch; - if (stream->fUnGet == 1) { - ch = (SecInt) stream->lastChar; - stream->fUnGet = 0; - } else { - ch = SECUREC_GETC(stream->pf); - stream->lastChar = (unsigned int)ch; - } - return ch; -} -#endif /* * Try to read the BOM header, when meet a BOM head, discard it, then data is Aligned to base @@ -2185,12 +2192,7 @@ SECUREC_INLINE void SecUnGetCharImpl(SecInt ch, SecFileStream *stream) return; } if ((stream->flag & SECUREC_PIPE_STREAM_FLAG) != 0) { -#if SECUREC_USE_STD_UNGETC (void)SECUREC_UN_GETC(ch, stream->pf); -#else - stream->lastChar = (unsigned int)ch; - stream->fUnGet = 1; -#endif return; } #else diff --git a/src/memcpy_s.c b/src/memcpy_s.c index 4062a322d25576d499877e81f9b728de2156506b..a7fd48748e50a7180c2afd8a1def9b05180eb8bc 100644 --- a/src/memcpy_s.c +++ b/src/memcpy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: memcpy_s function - * Author: lishunda * Create: 2014-02-25 */ /* @@ -20,11 +19,7 @@ #include "securecutil.h" -#ifndef SECUREC_MEMCOPY_WITH_PERFORMANCE -#define SECUREC_MEMCOPY_WITH_PERFORMANCE 0 -#endif - -#if SECUREC_WITH_PERFORMANCE_ADDONS || SECUREC_MEMCOPY_WITH_PERFORMANCE +#if SECUREC_WITH_PERFORMANCE_ADDONS #ifndef SECUREC_MEMCOPY_THRESHOLD_SIZE #define SECUREC_MEMCOPY_THRESHOLD_SIZE 64UL #endif @@ -456,18 +451,18 @@ SECUREC_INLINE errno_t SecMemcpyError(void *dest, size_t destMax, const void *sr if (dest == NULL || src == NULL) { SECUREC_ERROR_INVALID_PARAMTER("memcpy_s"); if (dest != NULL) { - (void)memset(dest, 0, destMax); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax); return EINVAL_AND_RESET; } return EINVAL; } if (count > destMax) { - (void)memset(dest, 0, destMax); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax); SECUREC_ERROR_INVALID_RANGE("memcpy_s"); return ERANGE_AND_RESET; } if (SECUREC_MEMORY_IS_OVERLAP(dest, src, count)) { - (void)memset(dest, 0, destMax); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax); SECUREC_ERROR_BUFFER_OVERLAP("memcpy_s"); return EOVERLAP_AND_RESET; } @@ -505,7 +500,7 @@ SECUREC_INLINE errno_t SecMemcpyError(void *dest, size_t destMax, const void *sr * * EOK Success * EINVAL dest is NULL and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN - * EINVAL_AND_RESET dest != NULL and src is NULLL and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN + * EINVAL_AND_RESET dest != NULL and src is NULL and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN * ERANGE destMax > SECUREC_MEM_MAX_LEN or destMax is 0 * ERANGE_AND_RESET count > destMax and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN * and dest != NULL and src != NULL @@ -513,25 +508,21 @@ SECUREC_INLINE errno_t SecMemcpyError(void *dest, size_t destMax, const void *sr * count <= destMax destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN and dest != NULL * and src != NULL and dest != src * - * if an error occured, dest will be filled with 0. + * if an error occurred, dest will be filled with 0. * If the source and destination overlap, the behavior of memcpy_s is undefined. * Use memmove_s to handle overlapping regions. */ errno_t memcpy_s(void *dest, size_t destMax, const void *src, size_t count) { if (SECUREC_MEMCPY_PARAM_OK(dest, destMax, src, count)) { -#if SECUREC_MEMCOPY_WITH_PERFORMANCE - SECUREC_MEMCPY_OPT(dest, src, count); -#else SECUREC_MEMCPY_WARP_OPT(dest, src, count); -#endif return EOK; } /* Meet some runtime violation, return error code */ return SecMemcpyError(dest, destMax, src, count); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(memcpy_s); #endif diff --git a/src/memmove_s.c b/src/memmove_s.c index 417df8828956f1fc1219535cd52dd7a9f66d21a1..f231f05da96682f16609c8eb62fef36567c03988 100644 --- a/src/memmove_s.c +++ b/src/memmove_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,9 +9,13 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: memmove_s function - * Author: lishunda * Create: 2014-02-25 */ +/* + * [Standardize-exceptions] Use unsafe function: Portability + * [reason] Use unsafe function to implement security function to maintain platform compatibility. + * And sufficient input validation is performed before calling + */ #include "securecutil.h" @@ -64,17 +68,17 @@ SECUREC_INLINE void SecUtilMemmove(void *dst, const void *src, size_t count) * count Number of characters to copy. * * - * dest buffer is uptdated. + * dest buffer is updated. * * * EOK Success * EINVAL dest is NULL and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN - * EINVAL_AND_RESET dest != NULL and src is NULLL and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN + * EINVAL_AND_RESET dest != NULL and src is NULL and destMax != 0 and destMax <= SECUREC_MEM_MAX_LEN * ERANGE destMax > SECUREC_MEM_MAX_LEN or destMax is 0 * ERANGE_AND_RESET count > destMax and dest != NULL and src != NULL and destMax != 0 * and destMax <= SECUREC_MEM_MAX_LEN * - * If an error occured, dest will be filled with 0 when dest and destMax valid. + * If an error occurred, dest will be filled with 0 when dest and destMax valid. * If some regions of the source area and the destination overlap, memmove_s * ensures that the original source bytes in the overlapping region are copied * before being overwritten. @@ -88,13 +92,13 @@ errno_t memmove_s(void *dest, size_t destMax, const void *src, size_t count) if (dest == NULL || src == NULL) { SECUREC_ERROR_INVALID_PARAMTER("memmove_s"); if (dest != NULL) { - (void)memset(dest, 0, destMax); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax); return EINVAL_AND_RESET; } return EINVAL; } if (count > destMax) { - (void)memset(dest, 0, destMax); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax); SECUREC_ERROR_INVALID_RANGE("memmove_s"); return ERANGE_AND_RESET; } @@ -113,7 +117,7 @@ errno_t memmove_s(void *dest, size_t destMax, const void *src, size_t count) return EOK; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(memmove_s); #endif diff --git a/src/memset_s.c b/src/memset_s.c index fc0cdbe6d59e94cee0d20b47052ac06455f08c17..d9a657fd326af60ec1195b226aa762855042299b 100644 --- a/src/memset_s.c +++ b/src/memset_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,9 +9,13 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: memset_s function - * Author: lishunda * Create: 2014-02-25 */ +/* + * [Standardize-exceptions] Use unsafe function: Portability + * [reason] Use unsafe function to implement security function to maintain platform compatibility. + * And sufficient input validation is performed before calling + */ #include "securecutil.h" @@ -56,10 +60,10 @@ typedef union { } SecStrBuf32Union; /* C standard initializes the first member of the consortium. */ static const SecStrBuf32 g_allZero = {{ - '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', - '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', - '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0', - '\0', '\0', '\0', '\0', '\0', '\0', '\0', '\0' + 0U, 0U, 0U, 0U, 0U, 0U, 0U, 0U, + 0U, 0U, 0U, 0U, 0U, 0U, 0U, 0U, + 0U, 0U, 0U, 0U, 0U, 0U, 0U, 0U, + 0U, 0U, 0U, 0U, 0U, 0U, 0U, 0U }}; static const SecStrBuf32 g_allFF = {{ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -68,7 +72,7 @@ static const SecStrBuf32 g_allFF = {{ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }}; -/* Clear coversion warning strict aliasing" */ +/* Clear conversion warning strict aliasing" */ SECUREC_INLINE const SecStrBuf32Union *SecStrictAliasingCast(const SecStrBuf32 *buf) { return (const SecStrBuf32Union *)buf; @@ -414,7 +418,7 @@ SECUREC_INLINE const SecStrBuf32Union *SecStrictAliasingCast(const SecStrBuf32 * */ #define SECUREC_MEMSET_OPT(dest, c, count) do { \ if ((count) > SECUREC_MEMSET_THRESHOLD_SIZE) { \ - SECUREC_MEMSET_WARP_OPT((dest), (c), (count)); \ + SECUREC_MEMSET_PREVENT_DSE((dest), (c), (count)); \ } else { \ SECUREC_SMALL_MEM_SET((dest), (c), (count)); \ } \ @@ -424,7 +428,7 @@ SECUREC_INLINE const SecStrBuf32Union *SecStrictAliasingCast(const SecStrBuf32 * /* * Handling errors */ -SECUREC_INLINE errno_t SecMemsetError(void *dest, size_t destMax, int c, size_t count) +SECUREC_INLINE errno_t SecMemsetError(void *dest, size_t destMax, int c) { /* Check destMax is 0 compatible with _sp macro */ if (destMax == 0 || destMax > SECUREC_MEM_MAX_LEN) { @@ -435,12 +439,9 @@ SECUREC_INLINE errno_t SecMemsetError(void *dest, size_t destMax, int c, size_t SECUREC_ERROR_INVALID_PARAMTER("memset_s"); return EINVAL; } - if (count > destMax) { - (void)memset(dest, c, destMax); /* Set entire buffer to value c */ - SECUREC_ERROR_INVALID_RANGE("memset_s"); - return ERANGE_AND_RESET; - } - return EOK; + SECUREC_MEMSET_PREVENT_DSE(dest, c, destMax); /* Set entire buffer to value c */ + SECUREC_ERROR_INVALID_RANGE("memset_s"); + return ERANGE_AND_RESET; } /* @@ -455,7 +456,7 @@ SECUREC_INLINE errno_t SecMemsetError(void *dest, size_t destMax, int c, size_t * count Number of characters. * * - * dest buffer is uptdated. + * dest buffer is updated. * * * EOK Success @@ -468,14 +469,14 @@ SECUREC_INLINE errno_t SecMemsetError(void *dest, size_t destMax, int c, size_t errno_t memset_s(void *dest, size_t destMax, int c, size_t count) { if (SECUREC_MEMSET_PARAM_OK(dest, destMax, count)) { - SECUREC_MEMSET_WARP_OPT(dest, c, count); + SECUREC_MEMSET_PREVENT_DSE(dest, c, count); return EOK; } /* Meet some runtime violation, return error code */ - return SecMemsetError(dest, destMax, c, count); + return SecMemsetError(dest, destMax, c); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(memset_s); #endif @@ -490,7 +491,7 @@ errno_t memset_sOptAsm(void *dest, size_t destMax, int c, size_t count) return EOK; } /* Meet some runtime violation, return error code */ - return SecMemsetError(dest, destMax, c, count); + return SecMemsetError(dest, destMax, c); } /* @@ -503,7 +504,7 @@ errno_t memset_sOptTc(void *dest, size_t destMax, int c, size_t count) return EOK; } /* Meet some runtime violation, return error code */ - return SecMemsetError(dest, destMax, c, count); + return SecMemsetError(dest, destMax, c); } #endif diff --git a/src/output.inl b/src/output.inl index 20dd4b3bd87771848a0cc2bc3606cf0dc92e32c6..9392efaaff1f4a2ccb18152d3b049cc0eb5b87a2 100644 --- a/src/output.inl +++ b/src/output.inl @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -12,10 +12,14 @@ * This file provides a template function for ANSI and UNICODE compiling * by different type definition. The functions of SecOutputS or * SecOutputSW provides internal implementation for printf family API, such as sprintf, swprintf_s. - * Author: lishunda * Create: 2014-02-25 + * Notes: see www.cplusplus.com/reference/cstdio/printf/ + */ +/* + * [Standardize-exceptions] Use unsafe function: Portability + * [reason] Use unsafe function to implement security function to maintain platform compatibility. + * And sufficient input validation is performed before calling */ - #ifndef OUTPUT_INL_2B263E9C_43D8_44BB_B17A_6D2033DECEE5 #define OUTPUT_INL_2B263E9C_43D8_44BB_B17A_6D2033DECEE5 @@ -71,6 +75,12 @@ (SecInt64)(size_t)va_arg(argList, size_t)) #endif +/* Format output buffer pointer and available size */ +typedef struct { + int count; + SecChar *cur; +} SecPrintfStream; + typedef union { /* Integer formatting refers to the end of the buffer, plus 1 to prevent tool alarms */ char str[SECUREC_BUFFER_SIZE + 1]; @@ -88,7 +98,7 @@ typedef union { typedef struct { const char *digits; /* Point to the hexadecimal subset */ - SecFormatBuf text; /* Point to formated string */ + SecFormatBuf text; /* Point to formatted string */ int textLen; /* Length of the text */ int textIsWide; /* Flag for text is wide chars ; 0 is not wide char */ unsigned int radix; /* Use for output number , default set to 10 */ @@ -112,7 +122,7 @@ typedef struct { typedef struct { char buffer[SECUREC_FMT_STR_LEN]; char *fmtStr; /* Initialization must point to buffer */ - char *allocatedFmtStr; /* Initialization must be NULL to store alloced point */ + char *allocatedFmtStr; /* Initialization must be NULL to store allocated point */ char *floatBuffer; /* Use heap memory if the SecFormatAttr.buffer is not enough */ int bufferSize; /* The size of floatBuffer */ } SecFloatAdapt; @@ -120,6 +130,8 @@ typedef struct { /* Use 20 to Align the data */ #define SECUREC_DIGITS_BUF_SIZE 20 +/* The serial number of 'x' or 'X' is 16 */ +#define SECUREC_NUMBER_OF_X 16 /* Some systems can not use pointers to point to string literals, but can use string arrays. */ /* For example, when handling code under uboot, there is a problem with the pointer */ static const char g_itoaUpperDigits[SECUREC_DIGITS_BUF_SIZE] = "0123456789ABCDEFX"; @@ -133,9 +145,9 @@ SECUREC_INLINE int SecFormatFloat(char *strDest, const char *format, ...) va_list argList; va_start(argList, format); - SECUREC_MASK_MSVC_CRT_WARNING + SECUREC_MASK_VSPRINTF_WARNING ret = vsprintf(strDest, format, argList); - SECUREC_END_MASK_MSVC_CRT_WARNING + SECUREC_END_MASK_VSPRINTF_WARNING va_end(argList); (void)argList; /* To clear e438 last value assigned not used , the compiler will optimize this code */ @@ -282,7 +294,7 @@ SECUREC_INLINE void SecNumber32ToString(SecUnsignedInt32 number, SecFormatAttr * #if defined(SECUREC_USE_SPECIAL_DIV64) || (defined(SECUREC_VXWORKS_VERSION_5_4) && !defined(SECUREC_ON_64BITS)) /* - * This function just to clear warning, on sume vxworks compiler shift 32 bit make warnigs + * This function just to clear warning, on sume vxworks compiler shift 32 bit make warnings */ SECUREC_INLINE SecUnsignedInt64 SecU64Shr32(SecUnsignedInt64 number) { @@ -502,28 +514,83 @@ SECUREC_INLINE void SecNumberToBuffer(SecFormatAttr *attr, SecInt64 num64) attr->textLen = (int)(size_t)((char *)&attr->buffer.str[SECUREC_BUFFER_SIZE] - attr->text.str); } +/* + * Write one character to dest buffer + */ +SECUREC_INLINE void SecWriteChar(SecPrintfStream *stream, SecChar ch, int *charsOut) +{ + /* Count must be reduced first, In order to identify insufficient length */ + --stream->count; + if (stream->count >= 0) { + *(stream->cur) = ch; + ++stream->cur; + *charsOut = *charsOut + 1; + return; + } + /* No enough length */ + *charsOut = -1; +} + +/* +* Write multiple identical characters. +*/ +SECUREC_INLINE void SecWriteMultiChar(SecPrintfStream *stream, SecChar ch, int num, int *charsOut) +{ + int count; + for (count = num; count > 0; --count) { + --stream->count; /* count may be negative,indicating insufficient space */ + if (stream->count < 0) { + *charsOut = -1; + return; + } + *(stream->cur) = ch; + ++stream->cur; + } + *charsOut = *charsOut + num; +} + +/* +* Write string function, where this function is called, make sure that len is greater than 0 +*/ +SECUREC_INLINE void SecWriteString(SecPrintfStream *stream, const SecChar *str, int len, int *charsOut) +{ + const SecChar *tmp = str; + int count; + for (count = len; count > 0; --count) { + --stream->count; /* count may be negative,indicating insufficient space */ + if (stream->count < 0) { + *charsOut = -1; + return; + } + *(stream->cur) = *tmp; + ++stream->cur; + ++tmp; + } + *charsOut = *charsOut + len; +} + /* Use loop copy char or wchar_t string */ -SECUREC_INLINE void SecWriteStringToStreamOpt(SecPrintfStream *stream, const SecChar *str, int len) +SECUREC_INLINE void SecWriteStringByLoop(SecPrintfStream *stream, const SecChar *str, int len) { int i; const SecChar *tmp = str; for (i = 0; i < len; ++i) { - *((SecChar *)(void *)(stream->cur)) = *(const SecChar *)(tmp); - stream->cur += sizeof(SecChar); - tmp = tmp + 1; + *stream->cur = *tmp; + ++stream->cur; + ++tmp; } - stream->count -= len * (int)(sizeof(SecChar)); + stream->count -= len; } -SECUREC_INLINE void SecWriteStringToStream(SecPrintfStream *stream, const SecChar *str, int len) +SECUREC_INLINE void SecWriteStringOpt(SecPrintfStream *stream, const SecChar *str, int len) { if (len < 12) { /* Performance optimization for mobile number length 12 */ - SecWriteStringToStreamOpt(stream, str, len); + SecWriteStringByLoop(stream, str, len); } else { - size_t count = (size_t)(unsigned int)len * (sizeof(SecChar)); + size_t count = (size_t)(unsigned int)len * sizeof(SecChar); SECUREC_MEMCPY_WARP_OPT(stream->cur, str, count); - stream->cur += (size_t)((size_t)(unsigned int)len * (sizeof(SecChar))); - stream->count -= len * (int)(sizeof(SecChar)); + stream->cur += len; + stream->count -= len; } } @@ -533,27 +600,26 @@ SECUREC_INLINE void SecWriteStringToStream(SecPrintfStream *stream, const SecCha */ SECUREC_INLINE int SecIsStreamBufEnough(const SecPrintfStream *stream, int needLen) { - return ((int)(stream->count - (needLen * (int)(sizeof(SecChar)))) >= 0); + return (int)(stream->count >= needLen); } -#ifdef SECUREC_FOR_WCHAR -SECUREC_INLINE void SecWriteMultiCharW(wchar_t ch, int num, SecPrintfStream *f, int *pnumwritten); -SECUREC_INLINE void SecWriteStringW(const wchar_t *string, int len, SecPrintfStream *f, int *pnumwritten); -#define SECUREC_WRITE_MULTI_CHAR SecWriteMultiCharW -#define SECUREC_WRITE_STRING SecWriteStringW -#else -SECUREC_INLINE void SecWriteMultiChar(char ch, int num, SecPrintfStream *f, int *pnumwritten); -SECUREC_INLINE void SecWriteString(const char *string, int len, SecPrintfStream *f, int *pnumwritten); -#define SECUREC_WRITE_MULTI_CHAR SecWriteMultiChar -#define SECUREC_WRITE_STRING SecWriteString -#endif +/* Write text string */ +SECUREC_INLINE void SecWriteTextOpt(SecPrintfStream *stream, const SecChar *str, int len, int *charsOut) +{ + if (SecIsStreamBufEnough(stream, len) != 0) { + SecWriteStringOpt(stream, str, len); + *charsOut += len; + } else { + SecWriteString(stream, str, len, charsOut); + } +} /* Write left padding */ SECUREC_INLINE void SecWriteLeftPadding(SecPrintfStream *stream, const SecFormatAttr *attr, int *charsOut) { if ((attr->flags & (SECUREC_FLAG_LEFT | SECUREC_FLAG_LEADZERO)) == 0 && attr->padding > 0) { /* Pad on left with blanks */ - SECUREC_WRITE_MULTI_CHAR(SECUREC_CHAR(' '), attr->padding, stream, charsOut); + SecWriteMultiChar(stream, SECUREC_CHAR(' '), attr->padding, charsOut); } } @@ -561,13 +627,7 @@ SECUREC_INLINE void SecWriteLeftPadding(SecPrintfStream *stream, const SecFormat SECUREC_INLINE void SecWritePrefix(SecPrintfStream *stream, const SecFormatAttr *attr, int *charsOut) { if (attr->prefixLen > 0) { - if (SecIsStreamBufEnough(stream, attr->prefixLen) != 0) { - /* Max prefix len is 2, use loop copy */ - SecWriteStringToStreamOpt(stream, attr->prefix, attr->prefixLen); - *charsOut += attr->prefixLen; - } else { - SECUREC_WRITE_STRING(attr->prefix, attr->prefixLen, stream, charsOut); - } + SecWriteString(stream, attr->prefix, attr->prefixLen, charsOut); } } @@ -576,7 +636,7 @@ SECUREC_INLINE void SecWriteLeadingZero(SecPrintfStream *stream, const SecFormat { if ((attr->flags & SECUREC_FLAG_LEADZERO) != 0 && (attr->flags & SECUREC_FLAG_LEFT) == 0 && attr->padding > 0) { - SECUREC_WRITE_MULTI_CHAR(SECUREC_CHAR('0'), attr->padding, stream, charsOut); + SecWriteMultiChar(stream, SECUREC_CHAR('0'), attr->padding, charsOut); } } @@ -585,20 +645,27 @@ SECUREC_INLINE void SecWriteRightPadding(SecPrintfStream *stream, const SecForma { if (*charsOut >= 0 && (attr->flags & SECUREC_FLAG_LEFT) != 0 && attr->padding > 0) { /* Pad on right with blanks */ - SECUREC_WRITE_MULTI_CHAR(SECUREC_CHAR(' '), attr->padding, stream, charsOut); + SecWriteMultiChar(stream, SECUREC_CHAR(' '), attr->padding, charsOut); } } -/* Write text string */ -SECUREC_INLINE void SecWriteStringChk(SecPrintfStream *stream, const SecChar *str, int len, int *charsOut) -{ - if (SecIsStreamBufEnough(stream, len) != 0) { - SecWriteStringToStream(stream, str, len); - *charsOut += len; - } else { - SECUREC_WRITE_STRING(str, len, stream, charsOut); - } -} +#ifdef SECUREC_FOR_WCHAR +#define SECUREC_TEXT_CHAR_PTR(text) ((text).wStr) +#define SECUREC_NEED_CONVERT_TEXT(attr) ((attr)->textIsWide == 0) +#if SECUREC_HAVE_MBTOWC +#define SECUREC_WRITE_TEXT_AFTER_CONVERT(stream, attr, charsOut) SecWriteTextAfterMbtowc((stream), (attr), (charsOut)) +#else +#define SECUREC_WRITE_TEXT_AFTER_CONVERT(stream, attr, charsOut) (*(charsOut) = -1) +#endif +#else +#define SECUREC_TEXT_CHAR_PTR(text) ((text).str) +#define SECUREC_NEED_CONVERT_TEXT(attr) ((attr)->textIsWide != 0) +#if SECUREC_HAVE_WCTOMB +#define SECUREC_WRITE_TEXT_AFTER_CONVERT(stream, attr, charsOut) SecWriteTextAfterWctomb((stream), (attr), (charsOut)) +#else +#define SECUREC_WRITE_TEXT_AFTER_CONVERT(stream, attr, charsOut) (*(charsOut) = -1) +#endif +#endif #ifdef SECUREC_FOR_WCHAR #if SECUREC_HAVE_MBTOWC @@ -613,7 +680,7 @@ SECUREC_INLINE void SecWriteTextAfterMbtowc(SecPrintfStream *stream, const SecFo *charsOut = -1; break; } - SecWriteCharW(wChar, stream, charsOut); + SecWriteChar(stream, wChar, charsOut); if (*charsOut == -1) { break; } @@ -637,7 +704,7 @@ SECUREC_INLINE void SecWriteTextAfterWctomb(SecPrintfStream *stream, const SecFo *charsOut = -1; break; } - SecWriteString(tmpBuf, retVal, stream, charsOut); + SecWriteString(stream, tmpBuf, retVal, charsOut); if (*charsOut == -1) { break; } @@ -664,7 +731,7 @@ SECUREC_INLINE void SecWriteFloatText(SecPrintfStream *stream, const SecFormatAt (void)attr; /* To clear e438 last value assigned not used , the compiler will optimize this code */ #endif #else /* Not SECUREC_FOR_WCHAR */ - SecWriteString(attr->text.str, attr->textLen, stream, charsOut); + SecWriteString(stream, attr->text.str, attr->textLen, charsOut); #endif } #endif @@ -672,28 +739,11 @@ SECUREC_INLINE void SecWriteFloatText(SecPrintfStream *stream, const SecFormatAt /* Write text of integer or string ... */ SECUREC_INLINE void SecWriteText(SecPrintfStream *stream, const SecFormatAttr *attr, int *charsOut) { -#ifdef SECUREC_FOR_WCHAR - if (attr->textIsWide != 0) { - SecWriteStringChk(stream, attr->text.wStr, attr->textLen, charsOut); + if (SECUREC_NEED_CONVERT_TEXT(attr)) { + SECUREC_WRITE_TEXT_AFTER_CONVERT(stream, attr, charsOut); } else { -#if SECUREC_HAVE_MBTOWC - SecWriteTextAfterMbtowc(stream, attr, charsOut); -#else - *charsOut = -1; -#endif + SecWriteTextOpt(stream, SECUREC_TEXT_CHAR_PTR(attr->text), attr->textLen, charsOut); } - -#else /* Not SECUREC_FOR_WCHAR */ - if (attr->textIsWide != 0) { -#if SECUREC_HAVE_WCTOMB - SecWriteTextAfterWctomb(stream, attr, charsOut); -#else - *charsOut = -1; -#endif - } else { - SecWriteStringChk(stream, attr->text.str, attr->textLen, charsOut); - } -#endif } #define SECUREC_FMT_STATE_OFFSET 256 @@ -703,7 +753,7 @@ SECUREC_INLINE SecFmtState SecDecodeState(SecChar ch, SecFmtState lastState) static const unsigned char stateTable[SECUREC_STATE_TABLE_SIZE] = { /* * Type - * 0: nospecial meanin; + * 0: nospecial meaning; * 1: '%' * 2: '.' * 3: '*' @@ -812,6 +862,7 @@ SECUREC_INLINE int SecDecodeSizeI(SecFormatAttr *attr, const SecChar **format) } return 0; } + /* * Decoded size identifier in format string, and skip format to next charater */ @@ -907,8 +958,15 @@ SECUREC_INLINE void SecDecodeTypeC(SecFormatAttr *attr, unsigned int c) #endif } +#ifdef SECUREC_FOR_WCHAR +#define SECUREC_IS_NARROW_STRING(attr) (((attr)->flags & SECUREC_FLAG_SHORT) != 0) +#else +#define SECUREC_IS_NARROW_STRING(attr) (((attr)->flags & (SECUREC_FLAG_LONG | SECUREC_FLAG_WIDECHAR)) == 0) +#endif + SECUREC_INLINE void SecDecodeTypeSchar(SecFormatAttr *attr) { + size_t textLen; if (attr->text.str == NULL) { /* * Literal string to print null ptr, define it as array rather than const text area @@ -920,13 +978,15 @@ SECUREC_INLINE void SecDecodeTypeSchar(SecFormatAttr *attr) if (attr->precision == -1) { /* Precision NOT assigned */ /* The strlen performance is high when the string length is greater than 32 */ - attr->textLen = (int)strlen(attr->text.str); + textLen = strlen(attr->text.str); + if (textLen > SECUREC_STRING_MAX_LEN) { + textLen = 0; + } } else { /* Precision assigned */ - size_t textLen; SECUREC_CALC_STR_LEN(attr->text.str, (size_t)(unsigned int)attr->precision, &textLen); - attr->textLen = (int)textLen; } + attr->textLen = (int)textLen; } SECUREC_INLINE void SecDecodeTypeSwchar(SecFormatAttr *attr) @@ -944,6 +1004,9 @@ SECUREC_INLINE void SecDecodeTypeSwchar(SecFormatAttr *attr) } /* The textLen in wchar_t,when precision is -1, it is unlimited */ SECUREC_CALC_WSTR_LEN(attr->text.wStr, (size_t)(unsigned int)attr->precision, &textLen); + if (textLen > SECUREC_WCHAR_STRING_MAX_LEN) { + textLen = 0; + } attr->textLen = (int)textLen; #else attr->textLen = 0; @@ -955,56 +1018,28 @@ SECUREC_INLINE void SecDecodeTypeSwchar(SecFormatAttr *attr) */ SECUREC_INLINE void SecDecodeTypeS(SecFormatAttr *attr, char *argPtr) { -#if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT)) && (!defined(SECUREC_ON_UNIX)) +#if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT)) +#if (!defined(SECUREC_ON_UNIX)) attr->flags &= ~SECUREC_FLAG_LEADZERO; #endif - attr->text.str = argPtr; -#ifdef SECUREC_FOR_WCHAR -#if defined(SECUREC_COMPATIBLE_LINUX_FORMAT) +#if (defined(SECUREC_FOR_WCHAR)) if ((attr->flags & SECUREC_FLAG_LONG) == 0) { attr->flags |= SECUREC_FLAG_SHORT; } #endif - if ((attr->flags & SECUREC_FLAG_SHORT) != 0) { +#endif + attr->text.str = argPtr; + if (SECUREC_IS_NARROW_STRING(attr)) { /* The textLen now contains length in multibyte chars */ SecDecodeTypeSchar(attr); } else { /* The textLen now contains length in wide chars */ SecDecodeTypeSwchar(attr); } -#else /* SECUREC_FOR_WCHAR */ - if ((attr->flags & (SECUREC_FLAG_LONG | SECUREC_FLAG_WIDECHAR)) != 0) { - /* The textLen now contains length in wide chars */ - SecDecodeTypeSwchar(attr); - } else { - /* The textLen now contains length in multibyte chars */ - SecDecodeTypeSchar(attr); - } -#endif /* SECUREC_FOR_WCHAR */ - if (attr->textLen < 0) { - attr->textLen = 0; - } } /* - * Write one character to dest buffer - */ -SECUREC_INLINE void SecOutputOneChar(SecChar ch, SecPrintfStream *stream, int *counter) -{ - /* Count must be reduced first, In order to identify insufficient length */ - stream->count -= (int)(sizeof(SecChar)); - if (stream->count >= 0) { - *((SecChar *)(void *)(stream->cur)) = (SecChar)ch; - stream->cur += sizeof(SecChar); - *counter = *(counter) + 1; - return; - } - /* No enough length */ - *counter = -1; -} - -/* - * Check precison in format + * Check precision in format */ SECUREC_INLINE int SecDecodePrecision(SecChar ch, SecFormatAttr *attr) { @@ -1044,9 +1079,9 @@ SECUREC_INLINE int SecDecodeWidth(SecChar ch, SecFormatAttr *attr, SecFmtState l if (attr->fldWidth < 0) { attr->flags |= SECUREC_FLAG_LEFT; attr->fldWidth = (-attr->fldWidth); - if (attr->fldWidth > SECUREC_MAX_WIDTH_LEN) { - return -1; - } + } + if (attr->fldWidth > SECUREC_MAX_WIDTH_LEN) { + return -1; } } return 0; @@ -1135,7 +1170,7 @@ SECUREC_INLINE void SecUpdatePointFlags(SecFormatAttr *attr) #if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT) || defined(SECUREC_VXWORKS_PLATFORM)) attr->prefix[1] = SECUREC_CHAR('x'); #else - attr->prefix[1] = (SecChar)(attr->digits[16]); /* 16 for 'x' or 'X' */ + attr->prefix[1] = (SecChar)(attr->digits[SECUREC_NUMBER_OF_X]); #endif #if defined(_AIX) || defined(SECUREC_ON_SOLARIS) attr->prefixLen = 0; @@ -1165,12 +1200,13 @@ SECUREC_INLINE void SecUpdateXpxFlags(SecFormatAttr *attr, SecChar ch) if ((attr->flags & SECUREC_FLAG_ALTERNATE) != 0) { /* Alternate form means '0x' prefix */ attr->prefix[0] = SECUREC_CHAR('0'); - attr->prefix[1] = (SecChar)(attr->digits[16]); /* 16 for 'x' or 'X' */ + attr->prefix[1] = (SecChar)(attr->digits[SECUREC_NUMBER_OF_X]); attr->prefixLen = SECUREC_PREFIX_LEN; } break; } } + SECUREC_INLINE void SecUpdateOudiFlags(SecFormatAttr *attr, SecChar ch) { /* Do not set digits here */ @@ -1286,7 +1322,7 @@ SECUREC_INLINE int SecInitFloatBuffer(SecFloatAdapt *floatAdapt, const SecChar * } if (floatAdapt->bufferSize > SECUREC_BUFFER_SIZE) { - /* The current vlaue of SECUREC_BUFFER_SIZE could NOT store the formatted float string */ + /* The current value of SECUREC_BUFFER_SIZE could not store the formatted float string */ floatAdapt->floatBuffer = (char *)SECUREC_MALLOC(((size_t)(unsigned int)floatAdapt->bufferSize)); if (floatAdapt->floatBuffer == NULL) { return -1; @@ -1420,18 +1456,10 @@ SECUREC_INLINE void SecNumberCompatZero(SecFormatAttr *attr) (void)attr; /* To clear e438 last value assigned not used , the compiler will optimize this code */ } -#ifdef SECUREC_FOR_WCHAR /* - * Formatting output core functions for wchar version.Called by a function such as vswprintf_s - * The argList must not be declare as const + * Formatting output core function */ -SECUREC_INLINE int SecOutputSW(SecPrintfStream *stream, const wchar_t *cFormat, va_list argList) -#else -/* - * Formatting output core functions for char version.Called by a function such as vsnprintf_s - */ -SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_list argList) -#endif +SECUREC_INLINE int SecOutput(SecPrintfStream *stream, const SecChar *cFormat, va_list argList) { const SecChar *format = cFormat; int charsOut; /* Characters written */ @@ -1464,7 +1492,7 @@ SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_l state = SecDecodeState(ch, lastState); switch (state) { case STAT_NORMAL: - SecOutputOneChar(ch, stream, &charsOut); + SecWriteChar(stream, ch, &charsOut); continue; case STAT_PERCENT: /* Set default values */ @@ -1497,7 +1525,7 @@ SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_l formatAttr.precision = 0; break; case STAT_PRECIS: - /* Update precison value */ + /* Update precision value */ if (ch == SECUREC_CHAR('*')) { /* Get precision from arg list */ formatAttr.precision = (int)va_arg(argList, int); @@ -1508,10 +1536,10 @@ SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_l } break; case STAT_SIZE: - /* Read a size specifier, set the formatAttr.flags based on it, and skip format to next charater */ + /* Read a size specifier, set the formatAttr.flags based on it, and skip format to next character */ if (SecDecodeSize(ch, &formatAttr, &format) != 0) { /* Compatibility code for "%I" just print I */ - SecOutputOneChar(ch, stream, &charsOut); + SecWriteChar(stream, ch, &charsOut); state = STAT_NORMAL; continue; } @@ -1536,11 +1564,6 @@ SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_l } case SECUREC_CHAR('G'): /* fall-through */ /* FALLTHRU */ case SECUREC_CHAR('g'): /* fall-through */ /* FALLTHRU */ - /* Default precision is 1 for g or G */ - if (formatAttr.precision == 0) { - formatAttr.precision = 1; - } - /* fall-through */ /* FALLTHRU */ case SECUREC_CHAR('E'): /* fall-through */ /* FALLTHRU */ case SECUREC_CHAR('F'): /* fall-through */ /* FALLTHRU */ case SECUREC_CHAR('e'): /* fall-through */ /* FALLTHRU */ @@ -1568,7 +1591,7 @@ SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_l SecFormatDouble(&formatAttr, &floatAdapt, tmp); } - /* Only need write formated float string */ + /* Only need write formatted float string */ SecWriteFloatText(stream, &formatAttr, &charsOut); SecFreeFloatBuffer(&floatAdapt); break; @@ -1653,16 +1676,45 @@ SECUREC_INLINE int SecOutputS(SecPrintfStream *stream, const char *cFormat, va_l * Output one zero character zero into the SecPrintfStream structure * If there is not enough space, make sure f->count is less than 0 */ -SECUREC_INLINE int SecPutZeroChar(SecPrintfStream *str) +SECUREC_INLINE int SecPutZeroChar(SecPrintfStream *stream) { - --str->count; - if (str->count >= 0) { - *(str->cur) = '\0'; - str->cur = str->cur + 1; + --stream->count; + if (stream->count >= 0) { + *(stream->cur) = SECUREC_CHAR('\0'); + ++stream->cur; return 0; } return -1; } +/* + * Multi character formatted output implementation + */ +#ifdef SECUREC_FOR_WCHAR +int SecVswprintfImpl(wchar_t *string, size_t count, const wchar_t *format, va_list argList) +#else +int SecVsnprintfImpl(char *string, size_t count, const char *format, va_list argList) +#endif +{ + SecPrintfStream stream; + int retVal; + + stream.count = (int)count; /* The count include \0 character, must be greater than zero */ + stream.cur = string; + + retVal = SecOutput(&stream, format, argList); + if (retVal >= 0) { + if (SecPutZeroChar(&stream) == 0) { + return retVal; + } + } + if (stream.count < 0) { + /* The buffer was too small, then truncate */ + string[count - 1] = SECUREC_CHAR('\0'); + return SECUREC_PRINTF_TRUNCATE; + } + string[0] = SECUREC_CHAR('\0'); /* Empty the dest string */ + return -1; +} #endif /* OUTPUT_INL_2B263E9C_43D8_44BB_B17A_6D2033DECEE5 */ diff --git a/src/scanf_s.c b/src/scanf_s.c index 0ae200e682e4a65bc9c2771c69ccf49a3f0a35b4..fa5470b8504ca83056952a33078d3151b27d9ae9 100644 --- a/src/scanf_s.c +++ b/src/scanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: scanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/secinput.h b/src/secinput.h index 15c10451a1112723d884b47b871ad7ffed455a25..176ee05d96d42aff0aa5968686d4584e5c6a2d8c 100644 --- a/src/secinput.h +++ b/src/secinput.h @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,7 +10,6 @@ * See the Mulan PSL v2 for more details. * Description: Define macro, data struct, and declare function prototype, * which is used by input.inl, secureinput_a.c and secureinput_w.c. - * Author: lishunda * Create: 2014-02-25 */ @@ -39,13 +38,13 @@ #define SECUREC_UTF8_LEAD_1ST 0xe0U #define SECUREC_UTF8_LEAD_2ND 0x80U -#define SECUREC_BEGIN_WITH_UCS_BOM(s, len) ((len) >= SECUREC_UCS_BOM_HEADER_SIZE && \ +#define SECUREC_BEGIN_WITH_UCS_BOM(s, len) ((len) == SECUREC_UCS_BOM_HEADER_SIZE && \ (((unsigned char)((s)[0]) == SECUREC_UCS_BOM_HEADER_LE_1ST && \ (unsigned char)((s)[1]) == SECUREC_UCS_BOM_HEADER_LE_2ST) || \ ((unsigned char)((s)[0]) == SECUREC_UCS_BOM_HEADER_BE_1ST && \ (unsigned char)((s)[1]) == SECUREC_UCS_BOM_HEADER_BE_2ST))) -#define SECUREC_BEGIN_WITH_UTF8_BOM(s, len) ((len) >= SECUREC_UTF8_BOM_HEADER_SIZE && \ +#define SECUREC_BEGIN_WITH_UTF8_BOM(s, len) ((len) == SECUREC_UTF8_BOM_HEADER_SIZE && \ (unsigned char)((s)[0]) == SECUREC_UTF8_BOM_HEADER_1ST && \ (unsigned char)((s)[1]) == SECUREC_UTF8_BOM_HEADER_2ND && \ (unsigned char)((s)[2]) == SECUREC_UTF8_BOM_HEADER_3RD) @@ -67,22 +66,10 @@ typedef struct { FILE *pf; /* The file pointer */ size_t fileRealRead; long oriFilePos; /* The original position of file offset when fscanf is called */ -#if !SECUREC_USE_STD_UNGETC - unsigned int lastChar; /* The char code of last input */ - int fUnGet; /* The boolean flag of pushing a char back to read stream */ -#endif #endif } SecFileStream; -#if SECUREC_ENABLE_SCANF_FILE && !SECUREC_USE_STD_UNGETC -#define SECUREC_FILE_STREAM_INIT_FILE(stream, fp) do { \ - (stream)->pf = (fp); \ - (stream)->fileRealRead = 0; \ - (stream)->oriFilePos = 0; \ - (stream)->lastChar = 0; \ - (stream)->fUnGet = 0; \ -} SECUREC_WHILE_ZERO -#elif SECUREC_ENABLE_SCANF_FILE && SECUREC_USE_STD_UNGETC +#if SECUREC_ENABLE_SCANF_FILE #define SECUREC_FILE_STREAM_INIT_FILE(stream, fp) do { \ (stream)->pf = (fp); \ (stream)->fileRealRead = 0; \ @@ -123,11 +110,11 @@ typedef struct { #ifdef __cplusplus extern "C" { #endif - int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList); - void SecClearDestBuf(const char *buffer, const char *format, va_list argList); +int SecInputS(SecFileStream *stream, const char *cFormat, va_list argList); +void SecClearDestBuf(const char *buffer, const char *format, va_list argList); #ifdef SECUREC_FOR_WCHAR - int SecInputSW(SecFileStream *stream, const wchar_t *cFormat, va_list argList); - void SecClearDestBufW(const wchar_t *buffer, const wchar_t *format, va_list argList); +int SecInputSW(SecFileStream *stream, const wchar_t *cFormat, va_list argList); +void SecClearDestBufW(const wchar_t *buffer, const wchar_t *format, va_list argList); #endif /* 20150105 For software and hardware decoupling,such as UMG */ @@ -135,7 +122,7 @@ extern "C" { #ifdef feof #undef feof #endif - extern int feof(FILE *stream); +extern int feof(FILE *stream); #endif #if defined(SECUREC_SYSAPI4VXWORKS) || defined(SECUREC_CTYPE_MACRO_ADAPT) diff --git a/src/securecutil.c b/src/securecutil.c index 140cbf3c2dbd0f378e1dc295d31cee13d8933ce8..7518eb300b2eca40609e7865f5d002413d80ba65 100644 --- a/src/securecutil.c +++ b/src/securecutil.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -11,14 +11,13 @@ * Description: Provides internal functions used by this library, such as memory * copy and memory move. Besides, include some helper function for * printf family API, such as SecVsnprintfImpl - * Author: lishunda * Create: 2014-02-25 */ /* Avoid duplicate header files,not include securecutil.h */ #include "securecutil.h" -#if defined(ANDROID) && (SECUREC_HAVE_WCTOMB || SECUREC_HAVE_MBTOWC) +#if defined(ANDROID) && !defined(SECUREC_CLOSE_ANDROID_HANDLE) && (SECUREC_HAVE_WCTOMB || SECUREC_HAVE_MBTOWC) #include #if SECUREC_HAVE_WCTOMB /* @@ -26,25 +25,27 @@ */ int wctomb(char *s, wchar_t wc) { - return wcrtomb(s, wc, NULL); + return (int)wcrtomb(s, wc, NULL); } #endif #if SECUREC_HAVE_MBTOWC /* * Converting narrow multi-byte characters to wide characters + * mbrtowc returns -1 or -2 upon failure, unlike mbtowc, which only returns -1 + * When the return value is less than zero, we treat it as a failure */ int mbtowc(wchar_t *pwc, const char *s, size_t n) { - return mbrtowc(pwc, s, n, NULL); + return (int)mbrtowc(pwc, s, n, NULL); } #endif #endif /* The V100R001C01 version num is 0x5 (High 8 bits) */ #define SECUREC_C_VERSION 0x500U -#define SECUREC_SPC_VERSION 0xaU -#define SECUREC_VERSION_STR "V100R001C01SPC010B002" +#define SECUREC_SPC_VERSION 0xbU +#define SECUREC_VERSION_STR "V100R001C01SPC011B003" /* * Get version string and version number. @@ -74,7 +75,7 @@ const char *GetHwSecureCVersion(unsigned short *verNumber) } return SECUREC_VERSION_STR; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(GetHwSecureCVersion); #endif diff --git a/src/securecutil.h b/src/securecutil.h index 38cbd3e61ee3341bbf905402899ad37c6abe7181..7e3bd691f9ece9decd2fcb3c239697c806597246 100644 --- a/src/securecutil.h +++ b/src/securecutil.h @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,7 +10,6 @@ * See the Mulan PSL v2 for more details. * Description: Define macro, data struct, and declare internal used function prototype, * which is used by secure functions. - * Author: lishunda * Create: 2014-02-25 */ @@ -47,7 +46,7 @@ #endif #if SECUREC_IN_KERNEL -/* In kernel disbale functions */ +/* In kernel disable functions */ #ifndef SECUREC_ENABLE_SCANF_FILE #define SECUREC_ENABLE_SCANF_FILE 0 #endif @@ -89,10 +88,6 @@ #endif #endif -#ifndef SECUREC_USE_STD_UNGETC -#define SECUREC_USE_STD_UNGETC 1 -#endif - #ifndef SECUREC_ENABLE_INLINE #define SECUREC_ENABLE_INLINE 0 #endif @@ -234,18 +229,38 @@ #define SECUREC_MEMCPY_WARP_OPT(dest, src, count) (void)SECUREC_MEMCPY_FUNC_OPT((dest), (src), (count)) +#ifndef SECUREC_MEMSET_BARRIER +#if defined(__GNUC__) +/* Can be turned off for scenarios that do not use memory barrier */ +#define SECUREC_MEMSET_BARRIER 1 +#else +#define SECUREC_MEMSET_BARRIER 0 +#endif +#endif + #ifndef SECUREC_MEMSET_INDIRECT_USE /* Can be turned off for scenarios that do not allow pointer calls */ #define SECUREC_MEMSET_INDIRECT_USE 1 #endif -#if SECUREC_MEMSET_INDIRECT_USE -#define SECUREC_MEMSET_WARP_OPT(dest, value, count) do { \ +#if SECUREC_MEMSET_BARRIER +#define SECUREC_MEMORY_BARRIER(dest) __asm__ __volatile__("": : "r"(dest) : "memory") +#else +#define SECUREC_MEMORY_BARRIER(dest) +#endif + +#if SECUREC_MEMSET_BARRIER +#define SECUREC_MEMSET_PREVENT_DSE(dest, value, count) do { \ + (void)SECUREC_MEMSET_FUNC_OPT(dest, value, count); \ + SECUREC_MEMORY_BARRIER(dest); \ +} SECUREC_WHILE_ZERO +#elif SECUREC_MEMSET_INDIRECT_USE +#define SECUREC_MEMSET_PREVENT_DSE(dest, value, count) do { \ void *(* const volatile fn_)(void *s_, int c_, size_t n_) = SECUREC_MEMSET_FUNC_OPT; \ (void)(*fn_)((dest), (value), (count)); \ } SECUREC_WHILE_ZERO #else -#define SECUREC_MEMSET_WARP_OPT(dest, value, count) (void)SECUREC_MEMSET_FUNC_OPT((dest), (value), (count)) +#define SECUREC_MEMSET_PREVENT_DSE(dest, value, count) (void)SECUREC_MEMSET_FUNC_OPT((dest), (value), (count)) #endif #ifdef SECUREC_FORMAT_OUTPUT_INPUT @@ -544,12 +559,12 @@ extern "C" { /* Assembly language memory copy and memory set for X86 or MIPS ... */ #ifdef SECUREC_USE_ASM - void *memcpy_opt(void *dest, const void *src, size_t n); - void *memset_opt(void *s, int c, size_t n); +void *memcpy_opt(void *dest, const void *src, size_t n); +void *memset_opt(void *s, int c, size_t n); #endif #if defined(SECUREC_ERROR_HANDLER_BY_FILE_LOG) - void LogSecureCRuntimeError(const char *errDetail); +void LogSecureCRuntimeError(const char *errDetail); #endif #ifdef __cplusplus diff --git a/src/secureinput_a.c b/src/secureinput_a.c index 10b7f3571b8fc630e129ad7080c694439e3993d9..e79868f45eff5a3800774c055b9003e4c00561b0 100644 --- a/src/secureinput_a.c +++ b/src/secureinput_a.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,7 +10,6 @@ * See the Mulan PSL v2 for more details. * Description: By defining data type for ANSI string and including "input.inl", * this file generates real underlying function used by scanf family API. - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/secureinput_w.c b/src/secureinput_w.c index 79955794edc9b7a1341eab1eeba2855297a48e7f..12c9ef813ddb9fdd4d50d495714a37ab6915c781 100644 --- a/src/secureinput_w.c +++ b/src/secureinput_w.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,11 +10,10 @@ * See the Mulan PSL v2 for more details. * Description: By defining data type for UNICODE string and including "input.inl", * this file generates real underlying function used by scanf family API. - * Author: lishunda * Create: 2014-02-25 */ -/* If some platforms don't have wchar.h, dont't include it */ +/* If some platforms don't have wchar.h, don't include it */ #if !(defined(SECUREC_VXWORKS_PLATFORM)) /* If there is no macro below, it will cause vs2010 compiling alarm */ #if defined(_MSC_VER) && (_MSC_VER >= 1400) diff --git a/src/secureprintoutput.h b/src/secureprintoutput.h index 843217ae0f7b5304c7fd3efde78e5f909d187051..a00b10dfffab275febb926b5ce130815e9212869 100644 --- a/src/secureprintoutput.h +++ b/src/secureprintoutput.h @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -11,7 +11,6 @@ * Description: Define macro, enum, data struct, and declare internal used function * prototype, which is used by output.inl, secureprintoutput_w.c and * secureprintoutput_a.c. - * Author: lishunda * Create: 2014-02-25 */ @@ -19,6 +18,34 @@ #define SECUREPRINTOUTPUT_H_E950DA2C_902F_4B15_BECD_948E99090D9C #include "securecutil.h" +/* Shield compilation alerts about using sprintf without format attribute to format float value. */ +#ifndef SECUREC_HANDLE_WFORMAT +#define SECUREC_HANDLE_WFORMAT 1 +#endif + +#if SECUREC_HANDLE_WFORMAT && defined(__GNUC__) && ((__GNUC__ >= 5) || \ + (defined(__GNUC_MINOR__) && (__GNUC__ == 4 && __GNUC_MINOR__ > 7))) +#if defined(__clang__) +#define SECUREC_MASK_WFORMAT_WARNING _Pragma("GCC diagnostic push") \ + _Pragma("GCC diagnostic ignored \"-Wformat-nonliteral\"") +#else +#define SECUREC_MASK_WFORMAT_WARNING _Pragma("GCC diagnostic push") \ + _Pragma("GCC diagnostic ignored \"-Wformat-nonliteral\"") \ + _Pragma("GCC diagnostic ignored \"-Wmissing-format-attribute\"") \ + _Pragma("GCC diagnostic ignored \"-Wsuggest-attribute=format\"") +#endif +#define SECUREC_END_MASK_WFORMAT_WARNING _Pragma("GCC diagnostic pop") +#else +#define SECUREC_MASK_WFORMAT_WARNING +#define SECUREC_END_MASK_WFORMAT_WARNING +#endif + +#define SECUREC_MASK_VSPRINTF_WARNING SECUREC_MASK_WFORMAT_WARNING \ + SECUREC_MASK_MSVC_CRT_WARNING + +#define SECUREC_END_MASK_VSPRINTF_WARNING SECUREC_END_MASK_WFORMAT_WARNING \ + SECUREC_END_MASK_MSVC_CRT_WARNING + /* * Flag definitions. * Using macros instead of enumerations is because some of the enumerated types under the compiler are 16bit. @@ -58,12 +85,6 @@ typedef enum { STAT_INVALID } SecFmtState; -/* Format output buffer pointer and available size */ -typedef struct { - int count; - char *cur; -} SecPrintfStream; - #ifndef SECUREC_BUFFER_SIZE #if SECUREC_IN_KERNEL #define SECUREC_BUFFER_SIZE 32 @@ -84,7 +105,7 @@ typedef struct { #define SECUREC_WCHAR_BUFFER_SIZE 4 #define SECUREC_MAX_PRECISION SECUREC_BUFFER_SIZE -/* Max. # bytes in multibyte char ,see MB_LEN_MAX */ +/* Max. # bytes in multibyte char,see MB_LEN_MAX */ #define SECUREC_MB_LEN 16 /* The return value of the internal function, which is returned when truncated */ #define SECUREC_PRINTF_TRUNCATE (-2) @@ -112,9 +133,10 @@ typedef struct { #ifdef __cplusplus extern "C" { #endif - int SecVsnprintfImpl(char *string, size_t count, const char *format, va_list argList); #ifdef SECUREC_FOR_WCHAR - int SecVswprintfImpl(wchar_t *string, size_t sizeInWchar, const wchar_t *format, va_list argList); +int SecVswprintfImpl(wchar_t *string, size_t count, const wchar_t *format, va_list argList); +#else +int SecVsnprintfImpl(char *string, size_t count, const char *format, va_list argList); #endif #ifdef __cplusplus } diff --git a/src/secureprintoutput_a.c b/src/secureprintoutput_a.c index 64762c06775b760e278aee850081cf291f3b3255..b2b4b6a65cfa6416c643ad3dbf5e09ead8bc095a 100644 --- a/src/secureprintoutput_a.c +++ b/src/secureprintoutput_a.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,7 +10,6 @@ * See the Mulan PSL v2 for more details. * Description: By defining corresponding macro for ANSI string and including "output.inl", * this file generates real underlying function used by printf family API. - * Author: lishunda * Create: 2014-02-25 */ @@ -84,7 +83,9 @@ int SecVsnprintfImpl(char *string, size_t count, const char *format, va_list arg string[0] = '\0'; return -1; } + SECUREC_MASK_VSPRINTF_WARNING retVal = vsnprintf(string, count, format, argList); + SECUREC_END_MASK_VSPRINTF_WARNING if (retVal >= (int)count) { /* The size_t to int is ok, count max is SECUREC_STRING_MAX_LEN */ /* The buffer was too small; we return truncation */ string[count - 1] = '\0'; @@ -107,68 +108,5 @@ int SecVsnprintfImpl(char *string, size_t count, const char *format, va_list arg #include "output.inl" -/* - * Multi character formatted output implementation - */ -int SecVsnprintfImpl(char *string, size_t count, const char *format, va_list argList) -{ - SecPrintfStream str; - int retVal; - - str.count = (int)count; /* The count include \0 character, must be greater than zero */ - str.cur = string; - - retVal = SecOutputS(&str, format, argList); - if (retVal >= 0) { - if (SecPutZeroChar(&str) == 0) { - return retVal; - } - } - if (str.count < 0) { - /* The buffer was too small, then truncate */ - string[count - 1] = '\0'; - return SECUREC_PRINTF_TRUNCATE; - } - string[0] = '\0'; /* Empty the dest string */ - return -1; -} - -/* - * Write a wide character - */ -SECUREC_INLINE void SecWriteMultiChar(char ch, int num, SecPrintfStream *f, int *pnumwritten) -{ - int count; - for (count = num; count > 0; --count) { - --f->count; /* f -> count may be negative,indicating insufficient space */ - if (f->count < 0) { - *pnumwritten = -1; - return; - } - *(f->cur) = ch; - ++f->cur; - *pnumwritten = *pnumwritten + 1; - } -} - -/* - * Write string function, where this function is called, make sure that len is greater than 0 - */ -SECUREC_INLINE void SecWriteString(const char *string, int len, SecPrintfStream *f, int *pnumwritten) -{ - const char *str = string; - int count; - for (count = len; count > 0; --count) { - --f->count; /* f -> count may be negative,indicating insufficient space */ - if (f->count < 0) { - *pnumwritten = -1; - return; - } - *(f->cur) = *str; - ++f->cur; - ++str; - } - *pnumwritten = *pnumwritten + (int)(size_t)(str - string); -} #endif diff --git a/src/secureprintoutput_w.c b/src/secureprintoutput_w.c index 4d06a64a37ee4fcf0f4499a4daa260b18af8931a..672c0184cc6de509957e3bc32bbd0afcd48c7e65 100644 --- a/src/secureprintoutput_w.c +++ b/src/secureprintoutput_w.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -10,11 +10,10 @@ * See the Mulan PSL v2 for more details. * Description: By defining corresponding macro for UNICODE string and including "output.inl", * this file generates real underlying function used by printf family API. - * Author: lishunda * Create: 2014-02-25 */ -/* If some platforms don't have wchar.h, dont't include it */ +/* If some platforms don't have wchar.h, don't include it */ #if !(defined(SECUREC_VXWORKS_PLATFORM)) /* If there is no macro above, it will cause compiling alarm */ #if defined(_MSC_VER) && (_MSC_VER >= 1400) @@ -36,112 +35,7 @@ #define SECUREC_FOR_WCHAR #endif -#if defined(SECUREC_WARP_OUTPUT) && SECUREC_WARP_OUTPUT -#undef SECUREC_WARP_OUTPUT -#define SECUREC_WARP_OUTPUT 0 -#endif - #include "secureprintoutput.h" -SECUREC_INLINE void SecWriteCharW(wchar_t ch, SecPrintfStream *f, int *pnumwritten); -SECUREC_INLINE int SecPutWcharStrEndingZero(SecPrintfStream *str, int zeroCount); - #include "output.inl" -/* - * Wide character formatted output implementation - */ -int SecVswprintfImpl(wchar_t *string, size_t sizeInWchar, const wchar_t *format, va_list argList) -{ - SecPrintfStream str; - int retVal; /* If initialization causes e838 */ - - str.cur = (char *)string; - /* This count include \0 character, Must be greater than zero */ - str.count = (int)(sizeInWchar * sizeof(wchar_t)); - - retVal = SecOutputSW(&str, format, argList); - if (retVal >= 0) { - if (SecPutWcharStrEndingZero(&str, (int)sizeof(wchar_t)) == 0) { - return retVal; - } - } - if (str.count < 0) { - /* The buffer was too small, then truncate */ - string[sizeInWchar - 1] = L'\0'; - return SECUREC_PRINTF_TRUNCATE; - } - string[0] = L'\0'; /* Empty the dest string */ - return -1; -} - -/* - * Output a wide character zero end into the SecPrintfStream structure - */ -SECUREC_INLINE int SecPutWcharStrEndingZero(SecPrintfStream *str, int zeroCount) -{ - int count; - for (count = zeroCount; count > 0; --count) { - if (SecPutZeroChar(str) != 0) { - return -1; - } - } - return 0; -} - -/* - * Output a wide character into the SecPrintfStream structure - */ -SECUREC_INLINE int SecPutCharW(wchar_t ch, SecPrintfStream *f) -{ - f->count -= (int)sizeof(wchar_t); /* f -> count may be negative,indicating insufficient space */ - if (f->count >= 0) { - *(wchar_t *)(void *)(f->cur) = ch; - f->cur += sizeof(wchar_t); - return 0; - } - return -1; -} - -/* - * Output a wide character into the SecPrintfStream structure, returns the number of characters written - */ -SECUREC_INLINE void SecWriteCharW(wchar_t ch, SecPrintfStream *f, int *pnumwritten) -{ - if (SecPutCharW(ch, f) == 0) { - *pnumwritten = *pnumwritten + 1; - } else { - *pnumwritten = -1; - } -} - -/* - * Output multiple wide character into the SecPrintfStream structure, returns the number of characters written - */ -SECUREC_INLINE void SecWriteMultiCharW(wchar_t ch, int num, SecPrintfStream *f, int *pnumwritten) -{ - int count; - for (count = num; count > 0; --count) { - SecWriteCharW(ch, f, pnumwritten); - if (*pnumwritten == -1) { - break; - } - } -} - -/* - * Output a wide string into the SecPrintfStream structure, returns the number of characters written - */ -SECUREC_INLINE void SecWriteStringW(const wchar_t *string, int len, SecPrintfStream *f, int *pnumwritten) -{ - const wchar_t *str = string; - int count; - for (count = len; count > 0; --count) { - SecWriteCharW(*str, f, pnumwritten); - ++str; - if (*pnumwritten == -1) { - break; - } - } -} - diff --git a/src/snprintf_s.c b/src/snprintf_s.c index 491c0a8d27ab0eeb201a29603801bcd4bf89c851..e9b94f37248f5a3d0ddd954ce7918d3d6db253be 100644 --- a/src/snprintf_s.c +++ b/src/snprintf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: snprintf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -57,7 +56,7 @@ int snprintf_s(char *strDest, size_t destMax, size_t count, const char *format, return ret; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(snprintf_s); #endif #endif @@ -103,7 +102,7 @@ int snprintf_truncated_s(char *strDest, size_t destMax, const char *format, ...) return ret; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(snprintf_truncated_s); #endif diff --git a/src/sprintf_s.c b/src/sprintf_s.c index 95b448586c5c265d7ce9c55d4f1b6bbba249f521..0cf3fca9013d9ec2d6fd211bcfc6c123d31c7753 100644 --- a/src/sprintf_s.c +++ b/src/sprintf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: sprintf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -53,7 +52,7 @@ int sprintf_s(char *strDest, size_t destMax, const char *format, ...) return ret; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(sprintf_s); #endif diff --git a/src/sscanf_s.c b/src/sscanf_s.c index ba5680f03329f9dfd4471e76e99baa38b1655088..b441329e12e08818e63804f3e14615331404bb6a 100644 --- a/src/sscanf_s.c +++ b/src/sscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: sscanf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -53,7 +52,7 @@ int sscanf_s(const char *buffer, const char *format, ...) return ret; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(sscanf_s); #endif diff --git a/src/strcat_s.c b/src/strcat_s.c index 05c1c3230f6c8375ddfa4e64ad094bae0e1342c4..f835e7bc90a6a772fdd6532cbd2b23d20032a251 100644 --- a/src/strcat_s.c +++ b/src/strcat_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: strcat_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -96,7 +95,7 @@ errno_t strcat_s(char *strDest, size_t destMax, const char *strSrc) return SecDoCat(strDest, destMax, strSrc); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(strcat_s); #endif diff --git a/src/strcpy_s.c b/src/strcpy_s.c index e7921eae1b4ff857a81806b5938de414fcdcc672..ca1b2ddb1f445a6e271463c1ee79866387a3e1fe 100644 --- a/src/strcpy_s.c +++ b/src/strcpy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,9 +9,13 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: strcpy_s function - * Author: lishunda * Create: 2014-02-25 */ +/* + * [Standardize-exceptions] Use unsafe function: Performance-sensitive + * [reason] Always used in the performance critical path, + * and sufficient input validation is performed before calling + */ #include "securecutil.h" @@ -343,7 +347,7 @@ errno_t strcpy_s(char *strDest, size_t destMax, const char *strSrc) return strcpy_error(strDest, destMax, strSrc); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(strcpy_s); #endif diff --git a/src/strncat_s.c b/src/strncat_s.c index 3baf9bf242e3fdc279adf34540b82d6b519763e1..6686d2994a64733f7ae92572106c26243f87070b 100644 --- a/src/strncat_s.c +++ b/src/strncat_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: strncat_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -114,7 +113,7 @@ errno_t strncat_s(char *strDest, size_t destMax, const char *strSrc, size_t coun return SecDoCatLimit(strDest, destMax, strSrc, count); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(strncat_s); #endif diff --git a/src/strncpy_s.c b/src/strncpy_s.c index 5bbf0814563f12d84aa42307b1bb7933f14b1248..5f4c5b709ff9612bb8f3f36e684db3210da10532 100644 --- a/src/strncpy_s.c +++ b/src/strncpy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,9 +9,13 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: strncpy_s function - * Author: lishunda * Create: 2014-02-25 */ +/* + * [Standardize-exceptions] Use unsafe function: Performance-sensitive + * [reason] Always used in the performance critical path, + * and sufficient input validation is performed before calling + */ #include "securecutil.h" @@ -49,7 +53,7 @@ SECUREC_INLINE errno_t CheckSrcCountRange(char *strDest, size_t destMax, const c } /* - * Handling errors, when dest euqal src return EOK + * Handling errors, when dest equal src return EOK */ errno_t strncpy_error(char *strDest, size_t destMax, const char *strSrc, size_t count) { @@ -135,7 +139,7 @@ errno_t strncpy_s(char *strDest, size_t destMax, const char *strSrc, size_t coun return strncpy_error(strDest, destMax, strSrc, count); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(strncpy_s); #endif diff --git a/src/strtok_s.c b/src/strtok_s.c index b04793bcf667fc6687ead42a7d744cbd80e222d4..cd5dcd2cdfa05b120d79032c134f733dbf09ca49 100644 --- a/src/strtok_s.c +++ b/src/strtok_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: strtok_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -51,7 +50,7 @@ SECUREC_INLINE char *SecFindRest(char *strToken, const char *strDelimit) char *token = strToken; while (*token != '\0') { if (SecIsInDelimit(*token, strDelimit) != 0) { - /* Find a delimiter, set string termintor */ + /* Find a delimiter, set string terminator */ *token = '\0'; ++token; break; @@ -111,7 +110,7 @@ char *strtok_s(char *strToken, const char *strDelimit, char **context) orgToken = SecFindBegin(orgToken, strDelimit); return SecUpdateToken(orgToken, strDelimit, context); } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(strtok_s); #endif diff --git a/src/swprintf_s.c b/src/swprintf_s.c index 2d2ad42b19d3ce766277d4ee1f51561c7bbe861f..09d77a2fc0e6b473535028749673c04727650a90 100644 --- a/src/swprintf_s.c +++ b/src/swprintf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: swprintf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/swscanf_s.c b/src/swscanf_s.c index 987b6893d66ebd7db2f84d06902b16f138cb07ce..e5b8bbfc7f1024d817ab6f1b52df5500788f2dd1 100644 --- a/src/swscanf_s.c +++ b/src/swscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: swscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/vfscanf_s.c b/src/vfscanf_s.c index 96aee67fa9b0b8ab8de3353bebc48aff6725c462..214ee6a21fbb8e84e9e6ecfb895e7facf10f9b49 100644 --- a/src/vfscanf_s.c +++ b/src/vfscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vfscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/vfwscanf_s.c b/src/vfwscanf_s.c index 0fd0c350cd3ecb825191e2066ce83c51b9c1aae2..1ab9c3cb5a0ed3cf1a3d4f03f5795dddd34c4422 100644 --- a/src/vfwscanf_s.c +++ b/src/vfwscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vfwscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/vscanf_s.c b/src/vscanf_s.c index 23edffe13777deaa59619c468306f208e9b42fd1..61480a69722f24fc98784902cfa0eec1b3aa51e1 100644 --- a/src/vscanf_s.c +++ b/src/vscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/vsnprintf_s.c b/src/vsnprintf_s.c index 36619d87afac42ba914ce2475f68a2cfbcb5c980..35caaa2206a3d349502cdc2dbbd59f654f35c691 100644 --- a/src/vsnprintf_s.c +++ b/src/vsnprintf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vsnprintf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -79,7 +78,7 @@ int vsnprintf_s(char *strDest, size_t destMax, size_t count, const char *format, return retVal; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(vsnprintf_s); #endif #endif @@ -132,7 +131,7 @@ int vsnprintf_truncated_s(char *strDest, size_t destMax, const char *format, va_ return retVal; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(vsnprintf_truncated_s); #endif #endif diff --git a/src/vsprintf_s.c b/src/vsprintf_s.c index 012f522c4987d99a448a5f4b6a157a5d3a271e9f..f50fa4a9802fe335519faebcfea5520423e2b3d2 100644 --- a/src/vsprintf_s.c +++ b/src/vsprintf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vsprintf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -62,7 +61,7 @@ int vsprintf_s(char *strDest, size_t destMax, const char *format, va_list argLis return retVal; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(vsprintf_s); #endif diff --git a/src/vsscanf_s.c b/src/vsscanf_s.c index 6612d2fa0098cdb7db2162b48f85674d4ab0c5d1..a19abe2b93da0350fda1c595e5f9f2184b24056a 100644 --- a/src/vsscanf_s.c +++ b/src/vsscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vsscanf_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -66,7 +65,7 @@ int vsscanf_s(const char *buffer, const char *format, va_list argList) } #if defined(SECUREC_VXWORKS_PLATFORM) && !SECUREC_IN_KERNEL /* - * On vxworks platform when buffer is white string, will set first %s argument tu zero.like following useage: + * On vxworks platform when buffer is white string, will set first %s argument to zero.Like following usage: * " \v\f\t\r\n", "%s", str, strSize * Do not check all character, just first and last character then consider it is white string */ @@ -82,7 +81,7 @@ int vsscanf_s(const char *buffer, const char *format, va_list argList) } return retVal; } -#if SECUREC_IN_KERNEL +#if SECUREC_EXPORT_KERNEL_SYMBOL EXPORT_SYMBOL(vsscanf_s); #endif diff --git a/src/vswprintf_s.c b/src/vswprintf_s.c index 38b0b4045fd49e2788607ad984e399a74586eb8d..29715fc62e88448ed341c19091924e72a54ec213 100644 --- a/src/vswprintf_s.c +++ b/src/vswprintf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vswprintf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/vswscanf_s.c b/src/vswscanf_s.c index d416b96c7f4f440524aa6eb8517803775aba75cc..bab53a3e16298b90fff38d59393a1c0b3ff37083 100644 --- a/src/vswscanf_s.c +++ b/src/vswscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vswscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/vwscanf_s.c b/src/vwscanf_s.c index 90f49a1c332562434bb43cf1fe68c551ca046807..b39f9bc74fb2136bd7468f3cf7e698542f85086d 100644 --- a/src/vwscanf_s.c +++ b/src/vwscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: vwscanf_s function - * Author: lishunda * Create: 2014-02-25 */ diff --git a/src/wcscat_s.c b/src/wcscat_s.c index 780907bf3d85a0e1fbf74b535e0bc761ba2dce4c..fa7d847c2fa5d723c5164728d09f5d0ade939c20 100644 --- a/src/wcscat_s.c +++ b/src/wcscat_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wcscat_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -79,7 +78,7 @@ SECUREC_INLINE errno_t SecDoCatW(wchar_t *strDest, size_t destMax, const wchar_t * EOK Success * EINVAL strDest is NULL and destMax != 0 and destMax <= SECUREC_WCHAR_STRING_MAX_LEN * EINVAL_AND_RESET (strDest unterminated and all other parameters are valid) or - * (strDest != NULL and strSrc is NULLL and destMax != 0 + * (strDest != NULL and strSrc is NULL and destMax != 0 * and destMax <= SECUREC_WCHAR_STRING_MAX_LEN) * ERANGE destMax > SECUREC_WCHAR_STRING_MAX_LEN or destMax is 0 * ERANGE_AND_RESET strDest have not enough space and all other parameters are valid and not overlap diff --git a/src/wcscpy_s.c b/src/wcscpy_s.c index 89c281df6bf5f58a4596725787462e8559ce76c0..8c4a4af8b7f6347a7148ac5cdefc64c231511a2c 100644 --- a/src/wcscpy_s.c +++ b/src/wcscpy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wcscpy_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -43,7 +42,7 @@ SECUREC_INLINE errno_t SecDoCpyW(wchar_t *strDest, size_t destMax, const wchar_t /* * * The wcscpy_s function copies the wide string pointed to by strSrc - * (including theterminating null wide character) into the array pointed to by strDest + * (including the terminating null wide character) into the array pointed to by strDest * * strDest Destination string buffer @@ -56,7 +55,7 @@ SECUREC_INLINE errno_t SecDoCpyW(wchar_t *strDest, size_t destMax, const wchar_t * * EOK Success * EINVAL strDest is NULL and destMax != 0 and destMax <= SECUREC_WCHAR_STRING_MAX_LEN - * EINVAL_AND_RESET strDest != NULL and strSrc is NULLL and destMax != 0 + * EINVAL_AND_RESET strDest != NULL and strSrc is NULL and destMax != 0 * and destMax <= SECUREC_WCHAR_STRING_MAX_LEN * ERANGE destMax > SECUREC_WCHAR_STRING_MAX_LEN or destMax is 0 * ERANGE_AND_RESET destMax <= length of strSrc and strDest != strSrc diff --git a/src/wcsncat_s.c b/src/wcsncat_s.c index 6151da4425553a73bc016a09dcf33fc8cea91675..33e53a32496fdc2a3a8b6650e473ae14b27cf176 100644 --- a/src/wcsncat_s.c +++ b/src/wcsncat_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wcsncat_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -76,7 +75,7 @@ SECUREC_INLINE errno_t SecDoCatLimitW(wchar_t *strDest, size_t destMax, const wc * EOK Success * EINVAL strDest is NULL and destMax != 0 and destMax <= SECUREC_WCHAR_STRING_MAX_LEN * EINVAL_AND_RESET (strDest unterminated and all other parameters are valid) or - * (strDest != NULL and strSrc is NULLL and destMax != 0 and + * (strDest != NULL and strSrc is NULL and destMax != 0 and * destMax <= SECUREC_WCHAR_STRING_MAX_LEN) * ERANGE destMax > SECUREC_WCHAR_STRING_MAX_LEN or destMax is 0 * ERANGE_AND_RESET strDest have not enough space and all other parameters are valid and not overlap diff --git a/src/wcsncpy_s.c b/src/wcsncpy_s.c index 8bd5737bbc46cbfe4a59d6307293f7803069e373..463f90e167809545e0ea63d20dfccdfe353a3c07 100644 --- a/src/wcsncpy_s.c +++ b/src/wcsncpy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wcsncpy_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -61,7 +60,7 @@ SECUREC_INLINE errno_t SecDoCpyLimitW(wchar_t *strDest, size_t destMax, const wc * * EOK Success * EINVAL strDest is NULL and destMax != 0 and destMax <= SECUREC_WCHAR_STRING_MAX_LEN - * EINVAL_AND_RESET strDest != NULL and strSrc is NULLL and destMax != 0 + * EINVAL_AND_RESET strDest != NULL and strSrc is NULL and destMax != 0 * and destMax <= SECUREC_WCHAR_STRING_MAX_LEN * ERANGE destMax > SECUREC_WCHAR_STRING_MAX_LEN or destMax is 0 * ERANGE_AND_RESET count > SECUREC_WCHAR_STRING_MAX_LEN or diff --git a/src/wcstok_s.c b/src/wcstok_s.c index 19284f334ed87aedf78a73860ddf2d7d92ff61f7..063ca6917a0d84d9acfe83ab2cc8c6d89dc5d9c4 100644 --- a/src/wcstok_s.c +++ b/src/wcstok_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wcstok_s function - * Author: lishunda * Create: 2014-02-25 */ @@ -50,7 +49,7 @@ SECUREC_INLINE wchar_t *SecFindRestW(wchar_t *strToken, const wchar_t *strDelimi wchar_t *token = strToken; while (*token != L'\0') { if (SecIsInDelimitW(*token, strDelimit) != 0) { - /* Find a delimiter, set string termintor */ + /* Find a delimiter, set string terminator */ *token = L'\0'; ++token; break; diff --git a/src/wmemcpy_s.c b/src/wmemcpy_s.c index 99611809ff97c16567b016f244830db915633134..2f2b4a33cecf12535c4cf75b0c0376b5e81ab7cf 100644 --- a/src/wmemcpy_s.c +++ b/src/wmemcpy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,9 +9,13 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wmemcpy_s function - * Author: lishunda * Create: 2014-02-25 */ +/* + * [Standardize-exceptions] Use unsafe function: Portability + * [reason] Use unsafe function to implement security function to maintain platform compatibility. + * And sufficient input validation is performed before calling + */ #include "securecutil.h" @@ -27,13 +31,13 @@ * count Number of characters to copy. * * - * dest buffer is uptdated. + * dest buffer is updated. * * * EOK Success * EINVAL dest is NULL and destMax != 0 and count <= destMax * and destMax <= SECUREC_WCHAR_MEM_MAX_LEN - * EINVAL_AND_RESET dest != NULL and src is NULLL and destMax != 0 + * EINVAL_AND_RESET dest != NULL and src is NULL and destMax != 0 * and destMax <= SECUREC_WCHAR_MEM_MAX_LEN and count <= destMax * ERANGE destMax > SECUREC_WCHAR_MEM_MAX_LEN or destMax is 0 or * (count > destMax and dest is NULL and destMax != 0 @@ -44,7 +48,7 @@ * count <= destMax destMax != 0 and destMax <= SECUREC_WCHAR_MEM_MAX_LEN * and dest != NULL and src != NULL and dest != src * - * if an error occured, dest will be filled with 0 when dest and destMax valid . + * if an error occurred, dest will be filled with 0 when dest and destMax valid . * If the source and destination overlap, the behavior of wmemcpy_s is undefined. * Use wmemmove_s to handle overlapping regions. */ @@ -57,7 +61,7 @@ errno_t wmemcpy_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t coun if (count > destMax) { SECUREC_ERROR_INVALID_PARAMTER("wmemcpy_s"); if (dest != NULL) { - (void)memset(dest, 0, destMax * sizeof(wchar_t)); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax * sizeof(wchar_t)); return ERANGE_AND_RESET; } return ERANGE; diff --git a/src/wmemmove_s.c b/src/wmemmove_s.c index e66e29b7398ed9c75219a20a4b6338dc71badae8..88bb97b90454940d3d4333e8253bbbe9d86a6322 100644 --- a/src/wmemmove_s.c +++ b/src/wmemmove_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,9 +9,13 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wmemmove_s function - * Author: lishunda * Create: 2014-02-25 */ +/* + * [Standardize-exceptions] Use unsafe function: Portability + * [reason] Use unsafe function to implement security function to maintain platform compatibility. + * And sufficient input validation is performed before calling + */ #include "securecutil.h" @@ -33,7 +37,7 @@ * EOK Success * EINVAL dest is NULL and destMax != 0 and count <= destMax * and destMax <= SECUREC_WCHAR_MEM_MAX_LEN - * EINVAL_AND_RESET dest != NULL and src is NULLL and destMax != 0 + * EINVAL_AND_RESET dest != NULL and src is NULL and destMax != 0 * and destMax <= SECUREC_WCHAR_MEM_MAX_LEN and count <= destMax * ERANGE destMax > SECUREC_WCHAR_MEM_MAX_LEN or destMax is 0 or * (count > destMax and dest is NULL and destMax != 0 @@ -42,7 +46,7 @@ * and destMax <= SECUREC_WCHAR_MEM_MAX_LEN * * - * If an error occured, dest will be filled with 0 when dest and destMax valid. + * If an error occurred, dest will be filled with 0 when dest and destMax valid. * If some regions of the source area and the destination overlap, wmemmove_s * ensures that the original source bytes in the overlapping region are copied * before being overwritten @@ -56,7 +60,7 @@ errno_t wmemmove_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t cou if (count > destMax) { SECUREC_ERROR_INVALID_PARAMTER("wmemmove_s"); if (dest != NULL) { - (void)memset(dest, 0, destMax * sizeof(wchar_t)); + (void)SECUREC_MEMSET_FUNC_OPT(dest, 0, destMax * sizeof(wchar_t)); return ERANGE_AND_RESET; } return ERANGE; diff --git a/src/wscanf_s.c b/src/wscanf_s.c index 0a3df7768b1ea6cc035b94a0378d6625b9a300c4..badb04efa054533c176de58029e38abdbbdbf283 100644 --- a/src/wscanf_s.c +++ b/src/wscanf_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) Huawei Technologies Co., Ltd. 2014-2020. All rights reserved. + * Copyright (c) Huawei Technologies Co., Ltd. 2014-2021. All rights reserved. * Licensed under Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: @@ -9,7 +9,6 @@ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. * Description: wscanf_s function - * Author: lishunda * Create: 2014-02-25 */