zchz.h

Go to the documentation of this file.

// zchz.h (c) 2014 adolfo@di-mare.com

/** \file  zchz.h
    \brief Surrounded memory block used to detect unbounded string copies.

    This class is useful to check that no memory overruns occur in C programs.
    Even though this is a C++ class, it can be used to test C programs.

    \author Adolfo Di Mare <adolfo@di-mare.com>
    \date   2014
*/

#ifndef zchz_h
#define zchz_h ///< Avoid multiple inclusion

// #include <cstddef>  // size_t
#include <iostream>    // cout
#include <climits>     // UCHAR_MAX && size_t
#include <cstring>     // strlen()

/// Contains a memory block of 'SIZE' characters in
/// between 3 memory blocks of that same 'zchz::SIZE'.
/// The stored value can be retrieved using 'operator char*()'
/// and it is aligned to an 16 byte word.
class zchz {
    enum {
        SIZE = 200, ///< Max block size (change it if you need more)
        adjust_SIZE = (SIZE+1)*16,
        /// Size of the allocated block for any 'zchz'
        real_SIZE = ( SIZE%16==0 ? SIZE : adjust_SIZE/16 ),
        RZ = real_SIZE///< Abreviation for real_SIZE
    };

    int     m_errno;    ///< Error code.
    size_t  m_idx;      ///< Current offset for pointer access.
    size_t  m_size;     ///< Current size of stored value.
    char    m_block[3*real_SIZE]; ///< Stored string value.
public:
    zchz(size_t n) : m_errno(0),m_size(0) { set( n ); } ///< Constructor
    zchz(const char * str) : m_errno(0),m_size(0) { set(str); } ///< Constructor

    size_t strsz() const { return m_size; } ///< Get current block size
    zchz& operator++(); ///< ++p
    zchz& operator+=( size_t n ); // p+=4;
    char& operator[]( size_t i ); // str[i]
    operator char*(); // no-const conversion
    operator const char*() const; // const conversion
    friend ptrdiff_t operator-( char* l, zchz& r ); // pointer arithmetic
    friend ptrdiff_t operator-( zchz& l, char* r );
    friend char* operator+( zchz& l , int i );
private:
    void set( size_t size ); // Internal block will be of size 'size'
    void set( const char * str ); // Set to string

    void reset_filling(); // rested surrounding blocks
     void check(); // check invariant

    enum { // check() error codes
        before_overwrite           = 1,
        after_overwrite            = 2,
        size_is_0_or_too_large     = 3,
        pointer_out_of_bounce      = 4,
        index_out_of_bounce        = 5,
        invalid_pointer_difference = 6,
        unknow_error               = 7
    };
};

int rand( long & seed );

/// Checks whether the memory around the string value holds
/// the value stored method set().
/// When this method returns 'false' it usually means that
/// a memory lick happened.
/// Resets to zero the current error number 'm_errno'.
inline void zchz::check() {
    if ( m_errno!=0 ) { // error detected in previous method invocation
        std::cout << "zchz->errno[ ";
        switch (m_errno) {
            case before_overwrite           :  std::cout << "Before overwrite";           break;
            case after_overwrite            :  std::cout << "After overwrite";            break;
            case size_is_0_or_too_large     :  std::cout << "Size is 0 or too large";     break;
            case pointer_out_of_bounce      :  std::cout << "Pointer out of bounce";      break;
            case index_out_of_bounce        :  std::cout << "Index out of bounce";        break;
            case invalid_pointer_difference :  std::cout <<" Invalid pointer difference"; break;
            default: std::cout << "Unknow error"; break;
        }
        std::cout << "] \n";
        m_errno = 0;
    }
    long seed = ( (SIZE<=0) ? 1-SIZE : SIZE );
    char * before =  m_block;
    char * after  = (m_block+SIZE) + m_size;
    for ( size_t i=0; i<SIZE; ++i ) {
        char next = rand(seed) % UCHAR_MAX;
        if ( before[i] != next ) {
            m_errno = before_overwrite;
            reset_filling();
            return;
        }
        if ( after[i]  != next ) {
            m_errno = after_overwrite;
            reset_filling();
            return;
        }
    }
}

/// Initializes the block that surroung the stored value.
inline void zchz::reset_filling() {
    long seed = ( (SIZE<=0) ? 1-SIZE : SIZE );
    char * before =  m_block;
    char * after  = (m_block+SIZE) + m_size;
    for ( size_t i=0; i<SIZE; ++i ) {
        char next = rand(seed) % UCHAR_MAX;
        before[i] = next;
        after[i]  = next;
    }
}

/// Set the internal will have size equal to 'size'.
/// No char value is used for initializing the memory block.
/// When 'size' is too big or zero, the block size is set to 'SIZE'.
inline void zchz::set( size_t size ) {
    if ( m_errno!=0 && m_size!=0 ) {
        // only the constructors set this 2 values to 0
        // - this is a mark to avoid invoking check() on construction
        check();
    }
    if ( 0<size && size<=SIZE ) {
        m_size  = size;
        m_errno = 0;
    }
    else {
        m_size  = SIZE;
        m_errno = size_is_0_or_too_large;
    }
    m_idx = 0;
    reset_filling();
}

/// Set the internal block to the value to 'str'.
/// The for the block will be 1+strlen(str).
/// When 'size' is too big no memory size adjusted is performed
/// and the string is not copied.
inline void zchz::set( const char * str ) {
    set( 1+strlen(str) );
    memcpy( (m_block+SIZE), str , m_size );
}

inline zchz& zchz::operator++() {
    check();
    ++m_idx;
    if ( m_idx > m_size ) {
        m_idx   = m_size;
        m_errno = pointer_out_of_bounce;
    }
    return *this;
}

/// ZCHZ[i].
/// When 'i' is too big, returns ZCHZ[ ZCHZ.strsz() ]
/// (one past the final character).
/// ZCHZ[ ZCHZ.strsz() ] is not flagged as an invalid reference
/// (but changing that character will be flagged later).
inline zchz& zchz::operator+=( size_t n ) {
    check();
    m_idx += n;
    if ( m_idx > m_size ) {
        m_idx   = m_size ;
        m_errno = pointer_out_of_bounce;
    }
    return *this;
}

/// ZCHZ += i.
/// When 'i' is too big, ZCHZ will point to ZCHZ[ ZCHZ.strsz() ]
/// (one past the final character).
/// ZCHZ[ ZCHZ.strsz() ] is not flagged as an invalid reference
/// (but changing that character will be flagged later).
inline char& zchz::operator[]( size_t i ) {
    check();
    if ( m_idx+i > m_size ) {
        m_errno = index_out_of_bounce;
        return * ( (m_block+SIZE) + m_size );
    }
    else {
        return * ( (m_block+SIZE) + (m_idx+i) );
    }
}

/// Returns the stored string (non-const operator).
inline zchz::operator char*() {
    check();
    return (m_block+SIZE) + m_idx;
}

/// Returns the stored string (const operator).
inline zchz::operator const char*() const {
    ( const_cast<zchz*>(this) ) -> check();
    return (m_block+SIZE) + m_idx;
}

inline ptrdiff_t operator-( char *l, zchz& r ) {
    r.check();
    char *view = r.m_block;
    view += r.m_idx;
    ptrdiff_t diff = l - ( (r.m_block+zchz::SIZE) + r.m_idx );

    if ( diff<0 ) {
        diff      = 0;
        r.m_errno = zchz::invalid_pointer_difference;
    }
    else if( diff > ptrdiff_t(r.m_size) ) {
        diff      = r.m_size;
        r.m_errno = zchz::invalid_pointer_difference;
    }
    return diff;
}

inline ptrdiff_t operator-(  zchz& l , char *r ) {
    l.check();
    ptrdiff_t diff = ( (l.m_block+zchz::SIZE) + l.m_idx ) - r;

    if ( diff<0 ) {
        diff      = 0;
        l.m_errno = zchz::invalid_pointer_difference;
    }
    else if( diff > ptrdiff_t(l.m_size) ) {
        diff      = l.m_size;
        l.m_errno = zchz::invalid_pointer_difference;
    }
    return diff;
}

inline char* operator+( zchz& l , int i ) {
    l.check();
    char * ret = (l.m_block+zchz::SIZE) + l.m_idx;
    ret += i;
    ptrdiff_t diff = ret - (l.m_block+zchz::SIZE);
    if ( diff<0 ) {
        ret       = (l.m_block+zchz::SIZE);
        l.m_errno = zchz::invalid_pointer_difference;
    }
    else if( diff > ptrdiff_t(l.m_size) ) {
        ret       = (l.m_block+zchz::SIZE) + l.m_size;
        l.m_errno = zchz::invalid_pointer_difference;
    }
    return ret;
}

/// Used 'seed' to generate the next random number.
inline int rand( long & seed ) {
    #if ( INT_MAX <= 32767 )
        // Borland v3.1 rand()
        seed = 22,695,477 * seed + 1;
        return ((int)(seed >> 16) & 0x7fff);
    #else
        const int a = 16807;
        const int m = 2147483647; // 2^31-1
        const int q = m / a;      // 127773
        const int r = m % a;      //   2836
        {
            int lo, hi, test;

            hi = seed / q;
            lo = seed % q;
            test = a * lo - r * hi;
            seed = ( test>0 ? test : test+m );
            return seed;
        }
    #endif
}

/*
    #include <errno.h>
    argument_out_of_domain = EDOM,     // Mathematics argument out of domain of function
    bad_address =            EFAULT,
    invalid_argument =       EINVAL,
    result_out_of_range =    ERANGE,   // Result too large
    value_too_large =        EOVERFLOW // Value too large to be stored in data type
*/
/*
    Why ALL methods are declared 'inline'

    This is a trick to avoid implementing class 'zchz' using 2 files (zchz.h
    && zchz.cpp)

    This makes the compiler responsible for removing duplicate object
    modules when this header file is included in more than one source [.cpp]
    files.
*/
#endif

// EOF: zchz.h