mfbt/Poison.h@97036ab72558 (annotated)
mfbt/Poison.h
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ |
| michael@0 | 2 | /* vim: set ts=8 sts=2 et sw=2 tw=80: */ |
| michael@0 | 3 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 4 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 5 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 6 | |
| michael@0 | 7 | /* |
| michael@0 | 8 | * A poison value that can be used to fill a memory space with |
| michael@0 | 9 | * an address that leads to a safe crash when dereferenced. |
| michael@0 | 10 | */ |
| michael@0 | 11 | |
| michael@0 | 12 | #ifndef mozilla_Poison_h |
| michael@0 | 13 | #define mozilla_Poison_h |
| michael@0 | 14 | |
| michael@0 | 15 | #include "mozilla/Assertions.h" |
| michael@0 | 16 | #include "mozilla/Types.h" |
| michael@0 | 17 | |
| michael@0 | 18 | #include <stdint.h> |
| michael@0 | 19 | |
| michael@0 | 20 | MOZ_BEGIN_EXTERN_C |
| michael@0 | 21 | |
| michael@0 | 22 | extern MFBT_DATA uintptr_t gMozillaPoisonValue; |
| michael@0 | 23 | |
| michael@0 | 24 | /** |
| michael@0 | 25 | * @return the poison value. |
| michael@0 | 26 | */ |
| michael@0 | 27 | inline uintptr_t mozPoisonValue() |
| michael@0 | 28 | { |
| michael@0 | 29 | return gMozillaPoisonValue; |
| michael@0 | 30 | } |
| michael@0 | 31 | |
| michael@0 | 32 | /** |
| michael@0 | 33 | * Overwrite the memory block of aSize bytes at aPtr with the poison value. |
| michael@0 | 34 | * aPtr MUST be aligned at a sizeof(uintptr_t) boundary. |
| michael@0 | 35 | * Only an even number of sizeof(uintptr_t) bytes are overwritten, the last |
| michael@0 | 36 | * few bytes (if any) is not overwritten. |
| michael@0 | 37 | */ |
| michael@0 | 38 | inline void mozWritePoison(void* aPtr, size_t aSize) |
| michael@0 | 39 | { |
| michael@0 | 40 | const uintptr_t POISON = mozPoisonValue(); |
| michael@0 | 41 | char* p = (char*)aPtr; |
| michael@0 | 42 | char* limit = p + aSize; |
| michael@0 | 43 | MOZ_ASSERT((uintptr_t)aPtr % sizeof(uintptr_t) == 0, "bad alignment"); |
| michael@0 | 44 | MOZ_ASSERT(aSize >= sizeof(uintptr_t), "poisoning this object has no effect"); |
| michael@0 | 45 | for (; p < limit; p += sizeof(uintptr_t)) { |
| michael@0 | 46 | *((uintptr_t*)p) = POISON; |
| michael@0 | 47 | } |
| michael@0 | 48 | } |
| michael@0 | 49 | |
| michael@0 | 50 | /** |
| michael@0 | 51 | * Initialize the poison value. |
| michael@0 | 52 | * This should only be called once. |
| michael@0 | 53 | */ |
| michael@0 | 54 | extern MFBT_API void mozPoisonValueInit(); |
| michael@0 | 55 | |
| michael@0 | 56 | /* Values annotated by CrashReporter */ |
| michael@0 | 57 | extern MFBT_DATA uintptr_t gMozillaPoisonBase; |
| michael@0 | 58 | extern MFBT_DATA uintptr_t gMozillaPoisonSize; |
| michael@0 | 59 | |
| michael@0 | 60 | MOZ_END_EXTERN_C |
| michael@0 | 61 | |
| michael@0 | 62 | #endif /* mozilla_Poison_h */ |
