/**************************************************************************** * * Open Watcom Project * * Portions Copyright (c) 1983-2002 Sybase, Inc. All Rights Reserved. * * ======================================================================== * * This file contains Original Code and/or Modifications of Original * Code as defined in and that are subject to the Sybase Open Watcom * Public License version 1.0 (the 'License'). You may not use this file * except in compliance with the License. BY USING THIS FILE YOU AGREE TO * ALL TERMS AND CONDITIONS OF THE LICENSE. A copy of the License is * provided with the Original Code and Modifications, and is also * available at www.sybase.com/developer/opensource. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND SYBASE AND ALL CONTRIBUTORS HEREBY DISCLAIM * ALL SUCH WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR * NON-INFRINGEMENT. Please see the License for the specific language * governing rights and limitations under the License. * * ======================================================================== * * Description: Internal data and routines for "Safer C", or bounds-checking * library extension. * ****************************************************************************/ #ifndef _SAFERLIB_H_INCLUDED #define _SAFERLIB_H_INCLUDED #define __STDC_WANT_LIB_EXT1__ 1 #include #include // Maximum length of runtime-constraint error message #define RTCT_MSG_MAX 128 #define _RWD_rtcthandler __runtime_constraint_handler extern constraint_handler_t __runtime_constraint_handler; extern void __rtct_fail( const char *fn, const char *reason, void *reserved ); // Runtime-constraint validation macros. Call the handler and return zero if check // failed, return non-zero value if check succeeded. #define __check_constraint_nullptr( arg ) \ ((arg == NULL) ? __rtct_fail( __func__, #arg " == NULL", NULL ), 0 : 1) #define __check_constraint_maxsize( arg ) \ ((arg > RSIZE_MAX) ? __rtct_fail( __func__, #arg " > RSIZE_MAX", NULL ), 0 : 1) #define __check_constraint_zero( arg ) \ ((arg == 0) ? __rtct_fail( __func__, #arg " == 0", NULL ), 0 : 1) #define __check_constraint_toosmall( name, left ) \ ((left == 0) ? __rtct_fail( __func__, #name " is too small to hold data", NULL ), 0 : 1) // Runtime-constraint validation macros. Construct the message and return // zero if check failed, return non-zero value if check succeeded. // __rtct_fail has to be explicitly called later. #define __check_constraint_nullptr_msg( msg, arg ) \ ((arg == NULL) ? ( msg = #arg " == NULL" ), 0 : 1) #define __check_constraint_maxsize_msg( msg, arg ) \ ((arg > RSIZE_MAX) ? ( msg = #arg " > RSIZE_MAX" ), 0 : 1) #define __check_constraint_zero_msg( msg, arg ) \ ((arg == 0) ? ( msg = #arg " == 0" ), 0 : 1) #define __check_constraint_toosmall_msg( msg, name, left ) \ ((left == 0) ? ( msg = #name " is too small to hold data" ), 0 : 1) #define __check_constraint_a_gt_b_msg( msg, a, b ) \ ((a > b) ? ( msg = #a " > " #b ), 0 : 1) #define __check_constraint_overlap_msg( msg, p1, len1, p2, len2 ) \ (((p1 == p2) || ( (p1 > p2) && ( p1 < (CHAR_TYPE *)p2 + len2 * sizeof( CHAR_TYPE ))) \ || ( (p2 > p1) && ( p2 < (CHAR_TYPE *)p1 + len1 * sizeof( CHAR_TYPE )))) \ ? ( msg = #p1 " overlap " #p2 ), 0 : 1) // For 16-bit targets, the RSIZE_MAX check is effectively no-op. Object sizes // up to SIZE_MAX are legal and not uncommon. #if RSIZE_MAX == SIZE_MAX #undef __check_constraint_maxsize #define __check_constraint_maxsize( arg ) 1 #undef __check_constraint_maxsize_msg #define __check_constraint_maxsize_msg( msg, arg ) 1 #define __lte_rsizmax( arg ) 1 #else #define __lte_rsizmax( arg ) (arg <= RSIZE_MAX) #endif #endif // _SAFERLIB_H_INCLUDED