2014-04-23 20:13:33 +00:00
|
|
|
/*
|
|
|
|
* This file is part of OpenTTD.
|
|
|
|
* OpenTTD is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2.
|
|
|
|
* OpenTTD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
|
|
|
* See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with OpenTTD. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @file safeguards.h A number of safeguards to prevent using unsafe methods.
|
|
|
|
*
|
|
|
|
* Unsafe methods are, for example, strndup and strncpy because they may leave the
|
|
|
|
* string without a null termination, but also strdup and strndup because they can
|
2019-04-10 21:07:06 +00:00
|
|
|
* return nullptr and then all strdups would need to be guarded against that instead
|
2014-04-23 20:13:33 +00:00
|
|
|
* of using the current MallocT/ReallocT/CallocT technique of just giving the user
|
|
|
|
* an error that too much memory was used instead of spreading that code though
|
|
|
|
* the whole code base.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef SAFEGUARDS_H
|
|
|
|
#define SAFEGUARDS_H
|
|
|
|
|
|
|
|
/* Use MallocT instead. */
|
|
|
|
#define malloc SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
|
|
|
|
/* Use MallocT instead. */
|
|
|
|
#define calloc SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
|
|
|
|
/* Use ReallocT instead. */
|
|
|
|
#define realloc SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
|
|
|
|
/* Use stredup instead. */
|
2014-04-25 15:40:32 +00:00
|
|
|
#define strdup SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-24 18:37:39 +00:00
|
|
|
#define strndup SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-23 20:13:33 +00:00
|
|
|
|
|
|
|
/* Use strecpy instead. */
|
2014-04-25 15:40:32 +00:00
|
|
|
#define strcpy SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-25 21:29:54 +00:00
|
|
|
#define strncpy SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-23 20:13:33 +00:00
|
|
|
|
|
|
|
/* Use strecat instead. */
|
2014-04-24 18:37:39 +00:00
|
|
|
#define strcat SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
#define strncat SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-23 20:13:33 +00:00
|
|
|
|
|
|
|
/* Use seprintf instead. */
|
2014-04-24 18:37:39 +00:00
|
|
|
#define sprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
#define snprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-23 20:13:33 +00:00
|
|
|
|
|
|
|
/* Use vseprintf instead. */
|
2014-04-25 15:25:59 +00:00
|
|
|
#define vsprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
#define vsnprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-23 20:13:33 +00:00
|
|
|
|
|
|
|
/* Use fgets instead. */
|
|
|
|
#define gets SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
|
|
|
|
/* No clear replacement. */
|
2014-04-24 17:49:31 +00:00
|
|
|
#define strtok SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
2014-04-23 20:13:33 +00:00
|
|
|
|
2014-06-17 19:01:45 +00:00
|
|
|
/* Use our own templated implementation instead of a macro or function with only one type. */
|
|
|
|
#ifdef min
|
|
|
|
#undef min
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* Use our own templated implementation instead of a macro or function with only one type. */
|
|
|
|
#ifdef max
|
|
|
|
#undef max
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/* Use our own templated implementation instead of a macro or function with only one type. */
|
|
|
|
#ifdef abs
|
|
|
|
#undef abs
|
|
|
|
#endif
|
|
|
|
|
2021-04-27 09:30:56 +00:00
|
|
|
#if defined(NETWORK_CORE_OS_ABSTRACTION_H) && defined(_WIN32)
|
|
|
|
/* Use NetworkGetLastError() instead of errno, or do not (indirectly) include network/core/os_abstraction.h.
|
|
|
|
* Winsock does not set errno, but one should rather call WSAGetLastError. NetworkGetLastError abstracts that away. */
|
|
|
|
#ifdef errno
|
|
|
|
#undef errno
|
|
|
|
#endif
|
|
|
|
#define errno SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
|
|
|
|
/* Use NetworkGetLastErrorString() instead of strerror, or do not (indirectly) include network/core/os_abstraction.h.
|
|
|
|
* Winsock errors are not handled by strerror, but one should rather call FormatMessage. NetworkGetLastErrorString abstracts that away. */
|
|
|
|
#define strerror SAFEGUARD_DO_NOT_USE_THIS_METHOD
|
|
|
|
#endif /* defined(NETWORK_CORE_OS_ABSTRACTION_H) && defined(_WIN32) */
|
|
|
|
|
2014-04-23 20:13:33 +00:00
|
|
|
#endif /* SAFEGUARDS_H */
|