diff options
| author | robot-contrib <robot-contrib@yandex-team.com> | 2022-12-14 15:26:54 +0300 |
|---|---|---|
| committer | robot-contrib <robot-contrib@yandex-team.com> | 2022-12-14 15:26:54 +0300 |
| commit | 4925d989167591a367baa018abd3dde8b24ce47f (patch) | |
| tree | 1853212a7f126028a55f7ba871105c081089256d /contrib/restricted/aws/s2n/utils/s2n_ensure.h | |
| parent | 6aec14798ad91ed132f3da681c3d5b9c6fb2240d (diff) | |
| download | ydb-4925d989167591a367baa018abd3dde8b24ce47f.tar.gz | |
Update contrib/restricted/aws/s2n to 1.3.29
Diffstat (limited to 'contrib/restricted/aws/s2n/utils/s2n_ensure.h')
| -rw-r--r-- | contrib/restricted/aws/s2n/utils/s2n_ensure.h | 104 |
1 files changed, 58 insertions, 46 deletions
diff --git a/contrib/restricted/aws/s2n/utils/s2n_ensure.h b/contrib/restricted/aws/s2n/utils/s2n_ensure.h index 872f208df1..83db60201e 100644 --- a/contrib/restricted/aws/s2n/utils/s2n_ensure.h +++ b/contrib/restricted/aws/s2n/utils/s2n_ensure.h @@ -15,7 +15,7 @@ #pragma once -#define s2n_likely(x) __builtin_expect(!!(x), 1) +#define s2n_likely(x) __builtin_expect(!!(x), 1) #define s2n_unlikely(x) __builtin_expect(!!(x), 0) /** @@ -30,42 +30,54 @@ /** * Ensures `cond` is true, otherwise `action` will be performed */ -#define __S2N_ENSURE( cond, action ) do {if ( !(cond) ) { action; }} while (0) +#define __S2N_ENSURE(cond, action) \ + do { \ + if (!(cond)) { \ + action; \ + } \ + } while (0) -#define __S2N_ENSURE_LIKELY( cond, action ) do {if ( s2n_unlikely( !(cond) ) ) { action; }} while (0) +#define __S2N_ENSURE_LIKELY(cond, action) \ + do { \ + if (s2n_unlikely(!(cond))) { \ + action; \ + } \ + } while (0) #ifdef NDEBUG -#define __S2N_ENSURE_DEBUG( cond, action ) do {} while (0) + #define __S2N_ENSURE_DEBUG(cond, action) \ + do { \ + } while (0) #else -#define __S2N_ENSURE_DEBUG( cond, action ) __S2N_ENSURE_LIKELY((cond), action) + #define __S2N_ENSURE_DEBUG(cond, action) __S2N_ENSURE_LIKELY((cond), action) #endif -#define __S2N_ENSURE_PRECONDITION( result ) (s2n_likely(s2n_result_is_ok(result)) ? S2N_RESULT_OK : S2N_RESULT_ERROR) +#define __S2N_ENSURE_PRECONDITION(result) (s2n_likely(s2n_result_is_ok(result)) ? S2N_RESULT_OK : S2N_RESULT_ERROR) #ifdef NDEBUG -#define __S2N_ENSURE_POSTCONDITION( result ) (S2N_RESULT_OK) + #define __S2N_ENSURE_POSTCONDITION(result) (S2N_RESULT_OK) #else -#define __S2N_ENSURE_POSTCONDITION( result ) (s2n_likely(s2n_result_is_ok(result)) ? S2N_RESULT_OK : S2N_RESULT_ERROR) + #define __S2N_ENSURE_POSTCONDITION(result) (s2n_likely(s2n_result_is_ok(result)) ? S2N_RESULT_OK : S2N_RESULT_ERROR) #endif -#define __S2N_ENSURE_SAFE_MEMCPY( d , s , n , guard ) \ - do { \ - __typeof( n ) __tmp_n = ( n ); \ - if ( s2n_likely( __tmp_n ) ) { \ - void *r = s2n_ensure_memcpy_trace( (d), (s) , (__tmp_n), _S2N_DEBUG_LINE); \ - guard(r); \ - } \ - } while(0) +#define __S2N_ENSURE_SAFE_MEMCPY(d, s, n, guard) \ + do { \ + __typeof(n) __tmp_n = (n); \ + if (s2n_likely(__tmp_n)) { \ + void *r = s2n_ensure_memcpy_trace((d), (s), (__tmp_n), _S2N_DEBUG_LINE); \ + guard(r); \ + } \ + } while (0) -#define __S2N_ENSURE_SAFE_MEMSET( d , c , n , guard ) \ - do { \ - __typeof( n ) __tmp_n = ( n ); \ - if ( s2n_likely( __tmp_n ) ) { \ - __typeof( d ) __tmp_d = ( d ); \ - guard( __tmp_d ); \ - memset( __tmp_d, (c), __tmp_n); \ - } \ - } while(0) +#define __S2N_ENSURE_SAFE_MEMSET(d, c, n, guard) \ + do { \ + __typeof(n) __tmp_n = (n); \ + if (s2n_likely(__tmp_n)) { \ + __typeof(d) __tmp_d = (d); \ + guard(__tmp_d); \ + memset(__tmp_d, (c), __tmp_n); \ + } \ + } while (0) /** * `restrict` is a part of the c99 standard and will work with any C compiler. If you're trying to @@ -80,9 +92,9 @@ * */ #if defined(S2N___RESTRICT__SUPPORTED) -extern void* s2n_ensure_memcpy_trace(void *__restrict__ to, const void *__restrict__ from, size_t size, const char *debug_str); +extern void *s2n_ensure_memcpy_trace(void *__restrict__ to, const void *__restrict__ from, size_t size, const char *debug_str); #else -extern void* s2n_ensure_memcpy_trace(void *restrict to, const void *restrict from, size_t size, const char *debug_str); +extern void *s2n_ensure_memcpy_trace(void *restrict to, const void *restrict from, size_t size, const char *debug_str); #endif /** @@ -96,20 +108,20 @@ extern void* s2n_ensure_memcpy_trace(void *restrict to, const void *restrict fro * Violations of these properties are undefined behaviour. */ #ifdef CBMC -# define S2N_MEM_IS_READABLE_CHECK(base, len) (((len) == 0) || __CPROVER_r_ok((base), (len))) -# define S2N_MEM_IS_WRITABLE_CHECK(base, len) (((len) == 0) || __CPROVER_w_ok((base), (len))) + #define S2N_MEM_IS_READABLE_CHECK(base, len) (((len) == 0) || __CPROVER_r_ok((base), (len))) + #define S2N_MEM_IS_WRITABLE_CHECK(base, len) (((len) == 0) || __CPROVER_w_ok((base), (len))) #else -/* the C runtime does not give a way to check these properties, + /* the C runtime does not give a way to check these properties, * but we can at least check for nullness. */ -# define S2N_MEM_IS_READABLE_CHECK(base, len) (((len) == 0) || (base) != NULL) -# define S2N_MEM_IS_WRITABLE_CHECK(base, len) (((len) == 0) || (base) != NULL) + #define S2N_MEM_IS_READABLE_CHECK(base, len) (((len) == 0) || (base) != NULL) + #define S2N_MEM_IS_WRITABLE_CHECK(base, len) (((len) == 0) || (base) != NULL) #endif /* CBMC */ /** * These macros can safely be used in validate functions. */ -#define S2N_MEM_IS_READABLE(base, len) (((len) == 0) || (base) != NULL) -#define S2N_MEM_IS_WRITABLE(base, len) (((len) == 0) || (base) != NULL) +#define S2N_MEM_IS_READABLE(base, len) (((len) == 0) || (base) != NULL) +#define S2N_MEM_IS_WRITABLE(base, len) (((len) == 0) || (base) != NULL) #define S2N_OBJECT_PTR_IS_READABLE(ptr) ((ptr) != NULL) #define S2N_OBJECT_PTR_IS_WRITABLE(ptr) ((ptr) != NULL) @@ -128,17 +140,17 @@ extern void* s2n_ensure_memcpy_trace(void *restrict to, const void *restrict fro * Violations of the function contracts are undefined behaviour. */ #ifdef CBMC -# define CONTRACT_ASSIGNS(...) __CPROVER_assigns(__VA_ARGS__) -# define CONTRACT_ASSIGNS_ERR(...) CONTRACT_ASSIGNS(__VA_ARGS__, s2n_debug_str, s2n_errno) -# define CONTRACT_REQUIRES(...) __CPROVER_requires(__VA_ARGS__) -# define CONTRACT_ENSURES(...) __CPROVER_ensures(__VA_ARGS__) -# define CONTRACT_INVARIANT(...) __CPROVER_loop_invariant(__VA_ARGS__) -# define CONTRACT_RETURN_VALUE (__CPROVER_return_value) + #define CONTRACT_ASSIGNS(...) __CPROVER_assigns(__VA_ARGS__) + #define CONTRACT_ASSIGNS_ERR(...) CONTRACT_ASSIGNS(__VA_ARGS__, s2n_debug_str, s2n_errno) + #define CONTRACT_REQUIRES(...) __CPROVER_requires(__VA_ARGS__) + #define CONTRACT_ENSURES(...) __CPROVER_ensures(__VA_ARGS__) + #define CONTRACT_INVARIANT(...) __CPROVER_loop_invariant(__VA_ARGS__) + #define CONTRACT_RETURN_VALUE (__CPROVER_return_value) #else -# define CONTRACT_ASSIGNS(...) -# define CONTRACT_ASSIGNS_ERR(...) -# define CONTRACT_REQUIRES(...) -# define CONTRACT_ENSURES(...) -# define CONTRACT_INVARIANT(...) -# define CONTRACT_RETURN_VALUE + #define CONTRACT_ASSIGNS(...) + #define CONTRACT_ASSIGNS_ERR(...) + #define CONTRACT_REQUIRES(...) + #define CONTRACT_ENSURES(...) + #define CONTRACT_INVARIANT(...) + #define CONTRACT_RETURN_VALUE #endif |