cpp/html/callocator__sec_8hpp_source.html

/*

 * Author: Sven Gothel <sgothel@jausoft.com>

 * Copyright (c) 2022 Gothel Software e.K.

 *

 * Permission is hereby granted, free of charge, to any person obtaining

 * a copy of this software and associated documentation files (the

 * "Software"), to deal in the Software without restriction, including

 * without limitation the rights to use, copy, modify, merge, publish,

 * distribute, sublicense, and/or sell copies of the Software, and to

 * permit persons to whom the Software is furnished to do so, subject to

 * the following conditions:

 *

 * The above copyright notice and this permission notice shall be

 * included in all copies or substantial portions of the Software.

 *

 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE

 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION

 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION

 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 */


#ifndef C_ALLOCATOR_SEC_HPP

#define C_ALLOCATOR_SEC_HPP


#include <cinttypes>

#include <memory>

#include <cstring>


#include <jau/basic_types.hpp>


namespace jau {


/**

 * A simple secure allocator for integral types using POSIX C functions: <code>::malloc()</code> and <code>::free()</code>.

 *

 * callocator_sec is similar to callocator, but

 * - only works for integral types

 * - deallocate explicitly bzero's the memory before free for secure scrubbing.

 * - dropped realloc() for security reasons, since realloc() could free old memory block w/o scrubbing.

 *

 * This class shall be compliant with <i>C++ named requirements for Allocator</i>.

 *

 * Not implementing deprecated (C++17) and removed (C++20)

 * methods: address(), max_size(), construct() and destroy().

 */

template <typename T,

          std::enable_if_t< std::is_integral_v<T>, bool> = true>

struct callocator_sec

{

  public:

    // typedefs' for C++ named requirements: Allocator

    typedef T               value_type;

    typedef std::size_t     size_type;

    typedef std::ptrdiff_t  difference_type;

    typedef std::true_type  propagate_on_container_move_assignment;


    // C++17, deprecated in C++20

    typedef std::true_type  is_always_equal;


    // deprecated in C++17 and removed in C++20

    typedef T*              pointer;

    typedef const T*        const_pointer;

    typedef T&              reference;

    typedef const T&        const_reference;

    template <class U> struct rebind {typedef callocator_sec<U> other;};


  private:

    typedef std::remove_const_t<T> value_type_mutable;

    /** Required to create and move immutable elements, aka const */

    typedef value_type_mutable*    pointer_mutable;


  public:

    callocator_sec() noexcept = default; // C++11


#if __cplusplus > 201703L

    constexpr callocator_sec(const callocator_sec&) noexcept // NOLINT(modernize-use-equals-default)

    {} // C++20

#else

    callocator_sec(const callocator_sec&) noexcept // NOLINT(modernize-use-equals-default)

    { }

#endif


#if __cplusplus > 201703L

    template <typename U>

    constexpr callocator_sec(const callocator_sec<U>&) noexcept // NOLINT(modernize-use-equals-default)

    { } // C++20

#else

    template <typename U>

    callocator_sec(const callocator_sec<U>&) noexcept // NOLINT(modernize-use-equals-default)

    { }

#endif


#if __cplusplus > 201703L

    constexpr ~callocator_sec() = default; // C++20

#else

    ~callocator_sec() = default;

#endif


#if __cplusplus <= 201703L

    value_type* allocate(std::size_t n, const void*) { // C++17 deprecated; C++20 removed

        return reinterpret_cast<value_type*>( ::malloc( n * sizeof(value_type) ) );

    }

#endif


#if __cplusplus > 201703L

    [[nodiscard]] constexpr value_type* allocate(std::size_t n) { // C++20

        return reinterpret_cast<value_type*>( ::malloc( n * sizeof(value_type) ) );

    }

#else

    value_type* allocate(std::size_t n) { // C++17

        return reinterpret_cast<value_type*>( ::malloc( n * sizeof(value_type) ) );

    }

#endif


#if __cplusplus > 201703L

    constexpr void deallocate(value_type* p, std::size_t n ) {

        ::explicit_bzero(p, n); // non-optomized away bzero

        ::free( reinterpret_cast<void*>( const_cast<pointer_mutable>(p) ) );

    }

#else

    void deallocate(value_type* p, std::size_t n ) {

        ::explicit_bzero(p, n); // non-optomized away bzero

        ::free( reinterpret_cast<void*>( const_cast<pointer_mutable>(p) ) );

    }

#endif


};


#if __cplusplus > 201703L

template <class T1, class T2>

    constexpr bool operator==(const callocator_sec<T1>& lhs, const callocator_sec<T2>& rhs) noexcept {

#if 0

        if( &lhs == &rhs ) {

            return true;

        }

        return lhs.memory_usage == rhs.memory_usage;

#else

        (void)lhs;

        (void)rhs;

        return true;

#endif

    }

#else

    template <class T1, class T2>

    bool operator==(const callocator_sec<T1>& lhs, const callocator_sec<T2>& rhs) noexcept {

#if 0

        if( &lhs == &rhs ) {

            return true;

        }

        return lhs.memory_usage == rhs.memory_usage;

#else

        (void)lhs;

        (void)rhs;

        return true;

#endif

    }

    template <class T1, class T2>

    bool operator!=(const callocator_sec<T1>& lhs, const callocator_sec<T2>& rhs) noexcept {

        return !(lhs==rhs);

    }

#endif


} /* namespace jau */


#endif // C_ALLOCATOR_SEC_HPP


basic_types.hpp

jau
__pack(...): Produces MSVC, clang and gcc compatible lead-in and -out macros.
Definition: backtrace.hpp:32

jau::operator==
bool operator==(const callocator< T1 > &lhs, const callocator< T2 > &rhs) noexcept
Definition: callocator.hpp:150

jau::operator!=
bool operator!=(const callocator< T1 > &lhs, const callocator< T2 > &rhs) noexcept
Definition: callocator.hpp:163

jau::callocator_sec::rebind
Definition: callocator_sec.hpp:68

jau::callocator_sec::rebind::other
callocator_sec< U > other
Definition: callocator_sec.hpp:68

jau::callocator_sec
A simple secure allocator for integral types using POSIX C functions: ::malloc() and ::free().
Definition: callocator_sec.hpp:52

jau::callocator_sec::is_always_equal
std::true_type is_always_equal
Definition: callocator_sec.hpp:61

jau::callocator_sec::pointer
T * pointer
Definition: callocator_sec.hpp:64

jau::callocator_sec::difference_type
std::ptrdiff_t difference_type
Definition: callocator_sec.hpp:57

jau::callocator_sec::deallocate
void deallocate(value_type *p, std::size_t n)
Definition: callocator_sec.hpp:124

jau::callocator_sec::reference
T & reference
Definition: callocator_sec.hpp:66

jau::callocator_sec::allocate
value_type * allocate(std::size_t n)
Definition: callocator_sec.hpp:113

jau::callocator_sec::propagate_on_container_move_assignment
std::true_type propagate_on_container_move_assignment
Definition: callocator_sec.hpp:58

jau::callocator_sec::size_type
std::size_t size_type
Definition: callocator_sec.hpp:56

jau::callocator_sec::callocator_sec
callocator_sec(const callocator_sec< U > &) noexcept
Definition: callocator_sec.hpp:92

jau::callocator_sec::const_pointer
const T * const_pointer
Definition: callocator_sec.hpp:65

jau::callocator_sec::value_type
T value_type
Definition: callocator_sec.hpp:55

jau::callocator_sec::~callocator_sec
~callocator_sec()=default

jau::callocator_sec::callocator_sec
callocator_sec() noexcept=default

jau::callocator_sec::const_reference
const T & const_reference
Definition: callocator_sec.hpp:67

jau::callocator_sec::allocate
value_type * allocate(std::size_t n, const void *)
Definition: callocator_sec.hpp:103

jau::callocator_sec::callocator_sec
callocator_sec(const callocator_sec &) noexcept
Definition: callocator_sec.hpp:82