| blob | e0faa84099112986a10c46b23da898615230d3b1 |
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
7 /**
8 * \file buffers.c
9 * \brief Implements a generic buffer interface.
10 *
11 * A buf_t is a (fairly) opaque byte-oriented FIFO that can read to or flush
12 * from memory, sockets, file descriptors, TLS connections, or another buf_t.
13 * Buffers are implemented as linked lists of memory chunks.
14 *
15 * All socket-backed and TLS-based connection_t objects have a pair of
16 * buffers: one for incoming data, and one for outcoming data. These are fed
17 * and drained from functions in connection.c, triggered by events that are
18 * monitored in main.c.
19 *
20 * This module only handles the buffer implementation itself. To use a buffer
21 * with the network, a compressor, or a TLS connection, see the other buffer_*
22 * modules.
23 **/
25 #define BUFFERS_PRIVATE
27 #include <stddef.h>
37 #ifdef HAVE_UNISTD_H
38 #include <unistd.h>
39 #endif
41 #include <stdlib.h>
42 #include <string.h>
44 //#define PARANOIA
46 #ifdef PARANOIA
47 /** Helper: If PARANOIA is defined, assert that the buffer in local variable
48 * <b>buf</b> is well-formed. */
49 #define check() STMT_BEGIN buf_assert_ok(buf); STMT_END
50 #else
51 #define check() STMT_NIL
54 /* Implementation notes:
55 *
56 * After flirting with memmove, and dallying with ring-buffers, we're finally
57 * getting up to speed with the 1970s and implementing buffers as a linked
58 * list of small chunks. Each buffer has such a list; data is removed from
59 * the head of the list, and added at the tail. The list is singly linked,
60 * and the buffer keeps a pointer to the head and the tail.
61 *
62 * Every chunk, except the tail, contains at least one byte of data. Data in
63 * each chunk is contiguous.
64 *
65 * When you need to treat the first N characters on a buffer as a contiguous
66 * string, use the buf_pullup function to make them so. Don't do this more
67 * than necessary.
68 *
69 * The major free Unix kernels have handled buffers like this since, like,
70 * forever.
71 */
73 /* Chunk manipulation functions */
75 #define CHUNK_HEADER_LEN offsetof(chunk_t, mem[0])
77 /* We leave this many NUL bytes at the end of the buffer. */
78 #ifdef DISABLE_MEMORY_SENTINELS
79 #define SENTINEL_LEN 0
80 #else
81 #define SENTINEL_LEN 4
82 #endif
84 /* Header size plus NUL bytes at the end */
85 #define CHUNK_OVERHEAD (CHUNK_HEADER_LEN + SENTINEL_LEN)
87 /** Return the number of bytes needed to allocate a chunk to hold
88 * <b>memlen</b> bytes. */
89 #define CHUNK_ALLOC_SIZE(memlen) (CHUNK_OVERHEAD + (memlen))
90 /** Return the number of usable bytes in a chunk allocated with
91 * malloc(<b>memlen</b>). */
92 #define CHUNK_SIZE_WITH_ALLOC(memlen) ((memlen) - CHUNK_OVERHEAD)
94 #define DEBUG_SENTINEL
96 #if defined(DEBUG_SENTINEL) && !defined(DISABLE_MEMORY_SENTINELS)
97 #define DBG_S(s) s
98 #else
99 #define DBG_S(s) (void)0
100 #endif
102 #ifndef COCCI
103 #ifdef DISABLE_MEMORY_SENTINELS
104 #define CHUNK_SET_SENTINEL(chunk, alloclen) STMT_NIL
105 #else
106 #define CHUNK_SET_SENTINEL(chunk, alloclen) do { \
107 uint8_t *a = (uint8_t*) &(chunk)->mem[(chunk)->memlen]; \
108 DBG_S(uint8_t *b = &((uint8_t*)(chunk))[(alloclen)-SENTINEL_LEN]); \
109 DBG_S(tor_assert(a == b)); \
110 memset(a,0,SENTINEL_LEN); \
111 } while (0)
115 /** Move all bytes stored in <b>chunk</b> to the front of <b>chunk</b>->mem,
116 * to free up space at the end. */
119 {
122 }
124 }
126 /** Keep track of total size of allocated chunks for consistency asserts */
128 static void
130 {
133 #ifdef DEBUG_CHUNK_ALLOC
135 #endif
140 }
143 {
148 #ifdef DEBUG_CHUNK_ALLOC
150 #endif
156 }
158 /** Expand <b>chunk</b> until it can hold <b>sz</b> bytes, and return a
159 * new pointer to <b>chunk</b>. Old pointers are no longer valid. */
162 {
172 #ifdef DEBUG_CHUNK_ALLOC
175 #endif
179 }
181 /** Every chunk should take up at least this many bytes. */
182 #define MIN_CHUNK_ALLOC 256
183 /** No chunk should take up more than this many bytes. */
184 #define MAX_CHUNK_ALLOC 65536
186 /** Return the allocation size we'd like to use to hold <b>target</b>
187 * bytes. */
188 size_t
190 {
197 }
199 }
201 /** Collapse data from the first N chunks from <b>buf</b> into buf->head,
202 * growing it as necessary, until buf->head has the first <b>bytes</b> bytes
203 * of data from the buffer, or until buf->head has all the data in <b>buf</b>.
204 *
205 * Set *<b>head_out</b> to point to the first byte of available data, and
206 * *<b>len_out</b> to the number of bytes of data available at
207 * *<b>head_out</b>. Note that *<b>len_out</b> may be more or less than
208 * <b>bytes</b>, depending on the number of bytes available.
209 */
210 void
212 {
219 }
230 }
233 /* We don't need to grow the first chunk, but we might need to repack it.*/
241 /* We need to grow the chunk. */
250 }
251 }
271 }
272 }
277 }
279 #ifdef TOR_UNIT_TESTS
280 /* Write sz bytes from cp into a newly allocated buffer buf.
281 * Returns NULL when passed a NULL cp or zero sz.
282 * Asserts on failure: only for use in unit tests.
283 * buf must be freed using buf_free(). */
284 buf_t *
286 {
287 /* Validate arguments */
290 }
294 /* Allocate a buffer */
300 /* Allocate a chunk that is sz bytes long */
307 /* Copy the data and size the buffers */
316 /* Make sure everything is large enough */
319 /* Does the buffer implementation allocate more than the requested size?
320 * (for example, by rounding up). If so, these checks will fail. */
325 }
328 /** Remove the first <b>n</b> bytes from buf. */
329 void
331 {
348 }
349 }
351 }
353 /** Create and return a new buf with default chunk capacity <b>size</b>.
354 */
355 buf_t *
357 {
361 }
363 /** Allocate and return a new buffer with default capacity. */
364 buf_t *
366 {
371 }
373 size_t
375 {
377 }
379 /** Remove all data from <b>buf</b>. */
380 void
382 {
388 }
390 }
392 /** Return the number of bytes stored in <b>buf</b> */
395 {
397 }
399 /** Return the total length of all chunks used in <b>buf</b>. */
400 size_t
402 {
407 }
409 }
411 /** Return the number of bytes that can be added to <b>buf</b> without
412 * performing any additional allocation. */
413 size_t
415 {
418 else
420 }
422 /** Release storage held by <b>buf</b>. */
423 void
425 {
432 }
434 /** Return a new copy of <b>in_chunk</b> */
437 {
440 #ifdef DEBUG_CHUNK_ALLOC
442 #endif
447 }
449 }
451 /** Return a new copy of <b>buf</b> */
452 buf_t *
454 {
465 }
466 }
469 }
471 /** Append a new chunk with enough capacity to hold <b>capacity</b> bytes to
472 * the tail of <b>buf</b>. If <b>capped</b>, don't allocate a chunk bigger
473 * than MAX_CHUNK_ALLOC. */
474 chunk_t *
476 {
485 }
496 }
499 }
501 /** Return the age of the oldest chunk in the buffer <b>buf</b>, in
502 * timestamp units. Requires the current monotonic timestamp as its
503 * input <b>now</b>.
504 */
505 uint32_t
507 {
512 }
513 }
515 size_t
517 {
519 }
521 /** Append <b>string_len</b> bytes from <b>string</b> to the end of
522 * <b>buf</b>.
523 *
524 * Return the new length of the buffer on success, -1 on failure.
525 */
526 int
528 {
551 }
556 }
558 /** Add a nul-terminated <b>string</b> to <b>buf</b>, not including the
559 * terminating NUL. */
560 void
562 {
564 }
566 /** As tor_snprintf, but write the results into a buf_t */
567 void
569 {
574 }
576 /** As tor_vsnprintf, but write the results into a buf_t. */
577 void
579 {
580 /* XXXX Faster implementations are easy enough, but let's optimize later */
586 }
588 /** Return a heap-allocated string containing the contents of <b>buf</b>, plus
589 * a NUL byte. If <b>sz_out</b> is provided, set *<b>sz_out</b> to the length
590 * of the returned string, not including the terminating NUL. */
593 {
604 }
606 /** Helper: copy the first <b>string_len</b> bytes from <b>buf</b>
607 * onto <b>string</b>.
608 */
609 void
611 {
615 /* make sure we don't ask for too much */
617 /* buf_assert_ok(buf); */
629 }
630 }
632 /** Remove <b>string_len</b> bytes from the front of <b>buf</b>, and store
633 * them into <b>string</b>. Return the new buffer size. <b>string_len</b>
634 * must be \<= the number of bytes on the buffer.
635 */
636 int
638 {
639 /* There must be string_len bytes in buf; write them onto string,
640 * then memmove buf back (that is, remove them from buf).
641 *
642 * Return the number of bytes still on the buffer. */
650 }
652 /** Move up to *<b>buf_flushlen</b> bytes from <b>buf_in</b> to
653 * <b>buf_out</b>, and modify *<b>buf_flushlen</b> appropriately.
654 * Return the number of bytes actually copied.
655 */
656 int
658 {
659 /* We can do way better here, but this doesn't turn up in any profiles. */
675 /* This isn't the most efficient implementation one could imagine, since
676 * it does two copies instead of 1, but I kinda doubt that this will be
677 * critical path. */
682 }
685 }
687 /** Moves all data from <b>buf_in</b> to <b>buf_out</b>, without copying.
688 * Return the number of bytes that were moved.
689 */
690 size_t
692 {
711 }
718 }
720 /** Internal structure: represents a position in a buffer. */
724 * to? */
728 /** Initialize <b>out</b> to point to the first character of <b>buf</b>.*/
729 static void
731 {
735 }
737 /** Advance <b>out</b> to the first appearance of <b>ch</b> at the current
738 * position of <b>out</b>, or later. Return -1 if no instances are found;
739 * otherwise returns the absolute position of the character. */
740 static ptrdiff_t
742 {
751 }
752 }
764 }
765 }
767 }
769 /** Advance <b>pos</b> by a single character, if there are any more characters
770 * in the buffer. Returns 0 on success, -1 on failure. */
773 {
782 }
784 }
786 /** Return true iff the <b>n</b>-character string in <b>s</b> appears
787 * (verbatim) at <b>pos</b>. */
788 static int
790 {
791 buf_pos_t p;
802 /* If we're out of characters that don't match, we match. Check this
803 * _before_ we test incrementing pos, in case we're at the end of the
804 * string. */
809 }
810 }
812 /** Return the first position in <b>buf</b> at which the <b>n</b>-character
813 * string <b>s</b> occurs, or -1 if it does not occur. */
814 int
816 {
817 buf_pos_t pos;
826 }
827 }
829 }
831 /** Return 1 iff <b>buf</b> starts with <b>cmd</b>. <b>cmd</b> must be a null
832 * terminated string, of no more than PEEK_BUF_STARTSWITH_MAX bytes. */
833 int
835 {
846 }
848 /** Return the index within <b>buf</b> at which <b>ch</b> first appears,
849 * or -1 if <b>ch</b> does not appear on buf. */
850 static ptrdiff_t
852 {
860 else
862 }
864 }
866 /** Try to read a single LF-terminated line from <b>buf</b>, and write it
867 * (including the LF), NUL-terminated, into the *<b>data_len</b> byte buffer
868 * at <b>data_out</b>. Set *<b>data_len</b> to the number of bytes in the
869 * line, not counting the terminating NUL. Return 1 if we read a whole line,
870 * return 0 if we don't have a whole line yet, and return -1 if the line
871 * length exceeds *<b>data_len</b>.
872 */
873 int
875 {
889 }
894 }
896 /** Set *<b>output</b> to contain a copy of the data in *<b>input</b> */
897 int
900 {
905 }
907 /** Log an error and exit if <b>buf</b> is corrupted.
908 */
909 void
911 {
929 /* LCOV_EXCL_START */
934 }
935 /* LCOV_EXCL_STOP */
936 }
940 }
942 }
943 }