From 0b1e24898c41afa1f07854c295881b23aa2faea6 Mon Sep 17 00:00:00 2001 From: Helmut Eller Date: Sun, 8 Jan 2017 21:27:28 +0100 Subject: [PATCH] This introduces a RESIZE-FILE-LIMIT The intention is to protect the user from a presumably common mistake: passing the size as single cell number instead of a double cell number. This would create a very big file that is written in many small chunks. I also changed sdResizeFile to use uint64_t instead of Lo/Hi pairs. * csrc/pfcompil.c (pfBuildDictionary): Rename RESIZE-FILE to (RESIZE-FILE). * fth/file.fth (RESIZE-FILE-LIMIT): New variable. (RESIZE-FILE): Use it. * fth/system.fth (D<, D>): Implemented. Needed for compare the limit. * csrc/pf_io.h, csrc/pf_io.c (sdResizeFile): Use uint64_t. * csrc/stdio/pf_fileio_stdio.c (sdResizeFile): Use uint64_t. (IsGreaterThanLongMax): Deleted. * csrc/pf_inner.c (ID_FILE_RESIZE): Convert the Lo/Hi pair to uint64_t. (UdToUint64, UdIsUint64): New helpers. --- csrc/pf_inner.c | 22 +++++++++++++++++++++- csrc/pf_io.c | 6 ++---- csrc/pf_io.h | 4 ++-- csrc/pfcompil.c | 2 +- csrc/stdio/pf_fileio_stdio.c | 14 +++----------- fth/file.fth | 16 ++++++++++++++++ fth/system.fth | 8 ++++++++ 7 files changed, 53 insertions(+), 19 deletions(-) diff --git a/csrc/pf_inner.c b/csrc/pf_inner.c index f673075..2e5aac6 100644 --- a/csrc/pf_inner.c +++ b/csrc/pf_inner.c @@ -199,6 +199,24 @@ static void TraceNames( ExecToken Token, cell_t Level ) /* Use local copy of CODE_BASE for speed. */ #define LOCAL_CODEREL_TO_ABS( a ) ((cell_t *) (((cell_t) a) + CodeBase)) +/* Truncate the unsigned double cell integer LO/HI to an uint64_t. */ +static uint64_t UdToUint64( ucell_t Lo, ucell_t Hi ) +{ + return (( 2 * sizeof(ucell_t) == sizeof(uint64_t) ) + ? (((uint64_t)Lo) | (((uint64_t)Hi) >> (sizeof(ucell_t) * 8))) + : Lo ); +} + +/* Return TRUE if the unsigned double cell integer LO/HI is not greater + * then the greatest uint64_t. + */ +static int UdIsUint64( ucell_t Lo, ucell_t Hi ) +{ + return (( 2 * sizeof(ucell_t) == sizeof(uint64_t) ) + ? TRUE + : Hi == 0 ); +} + static const char *pfSelectFileModeCreate( int fam ); static const char *pfSelectFileModeOpen( int fam ); @@ -1111,7 +1129,9 @@ DBUG(("XX ah,m,l = 0x%8x,%8x,%8x - qh,l = 0x%8x,%8x\n", ah,am,al, qh,ql )); FileStream *File = (FileStream *) TOS; ucell_t SizeHi = (ucell_t) M_POP; ucell_t SizeLo = (ucell_t) M_POP; - TOS = sdResizeFile( File, SizeLo, SizeHi ); + TOS = ( UdIsUint64( SizeLo, SizeHi ) + ? sdResizeFile( File, UdToUint64( SizeLo, SizeHi )) + : THROW_RESIZE_FILE ); } endcase; diff --git a/csrc/pf_io.c b/csrc/pf_io.c index 343a02d..3b48d0a 100644 --- a/csrc/pf_io.c +++ b/csrc/pf_io.c @@ -230,12 +230,10 @@ cell_t sdRenameFile( const char *OldName, const char *NewName ) return -1; } -ThrowCode sdResizeFile( FileStream * File, ucell_t SizeLo, ucell_t SizeHi ) +ThrowCode sdResizeFile( FileStream * File, uint64_t NewSize ) { UNIMPLEMENTED("sdResizeFile"); - TOUCH(File); - TOUCH(SizeLo); - TOUCH(SizeHi); + TOUCH(NewSize); return THROW_RESIZE_FILE; } diff --git a/csrc/pf_io.h b/csrc/pf_io.h index cbd45ec..4576e4f 100644 --- a/csrc/pf_io.h +++ b/csrc/pf_io.h @@ -87,7 +87,7 @@ void ioTerm( void ); cell_t sdSeekFile( FileStream * Stream, off_t Position, int32_t Mode ); cell_t sdRenameFile( const char *OldName, const char *NewName ); cell_t sdDeleteFile( const char *FileName ); - ThrowCode sdResizeFile( FileStream *, ucell_t SizeLo, ucell_t SizeHi ); + ThrowCode sdResizeFile( FileStream *, uint64_t Size); off_t sdTellFile( FileStream * Stream ); cell_t sdCloseFile( FileStream * Stream ); cell_t sdInputChar( FileStream *stream ); @@ -140,7 +140,7 @@ void ioTerm( void ); #define PF_SEEK_CUR (SEEK_CUR) #define PF_SEEK_END (SEEK_END) - ThrowCode sdResizeFile( FileStream *, ucell_t SizeLo, ucell_t SizeHi ); + ThrowCode sdResizeFile( FileStream *, uint64_t Size); /* ** printf() is only used for debugging purposes. diff --git a/csrc/pfcompil.c b/csrc/pfcompil.c index a03e823..b618c9f 100644 --- a/csrc/pfcompil.c +++ b/csrc/pfcompil.c @@ -260,7 +260,7 @@ PForthDictionary pfBuildDictionary( cell_t HeaderSize, cell_t CodeSize ) CreateDicEntryC( ID_FILE_REPOSITION, "REPOSITION-FILE", 0 ); CreateDicEntryC( ID_FILE_FLUSH, "FLUSH-FILE", 0 ); CreateDicEntryC( ID_FILE_RENAME, "(RENAME-FILE)", 0 ); - CreateDicEntryC( ID_FILE_RESIZE, "RESIZE-FILE", 0 ); + CreateDicEntryC( ID_FILE_RESIZE, "(RESIZE-FILE)", 0 ); CreateDicEntryC( ID_FILE_RO, "R/O", 0 ); CreateDicEntryC( ID_FILE_RW, "R/W", 0 ); CreateDicEntryC( ID_FILE_WO, "W/O", 0 ); diff --git a/csrc/stdio/pf_fileio_stdio.c b/csrc/stdio/pf_fileio_stdio.c index 9a25092..6c688ca 100644 --- a/csrc/stdio/pf_fileio_stdio.c +++ b/csrc/stdio/pf_fileio_stdio.c @@ -106,20 +106,12 @@ static bool_t ExtendFile( FileStream *File, size_t Diff ) return Error; } -/* Return non-FALSE if the double-cell unsigned number LO/HI - * is greater then LONG_MAX. - */ -static bool_t IsGreaterThanLongMax( ucell_t Lo, ucell_t Hi ) -{ - return (Hi != 0) || (Lo > LONG_MAX); -} - -ThrowCode sdResizeFile( FileStream *File, ucell_t SizeLo, ucell_t SizeHi ) +ThrowCode sdResizeFile( FileStream *File, uint64_t Size ) { bool_t Error = TRUE; - if( !IsGreaterThanLongMax( SizeLo, SizeHi ) ) + if( Size <= LONG_MAX ) { - long Newsize = (long) SizeLo; + long Newsize = (long) Size; if( fseek( File, 0, SEEK_END ) == 0 ) { long Oldsize = ftell( File ); diff --git a/fth/file.fth b/fth/file.fth index 8fe0810..a2835bf 100644 --- a/fth/file.fth +++ b/fth/file.fth @@ -117,6 +117,22 @@ create (LINE-TERMINATOR) \n c, THEN ; +\ A limit used to perform a sanity check on the size argument for +\ RESIZE-FILE. +2variable RESIZE-FILE-LIMIT +10000000 0 resize-file-limit 2! \ 10MB is somewhat arbitrarily chosen + +: RESIZE-FILE ( ud fileid -- ior ) + -rot 2dup resize-file-limit 2@ d> ( fileid ud big? ) + IF + ." Argument (" 0 d.r ." ) is larger then RESIZE-FILE-LIMIT." cr + ." (You can increase RESIZE-FILE-LIMIT with 2!)" cr + abort + ELSE + rot (resize-file) + THEN +; + : ( ( "comment" -- ) source-id CASE diff --git a/fth/system.fth b/fth/system.fth index c1b7f66..48572cf 100644 --- a/fth/system.fth +++ b/fth/system.fth @@ -364,6 +364,14 @@ rot = -rot = and ; +: D< ( d1 d2 -- flag ) + d- nip 0< +; + +: D> ( d1 d2 -- flag ) + 2swap d< +; + \ define some useful constants ------------------------------ 1 0= constant FALSE 0 0= constant TRUE -- 2.20.1