TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 6027b4f0bd7aee7bb5b9c75c65a38e6b45b2e01d / . / src / std.c
blob: 925f6ceb3e3dfb316258dc2b2f72f0f440b1edc4 [file] [log] [blame]
Andrew Scull2b5fbad2019-04-05 13:55:56 +0100[diff] [blame]1/*
2 * Copyright 2019 The Hafnium Authors.
3 *
Andrew Walbrane959ec12020-06-17 15:01:09 +0100[diff] [blame]4 * Use of this source code is governed by a BSD-style
5 * license that can be found in the LICENSE file or at
6 * https://opensource.org/licenses/BSD-3-Clause.
Andrew Scull2b5fbad2019-04-05 13:55:56 +0100[diff] [blame]7 */
8
9#include "hf/std.h"
10
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]11#include "hf/check.h"
Andrew Scull2b5fbad2019-04-05 13:55:56 +0100[diff] [blame]12
13/* Declare unsafe functions locally so they are not available globally. */
14void *memset(void *s, int c, size_t n);
Karl Meakin6027b4f2024-07-04 13:11:26 +0100[diff] [blame^]15void *memcpy(void *restrict dst, const void *src, size_t n);
Andrew Scull8fbd7ee2019-04-05 14:36:34 +0100[diff] [blame]16void *memmove(void *dst, const void *src, size_t n);
Andrew Scull2b5fbad2019-04-05 13:55:56 +0100[diff] [blame]17
18void memset_s(void *dest, rsize_t destsz, int ch, rsize_t count)
19{
Daniel Boulby8adf7482021-09-22 15:12:44 +0100[diff] [blame]20 if (dest == NULL || destsz > RSIZE_MAX) {
21 panic("memset_s failed as either dest == NULL "
22 "or destsz > RSIZE_MAX.\n");
23 }
Andrew Scull2b5fbad2019-04-05 13:55:56 +0100[diff] [blame]24
Andrew Walbrane52006c2019-10-22 18:01:28 +0100[diff] [blame]25 /*
26 * Clang analyzer doesn't like us calling unsafe memory functions, so
27 * make it ignore this call.
28 */
Daniel Boulby8adf7482021-09-22 15:12:44 +0100[diff] [blame]29 // NOLINTNEXTLINE
30 memset(dest, ch, (count <= destsz ? count : destsz));
Andrew Scull2b5fbad2019-04-05 13:55:56 +0100[diff] [blame]31}
Andrew Sculla1aa2ba2019-04-05 11:49:02 +0100[diff] [blame]32
33void memcpy_s(void *dest, rsize_t destsz, const void *src, rsize_t count)
34{
35 uintptr_t d = (uintptr_t)dest;
36 uintptr_t s = (uintptr_t)src;
37
Karl Meakin8f046e42024-07-04 12:03:36 +0100[diff] [blame]38 CHECK(dest != NULL);
39 CHECK(src != NULL);
Andrew Sculla1aa2ba2019-04-05 11:49:02 +0100[diff] [blame]40
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]41 /* Check count <= destsz <= RSIZE_MAX. */
Karl Meakin8f046e42024-07-04 12:03:36 +0100[diff] [blame]42 CHECK(destsz <= RSIZE_MAX);
43 CHECK(count <= destsz);
Andrew Sculla1aa2ba2019-04-05 11:49:02 +0100[diff] [blame]44
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]45 /*
46 * Buffer overlap test.
47 * case a) `d < s` implies `s >= d+count`
48 * case b) `d > s` implies `d >= s+count`
49 */
Karl Meakin8f046e42024-07-04 12:03:36 +0100[diff] [blame]50 CHECK(d != s);
51 CHECK(d < s || d >= (s + count));
52 CHECK(d > s || s >= (d + count));
Andrew Sculla1aa2ba2019-04-05 11:49:02 +0100[diff] [blame]53
Daniel Boulby8adf7482021-09-22 15:12:44 +0100[diff] [blame]54 /*
55 * Clang analyzer doesn't like us calling unsafe memory functions, so
56 * make it ignore this call.
57 */
58 // NOLINTNEXTLINE
Andrew Sculla1aa2ba2019-04-05 11:49:02 +0100[diff] [blame]59 memcpy(dest, src, count);
Andrew Sculla1aa2ba2019-04-05 11:49:02 +0100[diff] [blame]60}
Andrew Scull8fbd7ee2019-04-05 14:36:34 +0100[diff] [blame]61
62void memmove_s(void *dest, rsize_t destsz, const void *src, rsize_t count)
63{
Karl Meakin8f046e42024-07-04 12:03:36 +0100[diff] [blame]64 CHECK(dest != NULL);
65 CHECK(src != NULL);
Andrew Scull8fbd7ee2019-04-05 14:36:34 +0100[diff] [blame]66
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]67 /* Check count <= destsz <= RSIZE_MAX. */
Karl Meakin8f046e42024-07-04 12:03:36 +0100[diff] [blame]68 CHECK(destsz <= RSIZE_MAX);
69 CHECK(count <= destsz);
Andrew Scull8fbd7ee2019-04-05 14:36:34 +0100[diff] [blame]70
Daniel Boulby8adf7482021-09-22 15:12:44 +0100[diff] [blame]71 /*
72 * Clang analyzer doesn't like us calling unsafe memory functions, so
73 * make it ignore this call.
74 */
75 // NOLINTNEXTLINE
Andrew Scull8fbd7ee2019-04-05 14:36:34 +0100[diff] [blame]76 memmove(dest, src, count);
Andrew Scull8fbd7ee2019-04-05 14:36:34 +0100[diff] [blame]77}
Andrew Scull55baca62019-04-05 14:56:20 +0100[diff] [blame]78
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]79/**
David Brazdil74e9c3b2019-08-28 11:09:08 +0100[diff] [blame]80 * Finds the first occurrence of character `ch` in the first `count` bytes of
81 * memory pointed to by `ptr`.
82 *
83 * Returns NULL if `ch` is not found.
84 * Panics if `ptr` is NULL (undefined behaviour).
85 */
86void *memchr(const void *ptr, int ch, size_t count)
87{
88 size_t i;
89 const unsigned char *p = (const unsigned char *)ptr;
90
91 CHECK(ptr != NULL);
92
93 /* Iterate over at most `strsz` characters of `str`. */
94 for (i = 0; i < count; ++i) {
95 if (p[i] == (unsigned char)ch) {
96 return (void *)(&p[i]);
97 }
98 }
99
100 return NULL;
101}
102
103/**
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]104 * Returns the length of the null-terminated byte string `str`, examining at
105 * most `strsz` bytes.
106 *
107 * If `str` is a NULL pointer, it returns zero.
108 * If a NULL character is not found, it returns `strsz`.
109 */
Andrew Scull55baca62019-04-05 14:56:20 +0100[diff] [blame]110size_t strnlen_s(const char *str, size_t strsz)
111{
Andrew Scull55baca62019-04-05 14:56:20 +0100[diff] [blame]112 if (str == NULL) {
113 return 0;
114 }
115
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]116 for (size_t i = 0; i < strsz; ++i) {
117 if (str[i] == '\0') {
118 return i;
119 }
Andrew Scull55baca62019-04-05 14:56:20 +0100[diff] [blame]120 }
121
David Brazdil2246abe2019-08-23 12:21:06 +0100[diff] [blame]122 /* NULL character not found. */
123 return strsz;
Andrew Scull55baca62019-04-05 14:56:20 +0100[diff] [blame]124}