[u/mdw/putty] / windows / winmisc.c

/*
 * winmisc.c: miscellaneous Windows-specific things
 */

#include <stdio.h>
#include <stdlib.h>
#include "putty.h"
#include <security.h>

OSVERSIONINFO osVersion;

char *platform_get_x_display(void) {
    /* We may as well check for DISPLAY in case it's useful. */
    return dupstr(getenv("DISPLAY"));
}

Filename *filename_from_str(const char *str)
{
    Filename *ret = snew(Filename);
    ret->path = dupstr(str);
    return ret;
}

Filename *filename_copy(const Filename *fn)
{
    return filename_from_str(fn->path);
}

const char *filename_to_str(const Filename *fn)
{
    return fn->path;
}

int filename_equal(const Filename *f1, const Filename *f2)
{
    return !strcmp(f1->path, f2->path);
}

int filename_is_null(const Filename *fn)
{
    return !*fn->path;
}

void filename_free(Filename *fn)
{
    sfree(fn->path);
    sfree(fn);
}

int filename_serialise(const Filename *f, void *vdata)
{
    char *data = (char *)vdata;
    int len = strlen(f->path) + 1;     /* include trailing NUL */
    if (data) {
        strcpy(data, f->path);
    }
    return len;
}
Filename *filename_deserialise(void *vdata, int maxsize, int *used)
{
    char *data = (char *)vdata;
    char *end;
    end = memchr(data, '\0', maxsize);
    if (!end)
        return NULL;
    end++;
    *used = end - data;
    return filename_from_str(data);
}

#ifndef NO_SECUREZEROMEMORY
/*
 * Windows implementation of smemclr (see misc.c) using SecureZeroMemory.
 */
void smemclr(void *b, size_t n) {
    if (b && n > 0)
        SecureZeroMemory(b, n);
}
#endif

char *get_username(void)
{
    DWORD namelen;
    char *user;
    int got_username = FALSE;
    DECL_WINDOWS_FUNCTION(static, BOOLEAN, GetUserNameExA,
			  (EXTENDED_NAME_FORMAT, LPSTR, PULONG));

    {
	static int tried_usernameex = FALSE;
	if (!tried_usernameex) {
	    /* Not available on Win9x, so load dynamically */
	    HMODULE secur32 = load_system32_dll("secur32.dll");
	    GET_WINDOWS_FUNCTION(secur32, GetUserNameExA);
	    tried_usernameex = TRUE;
	}
    }

    if (p_GetUserNameExA) {
	/*
	 * If available, use the principal -- this avoids the problem
	 * that the local username is case-insensitive but Kerberos
	 * usernames are case-sensitive.
	 */

	/* Get the length */
	namelen = 0;
	(void) p_GetUserNameExA(NameUserPrincipal, NULL, &namelen);

	user = snewn(namelen, char);
	got_username = p_GetUserNameExA(NameUserPrincipal, user, &namelen);
	if (got_username) {
	    char *p = strchr(user, '@');
	    if (p) *p = 0;
	} else {
	    sfree(user);
	}
    }

    if (!got_username) {
	/* Fall back to local user name */
	namelen = 0;
	if (GetUserName(NULL, &namelen) == FALSE) {
	    /*
	     * Apparently this doesn't work at least on Windows XP SP2.
	     * Thus assume a maximum of 256. It will fail again if it
	     * doesn't fit.
	     */
	    namelen = 256;
	}

	user = snewn(namelen, char);
	got_username = GetUserName(user, &namelen);
	if (!got_username) {
	    sfree(user);
	}
    }

    return got_username ? user : NULL;
}

BOOL init_winver(void)
{
    ZeroMemory(&osVersion, sizeof(osVersion));
    osVersion.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
    return GetVersionEx ( (OSVERSIONINFO *) &osVersion);
}

HMODULE load_system32_dll(const char *libname)
{
    /*
     * Wrapper function to load a DLL out of c:\windows\system32
     * without going through the full DLL search path. (Hence no
     * attack is possible by placing a substitute DLL earlier on that
     * path.)
     */
    static char *sysdir = NULL;
    char *fullpath;
    HMODULE ret;

    if (!sysdir) {
	int size = 0, len;
	do {
	    size = 3*size/2 + 512;
	    sysdir = sresize(sysdir, size, char);
	    len = GetSystemDirectory(sysdir, size);
	} while (len >= size);
    }

    fullpath = dupcat(sysdir, "\\", libname, NULL);
    ret = LoadLibrary(fullpath);
    sfree(fullpath);
    return ret;
}

/*
 * A tree234 containing mappings from system error codes to strings.
 */

struct errstring {
    int error;
    char *text;
};

static int errstring_find(void *av, void *bv)
{
    int *a = (int *)av;
    struct errstring *b = (struct errstring *)bv;
    if (*a < b->error)
        return -1;
    if (*a > b->error)
        return +1;
    return 0;
}
static int errstring_compare(void *av, void *bv)
{
    struct errstring *a = (struct errstring *)av;
    return errstring_find(&a->error, bv);
}

static tree234 *errstrings = NULL;

const char *win_strerror(int error)
{
    struct errstring *es;

    if (!errstrings)
        errstrings = newtree234(errstring_compare);

    es = find234(errstrings, &error, errstring_find);

    if (!es) {
        int bufsize, bufused;

        es = snew(struct errstring);
        es->error = error;
        /* maximum size for FormatMessage is 64K */
        bufsize = 65535;
        es->text = snewn(bufsize, char);
        if (!FormatMessage((FORMAT_MESSAGE_FROM_SYSTEM |
                            FORMAT_MESSAGE_IGNORE_INSERTS), NULL, error,
                           MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
                           es->text + bufused, bufsize - bufused, NULL)) {
            sprintf(es->text,
                    "Windows error code %d (and FormatMessage returned %d)", 
                    error, GetLastError());
        } else {
            int len = strlen(es->text);
            if (len > 0 && es->text[len-1] == '\n')
                es->text[len-1] = '\0';
        }
        es->text = sresize(es->text, strlen(es->text) + 1, char);
        add234(errstrings, es);
    }

    return es->text;
}

#ifdef DEBUG
static FILE *debug_fp = NULL;
static HANDLE debug_hdl = INVALID_HANDLE_VALUE;
static int debug_got_console = 0;

void dputs(char *buf)
{
    DWORD dw;

    if (!debug_got_console) {
	if (AllocConsole()) {
	    debug_got_console = 1;
	    debug_hdl = GetStdHandle(STD_OUTPUT_HANDLE);
	}
    }
    if (!debug_fp) {
	debug_fp = fopen("debug.log", "w");
    }

    if (debug_hdl != INVALID_HANDLE_VALUE) {
	WriteFile(debug_hdl, buf, strlen(buf), &dw, NULL);
    }
    fputs(buf, debug_fp);
    fflush(debug_fp);
}
#endif

#ifdef MINEFIELD
/*
 * Minefield - a Windows equivalent for Electric Fence
 */

#define PAGESIZE 4096

/*
 * Design:
 * 
 * We start by reserving as much virtual address space as Windows
 * will sensibly (or not sensibly) let us have. We flag it all as
 * invalid memory.
 * 
 * Any allocation attempt is satisfied by committing one or more
 * pages, with an uncommitted page on either side. The returned
 * memory region is jammed up against the _end_ of the pages.
 * 
 * Freeing anything causes instantaneous decommitment of the pages
 * involved, so stale pointers are caught as soon as possible.
 */

static int minefield_initialised = 0;
static void *minefield_region = NULL;
static long minefield_size = 0;
static long minefield_npages = 0;
static long minefield_curpos = 0;
static unsigned short *minefield_admin = NULL;
static void *minefield_pages = NULL;

static void minefield_admin_hide(int hide)
{
    int access = hide ? PAGE_NOACCESS : PAGE_READWRITE;
    VirtualProtect(minefield_admin, minefield_npages * 2, access, NULL);
}

static void minefield_init(void)
{
    int size;
    int admin_size;
    int i;

    for (size = 0x40000000; size > 0; size = ((size >> 3) * 7) & ~0xFFF) {
	minefield_region = VirtualAlloc(NULL, size,
					MEM_RESERVE, PAGE_NOACCESS);
	if (minefield_region)
	    break;
    }
    minefield_size = size;

    /*
     * Firstly, allocate a section of that to be the admin block.
     * We'll need a two-byte field for each page.
     */
    minefield_admin = minefield_region;
    minefield_npages = minefield_size / PAGESIZE;
    admin_size = (minefield_npages * 2 + PAGESIZE - 1) & ~(PAGESIZE - 1);
    minefield_npages = (minefield_size - admin_size) / PAGESIZE;
    minefield_pages = (char *) minefield_region + admin_size;

    /*
     * Commit the admin region.
     */
    VirtualAlloc(minefield_admin, minefield_npages * 2,
		 MEM_COMMIT, PAGE_READWRITE);

    /*
     * Mark all pages as unused (0xFFFF).
     */
    for (i = 0; i < minefield_npages; i++)
	minefield_admin[i] = 0xFFFF;

    /*
     * Hide the admin region.
     */
    minefield_admin_hide(1);

    minefield_initialised = 1;
}

static void minefield_bomb(void)
{
    div(1, *(int *) minefield_pages);
}

static void *minefield_alloc(int size)
{
    int npages;
    int pos, lim, region_end, region_start;
    int start;
    int i;

    npages = (size + PAGESIZE - 1) / PAGESIZE;

    minefield_admin_hide(0);

    /*
     * Search from current position until we find a contiguous
     * bunch of npages+2 unused pages.
     */
    pos = minefield_curpos;
    lim = minefield_npages;
    while (1) {
	/* Skip over used pages. */
	while (pos < lim && minefield_admin[pos] != 0xFFFF)
	    pos++;
	/* Count unused pages. */
	start = pos;
	while (pos < lim && pos - start < npages + 2 &&
	       minefield_admin[pos] == 0xFFFF)
	    pos++;
	if (pos - start == npages + 2)
	    break;
	/* If we've reached the limit, reset the limit or stop. */
	if (pos >= lim) {
	    if (lim == minefield_npages) {
		/* go round and start again at zero */
		lim = minefield_curpos;
		pos = 0;
	    } else {
		minefield_admin_hide(1);
		return NULL;
	    }
	}
    }

    minefield_curpos = pos - 1;

    /*
     * We have npages+2 unused pages starting at start. We leave
     * the first and last of these alone and use the rest.
     */
    region_end = (start + npages + 1) * PAGESIZE;
    region_start = region_end - size;
    /* FIXME: could align here if we wanted */

    /*
     * Update the admin region.
     */
    for (i = start + 2; i < start + npages + 1; i++)
	minefield_admin[i] = 0xFFFE;   /* used but no region starts here */
    minefield_admin[start + 1] = region_start % PAGESIZE;

    minefield_admin_hide(1);

    VirtualAlloc((char *) minefield_pages + region_start, size,
		 MEM_COMMIT, PAGE_READWRITE);
    return (char *) minefield_pages + region_start;
}

static void minefield_free(void *ptr)
{
    int region_start, i, j;

    minefield_admin_hide(0);

    region_start = (char *) ptr - (char *) minefield_pages;
    i = region_start / PAGESIZE;
    if (i < 0 || i >= minefield_npages ||
	minefield_admin[i] != region_start % PAGESIZE)
	minefield_bomb();
    for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++) {
	minefield_admin[j] = 0xFFFF;
    }

    VirtualFree(ptr, j * PAGESIZE - region_start, MEM_DECOMMIT);

    minefield_admin_hide(1);
}

static int minefield_get_size(void *ptr)
{
    int region_start, i, j;

    minefield_admin_hide(0);

    region_start = (char *) ptr - (char *) minefield_pages;
    i = region_start / PAGESIZE;
    if (i < 0 || i >= minefield_npages ||
	minefield_admin[i] != region_start % PAGESIZE)
	minefield_bomb();
    for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++);

    minefield_admin_hide(1);

    return j * PAGESIZE - region_start;
}

void *minefield_c_malloc(size_t size)
{
    if (!minefield_initialised)
	minefield_init();
    return minefield_alloc(size);
}

void minefield_c_free(void *p)
{
    if (!minefield_initialised)
	minefield_init();
    minefield_free(p);
}

/*
 * realloc _always_ moves the chunk, for rapid detection of code
 * that assumes it won't.
 */
void *minefield_c_realloc(void *p, size_t size)
{
    size_t oldsize;
    void *q;
    if (!minefield_initialised)
	minefield_init();
    q = minefield_alloc(size);
    oldsize = minefield_get_size(p);
    memcpy(q, p, (oldsize < size ? oldsize : size));
    minefield_free(p);
    return q;
}

#endif				/* MINEFIELD */

FontSpec *fontspec_new(const char *name,
                        int bold, int height, int charset)
{
    FontSpec *f = snew(FontSpec);
    f->name = dupstr(name);
    f->isbold = bold;
    f->height = height;
    f->charset = charset;
    return f;
}
FontSpec *fontspec_copy(const FontSpec *f)
{
    return fontspec_new(f->name, f->isbold, f->height, f->charset);
}
void fontspec_free(FontSpec *f)
{
    sfree(f->name);
    sfree(f);
}
int fontspec_serialise(FontSpec *f, void *vdata)
{
    char *data = (char *)vdata;
    int len = strlen(f->name) + 1;     /* include trailing NUL */
    if (data) {
        strcpy(data, f->name);
        PUT_32BIT_MSB_FIRST(data + len, f->isbold);
        PUT_32BIT_MSB_FIRST(data + len + 4, f->height);
        PUT_32BIT_MSB_FIRST(data + len + 8, f->charset);
    }
    return len + 12;                   /* also include three 4-byte ints */
}
FontSpec *fontspec_deserialise(void *vdata, int maxsize, int *used)
{
    char *data = (char *)vdata;
    char *end;
    if (maxsize < 13)
        return NULL;
    end = memchr(data, '\0', maxsize-12);
    if (!end)
        return NULL;
    end++;
    *used = end - data + 12;
    return fontspec_new(data,
                        GET_32BIT_MSB_FIRST(end),
                        GET_32BIT_MSB_FIRST(end + 4),
                        GET_32BIT_MSB_FIRST(end + 8));
}
Commit	Line	Data
e0e7dff8	1	/*
f4ff9455	2	* winmisc.c: miscellaneous Windows-specific things
e0e7dff8	3	*/
e0e7dff8	4
e0e7dff8	5	#include <stdio.h>
	6	#include <stdlib.h>
	7	#include "putty.h"
4c26bb50	8	#include <security.h>
e0e7dff8	9
4c48c989	10	OSVERSIONINFO osVersion;
4c48c989	11
46ed7b64	12	char *platform_get_x_display(void) {
	13	/* We may as well check for DISPLAY in case it's useful. */
	14	return dupstr(getenv("DISPLAY"));
	15	}
	16
962468d4	17	Filename filename_from_str(const char str)
9a30e26b	18	{
962468d4	19	Filename *ret = snew(Filename);
962468d4	20	ret->path = dupstr(str);
9a30e26b	21	return ret;
	22	}
	23
962468d4	24	Filename filename_copy(const Filename fn)
	25	{
	26	return filename_from_str(fn->path);
	27	}
	28
9fab77dc	29	const char filename_to_str(const Filename fn)
9a30e26b	30	{
9fab77dc	31	return fn->path;
9a30e26b	32	}
9a30e26b	33
962468d4	34	int filename_equal(const Filename f1, const Filename f2)
	35	{
	36	return !strcmp(f1->path, f2->path);
	37	}
	38
	39	int filename_is_null(const Filename *fn)
9a30e26b	40	{
962468d4	41	return !*fn->path;
9a30e26b	42	}
9a30e26b	43
962468d4	44	void filename_free(Filename *fn)
	45	{
	46	sfree(fn->path);
	47	sfree(fn);
	48	}
	49
	50	int filename_serialise(const Filename f, void vdata)
	51	{
	52	char data = (char )vdata;
	53	int len = strlen(f->path) + 1; /* include trailing NUL */
	54	if (data) {
	55	strcpy(data, f->path);
	56	}
	57	return len;
	58	}
	59	Filename filename_deserialise(void vdata, int maxsize, int *used)
9a30e26b	60	{
962468d4	61	char data = (char )vdata;
	62	char *end;
	63	end = memchr(data, '\0', maxsize);
	64	if (!end)
	65	return NULL;
	66	end++;
	67	*used = end - data;
	68	return filename_from_str(data);
9a30e26b	69	}
d0912d1f	70
540bb4b5	71	#ifndef NO_SECUREZEROMEMORY
dfb88efd	72	/*
	73	* Windows implementation of smemclr (see misc.c) using SecureZeroMemory.
	74	*/
	75	void smemclr(void *b, size_t n) {
	76	if (b && n > 0)
	77	SecureZeroMemory(b, n);
	78	}
da6768b9	79	#endif
dfb88efd	80
799dfcfa	81	char *get_username(void)
	82	{
	83	DWORD namelen;
	84	char *user;
4c26bb50	85	int got_username = FALSE;
	86	DECL_WINDOWS_FUNCTION(static, BOOLEAN, GetUserNameExA,
	87	(EXTENDED_NAME_FORMAT, LPSTR, PULONG));
799dfcfa	88
4c26bb50	89	{
	90	static int tried_usernameex = FALSE;
	91	if (!tried_usernameex) {
	92	/* Not available on Win9x, so load dynamically */
bda368a5	93	HMODULE secur32 = load_system32_dll("secur32.dll");
4c26bb50	94	GET_WINDOWS_FUNCTION(secur32, GetUserNameExA);
	95	tried_usernameex = TRUE;
	96	}
	97	}
	98
	99	if (p_GetUserNameExA) {
05581745	100	/*
4c26bb50	101	* If available, use the principal -- this avoids the problem
	102	* that the local username is case-insensitive but Kerberos
	103	* usernames are case-sensitive.
05581745	104	*/
4c26bb50	105
	106	/* Get the length */
	107	namelen = 0;
	108	(void) p_GetUserNameExA(NameUserPrincipal, NULL, &namelen);
	109
	110	user = snewn(namelen, char);
	111	got_username = p_GetUserNameExA(NameUserPrincipal, user, &namelen);
	112	if (got_username) {
	113	char *p = strchr(user, '@');
	114	if (p) *p = 0;
	115	} else {
	116	sfree(user);
	117	}
05581745	118	}
799dfcfa	119
4c26bb50	120	if (!got_username) {
	121	/* Fall back to local user name */
	122	namelen = 0;
	123	if (GetUserName(NULL, &namelen) == FALSE) {
	124	/*
	125	* Apparently this doesn't work at least on Windows XP SP2.
	126	* Thus assume a maximum of 256. It will fail again if it
	127	* doesn't fit.
	128	*/
	129	namelen = 256;
	130	}
	131
	132	user = snewn(namelen, char);
	133	got_username = GetUserName(user, &namelen);
	134	if (!got_username) {
	135	sfree(user);
	136	}
	137	}
799dfcfa	138
4c26bb50	139	return got_username ? user : NULL;
799dfcfa	140	}
799dfcfa	141
4c48c989	142	BOOL init_winver(void)
	143	{
	144	ZeroMemory(&osVersion, sizeof(osVersion));
	145	osVersion.dwOSVersionInfoSize = sizeof (OSVERSIONINFO);
	146	return GetVersionEx ( (OSVERSIONINFO *) &osVersion);
	147	}
	148
bda368a5	149	HMODULE load_system32_dll(const char *libname)
	150	{
	151	/*
	152	* Wrapper function to load a DLL out of c:\windows\system32
	153	* without going through the full DLL search path. (Hence no
	154	* attack is possible by placing a substitute DLL earlier on that
	155	* path.)
	156	*/
	157	static char *sysdir = NULL;
	158	char *fullpath;
	159	HMODULE ret;
	160
	161	if (!sysdir) {
	162	int size = 0, len;
	163	do {
	164	size = 3*size/2 + 512;
	165	sysdir = sresize(sysdir, size, char);
	166	len = GetSystemDirectory(sysdir, size);
	167	} while (len >= size);
	168	}
	169
	170	fullpath = dupcat(sysdir, "\\", libname, NULL);
	171	ret = LoadLibrary(fullpath);
	172	sfree(fullpath);
	173	return ret;
	174	}
	175
688861a8	176	/*
	177	* A tree234 containing mappings from system error codes to strings.
	178	*/
	179
	180	struct errstring {
	181	int error;
	182	char *text;
	183	};
	184
	185	static int errstring_find(void av, void bv)
	186	{
	187	int a = (int )av;
	188	struct errstring b = (struct errstring )bv;
	189	if (*a < b->error)
	190	return -1;
	191	if (*a > b->error)
	192	return +1;
	193	return 0;
	194	}
	195	static int errstring_compare(void av, void bv)
	196	{
	197	struct errstring a = (struct errstring )av;
	198	return errstring_find(&a->error, bv);
	199	}
	200
	201	static tree234 *errstrings = NULL;
	202
	203	const char *win_strerror(int error)
	204	{
	205	struct errstring *es;
	206
	207	if (!errstrings)
	208	errstrings = newtree234(errstring_compare);
	209
	210	es = find234(errstrings, &error, errstring_find);
	211
	212	if (!es) {
	213	int bufsize, bufused;
	214
	215	es = snew(struct errstring);
	216	es->error = error;
	217	/* maximum size for FormatMessage is 64K */
	218	bufsize = 65535;
	219	es->text = snewn(bufsize, char);
	220	if (!FormatMessage((FORMAT_MESSAGE_FROM_SYSTEM \|
	221	FORMAT_MESSAGE_IGNORE_INSERTS), NULL, error,
	222	MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
	223	es->text + bufused, bufsize - bufused, NULL)) {
	224	sprintf(es->text,
	225	"Windows error code %d (and FormatMessage returned %d)",
	226	error, GetLastError());
	227	} else {
	228	int len = strlen(es->text);
	229	if (len > 0 && es->text[len-1] == '\n')
	230	es->text[len-1] = '\0';
	231	}
	232	es->text = sresize(es->text, strlen(es->text) + 1, char);
	233	add234(errstrings, es);
	234	}
	235
	236	return es->text;
	237	}
	238
d0912d1f	239	#ifdef DEBUG
	240	static FILE *debug_fp = NULL;
	241	static HANDLE debug_hdl = INVALID_HANDLE_VALUE;
	242	static int debug_got_console = 0;
	243
	244	void dputs(char *buf)
	245	{
	246	DWORD dw;
	247
	248	if (!debug_got_console) {
	249	if (AllocConsole()) {
	250	debug_got_console = 1;
	251	debug_hdl = GetStdHandle(STD_OUTPUT_HANDLE);
	252	}
	253	}
	254	if (!debug_fp) {
	255	debug_fp = fopen("debug.log", "w");
	256	}
	257
	258	if (debug_hdl != INVALID_HANDLE_VALUE) {
	259	WriteFile(debug_hdl, buf, strlen(buf), &dw, NULL);
	260	}
	261	fputs(buf, debug_fp);
	262	fflush(debug_fp);
	263	}
	264	#endif
	265
	266	#ifdef MINEFIELD
	267	/*
	268	* Minefield - a Windows equivalent for Electric Fence
	269	*/
	270
	271	#define PAGESIZE 4096
	272
	273	/*
	274	* Design:
	275	*
	276	* We start by reserving as much virtual address space as Windows
	277	* will sensibly (or not sensibly) let us have. We flag it all as
	278	* invalid memory.
	279	*
	280	* Any allocation attempt is satisfied by committing one or more
	281	* pages, with an uncommitted page on either side. The returned
	282	* memory region is jammed up against the _end_ of the pages.
	283	*
	284	* Freeing anything causes instantaneous decommitment of the pages
	285	* involved, so stale pointers are caught as soon as possible.
	286	*/
	287
	288	static int minefield_initialised = 0;
	289	static void *minefield_region = NULL;
	290	static long minefield_size = 0;
	291	static long minefield_npages = 0;
	292	static long minefield_curpos = 0;
	293	static unsigned short *minefield_admin = NULL;
	294	static void *minefield_pages = NULL;
	295
	296	static void minefield_admin_hide(int hide)
	297	{
	298	int access = hide ? PAGE_NOACCESS : PAGE_READWRITE;
	299	VirtualProtect(minefield_admin, minefield_npages * 2, access, NULL);
	300	}
	301
	302	static void minefield_init(void)
303	{
304	int size;
305	int admin_size;
306	int i;
307
308	for (size = 0x40000000; size > 0; size = ((size >> 3) * 7) & ~0xFFF) {
309	minefield_region = VirtualAlloc(NULL, size,
310	MEM_RESERVE, PAGE_NOACCESS);
311	if (minefield_region)
312	break;
313	}
314	minefield_size = size;
315
316	/*
317	* Firstly, allocate a section of that to be the admin block.
318	* We'll need a two-byte field for each page.
319	*/
320	minefield_admin = minefield_region;
321	minefield_npages = minefield_size / PAGESIZE;
322	admin_size = (minefield_npages * 2 + PAGESIZE - 1) & ~(PAGESIZE - 1);
323	minefield_npages = (minefield_size - admin_size) / PAGESIZE;
324	minefield_pages = (char *) minefield_region + admin_size;
325
326	/*
327	* Commit the admin region.
328	*/
329	VirtualAlloc(minefield_admin, minefield_npages * 2,
330	MEM_COMMIT, PAGE_READWRITE);
331
332	/*
333	* Mark all pages as unused (0xFFFF).
334	*/
335	for (i = 0; i < minefield_npages; i++)
336	minefield_admin[i] = 0xFFFF;
337
338	/*
339	* Hide the admin region.
340	*/
341	minefield_admin_hide(1);
342
343	minefield_initialised = 1;
344	}
345
346	static void minefield_bomb(void)
347	{
348	div(1, (int ) minefield_pages);
349	}
350
351	static void *minefield_alloc(int size)
352	{
353	int npages;
354	int pos, lim, region_end, region_start;
355	int start;
356	int i;
357
358	npages = (size + PAGESIZE - 1) / PAGESIZE;
359
360	minefield_admin_hide(0);
361
362	/*
363	* Search from current position until we find a contiguous
364	* bunch of npages+2 unused pages.
365	*/
366	pos = minefield_curpos;
367	lim = minefield_npages;
368	while (1) {
369	/* Skip over used pages. */
370	while (pos < lim && minefield_admin[pos] != 0xFFFF)
371	pos++;
372	/* Count unused pages. */
373	start = pos;
374	while (pos < lim && pos - start < npages + 2 &&
375	minefield_admin[pos] == 0xFFFF)
376	pos++;
377	if (pos - start == npages + 2)
378	break;
379	/* If we've reached the limit, reset the limit or stop. */
380	if (pos >= lim) {
381	if (lim == minefield_npages) {
382	/* go round and start again at zero */
383	lim = minefield_curpos;
384	pos = 0;
385	} else {
386	minefield_admin_hide(1);
387	return NULL;
388	}
389	}
390	}
391
392	minefield_curpos = pos - 1;
393
394	/*
395	* We have npages+2 unused pages starting at start. We leave
396	* the first and last of these alone and use the rest.
397	*/
398	region_end = (start + npages + 1) * PAGESIZE;
399	region_start = region_end - size;
400	/* FIXME: could align here if we wanted */
401
402	/*
403	* Update the admin region.
404	*/
405	for (i = start + 2; i < start + npages + 1; i++)
406	minefield_admin[i] = 0xFFFE; /* used but no region starts here */
407	minefield_admin[start + 1] = region_start % PAGESIZE;
408
409	minefield_admin_hide(1);
410
411	VirtualAlloc((char *) minefield_pages + region_start, size,
412	MEM_COMMIT, PAGE_READWRITE);
413	return (char *) minefield_pages + region_start;
414	}
415
416	static void minefield_free(void *ptr)
417	{
418	int region_start, i, j;
419
420	minefield_admin_hide(0);
421
422	region_start = (char ) ptr - (char ) minefield_pages;
423	i = region_start / PAGESIZE;
424	if (i < 0 \|\| i >= minefield_npages \|\|
425	minefield_admin[i] != region_start % PAGESIZE)
426	minefield_bomb();
427	for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++) {
428	minefield_admin[j] = 0xFFFF;
429	}
430
431	VirtualFree(ptr, j * PAGESIZE - region_start, MEM_DECOMMIT);
432
433	minefield_admin_hide(1);
434	}
435
436	static int minefield_get_size(void *ptr)
437	{
438	int region_start, i, j;
439
440	minefield_admin_hide(0);
441
442	region_start = (char ) ptr - (char ) minefield_pages;
443	i = region_start / PAGESIZE;
444	if (i < 0 \|\| i >= minefield_npages \|\|
445	minefield_admin[i] != region_start % PAGESIZE)
446	minefield_bomb();
447	for (j = i; j < minefield_npages && minefield_admin[j] != 0xFFFF; j++);
448
449	minefield_admin_hide(1);
450
451	return j * PAGESIZE - region_start;
452	}
453
454	void *minefield_c_malloc(size_t size)
455	{
456	if (!minefield_initialised)
457	minefield_init();
458	return minefield_alloc(size);
459	}
460
461	void minefield_c_free(void *p)
462	{
463	if (!minefield_initialised)
464	minefield_init();
465	minefield_free(p);
466	}
467
468	/*
469	* realloc _always_ moves the chunk, for rapid detection of code
470	* that assumes it won't.
471	*/
472	void minefield_c_realloc(void p, size_t size)
473	{
474	size_t oldsize;
475	void *q;
476	if (!minefield_initialised)
477	minefield_init();
478	q = minefield_alloc(size);
479	oldsize = minefield_get_size(p);
480	memcpy(q, p, (oldsize < size ? oldsize : size));
481	minefield_free(p);
482	return q;
483	}
484
485	#endif /* MINEFIELD */
ae62eaeb	486
	487	FontSpec fontspec_new(const char name,
	488	int bold, int height, int charset)
	489	{
	490	FontSpec *f = snew(FontSpec);
	491	f->name = dupstr(name);
	492	f->isbold = bold;
	493	f->height = height;
	494	f->charset = charset;
	495	return f;
	496	}
	497	FontSpec fontspec_copy(const FontSpec f)
	498	{
	499	return fontspec_new(f->name, f->isbold, f->height, f->charset);
	500	}
	501	void fontspec_free(FontSpec *f)
	502	{
	503	sfree(f->name);
	504	sfree(f);
	505	}
	506	int fontspec_serialise(FontSpec f, void vdata)
	507	{
	508	char data = (char )vdata;
	509	int len = strlen(f->name) + 1; /* include trailing NUL */
	510	if (data) {
	511	strcpy(data, f->name);
	512	PUT_32BIT_MSB_FIRST(data + len, f->isbold);
	513	PUT_32BIT_MSB_FIRST(data + len + 4, f->height);
	514	PUT_32BIT_MSB_FIRST(data + len + 8, f->charset);
	515	}
	516	return len + 12; /* also include three 4-byte ints */
	517	}
	518	FontSpec fontspec_deserialise(void vdata, int maxsize, int *used)
	519	{
	520	char data = (char )vdata;
	521	char *end;
	522	if (maxsize < 13)
	523	return NULL;
	524	end = memchr(data, '\0', maxsize-12);
	525	if (!end)
	526	return NULL;
	527	end++;
	528	*used = end - data + 12;
	529	return fontspec_new(data,
	530	GET_32BIT_MSB_FIRST(end),
	531	GET_32BIT_MSB_FIRST(end + 4),
	532	GET_32BIT_MSB_FIRST(end + 8));
	533	}