Octave-Forge - Extra packages for GNU Octave | |
Home · Packages · Developers · Documentation · FAQ · Bugs · Mailing Lists · Links · Code |
00001 /* -*- buffer-read-only: t -*- vi: set ro: */ 00002 /* DO NOT EDIT! GENERATED AUTOMATICALLY! */ 00003 /* xsize.h -- Checked size_t computations. 00004 00005 Copyright (C) 2003, 2008-2011 Free Software Foundation, Inc. 00006 00007 This program is free software; you can redistribute it and/or modify 00008 it under the terms of the GNU General Public License as published by 00009 the Free Software Foundation; either version 3, or (at your option) 00010 any later version. 00011 00012 This program is distributed in the hope that it will be useful, 00013 but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 GNU General Public License for more details. 00016 00017 You should have received a copy of the GNU General Public License 00018 along with this program; if not, write to the Free Software Foundation, 00019 Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ 00020 00021 #ifndef _XSIZE_H 00022 #define _XSIZE_H 00023 00024 /* Get size_t. */ 00025 #include <stddef.h> 00026 00027 /* Get SIZE_MAX. */ 00028 #include <limits.h> 00029 #if HAVE_STDINT_H 00030 # include <stdint.h> 00031 #endif 00032 00033 /* The size of memory objects is often computed through expressions of 00034 type size_t. Example: 00035 void* p = malloc (header_size + n * element_size). 00036 These computations can lead to overflow. When this happens, malloc() 00037 returns a piece of memory that is way too small, and the program then 00038 crashes while attempting to fill the memory. 00039 To avoid this, the functions and macros in this file check for overflow. 00040 The convention is that SIZE_MAX represents overflow. 00041 malloc (SIZE_MAX) is not guaranteed to fail -- think of a malloc 00042 implementation that uses mmap --, it's recommended to use size_overflow_p() 00043 or size_in_bounds_p() before invoking malloc(). 00044 The example thus becomes: 00045 size_t size = xsum (header_size, xtimes (n, element_size)); 00046 void *p = (size_in_bounds_p (size) ? malloc (size) : NULL); 00047 */ 00048 00049 /* Convert an arbitrary value >= 0 to type size_t. */ 00050 #define xcast_size_t(N) \ 00051 ((N) <= SIZE_MAX ? (size_t) (N) : SIZE_MAX) 00052 00053 /* Sum of two sizes, with overflow check. */ 00054 static inline size_t 00055 #if __GNUC__ >= 3 00056 __attribute__ ((__pure__)) 00057 #endif 00058 xsum (size_t size1, size_t size2) 00059 { 00060 size_t sum = size1 + size2; 00061 return (sum >= size1 ? sum : SIZE_MAX); 00062 } 00063 00064 /* Sum of three sizes, with overflow check. */ 00065 static inline size_t 00066 #if __GNUC__ >= 3 00067 __attribute__ ((__pure__)) 00068 #endif 00069 xsum3 (size_t size1, size_t size2, size_t size3) 00070 { 00071 return xsum (xsum (size1, size2), size3); 00072 } 00073 00074 /* Sum of four sizes, with overflow check. */ 00075 static inline size_t 00076 #if __GNUC__ >= 3 00077 __attribute__ ((__pure__)) 00078 #endif 00079 xsum4 (size_t size1, size_t size2, size_t size3, size_t size4) 00080 { 00081 return xsum (xsum (xsum (size1, size2), size3), size4); 00082 } 00083 00084 /* Maximum of two sizes, with overflow check. */ 00085 static inline size_t 00086 #if __GNUC__ >= 3 00087 __attribute__ ((__pure__)) 00088 #endif 00089 xmax (size_t size1, size_t size2) 00090 { 00091 /* No explicit check is needed here, because for any n: 00092 max (SIZE_MAX, n) == SIZE_MAX and max (n, SIZE_MAX) == SIZE_MAX. */ 00093 return (size1 >= size2 ? size1 : size2); 00094 } 00095 00096 /* Multiplication of a count with an element size, with overflow check. 00097 The count must be >= 0 and the element size must be > 0. 00098 This is a macro, not an inline function, so that it works correctly even 00099 when N is of a wider type and N > SIZE_MAX. */ 00100 #define xtimes(N, ELSIZE) \ 00101 ((N) <= SIZE_MAX / (ELSIZE) ? (size_t) (N) * (ELSIZE) : SIZE_MAX) 00102 00103 /* Check for overflow. */ 00104 #define size_overflow_p(SIZE) \ 00105 ((SIZE) == SIZE_MAX) 00106 /* Check against overflow. */ 00107 #define size_in_bounds_p(SIZE) \ 00108 ((SIZE) != SIZE_MAX) 00109 00110 #endif /* _XSIZE_H */