The Tor Browser: media/webrtc/signaling/src/common/csf

Implement a real Private Browsing Mode condition by changing the API/ABI;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     5 #ifndef _CSF_COMMON_E58E5677_950A_424c_B6C2_CA180092E6A2_H

     6 #define _CSF_COMMON_E58E5677_950A_424c_B6C2_CA180092E6A2_H

     8 #include <assert.h>

     9 #include <memory>

    10 #include <vector>

    11 #include <stdlib.h>

    13 /*

    15 This header file defines:

    17 csf_countof

    18 csf_sprintf

    19 csf_vsprintf

    21 */

    23 /*

    24   General security tip: Ensure that "format" is never a user-defined string. Format should ALWAYS be something that's built into your code, not

    25   user supplied. For example: never write:

    27   csf_sprintf(buffer, csf_countof(buffer), pUserSuppliedString);

    29   Instead write:

    31   csf_sprintf(buffer, csf_countof(buffer), "%s", pUserSuppliedString);

    33 */

    35 #ifdef WIN32

    36     #if !defined(_countof)

    37         #if !defined(__cplusplus)

    38             #define _countof(_Array) (sizeof(_Array) / sizeof(_Array[0]))

    39         #else

    40             extern "C++"

    41             {

    42             template <typename _CountofType, size_t _SizeOfArray>

    43             char (*_csf_countof_helper(_CountofType (&_Array)[_SizeOfArray]))[_SizeOfArray];

    44             #define _countof(_Array) sizeof(*_csf_countof_helper(_Array))

    45             }

    46         #endif

    47     #endif

    48 #else

    49     #define _countof(_Array) (sizeof(_Array) / sizeof(_Array[0]))

    50 #endif

    51 //csf_countof

    53 #define csf_countof(anArray) _countof(anArray)

    55 //csf_sprintf

    57 #ifdef _WIN32

    58   //Unlike snprintf, sprintf_s guarantees that the buffer will be null-terminated (unless the buffer size is zero).

    59   #define csf_sprintf(/* char* */ buffer, /* size_t */ sizeOfBufferInCharsInclNullTerm, /* const char * */ format, ...)\

    60     _snprintf_s (buffer, sizeOfBufferInCharsInclNullTerm, _TRUNCATE, format, __VA_ARGS__)

    61 #else

    62   #define csf_sprintf(/* char */ buffer, /* size_t */ sizeOfBufferInCharsInclNullTerm, /* const char * */ format, ...)\

    63     snprintf (buffer, sizeOfBufferInCharsInclNullTerm, format, __VA_ARGS__);\

    64     buffer[sizeOfBufferInCharsInclNullTerm-1] = '\0'

    65 #endif

    67 //csf_vsprintf

    69 #ifdef _WIN32

    70   #define csf_vsprintf(/* char* */ buffer, /* size_t */ sizeOfBufferInCharsInclNullTerm, /* const char * */ format, /* va_list */ vaList)\

    71     vsnprintf_s (buffer, sizeOfBufferInCharsInclNullTerm, _TRUNCATE, format, vaList);\

    72     buffer[sizeOfBufferInCharsInclNullTerm-1] = '\0'

    73 #else

    74   #define csf_vsprintf(/* char */ buffer, /* size_t */ sizeOfBufferInCharsInclNullTerm, /* const char * */ format, /* va_list */ vaList)\

    75     vsprintf (buffer, format, vaList);\

    76     buffer[sizeOfBufferInCharsInclNullTerm-1] = '\0'

    77 #endif

    79 #endif

The Tor Browser / file revision

media/webrtc/signaling/src/common/csf_common.h@ac0c01689b40

media/webrtc/signaling/src/common/csf_common.h