1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Permission is hereby granted, free of charge, to any person 5 * obtaining a copy of this software and associated documentation 6 * files (the "Software"), to deal in the Software without 7 * restriction, including without limitation the rights to use, copy, 8 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * of the Software, and to permit persons to whom the Software is 10 * furnished to do so, subject to the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #if !defined(AVB_INSIDE_LIBAVB_H) && !defined(AVB_COMPILATION) 26 #error "Never include this file directly, include libavb.h instead." 27 #endif 28 29 #ifndef AVB_UTIL_H_ 30 #define AVB_UTIL_H_ 31 32 #include "avb_sysdeps.h" 33 34 #ifdef __cplusplus 35 extern "C" { 36 #endif 37 38 #define AVB_STRINGIFY(x) #x 39 #define AVB_TO_STRING(x) AVB_STRINGIFY(x) 40 41 #ifdef AVB_ENABLE_DEBUG 42 /* Aborts the program if |expr| is false. 43 * 44 * This has no effect unless AVB_ENABLE_DEBUG is defined. 45 */ 46 #define avb_assert(expr) \ 47 do { \ 48 if (!(expr)) { \ 49 avb_fatal("assert fail: " #expr "\n"); \ 50 } \ 51 } while (0) 52 #else 53 #define avb_assert(expr) 54 #endif 55 56 /* Aborts the program if reached. 57 * 58 * This has no effect unless AVB_ENABLE_DEBUG is defined. 59 */ 60 #ifdef AVB_ENABLE_DEBUG 61 #define avb_assert_not_reached() \ 62 do { \ 63 avb_fatal("assert_not_reached()\n"); \ 64 } while (0) 65 #else 66 #define avb_assert_not_reached() 67 #endif 68 69 /* Aborts the program if |addr| is not word-aligned. 70 * 71 * This has no effect unless AVB_ENABLE_DEBUG is defined. 72 */ 73 #define avb_assert_aligned(addr) \ 74 avb_assert((((uintptr_t)addr) & (AVB_ALIGNMENT_SIZE - 1)) == 0) 75 76 #ifdef AVB_ENABLE_DEBUG 77 /* Print functions, used for diagnostics. 78 * 79 * These have no effect unless AVB_ENABLE_DEBUG is defined. 80 */ 81 #define avb_debug(message) \ 82 do { \ 83 avb_printv(avb_basename(__FILE__), \ 84 ":", \ 85 AVB_TO_STRING(__LINE__), \ 86 ": DEBUG: ", \ 87 message, \ 88 NULL); \ 89 } while (0) 90 #define avb_debugv(message, ...) \ 91 do { \ 92 avb_printv(avb_basename(__FILE__), \ 93 ":", \ 94 AVB_TO_STRING(__LINE__), \ 95 ": DEBUG: ", \ 96 message, \ 97 ##__VA_ARGS__); \ 98 } while (0) 99 #else 100 #define avb_debug(message) 101 #define avb_debugv(message, ...) 102 #endif 103 104 /* Prints out a message. This is typically used if a runtime-error 105 * occurs. 106 */ 107 #define avb_error(message) \ 108 do { \ 109 avb_printv(avb_basename(__FILE__), \ 110 ":", \ 111 AVB_TO_STRING(__LINE__), \ 112 ": ERROR: ", \ 113 message, \ 114 NULL); \ 115 } while (0) 116 #define avb_errorv(message, ...) \ 117 do { \ 118 avb_printv(avb_basename(__FILE__), \ 119 ":", \ 120 AVB_TO_STRING(__LINE__), \ 121 ": ERROR: ", \ 122 message, \ 123 ##__VA_ARGS__); \ 124 } while (0) 125 126 /* Prints out a message and calls avb_abort(). 127 */ 128 #define avb_fatal(message) \ 129 do { \ 130 avb_printv(avb_basename(__FILE__), \ 131 ":", \ 132 AVB_TO_STRING(__LINE__), \ 133 ": FATAL: ", \ 134 message, \ 135 NULL); \ 136 avb_abort(); \ 137 } while (0) 138 #define avb_fatalv(message, ...) \ 139 do { \ 140 avb_printv(avb_basename(__FILE__), \ 141 ":", \ 142 AVB_TO_STRING(__LINE__), \ 143 ": FATAL: ", \ 144 message, \ 145 ##__VA_ARGS__); \ 146 avb_abort(); \ 147 } while (0) 148 149 /* Converts a 16-bit unsigned integer from big-endian to host byte order. */ 150 uint16_t avb_be16toh(uint16_t in) AVB_ATTR_WARN_UNUSED_RESULT; 151 152 /* Converts a 32-bit unsigned integer from big-endian to host byte order. */ 153 uint32_t avb_be32toh(uint32_t in) AVB_ATTR_WARN_UNUSED_RESULT; 154 155 /* Converts a 64-bit unsigned integer from big-endian to host byte order. */ 156 uint64_t avb_be64toh(uint64_t in) AVB_ATTR_WARN_UNUSED_RESULT; 157 158 /* Converts a 16-bit unsigned integer from host to big-endian byte order. */ 159 uint16_t avb_htobe16(uint16_t in) AVB_ATTR_WARN_UNUSED_RESULT; 160 161 /* Converts a 32-bit unsigned integer from host to big-endian byte order. */ 162 uint32_t avb_htobe32(uint32_t in) AVB_ATTR_WARN_UNUSED_RESULT; 163 164 /* Converts a 64-bit unsigned integer from host to big-endian byte order. */ 165 uint64_t avb_htobe64(uint64_t in) AVB_ATTR_WARN_UNUSED_RESULT; 166 167 /* Compare |n| bytes starting at |s1| with |s2| and return 0 if they 168 * match, 1 if they don't. Returns 0 if |n|==0, since no bytes 169 * mismatched. 170 * 171 * Time taken to perform the comparison is only dependent on |n| and 172 * not on the relationship of the match between |s1| and |s2|. 173 * 174 * Note that unlike avb_memcmp(), this only indicates inequality, not 175 * whether |s1| is less than or greater than |s2|. 176 */ 177 int avb_safe_memcmp(const void* s1, 178 const void* s2, 179 size_t n) AVB_ATTR_WARN_UNUSED_RESULT; 180 181 /* Adds |value_to_add| to |value| with overflow protection. 182 * 183 * Returns false if the addition overflows, true otherwise. In either 184 * case, |value| is always modified. 185 */ 186 bool avb_safe_add_to(uint64_t* value, 187 uint64_t value_to_add) AVB_ATTR_WARN_UNUSED_RESULT; 188 189 /* Adds |a| and |b| with overflow protection, returning the value in 190 * |out_result|. 191 * 192 * It's permissible to pass NULL for |out_result| if you just want to 193 * check that the addition would not overflow. 194 * 195 * Returns false if the addition overflows, true otherwise. 196 */ 197 bool avb_safe_add(uint64_t* out_result, 198 uint64_t a, 199 uint64_t b) AVB_ATTR_WARN_UNUSED_RESULT; 200 201 /* Checks if |num_bytes| data at |data| is a valid UTF-8 202 * string. Returns true if valid UTF-8, false otherwise. 203 */ 204 bool avb_validate_utf8(const uint8_t* data, 205 size_t num_bytes) AVB_ATTR_WARN_UNUSED_RESULT; 206 207 /* Concatenates |str1| (of |str1_len| bytes) and |str2| (of |str2_len| 208 * bytes) and puts the result in |buf| which holds |buf_size| 209 * bytes. The result is also guaranteed to be NUL terminated. Fail if 210 * there is not enough room in |buf| for the resulting string plus 211 * terminating NUL byte. 212 * 213 * Returns true if the operation succeeds, false otherwise. 214 */ 215 bool avb_str_concat(char* buf, 216 size_t buf_size, 217 const char* str1, 218 size_t str1_len, 219 const char* str2, 220 size_t str2_len); 221 222 /* Like avb_malloc_() but prints a error using avb_error() if memory 223 * allocation fails. 224 */ 225 void* avb_malloc(size_t size) AVB_ATTR_WARN_UNUSED_RESULT; 226 227 /* Like avb_malloc() but sets the memory with zeroes. */ 228 void* avb_calloc(size_t size) AVB_ATTR_WARN_UNUSED_RESULT; 229 230 /* Duplicates a NUL-terminated string. Returns NULL on OOM. */ 231 char* avb_strdup(const char* str) AVB_ATTR_WARN_UNUSED_RESULT; 232 233 /* Duplicates a NULL-terminated array of NUL-terminated strings by 234 * concatenating them. The returned string will be 235 * NUL-terminated. Returns NULL on OOM. 236 */ 237 char* avb_strdupv(const char* str, 238 ...) AVB_ATTR_WARN_UNUSED_RESULT AVB_ATTR_SENTINEL; 239 240 /* Finds the first occurrence of |needle| in the string |haystack| 241 * where both strings are NUL-terminated strings. The terminating NUL 242 * bytes are not compared. 243 * 244 * Returns NULL if not found, otherwise points into |haystack| for the 245 * first occurrence of |needle|. 246 */ 247 const char* avb_strstr(const char* haystack, 248 const char* needle) AVB_ATTR_WARN_UNUSED_RESULT; 249 250 /* Finds the first occurrence of |str| in the NULL-terminated string 251 * array |strings|. Each element in |strings| must be 252 * NUL-terminated. The string given by |str| need not be 253 * NUL-terminated but its size must be given in |str_size|. 254 * 255 * Returns NULL if not found, otherwise points into |strings| for the 256 * first occurrence of |str|. 257 */ 258 const char* avb_strv_find_str(const char* const* strings, 259 const char* str, 260 size_t str_size); 261 262 /* Replaces all occurrences of |search| with |replace| in |str|. 263 * 264 * Returns a newly allocated string or NULL if out of memory. 265 */ 266 char* avb_replace(const char* str, 267 const char* search, 268 const char* replace) AVB_ATTR_WARN_UNUSED_RESULT; 269 270 /* Calculates the CRC-32 for data in |buf| of size |buf_size|. */ 271 uint32_t avb_crc32(const uint8_t* buf, size_t buf_size); 272 273 /* Returns the basename of |str|. This is defined as the last path 274 * component, assuming the normal POSIX separator '/'. If there are no 275 * separators, returns |str|. 276 */ 277 const char* avb_basename(const char* str); 278 279 /* Converts any ascii lowercase characters in |str| to uppercase in-place. 280 * |str| must be NUL-terminated and valid UTF-8. 281 */ 282 void avb_uppercase(char* str); 283 284 /* Converts |data_len| bytes of |data| to hex and returns the result. Returns 285 * NULL on OOM. Caller must free the returned string with avb_free. 286 */ 287 char* avb_bin2hex(const uint8_t* data, size_t data_len); 288 289 /* Writes |value| to |digits| in base 10 followed by a NUL byte. 290 * Returns number of characters written excluding the NUL byte. 291 */ 292 #define AVB_MAX_DIGITS_UINT64 32 293 size_t avb_uint64_to_base10(uint64_t value, char digits[AVB_MAX_DIGITS_UINT64]); 294 #ifdef __cplusplus 295 } 296 #endif 297 298 #endif /* AVB_UTIL_H_ */ 299