security/sandbox/chromium/base/strings/string16.h@97036ab72558
security/sandbox/chromium/base/strings/string16.h
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef BASE_STRINGS_STRING16_H_
6 #define BASE_STRINGS_STRING16_H_
8 // WHAT:
9 // A version of std::basic_string that provides 2-byte characters even when
10 // wchar_t is not implemented as a 2-byte type. You can access this class as
11 // string16. We also define char16, which string16 is based upon.
12 //
13 // WHY:
14 // On Windows, wchar_t is 2 bytes, and it can conveniently handle UTF-16/UCS-2
15 // data. Plenty of existing code operates on strings encoded as UTF-16.
16 //
17 // On many other platforms, sizeof(wchar_t) is 4 bytes by default. We can make
18 // it 2 bytes by using the GCC flag -fshort-wchar. But then std::wstring fails
19 // at run time, because it calls some functions (like wcslen) that come from
20 // the system's native C library -- which was built with a 4-byte wchar_t!
21 // It's wasteful to use 4-byte wchar_t strings to carry UTF-16 data, and it's
22 // entirely improper on those systems where the encoding of wchar_t is defined
23 // as UTF-32.
24 //
25 // Here, we define string16, which is similar to std::wstring but replaces all
26 // libc functions with custom, 2-byte-char compatible routines. It is capable
27 // of carrying UTF-16-encoded data.
29 #include <stdio.h>
30 #include <string>
32 #include "base/base_export.h"
33 #include "base/basictypes.h"
35 #if defined(WCHAR_T_IS_UTF16)
37 namespace base {
39 typedef wchar_t char16;
40 typedef std::wstring string16;
41 typedef std::char_traits<wchar_t> string16_char_traits;
43 } // namespace base
45 #elif defined(WCHAR_T_IS_UTF32)
47 namespace base {
49 typedef uint16 char16;
51 // char16 versions of the functions required by string16_char_traits; these
52 // are based on the wide character functions of similar names ("w" or "wcs"
53 // instead of "c16").
54 BASE_EXPORT int c16memcmp(const char16* s1, const char16* s2, size_t n);
55 BASE_EXPORT size_t c16len(const char16* s);
56 BASE_EXPORT const char16* c16memchr(const char16* s, char16 c, size_t n);
57 BASE_EXPORT char16* c16memmove(char16* s1, const char16* s2, size_t n);
58 BASE_EXPORT char16* c16memcpy(char16* s1, const char16* s2, size_t n);
59 BASE_EXPORT char16* c16memset(char16* s, char16 c, size_t n);
61 struct string16_char_traits {
62 typedef char16 char_type;
63 typedef int int_type;
65 // int_type needs to be able to hold each possible value of char_type, and in
66 // addition, the distinct value of eof().
67 COMPILE_ASSERT(sizeof(int_type) > sizeof(char_type), unexpected_type_width);
69 typedef std::streamoff off_type;
70 typedef mbstate_t state_type;
71 typedef std::fpos<state_type> pos_type;
73 static void assign(char_type& c1, const char_type& c2) {
74 c1 = c2;
75 }
77 static bool eq(const char_type& c1, const char_type& c2) {
78 return c1 == c2;
79 }
80 static bool lt(const char_type& c1, const char_type& c2) {
81 return c1 < c2;
82 }
84 static int compare(const char_type* s1, const char_type* s2, size_t n) {
85 return c16memcmp(s1, s2, n);
86 }
88 static size_t length(const char_type* s) {
89 return c16len(s);
90 }
92 static const char_type* find(const char_type* s, size_t n,
93 const char_type& a) {
94 return c16memchr(s, a, n);
95 }
97 static char_type* move(char_type* s1, const char_type* s2, int_type n) {
98 return c16memmove(s1, s2, n);
99 }
101 static char_type* copy(char_type* s1, const char_type* s2, size_t n) {
102 return c16memcpy(s1, s2, n);
103 }
105 static char_type* assign(char_type* s, size_t n, char_type a) {
106 return c16memset(s, a, n);
107 }
109 static int_type not_eof(const int_type& c) {
110 return eq_int_type(c, eof()) ? 0 : c;
111 }
113 static char_type to_char_type(const int_type& c) {
114 return char_type(c);
115 }
117 static int_type to_int_type(const char_type& c) {
118 return int_type(c);
119 }
121 static bool eq_int_type(const int_type& c1, const int_type& c2) {
122 return c1 == c2;
123 }
125 static int_type eof() {
126 return static_cast<int_type>(EOF);
127 }
128 };
130 typedef std::basic_string<char16, base::string16_char_traits> string16;
132 BASE_EXPORT extern std::ostream& operator<<(std::ostream& out,
133 const string16& str);
135 // This is required by googletest to print a readable output on test failures.
136 BASE_EXPORT extern void PrintTo(const string16& str, std::ostream* out);
138 } // namespace base
140 // The string class will be explicitly instantiated only once, in string16.cc.
141 //
142 // std::basic_string<> in GNU libstdc++ contains a static data member,
143 // _S_empty_rep_storage, to represent empty strings. When an operation such
144 // as assignment or destruction is performed on a string, causing its existing
145 // data member to be invalidated, it must not be freed if this static data
146 // member is being used. Otherwise, it counts as an attempt to free static
147 // (and not allocated) data, which is a memory error.
148 //
149 // Generally, due to C++ template magic, _S_empty_rep_storage will be marked
150 // as a coalesced symbol, meaning that the linker will combine multiple
151 // instances into a single one when generating output.
152 //
153 // If a string class is used by multiple shared libraries, a problem occurs.
154 // Each library will get its own copy of _S_empty_rep_storage. When strings
155 // are passed across a library boundary for alteration or destruction, memory
156 // errors will result. GNU libstdc++ contains a configuration option,
157 // --enable-fully-dynamic-string (_GLIBCXX_FULLY_DYNAMIC_STRING), which
158 // disables the static data member optimization, but it's a good optimization
159 // and non-STL code is generally at the mercy of the system's STL
160 // configuration. Fully-dynamic strings are not the default for GNU libstdc++
161 // libstdc++ itself or for the libstdc++ installations on the systems we care
162 // about, such as Mac OS X and relevant flavors of Linux.
163 //
164 // See also http://gcc.gnu.org/bugzilla/show_bug.cgi?id=24196 .
165 //
166 // To avoid problems, string classes need to be explicitly instantiated only
167 // once, in exactly one library. All other string users see it via an "extern"
168 // declaration. This is precisely how GNU libstdc++ handles
169 // std::basic_string<char> (string) and std::basic_string<wchar_t> (wstring).
170 //
171 // This also works around a Mac OS X linker bug in ld64-85.2.1 (Xcode 3.1.2),
172 // in which the linker does not fully coalesce symbols when dead code
173 // stripping is enabled. This bug causes the memory errors described above
174 // to occur even when a std::basic_string<> does not cross shared library
175 // boundaries, such as in statically-linked executables.
176 //
177 // TODO(mark): File this bug with Apple and update this note with a bug number.
179 extern template
180 class BASE_EXPORT std::basic_string<base::char16, base::string16_char_traits>;
182 #endif // WCHAR_T_IS_UTF32
184 // TODO(brettw) update users of string16 to use the namespace and remove
185 // this "using".
186 using base::char16;
187 using base::string16;
189 #endif // BASE_STRINGS_STRING16_H_
