diff --git a/base/include/securec.h b/base/include/securec.h new file mode 100644 index 0000000000000000000000000000000000000000..553eaf49b144db79402903f0e92f8d9e6568a68e --- /dev/null +++ b/base/include/securec.h @@ -0,0 +1,538 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __SECUREC_H__5D13A042_DC3F_4ED9_A8D1_882811274C27 +#define __SECUREC_H__5D13A042_DC3F_4ED9_A8D1_882811274C27 + +/* Compile in kernel under macro control */ +#ifndef SECUREC_IN_KERNEL +#ifdef __KERNEL__ +#define SECUREC_IN_KERNEL 1 +#else +#define SECUREC_IN_KERNEL 0 +#endif +#endif + +/* If you need high performance, enable the SECUREC_WITH_PERFORMANCE_ADDONS macro, default is enable . + * The macro is automatically closed on the windows platform in securectyp.h. + */ +#ifndef SECUREC_WITH_PERFORMANCE_ADDONS +#if SECUREC_IN_KERNEL +#define SECUREC_WITH_PERFORMANCE_ADDONS 0 +#else +#define SECUREC_WITH_PERFORMANCE_ADDONS 1 +#endif +#endif + +#include "securectype.h" +#include + +#ifndef SECUREC_HAVE_ERRNO_H +#if SECUREC_IN_KERNEL +#define SECUREC_HAVE_ERRNO_H 0 +#else +#define SECUREC_HAVE_ERRNO_H 1 +#endif +#endif + +/* EINVAL ERANGE may defined in errno.h */ +#if SECUREC_HAVE_ERRNO_H +#include +#endif + +/* If stack size on some embedded platform is limited, you can define the following macro + * which will put some variables on heap instead of stack. + * SECUREC_STACK_SIZE_LESS_THAN_1K + */ + +/* define error code */ +#if !defined(__STDC_WANT_LIB_EXT1__) || (defined(__STDC_WANT_LIB_EXT1__) && (__STDC_WANT_LIB_EXT1__ == 0)) +#ifndef SECUREC_DEFINED_ERRNO_TYPE +#define SECUREC_DEFINED_ERRNO_TYPE +/* just check whether macrodefinition exists. */ +#ifndef errno_t +typedef int errno_t; +#endif +#endif +#endif + +/* success */ +#ifndef EOK +#define EOK (0) +#endif + +#ifndef EINVAL +/* The src buffer is not correct and destination buffer can't not be reset */ +#define EINVAL (22) +#endif + +#ifndef EINVAL_AND_RESET +/* Once the error is detected, the dest buffer must be rest! */ +#define EINVAL_AND_RESET (22 | 128) +#endif + +#ifndef ERANGE +/* The destination buffer is not long enough and destination buffer can not be reset */ +#define ERANGE (34) +#endif + +#ifndef ERANGE_AND_RESET +/* Once the error is detected, the dest buffer must be rest! */ +#define ERANGE_AND_RESET (34 | 128) +#endif + +#ifndef EOVERLAP_AND_RESET +/* Once the buffer overlap is detected, the dest buffer must be rest! */ +#define EOVERLAP_AND_RESET (54 | 128) +#endif + +/* if you need export the function of this library in Win32 dll, use __declspec(dllexport) */ +#ifdef SECUREC_IS_DLL_LIBRARY +#ifdef SECUREC_DLL_EXPORT +#define SECUREC_API __declspec(dllexport) +#else +#define SECUREC_API __declspec(dllimport) +#endif +#else +/* Standardized function declaration . If a security function is declared in the your code, + * it may cause a compilation alarm,Please delete the security function you declared + */ +#define SECUREC_API extern +#endif + +#ifndef SECUREC_SNPRINTF_TRUNCATED +#define SECUREC_SNPRINTF_TRUNCATED 1 +#endif + +#ifdef __cplusplus +extern "C" { +#endif + + /** + * @Description:The memset_s function copies the value of c (converted to an unsigned char) into each of the first count characters of the object pointed to by dest. + * @param dest - destination address + * @param destMax -The maximum length of destination buffer + * @param c - the value to be copied + * @param count -copies first count characters of dest + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t memset_s(void *dest, size_t destMax, int c, size_t count); + + /* The memset_s security function is not provided in Windows system, but other security functions are provided. In this case, can only use the memset_s function */ +#ifndef SECUREC_ONLY_DECLARE_MEMSET + + /** + * @Description:The wmemcpy_s function copies n successive wide characters from the object pointed to by src into the object pointed to by dest. + * @param dest - destination address + * @param destMax -The maximum length of destination buffer + * @param src -source address + * @param count -copies count wide characters from the src + * @return EOK if there was no runtime-constraint violation + */ +#if SECUREC_IN_KERNEL == 0 + SECUREC_API errno_t wmemcpy_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t count); +#endif + /** + * @Description:The memmove_s function copies n characters from the object pointed to by src into the object pointed to by dest. + * @param dest - destination address + * @param destMax -The maximum length of destination buffer + * @param src -source address + * @param count -copies count wide characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t memmove_s(void *dest, size_t destMax, const void *src, size_t count); +#if SECUREC_IN_KERNEL == 0 + /** + * @Description:The wmemmove_s function copies n successive wide characters from the object pointed to by src into the object pointed to by dest. + * @param dest - destination address + * @param destMax -The maximum length of destination buffer + * @param src -source address + * @param count -copies count wide characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t wmemmove_s(wchar_t *dest, size_t destMax, const wchar_t *src, size_t count); + + /** + * @Description:The wcscpy_s function copies the wide string pointed to by strSrc (including theterminating null wide character) into the array pointed to by strDest + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer + * @param strSrc -source address + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t wcscpy_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc); + + /** + * @Description:The wcsncpy_s function copies not more than n successive wide characters (not including the terminating null wide character) + * from the array pointed to by strSrc to the array pointed to by strDest + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating wide character) + * @param strSrc -source address + * @param count -copies count wide characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t wcsncpy_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc, size_t count); + + /** + * @Description:The wcscat_s function appends a copy of the wide string pointed to by strSrc (including the terminating null wide character) + * to the end of the wide string pointed to by strDest + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating wide character) + * @param strSrc -source address + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t wcscat_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc); + + /** + * @Description:The wcsncat_s function appends not more than n successive wide characters (not including the terminating null wide character) + * from the array pointed to by strSrc to the end of the wide string pointed to by strDest. + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating wide character) + * @param strSrc -source address + * @param count -copies count wide characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t wcsncat_s(wchar_t *strDest, size_t destMax, const wchar_t *strSrc, size_t count); + + /** + * @Description: The strtok_s function parses a string into a sequence of tokens,On the first call to strtok_s the string to be parsed should be specified in strToken. + * In each subsequent call that should parse the same string, strToken should be NULL + * @param strToken - the string to be delimited + * @param strDelimit -specifies a set of characters that delimit the tokens in the parsed string + * @param context -is a pointer to a char * variable that is used internally by strtok_s function + * @return:returns a pointer to the first character of a token, or a null pointer if there is no token or there is a runtime-constraint violation. + */ + SECUREC_API char *strtok_s(char *strToken, const char *strDelimit, char **context); + + /** + * @Description: The wcstok_s function is the wide-character equivalent of the strtok_s function + * @param strToken - the string to be delimited + * @param strDelimit -specifies a set of characters that delimit the tokens in the parsed string + * @param context -is a pointer to a char * variable that is used internally by strtok_s function + * @return:returns a pointer to the first character of a token, or a null pointer if there is no token or there is a runtime-constraint violation. + */ + SECUREC_API wchar_t *wcstok_s(wchar_t *strToken, const wchar_t *strDelimit, wchar_t **context); + + /** + * @Description: The sprintf_s function is equivalent to the sprintf function except for the parameter destMax and the explicit runtime-constraints violation + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null byte ('\0')) + * @param format - format string + * @return:success the number of characters printed(not including the terminating null byte ('\0')), If an error occurred return -1. + */ + SECUREC_API int sprintf_s(char *strDest, size_t destMax, const char *format, ...) SECUREC_ATTRIBUTE(3, 4); + + /** + * @Description: The swprintf_s function is the wide-character equivalent of the sprintf_s function + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null ) + * @param format - format string + * @return:success the number of characters printed(not including the terminating null wide characte), If an error occurred return -1. + */ + SECUREC_API int swprintf_s(wchar_t *strDest, size_t destMax, const wchar_t *format, ...); + + /** + * @Description: The vsprintf_s function is equivalent to the vsprintf function except for the parameter destMax and the explicit runtime-constraints violation + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null wide characte) + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:return the number of characters printed(not including the terminating null byte ('\0')), If an error occurred return -1. + */ + SECUREC_API int vsprintf_s(char *strDest, size_t destMax, const char *format, + va_list arglist) SECUREC_ATTRIBUTE(3, 0); + + /** + * @Description: The vswprintf_s function is the wide-character equivalent of the vsprintf_s function + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null ) + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:return the number of characters printed(not including the terminating null wide characte), If an error occurred return -1. + */ + SECUREC_API int vswprintf_s(wchar_t *strDest, size_t destMax, const wchar_t *format, va_list arglist); + + /** + * @Description: The vsnprintf_s function is equivalent to the vsnprintf function except for the parameter destMax/count and the explicit runtime-constraints violation + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null byte ('\0')) + * @param count - do not write more than count bytes to strDest(not including the terminating null byte ('\0')) + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:return the number of characters printed(not including the terminating null byte ('\0')), If an error occurred return -1.Pay special attention to returning -1 when truncation occurs + */ + SECUREC_API int vsnprintf_s(char *strDest, size_t destMax, size_t count, const char *format, + va_list arglist) SECUREC_ATTRIBUTE(4, 0); + + /** + * @Description: The snprintf_s function is equivalent to the snprintf function except for the parameter destMax/count and the explicit runtime-constraints violation + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null byte ('\0')) + * @param count - do not write more than count bytes to strDest(not including the terminating null byte ('\0')) + * @param format - format string + * @return:return the number of characters printed(not including the terminating null byte ('\0')), If an error occurred return -1.Pay special attention to returning -1 when truncation occurs + */ + SECUREC_API int snprintf_s(char *strDest, size_t destMax, size_t count, const char *format, + ...) SECUREC_ATTRIBUTE(4, 5); + +#if SECUREC_SNPRINTF_TRUNCATED + /** + * @Description: The vsnprintf_truncated_s function is equivalent to the vsnprintf_s function except no count parameter and return value + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null byte ('\0')) + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:return the number of characters printed(not including the terminating null byte ('\0')), If an error occurred return -1.Pay special attention to returning destMax - 1 when truncation occurs + */ + SECUREC_API int vsnprintf_truncated_s(char *strDest, size_t destMax, const char *format, + va_list arglist) SECUREC_ATTRIBUTE(3, 0); + + /** + * @Description: The snprintf_truncated_s function is equivalent to the snprintf_2 function except no count parameter and return value + * @param strDest - produce output according to a format ,write to the character string strDest + * @param destMax - The maximum length of destination buffer(including the terminating null byte ('\0')) + * @param format - format string + * @return:return the number of characters printed(not including the terminating null byte ('\0')), If an error occurred return -1.Pay special attention to returning destMax - 1 when truncation occurs + */ + SECUREC_API int snprintf_truncated_s(char *strDest, size_t destMax, const char *format, ...) SECUREC_ATTRIBUTE(3, 4); +#endif + /** + * @Description: The scanf_s function is equivalent to fscanf_s with the argument stdin interposed before the arguments to scanf_s + * @param format - format string + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int scanf_s(const char *format, ...); + + /** + * @Description: The wscanf_s function is the wide-character equivalent of the scanf_s function + * @param format - format string + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int wscanf_s(const wchar_t *format, ...); + + /** + * @Description: The vscanf_s function is equivalent to scanf_s, with the variable argument list replaced by arglist + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int vscanf_s(const char *format, va_list arglist); + + /** + * @Description: The vwscanf_s function is the wide-character equivalent of the vscanf_s function + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int vwscanf_s(const wchar_t *format, va_list arglist); + + /** + * @Description: The fscanf_s function is equivalent to fscanf except that the c, s, and [ conversion specifiers apply to a pair of arguments (unless assignment suppression is indicated by a*) + * @param stream - stdio file stream + * @param format - format string + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int fscanf_s(FILE *stream, const char *format, ...); + + /** + * @Description: The fwscanf_s function is the wide-character equivalent of the fscanf_s function + * @param stream - stdio file stream + * @param format - format string + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int fwscanf_s(FILE *stream, const wchar_t *format, ...); + + /** + * @Description: The vfscanf_s function is equivalent to fscanf_s, with the variable argument list replaced by arglist + * @param stream - stdio file stream + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int vfscanf_s(FILE *stream, const char *format, va_list arglist); + + /** + * @Description: The vfwscanf_s function is the wide-character equivalent of the vfscanf_s function + * @param stream - stdio file stream + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int vfwscanf_s(FILE *stream, const wchar_t *format, va_list arglist); + + /** + * @Description: The sscanf_s function is equivalent to fscanf_s, except that input is obtained from a string (specified by the argument buffer) rather than from a stream + * @param buffer - read character from buffer + * @param format - format string + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int sscanf_s(const char *buffer, const char *format, ...); + + /** + * @Description: The swscanf_s function is the wide-character equivalent of the sscanf_s function + * @param buffer - read character from buffer + * @param format - format string + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int swscanf_s(const wchar_t *buffer, const wchar_t *format, ...); + + /** + * @Description: The vsscanf_s function is equivalent to sscanf_s, with the variable argument list replaced by arglist + * @param buffer - read character from buffer + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int vsscanf_s(const char *buffer, const char *format, va_list arglist); + + /** + * @Description: The vswscanf_s function is the wide-character equivalent of the vsscanf_s function + * @param buffer - read character from buffer + * @param format - format string + * @param arglist - instead of a variable number of arguments + * @return:returns the number of input items assigned, If an error occurred return -1. + */ + SECUREC_API int vswscanf_s(const wchar_t *buffer, const wchar_t *format, va_list arglist); + + /** + * @Description:The gets_s function reads at most one less than the number of characters specified by destMax from the stream pointed to by stdin, into the array pointed to by buffer + * @param buffer - destination address + * @param destMax -The maximum length of destination buffer(including the terminating null character) + * @return buffer if there was no runtime-constraint violation,If an error occurred return NULL. + */ + SECUREC_API char *gets_s(char *buffer, size_t destMax); +#endif + + /** + * @Description:The memcpy_s function copies n characters from the object pointed to by src into the object pointed to by dest. + * @param dest - destination address + * @param destMax -The maximum length of destination buffer + * @param src -source address + * @param count -copies count characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t memcpy_s(void *dest, size_t destMax, const void *src, size_t count); + + /** + * @Description:The strcpy_s function copies the string pointed to by strSrc (including the terminating null character) into the array pointed to by strDest + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating null character) + * @param strSrc -source address + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t strcpy_s(char *strDest, size_t destMax, const char *strSrc); + + /** + * @Description:The strncpy_s function copies not more than n successive characters (not including the terminating null character) + * from the array pointed to by strSrc to the array pointed to by strDest + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating null character) + * @param strSrc -source address + * @param count -copies count characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t strncpy_s(char *strDest, size_t destMax, const char *strSrc, size_t count); + + /** + * @Description:The strcat_s function appends a copy of the string pointed to by strSrc (including the terminating null character) + * to the end of the string pointed to by strDest + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating null wide character) + * @param strSrc -source address + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t strcat_s(char *strDest, size_t destMax, const char *strSrc); + + /** + * @Description:The strncat_s function appends not more than n successive characters (not including the terminating null character) + * from the array pointed to by strSrc to the end of the string pointed to by strDest. + * @param strDest - destination address + * @param destMax -The maximum length of destination buffer(including the terminating null character) + * @param strSrc -source address + * @param count -copies count characters from the src + * @return EOK if there was no runtime-constraint violation + */ + SECUREC_API errno_t strncat_s(char *strDest, size_t destMax, const char *strSrc, size_t count); +#if SECUREC_IN_KERNEL == 0 + /* those functions are used by macro ,must declare hare , also for without function declaration warning */ + extern errno_t strncpy_error(char *strDest, size_t destMax, const char *strSrc, size_t count); + extern errno_t strcpy_error(char *strDest, size_t destMax, const char *strSrc); +#endif +#endif + +#if SECUREC_WITH_PERFORMANCE_ADDONS + /* those functions are used by macro */ + extern errno_t memset_sOptAsm(void *dest, size_t destMax, int c, size_t count); + extern errno_t memset_sOptTc(void *dest, size_t destMax, int c, size_t count); + extern errno_t memcpy_sOptAsm(void *dest, size_t destMax, const void *src, size_t count); + extern errno_t memcpy_sOptTc(void *dest, size_t destMax, const void *src, size_t count); + +/* strcpy_sp is a macro, NOT a function in performance optimization mode. */ +#define strcpy_sp(dest, destMax, src) ((__builtin_constant_p((destMax)) && \ + __builtin_constant_p((src))) ? \ + SECUREC_STRCPY_SM((dest), (destMax), (src)) : \ + strcpy_s((dest), (destMax), (src))) + +/* strncpy_sp is a macro, NOT a function in performance optimization mode. */ +#define strncpy_sp(dest, destMax, src, count) ((__builtin_constant_p((count)) && \ + __builtin_constant_p((destMax)) && \ + __builtin_constant_p((src))) ? \ + SECUREC_STRNCPY_SM((dest), (destMax), (src), (count)) : \ + strncpy_s((dest), (destMax), (src), (count))) + +/* strcat_sp is a macro, NOT a function in performance optimization mode. */ +#define strcat_sp(dest, destMax, src) ((__builtin_constant_p((destMax)) && \ + __builtin_constant_p((src))) ? \ + SECUREC_STRCAT_SM((dest), (destMax), (src)) : \ + strcat_s((dest), (destMax), (src))) + + /* strncat_sp is a macro, NOT a function in performance optimization mode. */ +#define strncat_sp(dest, destMax, src, count) ((__builtin_constant_p((count)) && \ + __builtin_constant_p((destMax)) && \ + __builtin_constant_p((src))) ? \ + SECUREC_STRNCAT_SM((dest), (destMax), (src), (count)) : \ + strncat_s((dest), (destMax), (src), (count))) + +/* memcpy_sp is a macro, NOT a function in performance optimization mode. */ +#define memcpy_sp(dest, destMax, src, count) (__builtin_constant_p((count)) ? \ + (SECUREC_MEMCPY_SM((dest), (destMax), (src), (count))) : \ + (__builtin_constant_p((destMax)) ? \ + (((size_t)(destMax) > 0 && \ + (((unsigned long long)(destMax) & \ + (unsigned long long)(-2)) < SECUREC_MEM_MAX_LEN)) ? \ + memcpy_sOptTc((dest), (destMax), (src), (count)) : ERANGE ) : \ + memcpy_sOptAsm((dest), (destMax), (src), (count)))) + +/* memset_sp is a macro, NOT a function in performance optimization mode. */ +#define memset_sp(dest, destMax, c, count) (__builtin_constant_p((count)) ? \ + (SECUREC_MEMSET_SM((dest), (destMax), (c), (count))) : \ + (__builtin_constant_p((destMax)) ? \ + (((size_t)(destMax) > 0 && \ + (((unsigned long long)(destMax) & \ + (unsigned long long)(-2)) < SECUREC_MEM_MAX_LEN)) ? \ + memset_sOptTc((dest), (destMax), (c), (count)) : ERANGE ) : \ + memset_sOptAsm((dest), (destMax), (c), (count)))) +#else +#define strcpy_sp strcpy_s +#define strncpy_sp strncpy_s +#define strcat_sp strcat_s +#define strncat_sp strncat_s +#define memcpy_sp memcpy_s +#define memset_sp memset_s +#endif + +#ifdef __cplusplus +} +#endif /* __cplusplus */ +#endif /* __SECUREC_H__5D13A042_DC3F_4ED9_A8D1_882811274C27 */ diff --git a/base/include/securectype.h b/base/include/securectype.h new file mode 100644 index 0000000000000000000000000000000000000000..029772c7c98307375125e3257efed5ee7d4479fa --- /dev/null +++ b/base/include/securectype.h @@ -0,0 +1,279 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* [Standardize-exceptions]: Performance-sensitive + * [reason]: Strict parameter verification has been done before use + */ + +#ifndef __SECURECTYPE_H__A7BBB686_AADA_451B_B9F9_44DACDAE18A7 +#define __SECURECTYPE_H__A7BBB686_AADA_451B_B9F9_44DACDAE18A7 + +#ifndef SECUREC_ONLY_DECLARE_MEMSET +/* Shielding VC symbol redefinition warning */ +#if defined(_MSC_VER) && (_MSC_VER >= 1400) +#ifdef __STDC_WANT_SECURE_LIB__ +#undef __STDC_WANT_SECURE_LIB__ +#endif +#define __STDC_WANT_SECURE_LIB__ 0 +#ifdef _CRTIMP_ALTERNATIVE +#undef _CRTIMP_ALTERNATIVE +#endif +#define _CRTIMP_ALTERNATIVE //comment microsoft *_s function +#endif +#endif + +#if SECUREC_IN_KERNEL +#include +#include +#else +#include +#include +#include +#endif + +/* if enable SECUREC_COMPATIBLE_WIN_FORMAT, the output format will be compatible to Windows. */ +#if (defined(_WIN32) || defined(_WIN64) || defined(_MSC_VER)) +#define SECUREC_COMPATIBLE_WIN_FORMAT +#endif + +#if defined(SECUREC_COMPATIBLE_WIN_FORMAT) +/* in windows platform, can't use optimized function for there is no __builtin_constant_p like function */ +/* If need optimized macro, can define this: define __builtin_constant_p(x) 0 */ +#ifdef SECUREC_WITH_PERFORMANCE_ADDONS +#undef SECUREC_WITH_PERFORMANCE_ADDONS +#define SECUREC_WITH_PERFORMANCE_ADDONS 0 +#endif +#endif + +#if defined(__VXWORKS__) || defined(__vxworks) || defined(__VXWORKS) || defined(_VXWORKS_PLATFORM_) || \ + defined(SECUREC_VXWORKS_VERSION_5_4) +#if !defined(SECUREC_VXWORKS_PLATFORM) +#define SECUREC_VXWORKS_PLATFORM +#endif +#endif + +/* if enable SECUREC_COMPATIBLE_LINUX_FORMAT, the output format will be compatible to Linux. */ +#if !(defined(SECUREC_COMPATIBLE_WIN_FORMAT) || defined(SECUREC_VXWORKS_PLATFORM)) +#define SECUREC_COMPATIBLE_LINUX_FORMAT +#endif +#ifdef SECUREC_COMPATIBLE_LINUX_FORMAT +#include +#endif + +/* add the -DSECUREC_SUPPORT_FORMAT_WARNING compiler option to support -Wformat. + * default does not check the format is that the same data type in the actual code + * in the product is different in the original data type definition of VxWorks and Linux. + */ +#ifndef SECUREC_SUPPORT_FORMAT_WARNING +#define SECUREC_SUPPORT_FORMAT_WARNING 0 +#endif + +/* SECUREC_PCLINT for tool do not recognize __attribute__ just for pclint */ +#if SECUREC_SUPPORT_FORMAT_WARNING && !defined(SECUREC_PCLINT) +#define SECUREC_ATTRIBUTE(x, y) __attribute__((format(printf, (x), (y)))) +#else +#define SECUREC_ATTRIBUTE(x, y) +#endif + +/* SECUREC_PCLINT for tool do not recognize __builtin_expect ,just for pclint */ +#if defined(__GNUC__) && \ + ((__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 3 /* above 3.4 */))) && \ + !defined(SECUREC_PCLINT) +/* This is a built-in function that can be used without a declaration, if you encounter an undeclared compilation alarm, + * you can add -DSECUREC_NEED_BUILTIN_EXPECT_DECLARE to compiler options + */ +#if defined(SECUREC_NEED_BUILTIN_EXPECT_DECLARE) +long __builtin_expect(long exp, long c); +#endif +#define SECUREC_LIKELY(x) __builtin_expect(!!(x), 1) +#define SECUREC_UNLIKELY(x) __builtin_expect(!!(x), 0) +#else +#define SECUREC_LIKELY(x) (x) +#define SECUREC_UNLIKELY(x) (x) +#endif + +/* define the max length of the string */ +#define SECUREC_STRING_MAX_LEN (0x7fffffffUL) +#define SECUREC_WCHAR_STRING_MAX_LEN (SECUREC_STRING_MAX_LEN / sizeof(wchar_t)) + +/* add SECUREC_MEM_MAX_LEN for memcpy and memmove */ +#define SECUREC_MEM_MAX_LEN (0x7fffffffUL) +#define SECUREC_WCHAR_MEM_MAX_LEN (SECUREC_MEM_MAX_LEN / sizeof(wchar_t)) + +#if SECUREC_STRING_MAX_LEN > 0x7fffffff +#error "max string is 2G" +#endif + +#if (defined(__GNUC__ ) && defined(__SIZEOF_POINTER__ )) +#if (__SIZEOF_POINTER__ != 4) && (__SIZEOF_POINTER__ != 8) +#error "unsupported system" +#endif +#endif + +#ifndef SECUREC_MALLOC +#define SECUREC_MALLOC(x) malloc((size_t)(x)) +#endif + +#ifndef SECUREC_FREE +#define SECUREC_FREE(x) free((void *)(x)) +#endif + +#if defined(_WIN64) || defined(WIN64) || defined(__LP64__) || defined(_LP64) +#define SECUREC_ON_64BITS +#endif + +#if (!defined(SECUREC_ON_64BITS) && defined(__GNUC__ ) && defined(__SIZEOF_POINTER__ )) +#if __SIZEOF_POINTER__ == 8 +#define SECUREC_ON_64BITS +#endif +#endif + +#if defined(__SVR4) || defined(__svr4__) +#define SECUREC_ON_SOLARIS +#endif + +#if (defined(__hpux) || defined(_AIX) || defined(SECUREC_ON_SOLARIS)) +#define SECUREC_ON_UNIX +#endif + +/* codes should run under the macro SECUREC_COMPATIBLE_LINUX_FORMAT in unknown system on default, + * and strtold. The function + * strtold is referenced first at ISO9899:1999(C99), and some old compilers can + * not support these functions. Here provides a macro to open these functions: + * SECUREC_SUPPORT_STRTOLD -- if defined, strtold will be used + */ +#ifndef SECUREC_SUPPORT_STRTOLD +#define SECUREC_SUPPORT_STRTOLD 0 +#if (defined(SECUREC_COMPATIBLE_LINUX_FORMAT)) +#if defined(__USE_ISOC99) || \ + (defined(_AIX) && defined(_ISOC99_SOURCE)) || \ + (defined(__hpux) && defined(__ia64)) || \ + (defined(SECUREC_ON_SOLARIS) && (!defined(_STRICT_STDC) && !defined(__XOPEN_OR_POSIX)) || \ + defined(_STDC_C99) || defined(__EXTENSIONS__)) +#undef SECUREC_SUPPORT_STRTOLD +#define SECUREC_SUPPORT_STRTOLD 1 +#endif +#endif +#if ((defined(SECUREC_WRLINUX_BELOW4) || defined(_WRLINUX_BELOW4_))) +#undef SECUREC_SUPPORT_STRTOLD +#define SECUREC_SUPPORT_STRTOLD 0 +#endif +#endif + +#if SECUREC_WITH_PERFORMANCE_ADDONS + +#ifndef SECUREC_TWO_MIN +#define SECUREC_TWO_MIN(a, b) ((a) < (b) ? (a) : (b)) +#endif + +/* for strncpy_s performance optimization */ +#define SECUREC_STRNCPY_SM(dest, destMax, src, count) \ + (((void *)dest != NULL && (void *)src != NULL && (size_t)destMax >0 && \ + (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN) && \ + (SECUREC_TWO_MIN(count , strlen(src)) + 1) <= (size_t)destMax) ? \ + ((count < strlen(src))? (memcpy(dest, src, count), *((char *)dest + count) = '\0', EOK): \ + (memcpy(dest, src, strlen(src) + 1), EOK )) :(strncpy_error(dest, destMax, src, count))) + +#define SECUREC_STRCPY_SM(dest, destMax, src) \ + (((void *)dest != NULL && (void *)src != NULL && (size_t)destMax >0 && \ + (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN) && \ + (strlen(src) + 1) <= (size_t)destMax)? (memcpy(dest, src, strlen(src) + 1), EOK): \ + (strcpy_error(dest, destMax, src))) + +/* for strcat_s performance optimization */ +#if defined(__GNUC__) +#define SECUREC_STRCAT_SM(dest, destMax, src) \ + ({ \ + int catRet = EOK; \ + if ((void *)dest != NULL && (void *)src != NULL && (size_t)(destMax) >0 && \ + (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN)) { \ + char *catTmpDst = (dest); \ + size_t catRestSize = (destMax); \ + while(catRestSize > 0 && *catTmpDst) { \ + ++catTmpDst; \ + --catRestSize; \ + } \ + if (catRestSize == 0) { \ + catRet = EINVAL; \ + } else if ((strlen(src) + 1) <= catRestSize) { \ + (void)memcpy(catTmpDst, (src), strlen(src) + 1); \ + catRet = EOK; \ + } else { \ + catRet = ERANGE; \ + } \ + if (catRet != EOK) { \ + catRet = strcat_s((dest), (destMax), (src)); \ + } \ + } else { \ + catRet = strcat_s((dest), (destMax), (src)); \ + } \ + catRet; \ + }) +#else +#define SECUREC_STRCAT_SM(dest, destMax, src) strcat_s(dest, destMax, src) +#endif + +/* for strncat_s performance optimization */ +#if defined(__GNUC__) +#define SECUREC_STRNCAT_SM(dest, destMax, src, count) \ + ({ \ + int ncatRet = EOK; \ + if ((void *)dest != NULL && (void *)src != NULL && (size_t)destMax > 0 && \ + (((unsigned long long)(destMax) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN) && \ + (((unsigned long long)(count) & (unsigned long long)(-2)) < SECUREC_STRING_MAX_LEN)) { \ + char *ncatTmpDest = (dest); \ + size_t ncatRestSize = (destMax); \ + while(ncatRestSize > 0 && *ncatTmpDest) { \ + ++ncatTmpDest; \ + --ncatRestSize; \ + } \ + if (ncatRestSize == 0) { \ + ncatRet = EINVAL; \ + } else if ((SECUREC_TWO_MIN((count) , strlen(src)) + 1) <= ncatRestSize ) { \ + if ((count) < strlen(src)) { \ + (void)memcpy(ncatTmpDest, (src), (count)); \ + *(ncatTmpDest + (count)) = '\0'; \ + } else { \ + (void)memcpy(ncatTmpDest, (src), strlen(src) + 1); \ + } \ + } else { \ + ncatRet = ERANGE; \ + } \ + if (ncatRet != EOK) { \ + ncatRet = strncat_s((dest), (destMax), (src), (count)); \ + } \ + } else { \ + ncatRet = strncat_s((dest), (destMax), (src), (count)); \ + } \ + ncatRet; \ + }) +#else +#define SECUREC_STRNCAT_SM(dest, destMax, src, count) strncat_s(dest, destMax, src, count) +#endif + +/* SECUREC_MEMCPY_SM do NOT check buffer overlap by default */ +#define SECUREC_MEMCPY_SM(dest, destMax, src, count) \ + (!(((size_t)destMax == 0 )||(((unsigned long long)(destMax) & (unsigned long long)(-2)) > SECUREC_MEM_MAX_LEN) || \ + ((size_t)count > (size_t)destMax) || ((void *)dest) == NULL || ((void *)src == NULL))? \ + (memcpy(dest, src, count), EOK) : \ + (memcpy_s(dest, destMax, src, count))) + +#define SECUREC_MEMSET_SM(dest, destMax, c, count) \ + (!(((size_t)destMax == 0 ) || (((unsigned long long)(destMax) & (unsigned long long)(-2)) > SECUREC_MEM_MAX_LEN) || \ + ((void *)dest == NULL) || ((size_t)count > (size_t)destMax)) ? \ + (memset(dest, c, count), EOK) : \ + ( memset_s(dest, destMax, c, count))) + +#endif +#endif /* __SECURECTYPE_H__A7BBB686_AADA_451B_B9F9_44DACDAE18A7 */ diff --git a/base/test/unittest/common/BUILD.gn b/base/test/unittest/common/BUILD.gn index 22b36c9cb96f1ac0d073fd5e965bb685d2f78461..0d7f4b4a183dae3873203b5f613f3d4b314234f9 100644 --- a/base/test/unittest/common/BUILD.gn +++ b/base/test/unittest/common/BUILD.gn @@ -39,6 +39,19 @@ ohos_unittest("UtilsStringTest") { ] } +##############################unittest########################################## +ohos_unittest("UtilsSecurecTest") { + module_out_path = module_output_path + sources = [ "utils_securec_test.cpp" ] + + configs = [ ":module_private_config" ] + + deps = [ + "//commonlibrary/c_utils/base:utils", + "//third_party/googletest:gtest_main", + ] +} + ##############################unittest########################################## ohos_unittest("UtilsDirectoryTest") { module_out_path = module_output_path @@ -296,6 +309,7 @@ group("unittest") { ":UtilsSafeBlockQueueTrackingTest", ":UtilsSafeMapTest", ":UtilsSafeQueueTest", + ":UtilsSecurecTest", ":UtilsSingletonTest", ":UtilsSortedVectorTest", ":UtilsStringTest", diff --git a/base/test/unittest/common/utils_securec_test.cpp b/base/test/unittest/common/utils_securec_test.cpp new file mode 100644 index 0000000000000000000000000000000000000000..e07af92bcf1f2319a58f653babe6b33d2b81405c --- /dev/null +++ b/base/test/unittest/common/utils_securec_test.cpp @@ -0,0 +1,141 @@ +/* + * Copyright (c) 2021 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "string_ex.h" +#include "securec.h" +using namespace testing::ext; +using namespace OHOS; + +class UtilsSecurecTest : public testing::Test +{ +public : + static void SetUpTestCase(void); + static void TearDownTestCase(void); + void SetUp(); + void TearDown(); +}; + +void UtilsSecurecTest::SetUpTestCase(void) +{ + // step 2: input testsuit setup step +} + +void UtilsSecurecTest::TearDownTestCase(void) +{ + // step 2: input testsuit teardown step +} + +void UtilsSecurecTest::SetUp(void) +{ + // step 3: input testcase setup step +} + +void UtilsSecurecTest::TearDown(void) +{ + // step 3: input testcase teardown step +} + +HWTEST_F(UtilsSecurecTest, test_memset_s_01, TestSize.Level0) +{ + char cBase[20]; + errno_t result = memset_s(reinterpret_cast(cBase), sizeof(char) * 20, 1, sizeof(char) * 20); + EXPECT_EQ(result, 0); +} + +HWTEST_F(UtilsSecurecTest, test_memset_s_02, TestSize.Level0) +{ + char cBase[20]; + errno_t result = memset_s(reinterpret_cast(cBase), sizeof(char) * 20, 1, sizeof(char) * 21); + EXPECT_NE(result, 0); +} + +HWTEST_F(UtilsSecurecTest, test_memcpy_s_01, TestSize.Level0) +{ + char cBase[20] = "memcpy_s"; + char cTemp[20]; + errno_t result = memcpy_s(reinterpret_cast(cTemp), sizeof(char) * 20, cBase, sizeof(cBase)); + EXPECT_EQ(result, 0); + EXPECT_EQ(0, strcmp(cTemp, cBase)); +} + +HWTEST_F(UtilsSecurecTest, test_memcpy_s_02, TestSize.Level0) +{ + char cBase[20] = "memcpy_s"; + char cTemp[5]; + errno_t result = memcpy_s(reinterpret_cast(cTemp), sizeof(char) * 5, cBase, sizeof(cBase)); + EXPECT_NE(result, 0); +} + +HWTEST_F(UtilsSecurecTest, test_strcpy_s_01, TestSize.Level0) +{ + const char cBase[] = "strcpy_base"; + char cTemp[20]; + errno_t result = strcpy_s(cTemp, sizeof(cTemp), cBase); + EXPECT_EQ(result, 0); + EXPECT_EQ(0, strcmp(cTemp, cBase)); +} + +HWTEST_F(UtilsSecurecTest, test_strcpy_s_02, TestSize.Level0) +{ + const char cBase[] = "strcpy_base"; + char cTemp[10]; + errno_t result = strcpy_s(cTemp, sizeof(cTemp), cBase); + EXPECT_NE(result, 0); +} + +HWTEST_F(UtilsSecurecTest, test_strncpy_s_01, TestSize.Level0) +{ + const char cBase[] = "strcpy_base"; + char cTemp[20]; + errno_t result = strncpy_s(cTemp, sizeof(cTemp), cBase, sizeof(cBase)); + EXPECT_EQ(result, 0); + EXPECT_EQ(0, strcmp(cTemp, cBase)); +} + +HWTEST_F(UtilsSecurecTest, test_strncpy_s_02, TestSize.Level0) +{ + const char cBase[] = "strcpy_base"; + char cTemp[10]; + errno_t result = strncpy_s(cTemp, sizeof(cTemp), cBase, (sizeof(cTemp) -1)); + EXPECT_EQ(result, 0); + result = strncpy_s(cTemp, sizeof(cTemp), cBase, sizeof(cBase)); + EXPECT_NE(result, 0); +} + +HWTEST_F(UtilsSecurecTest, test_strcat_s_01, TestSize.Level0) +{ + const char cBase[] = "strcpy_base"; + char cTemp[20] = "temp "; + errno_t result = strcat_s(cTemp, sizeof(cTemp), cBase); + EXPECT_EQ(result, 0); + EXPECT_EQ(0, strcmp(cTemp, "temp strcpy_base")); +} + +HWTEST_F(UtilsSecurecTest, test_strcat_s_02, TestSize.Level0) +{ + const char cBase[] = "strcpy_base"; + char cTemp[10]; + errno_t result = strcat_s(cTemp, sizeof(cTemp), cBase); + EXPECT_NE(result, 0); +} + +HWTEST_F(UtilsSecurecTest, test_sprintf_s_01, TestSize.Level0) +{ + char cBase[64] = { 0 }; + errno_t result = sprintf_s(cBase, sizeof(cBase), "%d", 12345); + EXPECT_EQ(string(cBase), "12345"); + EXPECT_NE(result, 0); +} \ No newline at end of file diff --git a/bundle.json b/bundle.json index c4d70cfceaa9ed2d668f73f852b153bdc9008a47..9e7082e6af353149e95f8d3d714a15de0c166d38 100644 --- a/bundle.json +++ b/bundle.json @@ -49,6 +49,8 @@ "safe_block_queue.h", "safe_map.h", "safe_queue.h", + "securec.h", + "securectype.h", "semaphore_ex.h", "singleton.h", "sorted_vector.h", @@ -82,6 +84,8 @@ "safe_block_queue.h", "safe_map.h", "safe_queue.h", + "securec.h", + "securectype.h", "semaphore_ex.h", "singleton.h", "sorted_vector.h",