The Tor Browser / file diff

     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/mfbt/Poison.h	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,62 @@
     1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
     1.5 +/* vim: set ts=8 sts=2 et sw=2 tw=80: */
     1.6 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.7 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.8 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
     1.9 +
    1.10 +/*
    1.11 + * A poison value that can be used to fill a memory space with
    1.12 + * an address that leads to a safe crash when dereferenced.
    1.13 + */
    1.14 +
    1.15 +#ifndef mozilla_Poison_h
    1.16 +#define mozilla_Poison_h
    1.17 +
    1.18 +#include "mozilla/Assertions.h"
    1.19 +#include "mozilla/Types.h"
    1.20 +
    1.21 +#include <stdint.h>
    1.22 +
    1.23 +MOZ_BEGIN_EXTERN_C
    1.24 +
    1.25 +extern MFBT_DATA uintptr_t gMozillaPoisonValue;
    1.26 +
    1.27 +/**
    1.28 + * @return the poison value.
    1.29 + */
    1.30 +inline uintptr_t mozPoisonValue()
    1.31 +{
    1.32 +  return gMozillaPoisonValue;
    1.33 +}
    1.34 +
    1.35 +/**
    1.36 + * Overwrite the memory block of aSize bytes at aPtr with the poison value.
    1.37 + * aPtr MUST be aligned at a sizeof(uintptr_t) boundary.
    1.38 + * Only an even number of sizeof(uintptr_t) bytes are overwritten, the last
    1.39 + * few bytes (if any) is not overwritten.
    1.40 + */
    1.41 +inline void mozWritePoison(void* aPtr, size_t aSize)
    1.42 +{
    1.43 +  const uintptr_t POISON = mozPoisonValue();
    1.44 +  char* p = (char*)aPtr;
    1.45 +  char* limit = p + aSize;
    1.46 +  MOZ_ASSERT((uintptr_t)aPtr % sizeof(uintptr_t) == 0, "bad alignment");
    1.47 +  MOZ_ASSERT(aSize >= sizeof(uintptr_t), "poisoning this object has no effect");
    1.48 +  for (; p < limit; p += sizeof(uintptr_t)) {
    1.49 +    *((uintptr_t*)p) = POISON;
    1.50 +  }
    1.51 +}
    1.52 +
    1.53 +/**
    1.54 + * Initialize the poison value.
    1.55 + * This should only be called once.
    1.56 + */
    1.57 +extern MFBT_API void mozPoisonValueInit();
    1.58 +
    1.59 +/* Values annotated by CrashReporter */
    1.60 +extern MFBT_DATA uintptr_t gMozillaPoisonBase;
    1.61 +extern MFBT_DATA uintptr_t gMozillaPoisonSize;
    1.62 +
    1.63 +MOZ_END_EXTERN_C
    1.64 +
    1.65 +#endif /* mozilla_Poison_h */