diff options
Diffstat (limited to 'safe_libc')
-rw-r--r-- | safe_libc/Cargo.lock | 14 | ||||
-rw-r--r-- | safe_libc/Cargo.toml | 10 | ||||
-rw-r--r-- | safe_libc/src/boxed.rs | 146 | ||||
-rw-r--r-- | safe_libc/src/lib.rs | 18 | ||||
-rw-r--r-- | safe_libc/src/stdio.rs | 47 | ||||
-rw-r--r-- | safe_libc/src/string.rs | 151 | ||||
-rw-r--r-- | safe_libc/src/util.rs | 18 |
7 files changed, 404 insertions, 0 deletions
diff --git a/safe_libc/Cargo.lock b/safe_libc/Cargo.lock new file mode 100644 index 0000000..e659af2 --- /dev/null +++ b/safe_libc/Cargo.lock @@ -0,0 +1,14 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +[[package]] +name = "libc" +version = "0.2.68" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dea0c0405123bba743ee3f91f49b1c7cfb684eef0da0a50110f758ccf24cdff0" + +[[package]] +name = "safe_libc" +version = "0.1.0" +dependencies = [ + "libc", +] diff --git a/safe_libc/Cargo.toml b/safe_libc/Cargo.toml new file mode 100644 index 0000000..f776d09 --- /dev/null +++ b/safe_libc/Cargo.toml @@ -0,0 +1,10 @@ +[package] +name = "safe_libc" +version = "0.1.0" +authors = ["Matthias Schiffer <mschiffer@universe-factory.net>"] +edition = "2018" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +libc = { version = "0.2.68", default-features = false } diff --git a/safe_libc/src/boxed.rs b/safe_libc/src/boxed.rs new file mode 100644 index 0000000..72c961c --- /dev/null +++ b/safe_libc/src/boxed.rs @@ -0,0 +1,146 @@ +use crate::util; + +use core::{mem, ptr}; +use core::ops::{Deref, DerefMut}; + +fn alloc<T>(len: usize) -> *mut T { + if util::zst::<T>(len) { + return ptr::null_mut(); + } + let size = len.checked_mul(mem::size_of::<T>()).expect("allocation overflow"); + let align = mem::align_of::<T>(); + util::must_succeed( + unsafe { + libc::memalign(align as libc::size_t, size as libc::size_t) as *mut T + } + ) +} + +#[inline] +fn dangling<T>() -> *mut T { + mem::align_of::<T>() as *mut T +} + +#[inline] +fn slice_len<T>(p: *const [T]) -> usize { + unsafe { mem::transmute::<*const [T], [usize; 2]>(p)[1] } +} + +pub struct CBox<T: ?Sized>(*mut T); + +impl<T: ?Sized> CBox<T> { + #[inline] + pub unsafe fn from_raw_unchecked(p: *mut T) -> CBox<T> { + CBox(p) + } + + #[inline] + pub fn into_raw(self) -> *mut T { + let p = self.0; + mem::forget(self); + p + } + + #[inline] + pub fn as_ptr(&self) -> *const T { + self.0 + } + + #[inline] + pub fn as_mut_ptr(&mut self) -> *mut T { + self.0 + } +} + +impl<T> CBox<T> { + #[inline] + pub fn new(value: T) -> CBox<T> { + let p = alloc(1); + unsafe { + ptr::write(p, value); + CBox::from_raw_unchecked(p) + } + } + + #[inline] + pub unsafe fn from_raw(p: *mut T) -> CBox<T> { + util::check_ptr(p, 1); + CBox(p) + } + + #[inline] + pub unsafe fn slice_from_raw_parts_unchecked(p: *mut T, len: usize) -> CBox<[T]> { + CBox(ptr::slice_from_raw_parts_mut(p, len)) + } + + #[inline] + pub unsafe fn slice_from_raw_parts(p: *mut T, len: usize) -> CBox<[T]> { + util::check_ptr(p, len); + CBox::slice_from_raw_parts_unchecked(p, len) + } + + #[inline] + fn safe_ptr(&self) -> *mut T { + if util::zst::<T>(1) { + return dangling(); + } + + debug_assert!(!self.0.is_null(), "NULL ptr"); + self.0 + } +} + +impl<T> CBox<[T]> { + #[inline] + fn safe_ptr(&self) -> *mut [T] { + if self.0.is_null() { + let len = slice_len(self.0); + debug_assert!(util::zst::<T>(len), "NULL ptr"); + return ptr::slice_from_raw_parts_mut(dangling(), len); + } + + self.0 + } +} + +impl<T: ?Sized> Drop for CBox<T> { + #[inline] + fn drop(&mut self) { + unsafe { + ptr::drop_in_place(self.0); + libc::free(self.0 as *mut libc::c_void); + } + } +} + +impl<T> Deref for CBox<T> { + type Target = T; + + #[inline] + fn deref(&self) -> &T { + unsafe { &*self.safe_ptr() } + } +} + +impl<T> DerefMut for CBox<T> { + #[inline] + fn deref_mut(&mut self) -> &mut T { + unsafe { &mut *self.safe_ptr() } + } +} + +impl<T> Deref for CBox<[T]> { + type Target = [T]; + + #[inline] + fn deref(&self) -> &[T] { + unsafe { &*self.safe_ptr() } + } +} + +impl<T> DerefMut for CBox<[T]> { + #[inline] + fn deref_mut(&mut self) -> &mut [T] { + unsafe { &mut *self.safe_ptr() } + } +} diff --git a/safe_libc/src/lib.rs b/safe_libc/src/lib.rs new file mode 100644 index 0000000..0ab0e89 --- /dev/null +++ b/safe_libc/src/lib.rs @@ -0,0 +1,18 @@ +#![no_std] + +pub use libc::*; + +mod util; + +pub mod boxed; +pub mod stdio; +pub mod string; + + +extern "C" { + pub fn strndup(cs: *const libc::c_char, n: libc::size_t) -> *mut libc::c_char; + + // pub static stdin: *mut libc::FILE; + pub static stdout: *mut libc::FILE; + pub static stderr: *mut libc::FILE; +} diff --git a/safe_libc/src/stdio.rs b/safe_libc/src/stdio.rs new file mode 100644 index 0000000..5f33f74 --- /dev/null +++ b/safe_libc/src/stdio.rs @@ -0,0 +1,47 @@ +use crate as libc; +use crate::string; + +use core::fmt; + +pub struct OStream { + file: *mut libc::FILE +} + +#[inline] +pub unsafe fn stdout() -> OStream { + OStream { file: libc::stdout } +} + +#[inline] +pub unsafe fn stderr() -> OStream { + OStream { file: libc::stderr } +} + +impl OStream { + #[inline] + pub fn write(&mut self, b: &[u8]) { + unsafe { + libc::fwrite( + b.as_ptr() as *const libc::c_void, + 1, + b.len(), + self.file, + ); + } + } + + #[inline] + pub fn puts(&mut self, s: &string::CStr) { + unsafe { + libc::fputs(s.as_ptr(), self.file); + } + } +} + +impl fmt::Write for OStream { + #[inline] + fn write_str(&mut self, s: &str) -> fmt::Result { + self.write(s.as_bytes()); + Ok(()) + } +} diff --git a/safe_libc/src/string.rs b/safe_libc/src/string.rs new file mode 100644 index 0000000..c85f788 --- /dev/null +++ b/safe_libc/src/string.rs @@ -0,0 +1,151 @@ +use crate as libc; +use crate::util; +use crate::boxed::CBox; + +use core::slice; +use core::ops::{Deref, DerefMut}; + +//pub struct FromBytesWithNulError {} + +pub struct CStr { inner: libc::c_char } + +impl CStr { + #[inline] + pub unsafe fn from_ptr_unchecked<'a>(p: *const libc::c_char) -> &'a CStr { + &*(p as *const CStr) + } + + #[inline] + pub unsafe fn from_ptr<'a>(p: *const libc::c_char) -> &'a CStr { + util::check_ptr(p, 1); + CStr::from_ptr_unchecked(p) + } + + #[inline] + pub unsafe fn from_mut_ptr_unchecked<'a>(p: *mut libc::c_char) -> &'a mut CStr { + &mut *(p as *mut CStr) + } + + #[inline] + pub unsafe fn from_mut_ptr<'a>(p: *mut libc::c_char) -> &'a mut CStr { + util::check_ptr(p, 1); + CStr::from_mut_ptr_unchecked(p) + } + + #[inline] + pub unsafe fn from_bytes_with_nul_unchecked(bytes: &[u8]) -> &CStr { + CStr::from_ptr_unchecked(bytes.as_ptr() as *const libc::c_char) + } + + // TODO + //pub fn from_bytes_with_nul(bytes: &[u8]) -> Result<&CStr, FromBytesWithNulError> { + //} + + #[inline] + pub fn len(&self) -> usize { + unsafe { libc::strlen(self.as_ptr()) as usize } + } + + #[inline] + pub const fn as_ptr(&self) -> *const libc::c_char { + &self.inner + } + + #[inline] + pub fn as_mut_ptr(&mut self) -> *mut libc::c_char { + &mut self.inner + } + + #[inline] + pub fn as_bytes(&self) -> &[u8] { + unsafe { slice::from_raw_parts( + self.as_ptr() as *const u8, + self.len(), + ) } + } + + #[inline] + pub fn as_mut_bytes(&mut self) -> &mut [u8] { + unsafe { slice::from_raw_parts_mut( + self.as_mut_ptr() as *mut u8, + self.len(), + ) } + } + + #[inline] + pub fn to_owned(self: &CStr) -> CString { + CString::from(self) + } +} + +#[macro_export] +macro_rules! cstr { + ($s:expr) => ( + unsafe { $crate::string::CStr::from_bytes_with_nul_unchecked(concat!($s, "\0").as_bytes()) } + ) +} + +pub struct CString { inner: CBox<libc::c_char> } + +impl CString { + #[inline] + pub unsafe fn from_raw_unchecked(p: *mut libc::c_char) -> CString { + CString { inner: CBox::from_raw_unchecked(p) } + } + + #[inline] + pub unsafe fn from_raw(p: *mut libc::c_char) -> CString { + util::check_ptr(p, 1); + CString::from_raw_unchecked(p) + } + + #[inline] + pub fn into_raw(self) -> *mut libc::c_char { + self.inner.into_raw() + } +} + +impl Deref for CString { + type Target = CStr; + + #[inline] + fn deref(&self) -> &CStr { + unsafe { CStr::from_ptr(&*self.inner) } + } +} + +impl DerefMut for CString { + #[inline] + fn deref_mut(&mut self) -> &mut CStr { + unsafe { CStr::from_mut_ptr(&mut *self.inner) } + } +} + +impl From<&[u8]> for CString { + fn from(s: &[u8]) -> CString { + unsafe { + CString::from_raw_unchecked( + util::must_succeed(libc::strndup( + s.as_ptr() as *const libc::c_char, + s.len() as libc::size_t, + )) + ) + } + } +} + +impl From<&str> for CString { + #[inline] + fn from(s: &str) -> CString { + CString::from(s.as_bytes()) + } +} + +impl From<&CStr> for CString { + #[inline] + fn from(s: &CStr) -> CString { + unsafe { + CString::from_raw_unchecked(util::must_succeed(libc::strdup(s.as_ptr()))) + } + } +} diff --git a/safe_libc/src/util.rs b/safe_libc/src/util.rs new file mode 100644 index 0000000..b8a4ed5 --- /dev/null +++ b/safe_libc/src/util.rs @@ -0,0 +1,18 @@ +use core::mem; + +#[inline] +pub fn zst<T>(len: usize) -> bool { + mem::size_of::<T>() == 0 || len == 0 +} + +#[inline] +pub fn check_ptr<T>(p: *const T, len: usize) { + debug_assert!((p as usize) % mem::align_of::<T>() == 0, "unaligned ptr"); + assert!(zst::<T>(len) || !p.is_null(), "NULL ptr"); +} + +#[inline] +pub fn must_succeed<T>(p: *mut T) -> *mut T { + assert!(!p.is_null(), "allocation failure"); + p +} |