[u/mdw/putty] / misc.c

#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <ctype.h>
#include <assert.h>
#include "putty.h"

/* ----------------------------------------------------------------------
 * String handling routines.
 */

char *dupstr(const char *s)
{
    int len = strlen(s);
    char *p = smalloc(len + 1);
    strcpy(p, s);
    return p;
}

/* Allocate the concatenation of N strings. Terminate arg list with NULL. */
char *dupcat(const char *s1, ...)
{
    int len;
    char *p, *q, *sn;
    va_list ap;

    len = strlen(s1);
    va_start(ap, s1);
    while (1) {
	sn = va_arg(ap, char *);
	if (!sn)
	    break;
	len += strlen(sn);
    }
    va_end(ap);

    p = smalloc(len + 1);
    strcpy(p, s1);
    q = p + strlen(p);

    va_start(ap, s1);
    while (1) {
	sn = va_arg(ap, char *);
	if (!sn)
	    break;
	strcpy(q, sn);
	q += strlen(q);
    }
    va_end(ap);

    return p;
}

/*
 * Do an sprintf(), but into a custom-allocated buffer.
 * 
 * Irritatingly, we don't seem to be able to do this portably using
 * vsnprintf(), because there appear to be issues with re-using the
 * same va_list for two calls, and the excellent C99 va_copy is not
 * yet widespread. Bah. Instead I'm going to do a horrid, horrid
 * hack, in which I trawl the format string myself, work out the
 * maximum length of each format component, and resize the buffer
 * before printing it.
 */
char *dupprintf(const char *fmt, ...)
{
    char *ret;
    va_list ap;
    va_start(ap, fmt);
    ret = dupvprintf(fmt, ap);
    va_end(ap);
    return ret;
}
char *dupvprintf(const char *fmt, va_list ap)
{
    char *buf;
    int len, size;

    buf = smalloc(512);
    size = 512;

    while (1) {
#ifdef _WINDOWS
#define vsnprintf _vsnprintf
#endif
	len = vsnprintf(buf, size, fmt, ap);
	if (len >= 0 && len < size) {
	    /* This is the C99-specified criterion for snprintf to have
	     * been completely successful. */
	    return buf;
	} else if (len > 0) {
	    /* This is the C99 error condition: the returned length is
	     * the required buffer size not counting the NUL. */
	    size = len + 1;
	} else {
	    /* This is the pre-C99 glibc error condition: <0 means the
	     * buffer wasn't big enough, so we enlarge it a bit and hope. */
	    size += 512;
	}
	buf = srealloc(buf, size);
    }
}

/* ----------------------------------------------------------------------
 * Base64 encoding routine. This is required in public-key writing
 * but also in HTTP proxy handling, so it's centralised here.
 */

void base64_encode_atom(unsigned char *data, int n, char *out)
{
    static const char base64_chars[] =
	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

    unsigned word;

    word = data[0] << 16;
    if (n > 1)
	word |= data[1] << 8;
    if (n > 2)
	word |= data[2];
    out[0] = base64_chars[(word >> 18) & 0x3F];
    out[1] = base64_chars[(word >> 12) & 0x3F];
    if (n > 1)
	out[2] = base64_chars[(word >> 6) & 0x3F];
    else
	out[2] = '=';
    if (n > 2)
	out[3] = base64_chars[word & 0x3F];
    else
	out[3] = '=';
}

/* ----------------------------------------------------------------------
 * Generic routines to deal with send buffers: a linked list of
 * smallish blocks, with the operations
 * 
 *  - add an arbitrary amount of data to the end of the list
 *  - remove the first N bytes from the list
 *  - return a (pointer,length) pair giving some initial data in
 *    the list, suitable for passing to a send or write system
 *    call
 *  - retrieve a larger amount of initial data from the list
 *  - return the current size of the buffer chain in bytes
 */

#define BUFFER_GRANULE  512

struct bufchain_granule {
    struct bufchain_granule *next;
    int buflen, bufpos;
    char buf[BUFFER_GRANULE];
};

void bufchain_init(bufchain *ch)
{
    ch->head = ch->tail = NULL;
    ch->buffersize = 0;
}

void bufchain_clear(bufchain *ch)
{
    struct bufchain_granule *b;
    while (ch->head) {
	b = ch->head;
	ch->head = ch->head->next;
	sfree(b);
    }
    ch->tail = NULL;
    ch->buffersize = 0;
}

int bufchain_size(bufchain *ch)
{
    return ch->buffersize;
}

void bufchain_add(bufchain *ch, const void *data, int len)
{
    const char *buf = (const char *)data;

    ch->buffersize += len;

    if (ch->tail && ch->tail->buflen < BUFFER_GRANULE) {
	int copylen = min(len, BUFFER_GRANULE - ch->tail->buflen);
	memcpy(ch->tail->buf + ch->tail->buflen, buf, copylen);
	buf += copylen;
	len -= copylen;
	ch->tail->buflen += copylen;
    }
    while (len > 0) {
	int grainlen = min(len, BUFFER_GRANULE);
	struct bufchain_granule *newbuf;
	newbuf = smalloc(sizeof(struct bufchain_granule));
	newbuf->bufpos = 0;
	newbuf->buflen = grainlen;
	memcpy(newbuf->buf, buf, grainlen);
	buf += grainlen;
	len -= grainlen;
	if (ch->tail)
	    ch->tail->next = newbuf;
	else
	    ch->head = ch->tail = newbuf;
	newbuf->next = NULL;
	ch->tail = newbuf;
    }
}

void bufchain_consume(bufchain *ch, int len)
{
    struct bufchain_granule *tmp;

    assert(ch->buffersize >= len);
    while (len > 0) {
	int remlen = len;
	assert(ch->head != NULL);
	if (remlen >= ch->head->buflen - ch->head->bufpos) {
	    remlen = ch->head->buflen - ch->head->bufpos;
	    tmp = ch->head;
	    ch->head = tmp->next;
	    sfree(tmp);
	    if (!ch->head)
		ch->tail = NULL;
	} else
	    ch->head->bufpos += remlen;
	ch->buffersize -= remlen;
	len -= remlen;
    }
}

void bufchain_prefix(bufchain *ch, void **data, int *len)
{
    *len = ch->head->buflen - ch->head->bufpos;
    *data = ch->head->buf + ch->head->bufpos;
}

void bufchain_fetch(bufchain *ch, void *data, int len)
{
    struct bufchain_granule *tmp;
    char *data_c = (char *)data;

    tmp = ch->head;

    assert(ch->buffersize >= len);
    while (len > 0) {
	int remlen = len;

	assert(tmp != NULL);
	if (remlen >= tmp->buflen - tmp->bufpos)
	    remlen = tmp->buflen - tmp->bufpos;
	memcpy(data_c, tmp->buf + tmp->bufpos, remlen);

	tmp = tmp->next;
	len -= remlen;
	data_c += remlen;
    }
}

/* ----------------------------------------------------------------------
 * My own versions of malloc, realloc and free. Because I want
 * malloc and realloc to bomb out and exit the program if they run
 * out of memory, realloc to reliably call malloc if passed a NULL
 * pointer, and free to reliably do nothing if passed a NULL
 * pointer. We can also put trace printouts in, if we need to; and
 * we can also replace the allocator with an ElectricFence-like
 * one.
 */

#ifdef MINEFIELD
/*
 * Minefield - a Windows equivalent for Electric Fence
 */

#define PAGESIZE 4096

/*
 * Design:
 * 
 * We start by reserving as much virtual address space as Windows
 * will sensibly (or not sensibly) let us have. We flag it all as
 * invalid memory.
 * 
 * Any allocation attempt is satisfied by committing one or more
 * pages, with an uncommitted page on either side. The returned
 * memory region is jammed up against the _end_ of the pages.
 * 
 * Freeing anything causes instantaneous decommitment of the pages
 * involved, so stale pointers are caught as soon as possible.
 */

static int minefield_initialised = 0;
static void *minefield_region = NULL;
static long minefield_size = 0;
static long minefield_npages = 0;
static long minefield_curpos = 0;
static unsigned short *minefield_admin = NULL;
static void *minefield_pages = NULL;

static void minefield_admin_hide(int hide)
{
    int access = hide ? PAGE_NOACCESS : PAGE_READWRITE;
    VirtualProtect(minefield_admin, minefield_npages * 2, access, NULL);
}

static void minefield_init(void)
{
    int size;
    int admin_size;
    int i;

    for (size = 0x40000000; size > 0; size = ((size >> 3) * 7) & ~0xFFF) {
	minefield_region = VirtualAlloc(NULL, size,
					MEM_RESERVE, PAGE_NOACCESS);
	if (minefield_region)
	    break;
    }
    minefield_size = size;

    /*
     * Firstly, allocate a section of that to be the admin block.
     * We'll need a two-byte field for each page.
     */
    minefield_admin = minefield_region;
    minefield_npages = minefield_size / PAGESIZE;
    admin_size = (minefield_npages * 2 + PAGESIZE - 1) & ~(PAGESIZE - 1);
    minefield_npages = (minefield_size - admin_size) / PAGESIZE;
    minefield_pages = (char *) minefield_region + admin_size;

    /*
     * Commit the admin region.
     */
    VirtualAlloc(minefield_admin, minefield_npages * 2,
		 MEM_COMMIT, PAGE_READWRITE);

    /*
     * Mark all pages as unused (0xFFFF).
     */
    for (i = 0; i < minefield_npages; i++)
	minefield_admin[i] = 0xFFFF;

    /*
     * Hide the admin region.
     */
    minefield_admin_hide(1);

    minefield_initialised = 1;
}

static void minefield_bomb(void)
{
    div(1, *(int *) minefield_pages);
}

static void *minefield_alloc(int size)
{
    int npages;
    int pos, lim, region_end, region_start;
    int start;
    int i;

    npages = (size + PAGESIZE - 1) / PAGESIZE;

    minefield_admin_hide(0);

    /*
     * Search from current position until we find a contiguous
     * bunch of npages+2 unused pages.
     */
    pos = minefield_curpos;
    lim = minefield_npages;
    while (1) {
	/* Skip over used pages. */
	while (pos < lim && minefield_admin[pos] != 0xFFFF)
	    pos++;
	/* Count unused pages. */
	start = pos;
	while (pos < lim && pos - start < npages + 2 &&
	       minefield_admin[pos] == 0xFFFF)
	    pos++;
	if (pos - start == npages + 2)
	    break;
	/* If we've reached the limit, reset the limit or stop. */
	if (pos >= lim) {
	    if (lim == minefield_npages) {
		/* go round and start again at zero */
		lim = minefield_curpos;
		pos = 0;
	    } else {
		minefield_admin_hide(1);
		return NULL;
	    }
	}
    }

    minefield_curpos = pos - 1;

    /*
     * We have npages+2 unused pages starting at start. We leave
     * the first and last of these alone and use the rest.
     */
    region_end = (start + npages + 1) * PAGESIZE;
    region_start = region_end - size;
    /* FIXME: could align here if we wanted */

    /*
     * Update the admin region.
     */
    for (i = start + 2; i < start + npages + 1; i++)
	minefield_admin[i] = 0xFFFE;   /* used but no region starts here */
    minefield_admin[start + 1] = region_start % PAGESIZE;

    minefield_admin_hide(1);

    VirtualAlloc((char *) minefield_pages + region_start, size,
		 MEM_COMMIT, PAGE_READWRITE);
    return (char *) minefield_pages + region_start;
}

static void minefield_free(void *ptr)
{
    int region_start, i, j;

    minefield_admin_hide(0);

    region_start = (char *) ptr - (char *) minefield_pages;
    i = region_start / PAGESIZE;
    if (i < 0 || i >= minefield_npages ||
	minefield_admin[i] != region_start % PAGESIZE)
	minefield_bomb();
    for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++) {
	minefield_admin[j] = 0xFFFF;
    }

    VirtualFree(ptr, j * PAGESIZE - region_start, MEM_DECOMMIT);

    minefield_admin_hide(1);
}

static int minefield_get_size(void *ptr)
{
    int region_start, i, j;

    minefield_admin_hide(0);

    region_start = (char *) ptr - (char *) minefield_pages;
    i = region_start / PAGESIZE;
    if (i < 0 || i >= minefield_npages ||
	minefield_admin[i] != region_start % PAGESIZE)
	minefield_bomb();
    for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++);

    minefield_admin_hide(1);

    return j * PAGESIZE - region_start;
}

static void *minefield_c_malloc(size_t size)
{
    if (!minefield_initialised)
	minefield_init();
    return minefield_alloc(size);
}

static void minefield_c_free(void *p)
{
    if (!minefield_initialised)
	minefield_init();
    minefield_free(p);
}

/*
 * realloc _always_ moves the chunk, for rapid detection of code
 * that assumes it won't.
 */
static void *minefield_c_realloc(void *p, size_t size)
{
    size_t oldsize;
    void *q;
    if (!minefield_initialised)
	minefield_init();
    q = minefield_alloc(size);
    oldsize = minefield_get_size(p);
    memcpy(q, p, (oldsize < size ? oldsize : size));
    minefield_free(p);
    return q;
}

#endif				/* MINEFIELD */

#ifdef MALLOC_LOG
static FILE *fp = NULL;

static char *mlog_file = NULL;
static int mlog_line = 0;

void mlog(char *file, int line)
{
    mlog_file = file;
    mlog_line = line;
    if (!fp) {
	fp = fopen("putty_mem.log", "w");
	setvbuf(fp, NULL, _IONBF, BUFSIZ);
    }
    if (fp)
	fprintf(fp, "%s:%d: ", file, line);
}
#endif

void *safemalloc(size_t size)
{
    void *p;
#ifdef MINEFIELD
    p = minefield_c_malloc(size);
#else
    p = malloc(size);
#endif
    if (!p) {
	char str[200];
#ifdef MALLOC_LOG
	sprintf(str, "Out of memory! (%s:%d, size=%d)",
		mlog_file, mlog_line, size);
	fprintf(fp, "*** %s\n", str);
	fclose(fp);
#else
	strcpy(str, "Out of memory!");
#endif
	modalfatalbox(str);
    }
#ifdef MALLOC_LOG
    if (fp)
	fprintf(fp, "malloc(%d) returns %p\n", size, p);
#endif
    return p;
}

void *saferealloc(void *ptr, size_t size)
{
    void *p;
    if (!ptr) {
#ifdef MINEFIELD
	p = minefield_c_malloc(size);
#else
	p = malloc(size);
#endif
    } else {
#ifdef MINEFIELD
	p = minefield_c_realloc(ptr, size);
#else
	p = realloc(ptr, size);
#endif
    }
    if (!p) {
	char str[200];
#ifdef MALLOC_LOG
	sprintf(str, "Out of memory! (%s:%d, size=%d)",
		mlog_file, mlog_line, size);
	fprintf(fp, "*** %s\n", str);
	fclose(fp);
#else
	strcpy(str, "Out of memory!");
#endif
	modalfatalbox(str);
    }
#ifdef MALLOC_LOG
    if (fp)
	fprintf(fp, "realloc(%p,%d) returns %p\n", ptr, size, p);
#endif
    return p;
}

void safefree(void *ptr)
{
    if (ptr) {
#ifdef MALLOC_LOG
	if (fp)
	    fprintf(fp, "free(%p)\n", ptr);
#endif
#ifdef MINEFIELD
	minefield_c_free(ptr);
#else
	free(ptr);
#endif
    }
#ifdef MALLOC_LOG
    else if (fp)
	fprintf(fp, "freeing null pointer - no action taken\n");
#endif
}

/* ----------------------------------------------------------------------
 * Debugging routines.
 */

#ifdef DEBUG
static FILE *debug_fp = NULL;
static HANDLE debug_hdl = INVALID_HANDLE_VALUE;
static int debug_got_console = 0;

static void dputs(char *buf)
{
    DWORD dw;

    if (!debug_got_console) {
	if (AllocConsole()) {
	    debug_got_console = 1;
	    debug_hdl = GetStdHandle(STD_OUTPUT_HANDLE);
	}
    }
    if (!debug_fp) {
	debug_fp = fopen("debug.log", "w");
    }

    if (debug_hdl != INVALID_HANDLE_VALUE) {
	WriteFile(debug_hdl, buf, strlen(buf), &dw, NULL);
    }
    fputs(buf, debug_fp);
    fflush(debug_fp);
}


void dprintf(char *fmt, ...)
{
    char *buf;
    va_list ap;

    va_start(ap, fmt);
    buf = dupvprintf(fmt, ap);
    dputs(buf);
    sfree(buf);
    va_end(ap);
}


void debug_memdump(void *buf, int len, int L)
{
    int i;
    unsigned char *p = buf;
    char foo[17];
    if (L) {
	int delta;
	dprintf("\t%d (0x%x) bytes:\n", len, len);
	delta = 15 & (int) p;
	p -= delta;
	len += delta;
    }
    for (; 0 < len; p += 16, len -= 16) {
	dputs("  ");
	if (L)
	    dprintf("%p: ", p);
	strcpy(foo, "................");	/* sixteen dots */
	for (i = 0; i < 16 && i < len; ++i) {
	    if (&p[i] < (unsigned char *) buf) {
		dputs("   ");	       /* 3 spaces */
		foo[i] = ' ';
	    } else {
		dprintf("%c%02.2x",
			&p[i] != (unsigned char *) buf
			&& i % 4 ? '.' : ' ', p[i]
		    );
		if (p[i] >= ' ' && p[i] <= '~')
		    foo[i] = (char) p[i];
	    }
	}
	foo[i] = '\0';
	dprintf("%*s%s\n", (16 - i) * 3 + 2, "", foo);
    }
}

#endif				/* def DEBUG */
Commit	Line	Data
374330e2	1	#include <stdio.h>
374330e2	2	#include <stdlib.h>
1709795f	3	#include <stdarg.h>
57356d63	4	#include <ctype.h>
5471d09a	5	#include <assert.h>
374330e2	6	#include "putty.h"
374330e2	7
03f64569	8	/* ----------------------------------------------------------------------
	9	* String handling routines.
	10	*/
	11
57356d63	12	char dupstr(const char s)
03f64569	13	{
	14	int len = strlen(s);
	15	char *p = smalloc(len + 1);
	16	strcpy(p, s);
	17	return p;
	18	}
	19
	20	/* Allocate the concatenation of N strings. Terminate arg list with NULL. */
57356d63	21	char dupcat(const char s1, ...)
03f64569	22	{
	23	int len;
	24	char p, q, *sn;
	25	va_list ap;
	26
	27	len = strlen(s1);
	28	va_start(ap, s1);
	29	while (1) {
	30	sn = va_arg(ap, char *);
	31	if (!sn)
	32	break;
	33	len += strlen(sn);
	34	}
	35	va_end(ap);
	36
	37	p = smalloc(len + 1);
	38	strcpy(p, s1);
	39	q = p + strlen(p);
	40
	41	va_start(ap, s1);
	42	while (1) {
	43	sn = va_arg(ap, char *);
	44	if (!sn)
	45	break;
	46	strcpy(q, sn);
	47	q += strlen(q);
	48	}
	49	va_end(ap);
	50
	51	return p;
	52	}
	53
57356d63	54	/*
	55	* Do an sprintf(), but into a custom-allocated buffer.
	56	*
	57	* Irritatingly, we don't seem to be able to do this portably using
	58	* vsnprintf(), because there appear to be issues with re-using the
	59	* same va_list for two calls, and the excellent C99 va_copy is not
	60	* yet widespread. Bah. Instead I'm going to do a horrid, horrid
	61	* hack, in which I trawl the format string myself, work out the
	62	* maximum length of each format component, and resize the buffer
	63	* before printing it.
	64	*/
	65	char dupprintf(const char fmt, ...)
	66	{
	67	char *ret;
	68	va_list ap;
	69	va_start(ap, fmt);
	70	ret = dupvprintf(fmt, ap);
	71	va_end(ap);
	72	return ret;
	73	}
	74	char dupvprintf(const char fmt, va_list ap)
	75	{
	76	char *buf;
	77	int len, size;
	78
	79	buf = smalloc(512);
	80	size = 512;
	81
	82	while (1) {
	83	#ifdef _WINDOWS
	84	#define vsnprintf _vsnprintf
	85	#endif
	86	len = vsnprintf(buf, size, fmt, ap);
	87	if (len >= 0 && len < size) {
	88	/* This is the C99-specified criterion for snprintf to have
	89	* been completely successful. */
	90	return buf;
	91	} else if (len > 0) {
	92	/* This is the C99 error condition: the returned length is
	93	* the required buffer size not counting the NUL. */
	94	size = len + 1;
	95	} else {
	96	/* This is the pre-C99 glibc error condition: <0 means the
	97	* buffer wasn't big enough, so we enlarge it a bit and hope. */
	98	size += 512;
	99	}
	100	buf = srealloc(buf, size);
	101	}
	102	}
	103
03f64569	104	/* ----------------------------------------------------------------------
1549e076	105	* Base64 encoding routine. This is required in public-key writing
	106	* but also in HTTP proxy handling, so it's centralised here.
	107	*/
	108
	109	void base64_encode_atom(unsigned char data, int n, char out)
	110	{
	111	static const char base64_chars[] =
	112	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
	113
	114	unsigned word;
	115
	116	word = data[0] << 16;
	117	if (n > 1)
	118	word \|= data[1] << 8;
	119	if (n > 2)
	120	word \|= data[2];
	121	out[0] = base64_chars[(word >> 18) & 0x3F];
	122	out[1] = base64_chars[(word >> 12) & 0x3F];
	123	if (n > 1)
	124	out[2] = base64_chars[(word >> 6) & 0x3F];
	125	else
	126	out[2] = '=';
	127	if (n > 2)
	128	out[3] = base64_chars[word & 0x3F];
	129	else
	130	out[3] = '=';
	131	}
	132
	133	/* ----------------------------------------------------------------------
5471d09a	134	* Generic routines to deal with send buffers: a linked list of
	135	* smallish blocks, with the operations
	136	*
	137	* - add an arbitrary amount of data to the end of the list
	138	* - remove the first N bytes from the list
	139	* - return a (pointer,length) pair giving some initial data in
	140	* the list, suitable for passing to a send or write system
	141	* call
7983f47e	142	* - retrieve a larger amount of initial data from the list
5471d09a	143	* - return the current size of the buffer chain in bytes
	144	*/
	145
	146	#define BUFFER_GRANULE 512
	147
	148	struct bufchain_granule {
	149	struct bufchain_granule *next;
	150	int buflen, bufpos;
	151	char buf[BUFFER_GRANULE];
	152	};
	153
	154	void bufchain_init(bufchain *ch)
	155	{
	156	ch->head = ch->tail = NULL;
	157	ch->buffersize = 0;
	158	}
	159
	160	void bufchain_clear(bufchain *ch)
	161	{
	162	struct bufchain_granule *b;
	163	while (ch->head) {
	164	b = ch->head;
	165	ch->head = ch->head->next;
	166	sfree(b);
	167	}
	168	ch->tail = NULL;
	169	ch->buffersize = 0;
	170	}
	171
	172	int bufchain_size(bufchain *ch)
	173	{
	174	return ch->buffersize;
	175	}
	176
e0e7dff8	177	void bufchain_add(bufchain ch, const void data, int len)
5471d09a	178	{
e0e7dff8	179	const char buf = (const char )data;
5471d09a	180
	181	ch->buffersize += len;
	182
	183	if (ch->tail && ch->tail->buflen < BUFFER_GRANULE) {
	184	int copylen = min(len, BUFFER_GRANULE - ch->tail->buflen);
	185	memcpy(ch->tail->buf + ch->tail->buflen, buf, copylen);
	186	buf += copylen;
	187	len -= copylen;
	188	ch->tail->buflen += copylen;
	189	}
	190	while (len > 0) {
	191	int grainlen = min(len, BUFFER_GRANULE);
	192	struct bufchain_granule *newbuf;
	193	newbuf = smalloc(sizeof(struct bufchain_granule));
	194	newbuf->bufpos = 0;
	195	newbuf->buflen = grainlen;
	196	memcpy(newbuf->buf, buf, grainlen);
	197	buf += grainlen;
	198	len -= grainlen;
	199	if (ch->tail)
	200	ch->tail->next = newbuf;
	201	else
	202	ch->head = ch->tail = newbuf;
	203	newbuf->next = NULL;
	204	ch->tail = newbuf;
	205	}
	206	}
	207
	208	void bufchain_consume(bufchain *ch, int len)
	209	{
7983f47e	210	struct bufchain_granule *tmp;
7983f47e	211
5471d09a	212	assert(ch->buffersize >= len);
7983f47e	213	while (len > 0) {
	214	int remlen = len;
	215	assert(ch->head != NULL);
	216	if (remlen >= ch->head->buflen - ch->head->bufpos) {
	217	remlen = ch->head->buflen - ch->head->bufpos;
	218	tmp = ch->head;
	219	ch->head = tmp->next;
	220	sfree(tmp);
	221	if (!ch->head)
	222	ch->tail = NULL;
	223	} else
	224	ch->head->bufpos += remlen;
	225	ch->buffersize -= remlen;
	226	len -= remlen;
5471d09a	227	}
	228	}
	229
	230	void bufchain_prefix(bufchain ch, void data, int len)
	231	{
	232	*len = ch->head->buflen - ch->head->bufpos;
	233	*data = ch->head->buf + ch->head->bufpos;
	234	}
	235
7983f47e	236	void bufchain_fetch(bufchain ch, void data, int len)
	237	{
	238	struct bufchain_granule *tmp;
	239	char data_c = (char )data;
	240
	241	tmp = ch->head;
	242
	243	assert(ch->buffersize >= len);
	244	while (len > 0) {
	245	int remlen = len;
	246
	247	assert(tmp != NULL);
	248	if (remlen >= tmp->buflen - tmp->bufpos)
	249	remlen = tmp->buflen - tmp->bufpos;
	250	memcpy(data_c, tmp->buf + tmp->bufpos, remlen);
	251
	252	tmp = tmp->next;
	253	len -= remlen;
	254	data_c += remlen;
	255	}
	256	}
	257
03f64569	258	/* ----------------------------------------------------------------------
b191636d	259	* My own versions of malloc, realloc and free. Because I want
	260	* malloc and realloc to bomb out and exit the program if they run
	261	* out of memory, realloc to reliably call malloc if passed a NULL
	262	* pointer, and free to reliably do nothing if passed a NULL
	263	* pointer. We can also put trace printouts in, if we need to; and
	264	* we can also replace the allocator with an ElectricFence-like
	265	* one.
	266	*/
	267
	268	#ifdef MINEFIELD
	269	/*
	270	* Minefield - a Windows equivalent for Electric Fence
	271	*/
	272
	273	#define PAGESIZE 4096
	274
	275	/*
	276	* Design:
	277	*
	278	* We start by reserving as much virtual address space as Windows
	279	* will sensibly (or not sensibly) let us have. We flag it all as
	280	* invalid memory.
	281	*
	282	* Any allocation attempt is satisfied by committing one or more
	283	* pages, with an uncommitted page on either side. The returned
	284	* memory region is jammed up against the _end_ of the pages.
	285	*
	286	* Freeing anything causes instantaneous decommitment of the pages
	287	* involved, so stale pointers are caught as soon as possible.
	288	*/
	289
	290	static int minefield_initialised = 0;
	291	static void *minefield_region = NULL;
	292	static long minefield_size = 0;
	293	static long minefield_npages = 0;
	294	static long minefield_curpos = 0;
	295	static unsigned short *minefield_admin = NULL;
	296	static void *minefield_pages = NULL;
	297
32874aea	298	static void minefield_admin_hide(int hide)
32874aea	299	{
b191636d	300	int access = hide ? PAGE_NOACCESS : PAGE_READWRITE;
32874aea	301	VirtualProtect(minefield_admin, minefield_npages * 2, access, NULL);
b191636d	302	}
b191636d	303
32874aea	304	static void minefield_init(void)
32874aea	305	{
b191636d	306	int size;
	307	int admin_size;
	308	int i;
	309
32874aea	310	for (size = 0x40000000; size > 0; size = ((size >> 3) * 7) & ~0xFFF) {
	311	minefield_region = VirtualAlloc(NULL, size,
	312	MEM_RESERVE, PAGE_NOACCESS);
	313	if (minefield_region)
	314	break;
b191636d	315	}
b191636d	316	minefield_size = size;
b191636d	317
	318	/*
	319	* Firstly, allocate a section of that to be the admin block.
	320	* We'll need a two-byte field for each page.
	321	*/
	322	minefield_admin = minefield_region;
	323	minefield_npages = minefield_size / PAGESIZE;
32874aea	324	admin_size = (minefield_npages * 2 + PAGESIZE - 1) & ~(PAGESIZE - 1);
b191636d	325	minefield_npages = (minefield_size - admin_size) / PAGESIZE;
32874aea	326	minefield_pages = (char *) minefield_region + admin_size;
b191636d	327
	328	/*
	329	* Commit the admin region.
	330	*/
	331	VirtualAlloc(minefield_admin, minefield_npages * 2,
32874aea	332	MEM_COMMIT, PAGE_READWRITE);
b191636d	333
	334	/*
	335	* Mark all pages as unused (0xFFFF).
	336	*/
	337	for (i = 0; i < minefield_npages; i++)
32874aea	338	minefield_admin[i] = 0xFFFF;
b191636d	339
	340	/*
	341	* Hide the admin region.
	342	*/
	343	minefield_admin_hide(1);
	344
	345	minefield_initialised = 1;
	346	}
	347
32874aea	348	static void minefield_bomb(void)
	349	{
	350	div(1, (int ) minefield_pages);
b191636d	351	}
b191636d	352
32874aea	353	static void *minefield_alloc(int size)
32874aea	354	{
b191636d	355	int npages;
	356	int pos, lim, region_end, region_start;
	357	int start;
	358	int i;
	359
32874aea	360	npages = (size + PAGESIZE - 1) / PAGESIZE;
b191636d	361
	362	minefield_admin_hide(0);
	363
	364	/*
	365	* Search from current position until we find a contiguous
	366	* bunch of npages+2 unused pages.
	367	*/
	368	pos = minefield_curpos;
	369	lim = minefield_npages;
	370	while (1) {
32874aea	371	/* Skip over used pages. */
	372	while (pos < lim && minefield_admin[pos] != 0xFFFF)
	373	pos++;
	374	/* Count unused pages. */
	375	start = pos;
	376	while (pos < lim && pos - start < npages + 2 &&
	377	minefield_admin[pos] == 0xFFFF)
	378	pos++;
	379	if (pos - start == npages + 2)
	380	break;
	381	/* If we've reached the limit, reset the limit or stop. */
	382	if (pos >= lim) {
	383	if (lim == minefield_npages) {
	384	/* go round and start again at zero */
	385	lim = minefield_curpos;
	386	pos = 0;
	387	} else {
	388	minefield_admin_hide(1);
	389	return NULL;
	390	}
	391	}
b191636d	392	}
b191636d	393
32874aea	394	minefield_curpos = pos - 1;
b191636d	395
	396	/*
	397	* We have npages+2 unused pages starting at start. We leave
	398	* the first and last of these alone and use the rest.
	399	*/
32874aea	400	region_end = (start + npages + 1) * PAGESIZE;
b191636d	401	region_start = region_end - size;
	402	/* FIXME: could align here if we wanted */
	403
	404	/*
	405	* Update the admin region.
	406	*/
0f7432cc	407	for (i = start + 2; i < start + npages + 1; i++)
32874aea	408	minefield_admin[i] = 0xFFFE; /* used but no region starts here */
32874aea	409	minefield_admin[start + 1] = region_start % PAGESIZE;
b191636d	410
	411	minefield_admin_hide(1);
	412
32874aea	413	VirtualAlloc((char *) minefield_pages + region_start, size,
	414	MEM_COMMIT, PAGE_READWRITE);
	415	return (char *) minefield_pages + region_start;
b191636d	416	}
b191636d	417
32874aea	418	static void minefield_free(void *ptr)
32874aea	419	{
b191636d	420	int region_start, i, j;
	421
	422	minefield_admin_hide(0);
	423
32874aea	424	region_start = (char ) ptr - (char ) minefield_pages;
b191636d	425	i = region_start / PAGESIZE;
b191636d	426	if (i < 0 \|\| i >= minefield_npages \|\|
32874aea	427	minefield_admin[i] != region_start % PAGESIZE)
32874aea	428	minefield_bomb();
b191636d	429	for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++) {
32874aea	430	minefield_admin[j] = 0xFFFF;
b191636d	431	}
b191636d	432
32874aea	433	VirtualFree(ptr, j * PAGESIZE - region_start, MEM_DECOMMIT);
b191636d	434
	435	minefield_admin_hide(1);
	436	}
	437
32874aea	438	static int minefield_get_size(void *ptr)
32874aea	439	{
b191636d	440	int region_start, i, j;
	441
	442	minefield_admin_hide(0);
	443
32874aea	444	region_start = (char ) ptr - (char ) minefield_pages;
b191636d	445	i = region_start / PAGESIZE;
b191636d	446	if (i < 0 \|\| i >= minefield_npages \|\|
32874aea	447	minefield_admin[i] != region_start % PAGESIZE)
32874aea	448	minefield_bomb();
b191636d	449	for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++);
	450
	451	minefield_admin_hide(1);
	452
32874aea	453	return j * PAGESIZE - region_start;
b191636d	454	}
b191636d	455
32874aea	456	static void *minefield_c_malloc(size_t size)
	457	{
	458	if (!minefield_initialised)
	459	minefield_init();
b191636d	460	return minefield_alloc(size);
	461	}
	462
32874aea	463	static void minefield_c_free(void *p)
	464	{
	465	if (!minefield_initialised)
	466	minefield_init();
b191636d	467	minefield_free(p);
	468	}
	469
	470	/*
	471	* realloc _always_ moves the chunk, for rapid detection of code
	472	* that assumes it won't.
	473	*/
32874aea	474	static void minefield_c_realloc(void p, size_t size)
32874aea	475	{
b191636d	476	size_t oldsize;
b191636d	477	void *q;
32874aea	478	if (!minefield_initialised)
32874aea	479	minefield_init();
b191636d	480	q = minefield_alloc(size);
	481	oldsize = minefield_get_size(p);
	482	memcpy(q, p, (oldsize < size ? oldsize : size));
	483	minefield_free(p);
	484	return q;
	485	}
	486
32874aea	487	#endif /* MINEFIELD */
374330e2	488
	489	#ifdef MALLOC_LOG
	490	static FILE *fp = NULL;
	491
d7da76ca	492	static char *mlog_file = NULL;
	493	static int mlog_line = 0;
	494
32874aea	495	void mlog(char *file, int line)
32874aea	496	{
d7da76ca	497	mlog_file = file;
d7da76ca	498	mlog_line = line;
c662dbc0	499	if (!fp) {
374330e2	500	fp = fopen("putty_mem.log", "w");
c662dbc0	501	setvbuf(fp, NULL, _IONBF, BUFSIZ);
c662dbc0	502	}
374330e2	503	if (fp)
32874aea	504	fprintf(fp, "%s:%d: ", file, line);
374330e2	505	}
	506	#endif
	507
32874aea	508	void *safemalloc(size_t size)
32874aea	509	{
b191636d	510	void *p;
b191636d	511	#ifdef MINEFIELD
32874aea	512	p = minefield_c_malloc(size);
b191636d	513	#else
32874aea	514	p = malloc(size);
b191636d	515	#endif
374330e2	516	if (!p) {
d7da76ca	517	char str[200];
	518	#ifdef MALLOC_LOG
	519	sprintf(str, "Out of memory! (%s:%d, size=%d)",
	520	mlog_file, mlog_line, size);
1b2ef365	521	fprintf(fp, "*** %s\n", str);
1b2ef365	522	fclose(fp);
d7da76ca	523	#else
	524	strcpy(str, "Out of memory!");
	525	#endif
1709795f	526	modalfatalbox(str);
374330e2	527	}
	528	#ifdef MALLOC_LOG
	529	if (fp)
	530	fprintf(fp, "malloc(%d) returns %p\n", size, p);
	531	#endif
	532	return p;
	533	}
	534
32874aea	535	void saferealloc(void ptr, size_t size)
32874aea	536	{
374330e2	537	void *p;
b191636d	538	if (!ptr) {
b191636d	539	#ifdef MINEFIELD
32874aea	540	p = minefield_c_malloc(size);
b191636d	541	#else
32874aea	542	p = malloc(size);
b191636d	543	#endif
	544	} else {
	545	#ifdef MINEFIELD
32874aea	546	p = minefield_c_realloc(ptr, size);
b191636d	547	#else
32874aea	548	p = realloc(ptr, size);
b191636d	549	#endif
b191636d	550	}
374330e2	551	if (!p) {
d7da76ca	552	char str[200];
	553	#ifdef MALLOC_LOG
	554	sprintf(str, "Out of memory! (%s:%d, size=%d)",
	555	mlog_file, mlog_line, size);
1b2ef365	556	fprintf(fp, "*** %s\n", str);
1b2ef365	557	fclose(fp);
d7da76ca	558	#else
	559	strcpy(str, "Out of memory!");
	560	#endif
1709795f	561	modalfatalbox(str);
374330e2	562	}
	563	#ifdef MALLOC_LOG
	564	if (fp)
	565	fprintf(fp, "realloc(%p,%d) returns %p\n", ptr, size, p);
	566	#endif
	567	return p;
	568	}
	569
32874aea	570	void safefree(void *ptr)
32874aea	571	{
374330e2	572	if (ptr) {
	573	#ifdef MALLOC_LOG
	574	if (fp)
	575	fprintf(fp, "free(%p)\n", ptr);
	576	#endif
b191636d	577	#ifdef MINEFIELD
32874aea	578	minefield_c_free(ptr);
b191636d	579	#else
32874aea	580	free(ptr);
b191636d	581	#endif
374330e2	582	}
	583	#ifdef MALLOC_LOG
	584	else if (fp)
	585	fprintf(fp, "freeing null pointer - no action taken\n");
	586	#endif
	587	}
c82bda52	588
03f64569	589	/* ----------------------------------------------------------------------
	590	* Debugging routines.
	591	*/
	592
c82bda52	593	#ifdef DEBUG
c82bda52	594	static FILE *debug_fp = NULL;
cbb9532e	595	static HANDLE debug_hdl = INVALID_HANDLE_VALUE;
c82bda52	596	static int debug_got_console = 0;
c82bda52	597
32874aea	598	static void dputs(char *buf)
32874aea	599	{
c82bda52	600	DWORD dw;
c82bda52	601
c82bda52	602	if (!debug_got_console) {
cbb9532e	603	if (AllocConsole()) {
	604	debug_got_console = 1;
	605	debug_hdl = GetStdHandle(STD_OUTPUT_HANDLE);
	606	}
c82bda52	607	}
	608	if (!debug_fp) {
	609	debug_fp = fopen("debug.log", "w");
	610	}
	611
cbb9532e	612	if (debug_hdl != INVALID_HANDLE_VALUE) {
	613	WriteFile(debug_hdl, buf, strlen(buf), &dw, NULL);
	614	}
c82bda52	615	fputs(buf, debug_fp);
c82bda52	616	fflush(debug_fp);
db9c0f86	617	}
	618
	619
32874aea	620	void dprintf(char *fmt, ...)
32874aea	621	{
57356d63	622	char *buf;
db9c0f86	623	va_list ap;
	624
	625	va_start(ap, fmt);
57356d63	626	buf = dupvprintf(fmt, ap);
32874aea	627	dputs(buf);
57356d63	628	sfree(buf);
c82bda52	629	va_end(ap);
c82bda52	630	}
db9c0f86	631
db9c0f86	632
32874aea	633	void debug_memdump(void *buf, int len, int L)
32874aea	634	{
db9c0f86	635	int i;
db9c0f86	636	unsigned char *p = buf;
765c4200	637	char foo[17];
db9c0f86	638	if (L) {
db9c0f86	639	int delta;
32874aea	640	dprintf("\t%d (0x%x) bytes:\n", len, len);
db9c0f86	641	delta = 15 & (int) p;
	642	p -= delta;
	643	len += delta;
	644	}
	645	for (; 0 < len; p += 16, len -= 16) {
32874aea	646	dputs(" ");
	647	if (L)
	648	dprintf("%p: ", p);
	649	strcpy(foo, "................"); /* sixteen dots */
db9c0f86	650	for (i = 0; i < 16 && i < len; ++i) {
db9c0f86	651	if (&p[i] < (unsigned char *) buf) {
32874aea	652	dputs(" "); /* 3 spaces */
765c4200	653	foo[i] = ' ';
db9c0f86	654	} else {
32874aea	655	dprintf("%c%02.2x",
	656	&p[i] != (unsigned char *) buf
	657	&& i % 4 ? '.' : ' ', p[i]
	658	);
765c4200	659	if (p[i] >= ' ' && p[i] <= '~')
32874aea	660	foo[i] = (char) p[i];
db9c0f86	661	}
db9c0f86	662	}
765c4200	663	foo[i] = '\0';
32874aea	664	dprintf("%s%s\n", (16 - i) 3 + 2, "", foo);
db9c0f86	665	}
	666	}
	667
32874aea	668	#endif /* def DEBUG */