Fix decompression of truncated data

[folly.git] / folly / Arena.h

diff --git a/folly/Arena.h b/folly/Arena.h
index 9798dc81a91c6fbca5e3db00c810769f69b01b3f..f70988f0da0089be907cac108a55f2f4717c7701 100644 (file)
--- a/folly/Arena.h
+++ b/folly/Arena.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014 Facebook, Inc.
+ * Copyright 2017 Facebook, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,17 +14,19 @@
  * limitations under the License.
  */
 
-#ifndef FOLLY_ARENA_H_
+#pragma once
 #define FOLLY_ARENA_H_
 
 #include <cassert>
 #include <limits>
+#include <stdexcept>
 #include <utility>
 #include <boost/intrusive/slist.hpp>
 
-#include "folly/Likely.h"
-#include "folly/Malloc.h"
-#include "folly/Memory.h"
+#include <folly/Conv.h>
+#include <folly/Likely.h>
+#include <folly/Malloc.h>
+#include <folly/Memory.h>
 
 namespace folly {
 
@@ -61,13 +63,19 @@ class Arena {
  public:
   explicit Arena(const Alloc& alloc,
                  size_t minBlockSize = kDefaultMinBlockSize,
-                 size_t sizeLimit = 0)
+                 size_t sizeLimit = kNoSizeLimit,
+                 size_t maxAlign = kDefaultMaxAlign)
     : allocAndSize_(alloc, minBlockSize)
     , ptr_(nullptr)
     , end_(nullptr)
     , totalAllocatedSize_(0)
     , bytesUsed_(0)
-    , sizeLimit_(sizeLimit) {
+    , sizeLimit_(sizeLimit)
+    , maxAlign_(maxAlign) {
+    if ((maxAlign_ & (maxAlign_ - 1)) || maxAlign_ > alignof(Block)) {
+      throw std::invalid_argument(
+          folly::to<std::string>("Invalid maxAlign: ", maxAlign_));
+    }
   }
 
   ~Arena();
@@ -76,7 +84,8 @@ class Arena {
     size = roundUp(size);
     bytesUsed_ += size;
 
-    if (LIKELY(end_ - ptr_ >= size)) {
+    assert(ptr_ <= end_);
+    if (LIKELY((size_t)(end_ - ptr_) >= size)) {
       // Fast path: there's enough room in the current block
       char* r = ptr_;
       ptr_ += size;
@@ -90,7 +99,7 @@ class Arena {
     return r;
   }
 
-  void deallocate(void* p) {
+  void deallocate(void* /* p */) {
     // Deallocate? Never!
   }
 
@@ -110,7 +119,6 @@ class Arena {
     return bytesUsed_;
   }
 
- private:
   // not copyable
   Arena(const Arena&) = delete;
   Arena& operator=(const Arena&) = delete;
@@ -119,11 +127,12 @@ class Arena {
   Arena(Arena&&) = default;
   Arena& operator=(Arena&&) = default;
 
+ private:
   struct Block;
   typedef boost::intrusive::slist_member_hook<
     boost::intrusive::tag<Arena>> BlockLink;
 
-  struct Block {
+  struct FOLLY_ALIGNED_MAX Block {
     BlockLink link;
 
     // Allocate a block with at least size bytes of storage.
@@ -139,27 +148,27 @@ class Arena {
     }
 
    private:
-    Block() { }
-    ~Block() { }
-  } __attribute__((aligned));
-  // This should be alignas(std::max_align_t) but neither alignas nor
-  // max_align_t are supported by gcc 4.6.2.
+    Block() = default;
+    ~Block() = default;
+  };
 
  public:
   static constexpr size_t kDefaultMinBlockSize = 4096 - sizeof(Block);
+  static constexpr size_t kNoSizeLimit = 0;
+  static constexpr size_t kDefaultMaxAlign = alignof(Block);
+  static constexpr size_t kBlockOverhead = sizeof(Block);
 
  private:
-  static constexpr size_t maxAlign = alignof(Block);
-  static constexpr bool isAligned(uintptr_t address) {
-    return (address & (maxAlign - 1)) == 0;
+  bool isAligned(uintptr_t address) const {
+    return (address & (maxAlign_ - 1)) == 0;
   }
-  static bool isAligned(void* p) {
+  bool isAligned(void* p) const {
     return isAligned(reinterpret_cast<uintptr_t>(p));
   }
 
   // Round up size so it's properly aligned
-  static constexpr size_t roundUp(size_t size) {
-    return (size + maxAlign - 1) & ~(maxAlign - 1);
+  size_t roundUp(size_t size) const {
+    return (size + maxAlign_ - 1) & ~(maxAlign_ - 1);
   }
 
   // cache_last<true> makes the list keep a pointer to the last element, so we
@@ -194,7 +203,8 @@ class Arena {
   char* end_;
   size_t totalAllocatedSize_;
   size_t bytesUsed_;
-  size_t sizeLimit_;
+  const size_t sizeLimit_;
+  const size_t maxAlign_;
 };
 
 template <class Alloc>
@@ -205,14 +215,12 @@ struct IsArenaAllocator<Arena<Alloc>> : std::true_type { };
  */
 template <class Alloc>
 struct ArenaAllocatorTraits {
-  static size_t goodSize(const Alloc& alloc, size_t size) {
-    return size;
-  }
+  static size_t goodSize(const Alloc& /* alloc */, size_t size) { return size; }
 };
 
 template <>
 struct ArenaAllocatorTraits<SysAlloc> {
-  static size_t goodSize(const SysAlloc& alloc, size_t size) {
+  static size_t goodSize(const SysAlloc& /* alloc */, size_t size) {
     return goodMallocSize(size);
   }
 };
@@ -223,8 +231,9 @@ struct ArenaAllocatorTraits<SysAlloc> {
 class SysArena : public Arena<SysAlloc> {
  public:
   explicit SysArena(size_t minBlockSize = kDefaultMinBlockSize,
-                    size_t sizeLimit = 0)
-    : Arena<SysAlloc>(SysAlloc(), minBlockSize, sizeLimit) {
+                    size_t sizeLimit = kNoSizeLimit,
+                    size_t maxAlign = kDefaultMaxAlign)
+    : Arena<SysAlloc>(SysAlloc(), minBlockSize, sizeLimit, maxAlign) {
   }
 };
 
@@ -233,6 +242,4 @@ struct IsArenaAllocator<SysArena> : std::true_type { };
 
 }  // namespace folly
 
-#include "folly/Arena-inl.h"
-
-#endif /* FOLLY_ARENA_H_ */
+#include <folly/Arena-inl.h>