1 // Copyright 2014 PDFium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com
6
7 #ifndef CORE_FXCRT_FX_MEMORY_H_
8 #define CORE_FXCRT_FX_MEMORY_H_
9
10 #include "core/fxcrt/fx_system.h"
11
12 #ifdef __cplusplus
13 extern "C" {
14 #endif
15
16 // For external C libraries to malloc through PDFium. These may return nullptr.
17 void* FXMEM_DefaultAlloc(size_t byte_size);
18 void* FXMEM_DefaultCalloc(size_t num_elems, size_t byte_size);
19 void* FXMEM_DefaultRealloc(void* pointer, size_t new_size);
20 void FXMEM_DefaultFree(void* pointer);
21
22 #ifdef __cplusplus
23 } // extern "C"
24
25 #include <stdlib.h>
26 #include <limits>
27 #include <memory>
28 #include <new>
29
30 #include "core/fxcrt/fx_safe_types.h"
31 #include "third_party/base/allocator/partition_allocator/partition_alloc.h"
32
33 extern pdfium::base::PartitionAllocatorGeneric gArrayBufferPartitionAllocator;
34 extern pdfium::base::PartitionAllocatorGeneric gGeneralPartitionAllocator;
35 extern pdfium::base::PartitionAllocatorGeneric gStringPartitionAllocator;
36
37 void FXMEM_InitializePartitionAlloc();
38 NEVER_INLINE void FX_OutOfMemoryTerminate();
39
FX_SafeAlloc(size_t num_members,size_t member_size)40 inline void* FX_SafeAlloc(size_t num_members, size_t member_size) {
41 FX_SAFE_SIZE_T total = member_size;
42 total *= num_members;
43 if (!total.IsValid())
44 return nullptr;
45
46 void* result = pdfium::base::PartitionAllocGenericFlags(
47 gGeneralPartitionAllocator.root(), pdfium::base::PartitionAllocReturnNull,
48 total.ValueOrDie(), "GeneralPartition");
49 if (result)
50 memset(result, 0, total.ValueOrDie());
51 return result;
52 }
53
FX_SafeRealloc(void * ptr,size_t num_members,size_t member_size)54 inline void* FX_SafeRealloc(void* ptr, size_t num_members, size_t member_size) {
55 FX_SAFE_SIZE_T size = num_members;
56 size *= member_size;
57 if (!size.IsValid())
58 return nullptr;
59
60 return pdfium::base::PartitionReallocGeneric(
61 gGeneralPartitionAllocator.root(), ptr, size.ValueOrDie(),
62 "GeneralPartition");
63 }
64
FX_AllocOrDie(size_t num_members,size_t member_size)65 inline void* FX_AllocOrDie(size_t num_members, size_t member_size) {
66 // TODO(tsepez): See if we can avoid the implicit memset(0).
67 if (void* result = FX_SafeAlloc(num_members, member_size))
68 return result;
69
70 FX_OutOfMemoryTerminate(); // Never returns.
71 return nullptr; // Suppress compiler warning.
72 }
73
FX_AllocOrDie2D(size_t w,size_t h,size_t member_size)74 inline void* FX_AllocOrDie2D(size_t w, size_t h, size_t member_size) {
75 if (w < std::numeric_limits<size_t>::max() / h)
76 return FX_AllocOrDie(w * h, member_size);
77
78 FX_OutOfMemoryTerminate(); // Never returns.
79 return nullptr; // Suppress compiler warning.
80 }
81
FX_ReallocOrDie(void * ptr,size_t num_members,size_t member_size)82 inline void* FX_ReallocOrDie(void* ptr,
83 size_t num_members,
84 size_t member_size) {
85 if (void* result = FX_SafeRealloc(ptr, num_members, member_size))
86 return result;
87
88 FX_OutOfMemoryTerminate(); // Never returns.
89 return nullptr; // Suppress compiler warning.
90 }
91
92 // These never return nullptr.
93 #define FX_Alloc(type, size) \
94 static_cast<type*>(FX_AllocOrDie(size, sizeof(type)))
95 #define FX_Alloc2D(type, w, h) \
96 static_cast<type*>(FX_AllocOrDie2D(w, h, sizeof(type)))
97 #define FX_Realloc(type, ptr, size) \
98 static_cast<type*>(FX_ReallocOrDie(ptr, size, sizeof(type)))
99
100 // May return nullptr.
101 #define FX_TryAlloc(type, size) \
102 static_cast<type*>(FX_SafeAlloc(size, sizeof(type)))
103 #define FX_TryRealloc(type, ptr, size) \
104 static_cast<type*>(FX_SafeRealloc(ptr, size, sizeof(type)))
105
FX_Free(void * ptr)106 inline void FX_Free(void* ptr) {
107 // TODO(palmer): Removing this check exposes crashes when PDFium callers
108 // attempt to free |nullptr|. Although libc's |free| allows freeing |NULL|, no
109 // other Partition Alloc callers need this tolerant behavior. Additionally,
110 // checking for |nullptr| adds a branch to |PartitionFree|, and it's nice to
111 // not have to have that.
112 //
113 // So this check is hiding (what I consider to be) bugs, and we should try to
114 // fix them. https://bugs.chromium.org/p/pdfium/issues/detail?id=690
115 if (ptr)
116 pdfium::base::PartitionFree(ptr);
117 }
118
119 // The FX_ArraySize(arr) macro returns the # of elements in an array arr.
120 // The expression is a compile-time constant, and therefore can be
121 // used in defining new arrays, for example. If you use FX_ArraySize on
122 // a pointer by mistake, you will get a compile-time error.
123 //
124 // One caveat is that FX_ArraySize() doesn't accept any array of an
125 // anonymous type or a type defined inside a function.
126 #define FX_ArraySize(array) (sizeof(ArraySizeHelper(array)))
127
128 // This template function declaration is used in defining FX_ArraySize.
129 // Note that the function doesn't need an implementation, as we only
130 // use its type.
131 template <typename T, size_t N>
132 char (&ArraySizeHelper(T (&array)[N]))[N];
133
134 // Used with std::unique_ptr to FX_Free raw memory.
135 struct FxFreeDeleter {
operatorFxFreeDeleter136 inline void operator()(void* ptr) const { FX_Free(ptr); }
137 };
138
139 #endif // __cplusplus
140
141 #endif // CORE_FXCRT_FX_MEMORY_H_
142