1 /* $NetBSD: overflow.h,v 1.2 2021/12/19 12:20:53 riastradh Exp $ */
2
3 /*-
4 * Copyright (c) 2018 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Taylor R. Campbell.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31
32 #ifndef _LINUX_OVERFLOW_H_
33 #define _LINUX_OVERFLOW_H_
34
35 #include <sys/types.h>
36
37 #include <lib/libkern/libkern.h> /* offsetof */
38
39 #define check_mul_overflow(a, b, res) __builtin_mul_overflow(a, b, res)
40 #define check_add_overflow(a, b, res) __builtin_add_overflow(a, b, res)
41
42 /* return x*y saturated at SIZE_MAX */
43 static inline size_t
array_size(size_t x,size_t y)44 array_size(size_t x, size_t y)
45 {
46 size_t xy;
47
48 if (check_mul_overflow(x, y, &xy))
49 return SIZE_MAX;
50 return xy;
51 }
52
53 /* return x*y*z saturated at SIZE_MAX */
54 static inline size_t
array3_size(size_t x,size_t y,size_t z)55 array3_size(size_t x, size_t y, size_t z)
56 {
57 size_t xy, xyz;
58
59 if (check_mul_overflow(x, y, &xy))
60 return SIZE_MAX;
61 if (check_mul_overflow(xy, z, &xyz))
62 return SIZE_MAX;
63 return xyz;
64 }
65
66 /* return basesize + elemsize*nelem saturated at SIZE_MAX */
67 static inline size_t
__struct_size(size_t basesize,size_t elemsize,size_t nelem)68 __struct_size(size_t basesize, size_t elemsize, size_t nelem)
69 {
70 size_t arraysize, totalsize;
71
72 KASSERT(elemsize);
73 if ((arraysize = array_size(elemsize, nelem)) == SIZE_MAX)
74 return SIZE_MAX;
75 if (check_add_overflow(basesize, arraysize, &totalsize))
76 return SIZE_MAX;
77 return totalsize;
78 }
79
80 #define struct_size(p, member, n) \
81 ({ \
82 CTASSERT(sizeof(*(p)) >= offsetof(__typeof__(*(p)), member)); \
83 __struct_size(sizeof(*(p)), sizeof((p)->member[0]), (n)); \
84 })
85
86 #endif /* _LINUX_OVERFLOW_H_ */
87