From f0b3d5166ef1255fac880b146875ef46d2599a13 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 4 Apr 2020 13:22:18 +0200 Subject: Reorganize --- safe_libc/src/boxed.rs | 146 ++++++++++++++++++++++++++++++++++++++++++++++ safe_libc/src/lib.rs | 18 ++++++ safe_libc/src/stdio.rs | 47 +++++++++++++++ safe_libc/src/string.rs | 151 ++++++++++++++++++++++++++++++++++++++++++++++++ safe_libc/src/util.rs | 18 ++++++ 5 files changed, 380 insertions(+) create mode 100644 safe_libc/src/boxed.rs create mode 100644 safe_libc/src/lib.rs create mode 100644 safe_libc/src/stdio.rs create mode 100644 safe_libc/src/string.rs create mode 100644 safe_libc/src/util.rs (limited to 'safe_libc/src') diff --git a/safe_libc/src/boxed.rs b/safe_libc/src/boxed.rs new file mode 100644 index 0000000..72c961c --- /dev/null +++ b/safe_libc/src/boxed.rs @@ -0,0 +1,146 @@ +use crate::util; + +use core::{mem, ptr}; +use core::ops::{Deref, DerefMut}; + +fn alloc(len: usize) -> *mut T { + if util::zst::(len) { + return ptr::null_mut(); + } + let size = len.checked_mul(mem::size_of::()).expect("allocation overflow"); + let align = mem::align_of::(); + util::must_succeed( + unsafe { + libc::memalign(align as libc::size_t, size as libc::size_t) as *mut T + } + ) +} + +#[inline] +fn dangling() -> *mut T { + mem::align_of::() as *mut T +} + +#[inline] +fn slice_len(p: *const [T]) -> usize { + unsafe { mem::transmute::<*const [T], [usize; 2]>(p)[1] } +} + +pub struct CBox(*mut T); + +impl CBox { + #[inline] + pub unsafe fn from_raw_unchecked(p: *mut T) -> CBox { + CBox(p) + } + + #[inline] + pub fn into_raw(self) -> *mut T { + let p = self.0; + mem::forget(self); + p + } + + #[inline] + pub fn as_ptr(&self) -> *const T { + self.0 + } + + #[inline] + pub fn as_mut_ptr(&mut self) -> *mut T { + self.0 + } +} + +impl CBox { + #[inline] + pub fn new(value: T) -> CBox { + let p = alloc(1); + unsafe { + ptr::write(p, value); + CBox::from_raw_unchecked(p) + } + } + + #[inline] + pub unsafe fn from_raw(p: *mut T) -> CBox { + util::check_ptr(p, 1); + CBox(p) + } + + #[inline] + pub unsafe fn slice_from_raw_parts_unchecked(p: *mut T, len: usize) -> CBox<[T]> { + CBox(ptr::slice_from_raw_parts_mut(p, len)) + } + + #[inline] + pub unsafe fn slice_from_raw_parts(p: *mut T, len: usize) -> CBox<[T]> { + util::check_ptr(p, len); + CBox::slice_from_raw_parts_unchecked(p, len) + } + + #[inline] + fn safe_ptr(&self) -> *mut T { + if util::zst::(1) { + return dangling(); + } + + debug_assert!(!self.0.is_null(), "NULL ptr"); + self.0 + } +} + +impl CBox<[T]> { + #[inline] + fn safe_ptr(&self) -> *mut [T] { + if self.0.is_null() { + let len = slice_len(self.0); + debug_assert!(util::zst::(len), "NULL ptr"); + return ptr::slice_from_raw_parts_mut(dangling(), len); + } + + self.0 + } +} + +impl Drop for CBox { + #[inline] + fn drop(&mut self) { + unsafe { + ptr::drop_in_place(self.0); + libc::free(self.0 as *mut libc::c_void); + } + } +} + +impl Deref for CBox { + type Target = T; + + #[inline] + fn deref(&self) -> &T { + unsafe { &*self.safe_ptr() } + } +} + +impl DerefMut for CBox { + #[inline] + fn deref_mut(&mut self) -> &mut T { + unsafe { &mut *self.safe_ptr() } + } +} + +impl Deref for CBox<[T]> { + type Target = [T]; + + #[inline] + fn deref(&self) -> &[T] { + unsafe { &*self.safe_ptr() } + } +} + +impl DerefMut for CBox<[T]> { + #[inline] + fn deref_mut(&mut self) -> &mut [T] { + unsafe { &mut *self.safe_ptr() } + } +} diff --git a/safe_libc/src/lib.rs b/safe_libc/src/lib.rs new file mode 100644 index 0000000..0ab0e89 --- /dev/null +++ b/safe_libc/src/lib.rs @@ -0,0 +1,18 @@ +#![no_std] + +pub use libc::*; + +mod util; + +pub mod boxed; +pub mod stdio; +pub mod string; + + +extern "C" { + pub fn strndup(cs: *const libc::c_char, n: libc::size_t) -> *mut libc::c_char; + + // pub static stdin: *mut libc::FILE; + pub static stdout: *mut libc::FILE; + pub static stderr: *mut libc::FILE; +} diff --git a/safe_libc/src/stdio.rs b/safe_libc/src/stdio.rs new file mode 100644 index 0000000..5f33f74 --- /dev/null +++ b/safe_libc/src/stdio.rs @@ -0,0 +1,47 @@ +use crate as libc; +use crate::string; + +use core::fmt; + +pub struct OStream { + file: *mut libc::FILE +} + +#[inline] +pub unsafe fn stdout() -> OStream { + OStream { file: libc::stdout } +} + +#[inline] +pub unsafe fn stderr() -> OStream { + OStream { file: libc::stderr } +} + +impl OStream { + #[inline] + pub fn write(&mut self, b: &[u8]) { + unsafe { + libc::fwrite( + b.as_ptr() as *const libc::c_void, + 1, + b.len(), + self.file, + ); + } + } + + #[inline] + pub fn puts(&mut self, s: &string::CStr) { + unsafe { + libc::fputs(s.as_ptr(), self.file); + } + } +} + +impl fmt::Write for OStream { + #[inline] + fn write_str(&mut self, s: &str) -> fmt::Result { + self.write(s.as_bytes()); + Ok(()) + } +} diff --git a/safe_libc/src/string.rs b/safe_libc/src/string.rs new file mode 100644 index 0000000..c85f788 --- /dev/null +++ b/safe_libc/src/string.rs @@ -0,0 +1,151 @@ +use crate as libc; +use crate::util; +use crate::boxed::CBox; + +use core::slice; +use core::ops::{Deref, DerefMut}; + +//pub struct FromBytesWithNulError {} + +pub struct CStr { inner: libc::c_char } + +impl CStr { + #[inline] + pub unsafe fn from_ptr_unchecked<'a>(p: *const libc::c_char) -> &'a CStr { + &*(p as *const CStr) + } + + #[inline] + pub unsafe fn from_ptr<'a>(p: *const libc::c_char) -> &'a CStr { + util::check_ptr(p, 1); + CStr::from_ptr_unchecked(p) + } + + #[inline] + pub unsafe fn from_mut_ptr_unchecked<'a>(p: *mut libc::c_char) -> &'a mut CStr { + &mut *(p as *mut CStr) + } + + #[inline] + pub unsafe fn from_mut_ptr<'a>(p: *mut libc::c_char) -> &'a mut CStr { + util::check_ptr(p, 1); + CStr::from_mut_ptr_unchecked(p) + } + + #[inline] + pub unsafe fn from_bytes_with_nul_unchecked(bytes: &[u8]) -> &CStr { + CStr::from_ptr_unchecked(bytes.as_ptr() as *const libc::c_char) + } + + // TODO + //pub fn from_bytes_with_nul(bytes: &[u8]) -> Result<&CStr, FromBytesWithNulError> { + //} + + #[inline] + pub fn len(&self) -> usize { + unsafe { libc::strlen(self.as_ptr()) as usize } + } + + #[inline] + pub const fn as_ptr(&self) -> *const libc::c_char { + &self.inner + } + + #[inline] + pub fn as_mut_ptr(&mut self) -> *mut libc::c_char { + &mut self.inner + } + + #[inline] + pub fn as_bytes(&self) -> &[u8] { + unsafe { slice::from_raw_parts( + self.as_ptr() as *const u8, + self.len(), + ) } + } + + #[inline] + pub fn as_mut_bytes(&mut self) -> &mut [u8] { + unsafe { slice::from_raw_parts_mut( + self.as_mut_ptr() as *mut u8, + self.len(), + ) } + } + + #[inline] + pub fn to_owned(self: &CStr) -> CString { + CString::from(self) + } +} + +#[macro_export] +macro_rules! cstr { + ($s:expr) => ( + unsafe { $crate::string::CStr::from_bytes_with_nul_unchecked(concat!($s, "\0").as_bytes()) } + ) +} + +pub struct CString { inner: CBox } + +impl CString { + #[inline] + pub unsafe fn from_raw_unchecked(p: *mut libc::c_char) -> CString { + CString { inner: CBox::from_raw_unchecked(p) } + } + + #[inline] + pub unsafe fn from_raw(p: *mut libc::c_char) -> CString { + util::check_ptr(p, 1); + CString::from_raw_unchecked(p) + } + + #[inline] + pub fn into_raw(self) -> *mut libc::c_char { + self.inner.into_raw() + } +} + +impl Deref for CString { + type Target = CStr; + + #[inline] + fn deref(&self) -> &CStr { + unsafe { CStr::from_ptr(&*self.inner) } + } +} + +impl DerefMut for CString { + #[inline] + fn deref_mut(&mut self) -> &mut CStr { + unsafe { CStr::from_mut_ptr(&mut *self.inner) } + } +} + +impl From<&[u8]> for CString { + fn from(s: &[u8]) -> CString { + unsafe { + CString::from_raw_unchecked( + util::must_succeed(libc::strndup( + s.as_ptr() as *const libc::c_char, + s.len() as libc::size_t, + )) + ) + } + } +} + +impl From<&str> for CString { + #[inline] + fn from(s: &str) -> CString { + CString::from(s.as_bytes()) + } +} + +impl From<&CStr> for CString { + #[inline] + fn from(s: &CStr) -> CString { + unsafe { + CString::from_raw_unchecked(util::must_succeed(libc::strdup(s.as_ptr()))) + } + } +} diff --git a/safe_libc/src/util.rs b/safe_libc/src/util.rs new file mode 100644 index 0000000..b8a4ed5 --- /dev/null +++ b/safe_libc/src/util.rs @@ -0,0 +1,18 @@ +use core::mem; + +#[inline] +pub fn zst(len: usize) -> bool { + mem::size_of::() == 0 || len == 0 +} + +#[inline] +pub fn check_ptr(p: *const T, len: usize) { + debug_assert!((p as usize) % mem::align_of::() == 0, "unaligned ptr"); + assert!(zst::(len) || !p.is_null(), "NULL ptr"); +} + +#[inline] +pub fn must_succeed(p: *mut T) -> *mut T { + assert!(!p.is_null(), "allocation failure"); + p +} -- cgit v1.2.3