| // Copyright 2012 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef BASE_PICKLE_H_ |
| #define BASE_PICKLE_H_ |
| |
| #include <stddef.h> |
| #include <stdint.h> |
| |
| #include <string> |
| |
| #include "base/base_export.h" |
| #include "base/check_op.h" |
| #include "base/containers/span.h" |
| #include "base/gtest_prod_util.h" |
| #include "base/memory/raw_ptr_exclusion.h" |
| #include "base/memory/ref_counted.h" |
| #include "base/strings/string_piece.h" |
| #include "third_party/abseil-cpp/absl/types/optional.h" |
| |
| namespace base { |
| |
| class Pickle; |
| |
| // PickleIterator reads data from a Pickle. The Pickle object must remain valid |
| // while the PickleIterator object is in use. |
| class BASE_EXPORT PickleIterator { |
| public: |
| PickleIterator() : payload_(nullptr), read_index_(0), end_index_(0) {} |
| explicit PickleIterator(const Pickle& pickle); |
| |
| // Methods for reading the payload of the Pickle. To read from the start of |
| // the Pickle, create a PickleIterator from a Pickle. If successful, these |
| // methods return true. Otherwise, false is returned to indicate that the |
| // result could not be extracted. It is not possible to read from the iterator |
| // after that. |
| [[nodiscard]] bool ReadBool(bool* result); |
| [[nodiscard]] bool ReadInt(int* result); |
| [[nodiscard]] bool ReadLong(long* result); |
| [[nodiscard]] bool ReadUInt16(uint16_t* result); |
| [[nodiscard]] bool ReadUInt32(uint32_t* result); |
| [[nodiscard]] bool ReadInt64(int64_t* result); |
| [[nodiscard]] bool ReadUInt64(uint64_t* result); |
| [[nodiscard]] bool ReadFloat(float* result); |
| [[nodiscard]] bool ReadDouble(double* result); |
| [[nodiscard]] bool ReadString(std::string* result); |
| // The StringPiece data will only be valid for the lifetime of the message. |
| [[nodiscard]] bool ReadStringPiece(StringPiece* result); |
| [[nodiscard]] bool ReadString16(std::u16string* result); |
| // The StringPiece16 data will only be valid for the lifetime of the message. |
| [[nodiscard]] bool ReadStringPiece16(StringPiece16* result); |
| |
| // A pointer to the data will be placed in |*data|, and the length will be |
| // placed in |*length|. The pointer placed into |*data| points into the |
| // message's buffer so it will be scoped to the lifetime of the message (or |
| // until the message data is mutated). Do not keep the pointer around! |
| [[nodiscard]] bool ReadData(const char** data, size_t* length); |
| |
| // Similar, but using base::span for convenience. |
| [[nodiscard]] absl::optional<base::span<const uint8_t>> ReadData(); |
| |
| // A pointer to the data will be placed in |*data|. The caller specifies the |
| // number of bytes to read, and ReadBytes will validate this length. The |
| // pointer placed into |*data| points into the message's buffer so it will be |
| // scoped to the lifetime of the message (or until the message data is |
| // mutated). Do not keep the pointer around! |
| [[nodiscard]] bool ReadBytes(const char** data, size_t length); |
| |
| // A version of ReadInt() that checks for the result not being negative. Use |
| // it for reading the object sizes. |
| [[nodiscard]] bool ReadLength(size_t* result) { |
| int result_int; |
| if (!ReadInt(&result_int) || result_int < 0) |
| return false; |
| *result = static_cast<size_t>(result_int); |
| return true; |
| } |
| |
| // Skips bytes in the read buffer and returns true if there are at least |
| // num_bytes available. Otherwise, does nothing and returns false. |
| [[nodiscard]] bool SkipBytes(size_t num_bytes) { |
| return !!GetReadPointerAndAdvance(num_bytes); |
| } |
| |
| bool ReachedEnd() const { return read_index_ == end_index_; } |
| |
| private: |
| // Read Type from Pickle. |
| template <typename Type> |
| bool ReadBuiltinType(Type* result); |
| |
| // Advance read_index_ but do not allow it to exceed end_index_. |
| // Keeps read_index_ aligned. |
| void Advance(size_t size); |
| |
| // Get read pointer for Type and advance read pointer. |
| template<typename Type> |
| const char* GetReadPointerAndAdvance(); |
| |
| // Get read pointer for |num_bytes| and advance read pointer. This method |
| // checks num_bytes for wrapping. |
| const char* GetReadPointerAndAdvance(size_t num_bytes); |
| |
| // Get read pointer for (num_elements * size_element) bytes and advance read |
| // pointer. This method checks for overflow and wrapping. |
| const char* GetReadPointerAndAdvance(size_t num_elements, |
| size_t size_element); |
| |
| const char* payload_; // Start of our pickle's payload. |
| size_t read_index_; // Offset of the next readable byte in payload. |
| size_t end_index_; // Payload size. |
| |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, GetReadPointerAndAdvance); |
| }; |
| |
| // This class provides facilities for basic binary value packing and unpacking. |
| // |
| // The Pickle class supports appending primitive values (ints, strings, etc.) |
| // to a pickle instance. The Pickle instance grows its internal memory buffer |
| // dynamically to hold the sequence of primitive values. The internal memory |
| // buffer is exposed as the "data" of the Pickle. This "data" can be passed |
| // to a Pickle object to initialize it for reading. |
| // |
| // When reading from a Pickle object, it is important for the consumer to know |
| // what value types to read and in what order to read them as the Pickle does |
| // not keep track of the type of data written to it. |
| // |
| // The Pickle's data has a header which contains the size of the Pickle's |
| // payload. It can optionally support additional space in the header. That |
| // space is controlled by the header_size parameter passed to the Pickle |
| // constructor. |
| // |
| class BASE_EXPORT Pickle { |
| public: |
| // Auxiliary data attached to a Pickle. Pickle must be subclassed along with |
| // this interface in order to provide a concrete implementation of support |
| // for attachments. The base Pickle implementation does not accept |
| // attachments. |
| class BASE_EXPORT Attachment : public RefCountedThreadSafe<Attachment> { |
| public: |
| Attachment(); |
| Attachment(const Attachment&) = delete; |
| Attachment& operator=(const Attachment&) = delete; |
| |
| protected: |
| friend class RefCountedThreadSafe<Attachment>; |
| virtual ~Attachment(); |
| }; |
| |
| // Initialize a Pickle object using the default header size. |
| Pickle(); |
| |
| // Initialize a Pickle object with the specified header size in bytes, which |
| // must be greater-than-or-equal-to sizeof(Pickle::Header). The header size |
| // will be rounded up to ensure that the header size is 32bit-aligned. |
| explicit Pickle(size_t header_size); |
| |
| // Initializes a Pickle from a const block of data. The data is not copied; |
| // instead the data is merely referenced by this Pickle. Only const methods |
| // should be used on the Pickle when initialized this way. The header |
| // padding size is deduced from the data length. |
| Pickle(const char* data, size_t data_len); |
| |
| // Initializes a Pickle as a deep copy of another Pickle. |
| Pickle(const Pickle& other); |
| |
| // Note: There are no virtual methods in this class. This destructor is |
| // virtual as an element of defensive coding. Other classes have derived from |
| // this class, and there is a *chance* that they will cast into this base |
| // class before destruction. At least one such class does have a virtual |
| // destructor, suggesting at least some need to call more derived destructors. |
| virtual ~Pickle(); |
| |
| // Performs a deep copy. |
| Pickle& operator=(const Pickle& other); |
| |
| // Returns the number of bytes written in the Pickle, including the header. |
| size_t size() const { |
| return header_ ? header_size_ + header_->payload_size : 0; |
| } |
| |
| // Returns the data for this Pickle. |
| const uint8_t* data() const { |
| return reinterpret_cast<const uint8_t*>(header_); |
| } |
| |
| // Handy method to simplify calling data() with a reinterpret_cast. |
| const char* data_as_char() const { |
| return reinterpret_cast<const char*>(data()); |
| } |
| |
| // Returns the effective memory capacity of this Pickle, that is, the total |
| // number of bytes currently dynamically allocated or 0 in the case of a |
| // read-only Pickle. This should be used only for diagnostic / profiling |
| // purposes. |
| size_t GetTotalAllocatedSize() const; |
| |
| // Methods for adding to the payload of the Pickle. These values are |
| // appended to the end of the Pickle's payload. When reading values from a |
| // Pickle, it is important to read them in the order in which they were added |
| // to the Pickle. |
| |
| void WriteBool(bool value) { WriteInt(value ? 1 : 0); } |
| void WriteInt(int value) { WritePOD(value); } |
| void WriteLong(long value) { |
| // Always write long as a 64-bit value to ensure compatibility between |
| // 32-bit and 64-bit processes. |
| WritePOD(static_cast<int64_t>(value)); |
| } |
| void WriteUInt16(uint16_t value) { WritePOD(value); } |
| void WriteUInt32(uint32_t value) { WritePOD(value); } |
| void WriteInt64(int64_t value) { WritePOD(value); } |
| void WriteUInt64(uint64_t value) { WritePOD(value); } |
| void WriteFloat(float value) { WritePOD(value); } |
| void WriteDouble(double value) { WritePOD(value); } |
| void WriteString(const StringPiece& value); |
| void WriteString16(const StringPiece16& value); |
| // "Data" is a blob with a length. When you read it out you will be given the |
| // length. See also WriteBytes. |
| void WriteData(const char* data, size_t length); |
| // "Bytes" is a blob with no length. The caller must specify the length both |
| // when reading and writing. It is normally used to serialize PoD types of a |
| // known size. See also WriteData. |
| void WriteBytes(const void* data, size_t length); |
| |
| // WriteAttachment appends |attachment| to the pickle. It returns |
| // false iff the set is full or if the Pickle implementation does not support |
| // attachments. |
| virtual bool WriteAttachment(scoped_refptr<Attachment> attachment); |
| |
| // ReadAttachment parses an attachment given the parsing state |iter| and |
| // writes it to |*attachment|. It returns true on success. |
| virtual bool ReadAttachment(base::PickleIterator* iter, |
| scoped_refptr<Attachment>* attachment) const; |
| |
| // Indicates whether the pickle has any attachments. |
| virtual bool HasAttachments() const; |
| |
| // Reserves space for upcoming writes when multiple writes will be made and |
| // their sizes are computed in advance. It can be significantly faster to call |
| // Reserve() before calling WriteFoo() multiple times. |
| void Reserve(size_t additional_capacity); |
| |
| // Payload follows after allocation of Header (header size is customizable). |
| struct Header { |
| uint32_t payload_size; // Specifies the size of the payload. |
| }; |
| |
| // Returns the header, cast to a user-specified type T. The type T must be a |
| // subclass of Header and its size must correspond to the header_size passed |
| // to the Pickle constructor. |
| template <class T> |
| T* headerT() { |
| DCHECK_EQ(header_size_, sizeof(T)); |
| return static_cast<T*>(header_); |
| } |
| template <class T> |
| const T* headerT() const { |
| DCHECK_EQ(header_size_, sizeof(T)); |
| return static_cast<const T*>(header_); |
| } |
| |
| // The payload is the pickle data immediately following the header. |
| size_t payload_size() const { |
| return header_ ? header_->payload_size : 0; |
| } |
| |
| const char* payload() const { |
| return reinterpret_cast<const char*>(header_) + header_size_; |
| } |
| |
| // Returns the address of the byte immediately following the currently valid |
| // header + payload. |
| const char* end_of_payload() const { |
| // This object may be invalid. |
| return header_ ? payload() + payload_size() : NULL; |
| } |
| |
| protected: |
| // Returns size of the header, which can have default value, set by user or |
| // calculated by passed raw data. |
| size_t header_size() const { return header_size_; } |
| |
| char* mutable_payload() { |
| return reinterpret_cast<char*>(header_) + header_size_; |
| } |
| |
| size_t capacity_after_header() const { |
| return capacity_after_header_; |
| } |
| |
| // Resize the capacity, note that the input value should not include the size |
| // of the header. |
| void Resize(size_t new_capacity); |
| |
| // Claims |num_bytes| bytes of payload. This is similar to Reserve() in that |
| // it may grow the capacity, but it also advances the write offset of the |
| // pickle by |num_bytes|. Claimed memory, including padding, is zeroed. |
| // |
| // Returns the address of the first byte claimed. |
| void* ClaimBytes(size_t num_bytes); |
| |
| // Find the end of the pickled data that starts at range_start. Returns NULL |
| // if the entire Pickle is not found in the given data range. |
| static const char* FindNext(size_t header_size, |
| const char* range_start, |
| const char* range_end); |
| |
| // Parse pickle header and return total size of the pickle. Data range |
| // doesn't need to contain entire pickle. |
| // Returns true if pickle header was found and parsed. Callers must check |
| // returned |pickle_size| for sanity (against maximum message size, etc). |
| // NOTE: when function successfully parses a header, but encounters an |
| // overflow during pickle size calculation, it sets |pickle_size| to the |
| // maximum size_t value and returns true. |
| static bool PeekNext(size_t header_size, |
| const char* range_start, |
| const char* range_end, |
| size_t* pickle_size); |
| |
| // The allocation granularity of the payload. |
| static const size_t kPayloadUnit; |
| |
| private: |
| friend class PickleIterator; |
| |
| // `header_` is not a raw_ptr<...> for performance reasons (based on analysis |
| // of sampling profiler data). |
| RAW_PTR_EXCLUSION Header* header_; |
| size_t header_size_; // Supports extra data between header and payload. |
| // Allocation size of payload (or -1 if allocation is const). Note: this |
| // doesn't count the header. |
| size_t capacity_after_header_; |
| // The offset at which we will write the next field. Note: this doesn't count |
| // the header. |
| size_t write_offset_; |
| |
| // Just like WriteBytes, but with a compile-time size, for performance. |
| template<size_t length> void BASE_EXPORT WriteBytesStatic(const void* data); |
| |
| // Writes a POD by copying its bytes. |
| template <typename T> bool WritePOD(const T& data) { |
| WriteBytesStatic<sizeof(data)>(&data); |
| return true; |
| } |
| |
| inline void* ClaimUninitializedBytesInternal(size_t num_bytes); |
| inline void WriteBytesCommon(const void* data, size_t length); |
| |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, DeepCopyResize); |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, Resize); |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, PeekNext); |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, PeekNextOverflow); |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, FindNext); |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, FindNextWithIncompleteHeader); |
| FRIEND_TEST_ALL_PREFIXES(PickleTest, FindNextOverflow); |
| }; |
| |
| } // namespace base |
| |
| #endif // BASE_PICKLE_H_ |