1 // Copyright 2006 Google LLC
2 //
3 // Redistribution and use in source and binary forms, with or without
4 // modification, are permitted provided that the following conditions are
5 // met:
6 //
7 // * Redistributions of source code must retain the above copyright
8 // notice, this list of conditions and the following disclaimer.
9 // * Redistributions in binary form must reproduce the above
10 // copyright notice, this list of conditions and the following disclaimer
11 // in the documentation and/or other materials provided with the
12 // distribution.
13 // * Neither the name of Google LLC nor the names of its
14 // contributors may be used to endorse or promote products derived from
15 // this software without specific prior written permission.
16 //
17 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
21 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28
29 // string_utils-inl.h: Safer string manipulation on Windows, supporting
30 // pre-MSVC8 environments.
31
32 #ifndef COMMON_WINDOWS_STRING_UTILS_INL_H_
33 #define COMMON_WINDOWS_STRING_UTILS_INL_H_
34
35 #include <stdarg.h>
36 #include <wchar.h>
37
38 #include <string>
39
40 // The "ll" printf format size specifier corresponding to |long long| was
41 // intrudced in MSVC8. Earlier versions did not provide this size specifier,
42 // but "I64" can be used to print 64-bit types. Don't use "I64" where "ll"
43 // is available, in the event of oddball systems where |long long| is not
44 // 64 bits wide.
45 #if _MSC_VER >= 1400 // MSVC 2005/8
46 #define WIN_STRING_FORMAT_LL "ll"
47 #else // MSC_VER >= 1400
48 #define WIN_STRING_FORMAT_LL "I64"
49 #endif // MSC_VER >= 1400
50
51 // A nonconforming version of swprintf, without the length argument, was
52 // included with the CRT prior to MSVC8. Although a conforming version was
53 // also available via an overload, it is not reliably chosen. _snwprintf
54 // behaves as a standards-confirming swprintf should, so force the use of
55 // _snwprintf when using older CRTs.
56 #if _MSC_VER < 1400 // MSVC 2005/8
57 #define swprintf _snwprintf
58 #else
59 // For MSVC8 and newer, swprintf_s is the recommended method. Conveniently,
60 // it takes the same argument list as swprintf.
61 #define swprintf swprintf_s
62 #endif // MSC_VER < 1400
63
64 namespace google_breakpad {
65
66 using std::string;
67 using std::wstring;
68
69 class WindowsStringUtils {
70 public:
71 // Roughly equivalent to MSVC8's wcscpy_s, except pre-MSVC8, this does
72 // not fail if source is longer than destination_size. The destination
73 // buffer is always 0-terminated.
74 static void safe_wcscpy(wchar_t* destination, size_t destination_size,
75 const wchar_t* source);
76
77 // Roughly equivalent to MSVC8's wcsncpy_s, except that _TRUNCATE cannot
78 // be passed directly, and pre-MSVC8, this will not fail if source or count
79 // are longer than destination_size. The destination buffer is always
80 // 0-terminated.
81 static void safe_wcsncpy(wchar_t* destination, size_t destination_size,
82 const wchar_t* source, size_t count);
83
84 // Performs multi-byte to wide character conversion on C++ strings, using
85 // mbstowcs_s (MSVC8) or mbstowcs (pre-MSVC8). Returns false on failure,
86 // without setting wcs.
87 static bool safe_mbstowcs(const string& mbs, wstring* wcs);
88
89 // The inverse of safe_mbstowcs.
90 static bool safe_wcstombs(const wstring& wcs, string* mbs);
91
92 // Returns the base name of a file, e.g. strips off the path.
93 static wstring GetBaseName(const wstring& filename);
94
95 private:
96 // Disallow instantiation and other object-based operations.
97 WindowsStringUtils();
98 WindowsStringUtils(const WindowsStringUtils&);
99 ~WindowsStringUtils();
100 void operator=(const WindowsStringUtils&);
101 };
102
103 // static
safe_wcscpy(wchar_t * destination,size_t destination_size,const wchar_t * source)104 inline void WindowsStringUtils::safe_wcscpy(wchar_t* destination,
105 size_t destination_size,
106 const wchar_t* source) {
107 #if _MSC_VER >= 1400 // MSVC 2005/8
108 wcscpy_s(destination, destination_size, source);
109 #else // _MSC_VER >= 1400
110 // Pre-MSVC 2005/8 doesn't have wcscpy_s. Simulate it with wcsncpy.
111 // wcsncpy doesn't 0-terminate the destination buffer if the source string
112 // is longer than size. Ensure that the destination is 0-terminated.
113 wcsncpy(destination, source, destination_size);
114 if (destination && destination_size)
115 destination[destination_size - 1] = 0;
116 #endif // _MSC_VER >= 1400
117 }
118
119 // static
safe_wcsncpy(wchar_t * destination,size_t destination_size,const wchar_t * source,size_t count)120 inline void WindowsStringUtils::safe_wcsncpy(wchar_t* destination,
121 size_t destination_size,
122 const wchar_t* source,
123 size_t count) {
124 #if _MSC_VER >= 1400 // MSVC 2005/8
125 wcsncpy_s(destination, destination_size, source, count);
126 #else // _MSC_VER >= 1400
127 // Pre-MSVC 2005/8 doesn't have wcsncpy_s. Simulate it with wcsncpy.
128 // wcsncpy doesn't 0-terminate the destination buffer if the source string
129 // is longer than size. Ensure that the destination is 0-terminated.
130 if (destination_size < count)
131 count = destination_size;
132
133 wcsncpy(destination, source, count);
134 if (destination && count)
135 destination[count - 1] = 0;
136 #endif // _MSC_VER >= 1400
137 }
138
139 } // namespace google_breakpad
140
141 #endif // COMMON_WINDOWS_STRING_UTILS_INL_H_
142