My favorites | Sign in
Project Home Downloads Wiki Issues Source
Checkout   Browse   Changes  
Changes to /trunk/src/google/protobuf/stubs/stringprintf.cc
r425 vs. r426 Compare: vs.  Format:
Revision r426
Go to: 
Project members, sign in to write a code review
/trunk/src/google/protobuf/stubs/stringprintf.cc   r425 /trunk/src/google/protobuf/stubs/stringprintf.cc   r426
1 // Protocol Buffers - Google's data interchange format 1 // Protocol Buffers - Google's data interchange format
2 // Copyright 2012 Google Inc. All rights reserved. 2 // Copyright 2012 Google Inc. All rights reserved.
3 // http://code.google.com/p/protobuf/ 3 // http://code.google.com/p/protobuf/
4 // 4 //
5 // Redistribution and use in source and binary forms, with or without 5 // Redistribution and use in source and binary forms, with or without
6 // modification, are permitted provided that the following conditions are 6 // modification, are permitted provided that the following conditions are
7 // met: 7 // met:
8 // 8 //
9 // * Redistributions of source code must retain the above copyright 9 // * Redistributions of source code must retain the above copyright
10 // notice, this list of conditions and the following disclaimer. 10 // notice, this list of conditions and the following disclaimer.
11 // * Redistributions in binary form must reproduce the above 11 // * Redistributions in binary form must reproduce the above
12 // copyright notice, this list of conditions and the following disclaimer 12 // copyright notice, this list of conditions and the following disclaimer
13 // in the documentation and/or other materials provided with the 13 // in the documentation and/or other materials provided with the
14 // distribution. 14 // distribution.
15 // * Neither the name of Google Inc. nor the names of its 15 // * Neither the name of Google Inc. nor the names of its
16 // contributors may be used to endorse or promote products derived from 16 // contributors may be used to endorse or promote products derived from
17 // this software without specific prior written permission. 17 // this software without specific prior written permission.
18 // 18 //
19 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 30
31 // from google3/base/stringprintf.cc 31 // from google3/base/stringprintf.cc
32 32
33 #include <google/protobuf/stubs/stringprintf.h> 33 #include <google/protobuf/stubs/stringprintf.h>
34 34
35 #include <errno.h> 35 #include <errno.h>
36 #include <stdarg.h> // For va_list and related operations 36 #include <stdarg.h> // For va_list and related operations
37 #include <stdio.h> // MSVC requires this for _vsnprintf 37 #include <stdio.h> // MSVC requires this for _vsnprintf
38 #include <vector> 38 #include <vector>
39 #include <google/protobuf/stubs/common.h> 39 #include <google/protobuf/stubs/common.h>
40 #include <google/protobuf/testing/googletest.h> 40 #include <google/protobuf/testing/googletest.h>
41 41
42 namespace google { 42 namespace google {
43 namespace protobuf { 43 namespace protobuf {
44 44
45 #ifdef _MSC_VER 45 #ifdef _MSC_VER
46 enum { IS_COMPILER_MSVC = 1 }; 46 enum { IS_COMPILER_MSVC = 1 };
47 #ifndef va_copy
48 // Define va_copy for MSVC. This is a hack, assuming va_list is simply a
49 // pointer into the stack and is safe to copy.
50 #define va_copy(dest, src) ((dest) = (src))
51 #endif
47 #else 52 #else
48 enum { IS_COMPILER_MSVC = 0 }; 53 enum { IS_COMPILER_MSVC = 0 };
49 #endif 54 #endif
50 55
51 void StringAppendV(string* dst, const char* format, va_list ap) { 56 void StringAppendV(string* dst, const char* format, va_list ap) {
52 // First try with a small fixed size buffer 57 // First try with a small fixed size buffer
53 static const int kSpaceLength = 1024; 58 static const int kSpaceLength = 1024;
54 char space[kSpaceLength]; 59 char space[kSpaceLength];
55 60
56 // It's possible for methods that use a va_list to invalidate 61 // It's possible for methods that use a va_list to invalidate
57 // the data in it upon use. The fix is to make a copy 62 // the data in it upon use. The fix is to make a copy
58 // of the structure before using it and use that copy instead. 63 // of the structure before using it and use that copy instead.
59 va_list backup_ap; 64 va_list backup_ap;
60 va_copy(backup_ap, ap); 65 va_copy(backup_ap, ap);
61 int result = vsnprintf(space, kSpaceLength, format, backup_ap); 66 int result = vsnprintf(space, kSpaceLength, format, backup_ap);
62 va_end(backup_ap); 67 va_end(backup_ap);
63 68
64 if (result < kSpaceLength) { 69 if (result < kSpaceLength) {
65 if (result >= 0) { 70 if (result >= 0) {
66 // Normal case -- everything fit. 71 // Normal case -- everything fit.
67 dst->append(space, result); 72 dst->append(space, result);
68 return; 73 return;
69 } 74 }
70 75
71 if (IS_COMPILER_MSVC) { 76 if (IS_COMPILER_MSVC) {
72 // Error or MSVC running out of space. MSVC 8.0 and higher 77 // Error or MSVC running out of space. MSVC 8.0 and higher
73 // can be asked about space needed with the special idiom below: 78 // can be asked about space needed with the special idiom below:
74 va_copy(backup_ap, ap); 79 va_copy(backup_ap, ap);
75 result = vsnprintf(NULL, 0, format, backup_ap); 80 result = vsnprintf(NULL, 0, format, backup_ap);
76 va_end(backup_ap); 81 va_end(backup_ap);
77 } 82 }
78 83
79 if (result < 0) { 84 if (result < 0) {
80 // Just an error. 85 // Just an error.
81 return; 86 return;
82 } 87 }
83 } 88 }
84 89
85 // Increase the buffer size to the size requested by vsnprintf, 90 // Increase the buffer size to the size requested by vsnprintf,
86 // plus one for the closing \0. 91 // plus one for the closing \0.
87 int length = result+1; 92 int length = result+1;
88 char* buf = new char[length]; 93 char* buf = new char[length];
89 94
90 // Restore the va_list before we use it again 95 // Restore the va_list before we use it again
91 va_copy(backup_ap, ap); 96 va_copy(backup_ap, ap);
92 result = vsnprintf(buf, length, format, backup_ap); 97 result = vsnprintf(buf, length, format, backup_ap);
93 va_end(backup_ap); 98 va_end(backup_ap);
94 99
95 if (result >= 0 && result < length) { 100 if (result >= 0 && result < length) {
96 // It fit 101 // It fit
97 dst->append(buf, result); 102 dst->append(buf, result);
98 } 103 }
99 delete[] buf; 104 delete[] buf;
100 } 105 }
101 106
102 107
103 string StringPrintf(const char* format, ...) { 108 string StringPrintf(const char* format, ...) {
104 va_list ap; 109 va_list ap;
105 va_start(ap, format); 110 va_start(ap, format);
106 string result; 111 string result;
107 StringAppendV(&result, format, ap); 112 StringAppendV(&result, format, ap);
108 va_end(ap); 113 va_end(ap);
109 return result; 114 return result;
110 } 115 }
111 116
112 const string& SStringPrintf(string* dst, const char* format, ...) { 117 const string& SStringPrintf(string* dst, const char* format, ...) {
113 va_list ap; 118 va_list ap;
114 va_start(ap, format); 119 va_start(ap, format);
115 dst->clear(); 120 dst->clear();
116 StringAppendV(dst, format, ap); 121 StringAppendV(dst, format, ap);
117 va_end(ap); 122 va_end(ap);
118 return *dst; 123 return *dst;
119 } 124 }
120 125
121 void StringAppendF(string* dst, const char* format, ...) { 126 void StringAppendF(string* dst, const char* format, ...) {
122 va_list ap; 127 va_list ap;
123 va_start(ap, format); 128 va_start(ap, format);
124 StringAppendV(dst, format, ap); 129 StringAppendV(dst, format, ap);
125 va_end(ap); 130 va_end(ap);
126 } 131 }
127 132
128 // Max arguments supported by StringPrintVector 133 // Max arguments supported by StringPrintVector
129 const int kStringPrintfVectorMaxArgs = 32; 134 const int kStringPrintfVectorMaxArgs = 32;
130 135
131 // An empty block of zero for filler arguments. This is const so that if 136 // An empty block of zero for filler arguments. This is const so that if
132 // printf tries to write to it (via %n) then the program gets a SIGSEGV 137 // printf tries to write to it (via %n) then the program gets a SIGSEGV
133 // and we can fix the problem or protect against an attack. 138 // and we can fix the problem or protect against an attack.
134 static const char string_printf_empty_block[256] = { '\0' }; 139 static const char string_printf_empty_block[256] = { '\0' };
135 140
136 string StringPrintfVector(const char* format, const vector<string>& v) { 141 string StringPrintfVector(const char* format, const vector<string>& v) {
137 GOOGLE_CHECK_LE(v.size(), kStringPrintfVectorMaxArgs) 142 GOOGLE_CHECK_LE(v.size(), kStringPrintfVectorMaxArgs)
138 << "StringPrintfVector currently only supports up to " 143 << "StringPrintfVector currently only supports up to "
139 << kStringPrintfVectorMaxArgs << " arguments. " 144 << kStringPrintfVectorMaxArgs << " arguments. "
140 << "Feel free to add support for more if you need it."; 145 << "Feel free to add support for more if you need it.";
141 146
142 // Add filler arguments so that bogus format+args have a harder time 147 // Add filler arguments so that bogus format+args have a harder time
143 // crashing the program, corrupting the program (%n), 148 // crashing the program, corrupting the program (%n),
144 // or displaying random chunks of memory to users. 149 // or displaying random chunks of memory to users.
145 150
146 const char* cstr[kStringPrintfVectorMaxArgs]; 151 const char* cstr[kStringPrintfVectorMaxArgs];
147 for (int i = 0; i < v.size(); ++i) { 152 for (int i = 0; i < v.size(); ++i) {
148 cstr[i] = v[i].c_str(); 153 cstr[i] = v[i].c_str();
149 } 154 }
150 for (int i = v.size(); i < GOOGLE_ARRAYSIZE(cstr); ++i) { 155 for (int i = v.size(); i < GOOGLE_ARRAYSIZE(cstr); ++i) {
151 cstr[i] = &string_printf_empty_block[0]; 156 cstr[i] = &string_printf_empty_block[0];
152 } 157 }
153 158
154 // I do not know any way to pass kStringPrintfVectorMaxArgs arguments, 159 // I do not know any way to pass kStringPrintfVectorMaxArgs arguments,
155 // or any way to build a va_list by hand, or any API for printf 160 // or any way to build a va_list by hand, or any API for printf
156 // that accepts an array of arguments. The best I can do is stick 161 // that accepts an array of arguments. The best I can do is stick
157 // this COMPILE_ASSERT right next to the actual statement. 162 // this COMPILE_ASSERT right next to the actual statement.
158 163
159 GOOGLE_COMPILE_ASSERT(kStringPrintfVectorMaxArgs == 32, arg_count_mismatch); 164 GOOGLE_COMPILE_ASSERT(kStringPrintfVectorMaxArgs == 32, arg_count_mismatch);
160 return StringPrintf(format, 165 return StringPrintf(format,
161 cstr[0], cstr[1], cstr[2], cstr[3], cstr[4], 166 cstr[0], cstr[1], cstr[2], cstr[3], cstr[4],
162 cstr[5], cstr[6], cstr[7], cstr[8], cstr[9], 167 cstr[5], cstr[6], cstr[7], cstr[8], cstr[9],
163 cstr[10], cstr[11], cstr[12], cstr[13], cstr[14], 168 cstr[10], cstr[11], cstr[12], cstr[13], cstr[14],
164 cstr[15], cstr[16], cstr[17], cstr[18], cstr[19], 169 cstr[15], cstr[16], cstr[17], cstr[18], cstr[19],
165 cstr[20], cstr[21], cstr[22], cstr[23], cstr[24], 170 cstr[20], cstr[21], cstr[22], cstr[23], cstr[24],
166 cstr[25], cstr[26], cstr[27], cstr[28], cstr[29], 171 cstr[25], cstr[26], cstr[27], cstr[28], cstr[29],
167 cstr[30], cstr[31]); 172 cstr[30], cstr[31]);
168 } 173 }
169 } // namespace protobuf 174 } // namespace protobuf
170 } // namespace google 175 } // namespace google
Powered by Google Project Hosting