Home | History | Annotate | Download | only in fxcrt 
      1 // Copyright 2014 PDFium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
      6 
      7 #ifndef CORE_FXCRT_FX_MEMORY_H_
      8 #define CORE_FXCRT_FX_MEMORY_H_
      9 
     10 #include "core/fxcrt/fx_system.h"
     11 
     12 #ifdef __cplusplus
     13 extern "C" {
     14 #endif
     15 
     16 // For external C libraries to malloc through PDFium. These may return nullptr.
     17 void* FXMEM_DefaultAlloc(size_t byte_size);
     18 void* FXMEM_DefaultCalloc(size_t num_elems, size_t byte_size);
     19 void* FXMEM_DefaultRealloc(void* pointer, size_t new_size);
     20 void FXMEM_DefaultFree(void* pointer);
     21 
     22 #ifdef __cplusplus
     23 }  // extern "C"
     24 
     25 #include <stdlib.h>
     26 #include <limits>
     27 #include <memory>
     28 #include <new>
     29 
     30 #include "core/fxcrt/fx_safe_types.h"
     31 #include "third_party/base/allocator/partition_allocator/partition_alloc.h"
     32 
     33 extern pdfium::base::PartitionAllocatorGeneric gArrayBufferPartitionAllocator;
     34 extern pdfium::base::PartitionAllocatorGeneric gGeneralPartitionAllocator;
     35 extern pdfium::base::PartitionAllocatorGeneric gStringPartitionAllocator;
     36 
     37 void FXMEM_InitializePartitionAlloc();
     38 NEVER_INLINE void FX_OutOfMemoryTerminate();
     39 
     40 inline void* FX_SafeAlloc(size_t num_members, size_t member_size) {
     41   FX_SAFE_SIZE_T total = member_size;
     42   total *= num_members;
     43   if (!total.IsValid())
     44     return nullptr;
     45 
     46   void* result = pdfium::base::PartitionAllocGenericFlags(
     47       gGeneralPartitionAllocator.root(), pdfium::base::PartitionAllocReturnNull,
     48       total.ValueOrDie(), "GeneralPartition");
     49   if (result)
     50     memset(result, 0, total.ValueOrDie());
     51   return result;
     52 }
     53 
     54 inline void* FX_SafeRealloc(void* ptr, size_t num_members, size_t member_size) {
     55   FX_SAFE_SIZE_T size = num_members;
     56   size *= member_size;
     57   if (!size.IsValid())
     58     return nullptr;
     59 
     60   return pdfium::base::PartitionReallocGeneric(
     61       gGeneralPartitionAllocator.root(), ptr, size.ValueOrDie(),
     62       "GeneralPartition");
     63 }
     64 
     65 inline void* FX_AllocOrDie(size_t num_members, size_t member_size) {
     66   // TODO(tsepez): See if we can avoid the implicit memset(0).
     67   if (void* result = FX_SafeAlloc(num_members, member_size))
     68     return result;
     69 
     70   FX_OutOfMemoryTerminate();  // Never returns.
     71   return nullptr;             // Suppress compiler warning.
     72 }
     73 
     74 inline void* FX_AllocOrDie2D(size_t w, size_t h, size_t member_size) {
     75   if (w < std::numeric_limits<size_t>::max() / h)
     76     return FX_AllocOrDie(w * h, member_size);
     77 
     78   FX_OutOfMemoryTerminate();  // Never returns.
     79   return nullptr;             // Suppress compiler warning.
     80 }
     81 
     82 inline void* FX_ReallocOrDie(void* ptr,
     83                              size_t num_members,
     84                              size_t member_size) {
     85   if (void* result = FX_SafeRealloc(ptr, num_members, member_size))
     86     return result;
     87 
     88   FX_OutOfMemoryTerminate();  // Never returns.
     89   return nullptr;             // Suppress compiler warning.
     90 }
     91 
     92 // These never return nullptr.
     93 #define FX_Alloc(type, size) \
     94   static_cast<type*>(FX_AllocOrDie(size, sizeof(type)))
     95 #define FX_Alloc2D(type, w, h) \
     96   static_cast<type*>(FX_AllocOrDie2D(w, h, sizeof(type)))
     97 #define FX_Realloc(type, ptr, size) \
     98   static_cast<type*>(FX_ReallocOrDie(ptr, size, sizeof(type)))
     99 
    100 // May return nullptr.
    101 #define FX_TryAlloc(type, size) \
    102   static_cast<type*>(FX_SafeAlloc(size, sizeof(type)))
    103 #define FX_TryRealloc(type, ptr, size) \
    104   static_cast<type*>(FX_SafeRealloc(ptr, size, sizeof(type)))
    105 
    106 inline void FX_Free(void* ptr) {
    107   // TODO(palmer): Removing this check exposes crashes when PDFium callers
    108   // attempt to free |nullptr|. Although libc's |free| allows freeing |NULL|, no
    109   // other Partition Alloc callers need this tolerant behavior. Additionally,
    110   // checking for |nullptr| adds a branch to |PartitionFree|, and it's nice to
    111   // not have to have that.
    112   //
    113   // So this check is hiding (what I consider to be) bugs, and we should try to
    114   // fix them. https://bugs.chromium.org/p/pdfium/issues/detail?id=690
    115   if (ptr)
    116     pdfium::base::PartitionFree(ptr);
    117 }
    118 
    119 // The FX_ArraySize(arr) macro returns the # of elements in an array arr.
    120 // The expression is a compile-time constant, and therefore can be
    121 // used in defining new arrays, for example.  If you use FX_ArraySize on
    122 // a pointer by mistake, you will get a compile-time error.
    123 //
    124 // One caveat is that FX_ArraySize() doesn't accept any array of an
    125 // anonymous type or a type defined inside a function.
    126 #define FX_ArraySize(array) (sizeof(ArraySizeHelper(array)))
    127 
    128 // This template function declaration is used in defining FX_ArraySize.
    129 // Note that the function doesn't need an implementation, as we only
    130 // use its type.
    131 template <typename T, size_t N>
    132 char (&ArraySizeHelper(T (&array)[N]))[N];
    133 
    134 // Used with std::unique_ptr to FX_Free raw memory.
    135 struct FxFreeDeleter {
    136   inline void operator()(void* ptr) const { FX_Free(ptr); }
    137 };
    138 
    139 #endif  // __cplusplus
    140 
    141 #endif  // CORE_FXCRT_FX_MEMORY_H_
    142