aboutsummaryrefslogtreecommitdiff
path: root/src/support
AgeCommit message (Collapse)Author
2021-02-01Merge #20464: refactor: Treat CDataStream bytes as uint8_tWladimir J. van der Laan
fa292724598c273867bc6dbf311f1440fe2541ba Remove redundant MakeUCharSpan wrappers (MarcoFalke) faf4aa2f47c0de4f3a0c5f5fe5b3ec32f611eefd Remove CDataStream::Init in favor of C++11 member initialization (MarcoFalke) fada14b948cac147198e3b685b5dd8cb72dc2911 Treat CDataStream bytes as uint8_t (MarcoFalke) fa8bdb048e65cae2d26bea3f991717a856e2fb39 refactor: Drop CDataStream constructors in favor of one taking a Span of bytes (MarcoFalke) faa96f841fe45bc49ebb6e07ac82a129fa9c40bf Remove unused CDataStream methods (MarcoFalke) Pull request description: Using `uint8_t` for raw bytes has a style benefit: * The signedness is clear from reading the code, as it does not depend on the architecture Other clean-ups in this pull include: * Remove unused methods * Constructor is simplified with `Span` * Remove `Init()` member in favor of C++11 member initialization ACKs for top commit: laanwj: code review ACK fa292724598c273867bc6dbf311f1440fe2541ba theStack: ACK fa292724598c273867bc6dbf311f1440fe2541ba 🍾 Tree-SHA512: 931ee28bd99843d7e894b48e90e1187ffb0278677c267044b3c0c255069d9bbd9298ab2e539b1002a30b543d240450eaec718ef4ee95a7fd4be0a295e926343f
2021-01-04doc: Use https URLs where possibleSawyer Billings
2020-12-31scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-11-23Treat CDataStream bytes as uint8_tMarcoFalke
Also, rename CSerializeData to SerializeData
2020-08-20Move Win32 defines to configure.ac to ensure they are globally definedLuke Dashjr
common.vcxproj used for MSVC builds
2020-05-29Limit scope of all global std::once_flagMarcoFalke
2020-05-04Merge #18443: lockedpool: avoid sensitive data in core files (FreeBSD)Wladimir J. van der Laan
f85203097f78d9daa1d35c4097a80beab31da2a4 lockedpool: avoid sensitive data in core files (FreeBSD) (Vasil Dimov) Pull request description: This is a followup to 23991ee53 / https://github.com/bitcoin/bitcoin/pull/15600 to also use madvise(2) on FreeBSD to avoid sensitive data allocated with secure_allocator ending up in core files in addition to preventing it from going to the swap. ACKs for top commit: sipa: ACK f85203097f78d9daa1d35c4097a80beab31da2a4 if someone verifies this works as intended on *BSD. laanwj: ACK f85203097f78d9daa1d35c4097a80beab31da2a4 practicalswift: Code-review ACK f85203097f78d9daa1d35c4097a80beab31da2a4 assuming a reviewer with FreeBSD access verifies that the PR goal is achieved :) Tree-SHA512: 2e6d4ab6a9fbe18732c8ba530eacc17f58128c97140758b80c905b5b838922a2bcaa5f9abc45ab69d5a1a2baa0cba322f006048b60a877228e089c7e64dadd2a
2020-04-16scripted-diff: Bump copyright headersMarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2020-03-26lockedpool: avoid sensitive data in core files (FreeBSD)Vasil Dimov
This is a followup to 23991ee53 / https://github.com/bitcoin/bitcoin/pull/15600 to also use madvise(2) on FreeBSD to avoid sensitive data allocated with secure_allocator ending up in core files in addition to preventing it from going to the swap.
2020-03-26Merge #15600: lockedpool: When possible, use madvise to avoid including ↵Wladimir J. van der Laan
sensitive information in core dumps d831831822885717e9841f1ff67c19add566fa45 lockedpool: When possible, use madvise to avoid including sensitive information in core dumps (Luke Dashjr) Pull request description: If we're mlocking something, it's because it's sensitive information. Therefore, don't include it in core dump files, ~~and unmap it from forked processes~~. The return value is not checked because the madvise calls might fail on older kernels as a rule (unsure). ACKs for top commit: practicalswift: Code review ACK d831831822885717e9841f1ff67c19add566fa45 -- patch looks correct laanwj: ACK d831831822885717e9841f1ff67c19add566fa45 jonatack: ACK d831831822885717e9841f1ff67c19add566fa45 vasild: ACK d831831822885717e9841f1ff67c19add566fa45 Tree-SHA512: 9a6c1fef126a4bbee0698bfed5a01233460fbcc86380d984e80dfbdfbed3744fef74527a8e3439ea226167992cff9d3ffa8f2d4dbd5ae96ebe0c12f3eee0eb9e
2020-03-04lockedpool: When possible, use madvise to avoid including sensitive ↵Luke Dashjr
information in core dumps
2019-12-30scripted-diff: Bump copyright of files changed in 2019MarcoFalke
-BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
2019-11-16Fix segfault in allocator_tests/arena_testsJeffrey Czyz
The test uses reinterpret_cast<void*> on unallocated memory. Using this memory in printchunk as char* causes a segfault, so have printchunk take void* instead.
2019-11-16Fix compilation errors in support/lockedpool.cppJeffrey Czyz
Changes in #12048 cause a compilation error in Arena::walk() when ARENA_DEBUG is defined. Specifically, Arena's chunks_free map was changed to have a different value type. Additionally, missing includes cause other compilation errors when ARENA_DEBUG is defined. Reproduced with: make CPPFLAGS=-DARENA_DEBUG
2019-07-01Improve documentation of memory_cleanse()Tim Ruffing
So far, the documentation of memory_cleanse() is a verbatim copy of the commit message in BoringSSL, where this code was originally written. However, our code evolved since then, and the commit message is not particularly helpful in the code but is rather of historical interested in BoringSSL only. This commit improves improves the comments around memory_cleanse() and gives a better rationale for the method that we use. This commit touches only comments.
2019-06-06Clean up logic in memory_cleanse() for MSVCTim Ruffing
Commit fbf327b13868861c2877c5754caf5a9816f2603c ("Minimal code changes to allow msvc compilation.") was indeed minimal in terms of lines touched. But as a result of that minimalism it changed the logic in memory_cleanse() to first call std::memset() and then additionally the MSVC-specific SecureZeroMemory() function, and it also moved a comment to the wrong location. This commit removes the superfluous call to std::memset() on MSVC and ensures that the comment is in the right position again.
2019-01-23windows: Set _WIN32_WINNT to 0x0601 (Windows 7)Chun Kuan Lee
Also remove all defines in many places and define it in configure stage to keep consistency.
2019-01-06Fix out-of-bounds write in case of failing mmap(...) in ↵practicalswift
PosixLockedPageAllocator::AllocateLocked
2018-09-04Fix typos reported by codespellpracticalswift
2018-07-27Update copyright headers to 2018DrahtBot
2018-05-03Make it clear which functions that are intended to be translation unit localpracticalswift
Do not share functions that are meant to be translation unit local with other translation units. Use internal linkage for those consistently.
2018-04-09Remove duplicate includespracticalswift
2018-04-05Merge #12859: Bugfix: Include <memory> for std::unique_ptrWladimir J. van der Laan
a5bca13 Bugfix: Include <memory> for std::unique_ptr (Luke Dashjr) Pull request description: Not sure why all these includes were missing, but it's breaking builds for some users: https://bugs.gentoo.org/show_bug.cgi?id=652142 (Added to all files with a reference to `std::unique_ptr`) Tree-SHA512: 8a2c67513ca07b9bb52c34e8a20b15e56f8af2530310d9ee9b0a69694dd05e02e7a3683f14101a2685d457672b56addec591a0bb83900a0eb8e2a43d43200509
2018-04-02Bugfix: Include <memory> for std::unique_ptrLuke Dashjr
2018-03-22Merge #12048: Use best-fit strategy in Arena, now O(log(n)) instead O(n)Wladimir J. van der Laan
5fbf7c4 fix nits: variable naming, typos (Martin Ankerl) 1e0ee90 Use best-fit strategy in Arena, now O(log(n)) instead O(n) (Martin Ankerl) Pull request description: This replaces the first-fit algorithm used in the Arena with a best-fit. According to "Dynamic Storage Allocation: A Survey and Critical Review", Wilson et. al. 1995, http://www.scs.stanford.edu/14wi-cs140/sched/readings/wilson.pdf, both startegies work well in practice. The advantage of using best-fit is that we can switch the O(n) allocation to O(log(n)). Additionally, some previously O(log(n)) operations are now O(1) operations by using hash maps. The end effect is that the benchmark runs about 2.5 times faster on my machine: # Benchmark, evals, iterations, total, min, max, median old: BenchLockedPool, 5, 530, 5.25749, 0.00196938, 0.00199755, 0.00198172 new: BenchLockedPool, 5, 1300, 5.11313, 0.000781493, 0.000793314, 0.00078606 I've run all unit tests and benchmarks, and increased the number of iterations so that BenchLockedPool takes about 5 seconds again. Tree-SHA512: 6551e384671f93f10c60df530a29a1954bd265cc305411f665a8756525e5afe2873a8032c797d00b6e8c07e16d9827465d0b662875433147381474a44119ccce
2018-03-21Fix typosDimitris Apostolou
2018-01-06fix nits: variable naming, typosMartin Ankerl
2018-01-03Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa
2017-12-29Use best-fit strategy in Arena, now O(log(n)) instead O(n)Martin Ankerl
This replaces the first-fit algorithm used in the Arena with a best-fit. According to "Dynamic Storage Allocation: A Survey and Critical Review", Wilson et. al. 1995, http://www.scs.stanford.edu/14wi-cs140/sched/readings/wilson.pdf, both startegies work well in practice. The advantage of using best-fit is that we can switch the slow O(n) algorithm to O(log(n)) operations. Additionally, some previously O(log(n)) operations are now replaced with O(1) operations by using a hash map. The end effect is that the benchmark runs about 2.5 times faster on my machine: old: BenchLockedPool, 5, 530, 5.25749, 0.00196938, 0.00199755, 0.00198172 new: BenchLockedPool, 5, 1300, 5.11313, 0.000781493, 0.000793314, 0.00078606 I've run all unit tests and benchmarks.
2017-12-13Merge #11558: Minimal code changes to allow msvc compilationWladimir J. van der Laan
fbf327b Minimal code changes to allow msvc compilation. (Aaron Clauson) Pull request description: These changes are required to allow the Bitcoin source to build with Microsoft's C++ compiler (#11562 is also required). I looked around for a better place for the typedef of ssize_t which is in random.h. The best candidate looks like src/compat.h but I figured including that header in random.h is a bigger change than the typedef. Note that the same typedef is in at least two other places including the OpenSSL and Berkeley DB headers so some of the Bitcoin code already picks it up. Tree-SHA512: aa6cc6283015e08ab074641f9abdc116c4dc58574dc90f75e7a5af4cc82946d3052370e5cbe855fb6180c00f8dc66997d3724ff0412e4b7417e51b6602154825
2017-11-16scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider
-BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
2017-11-10Minimal code changes to allow msvc compilation.Aaron Clauson
2017-09-16Refactor: Modernize disallowed copy constructors/assignmentDan Raviv
Use C++11's better capability of expressing an interface of a non-copyable class by publicly deleting its copy ctor and assignment operator instead of just declaring them private.
2017-09-06Switch memory_cleanse implementation to BoringSSL's to ensure memory ↵Adam Langley
clearing even with link-time optimization. The implementation we currently use from OpenSSL prevents the compiler from optimizing away clensing operations on blocks of memory that are about to be released, but this protection is not extended to link-time optimization. This commit copies the solution cooked up by Google compiler engineers which uses inline assembly directives to instruct the compiler not to optimize out the call under any circumstances. As the code is in-lined, this has the added advantage of removing one more OpenSSL dependency. Regarding license compatibility, Google's contributions to BoringSSL library, including this code, is made available under the ISC license, which is MIT compatible. BoringSSL git commit: ad1907fe73334d6c696c8539646c21b11178f20f
2017-08-16Declare single-argument (non-converting) constructors "explicit"practicalswift
In order to avoid unintended implicit conversions.
2017-08-16Use nullptr instead of zero (0) as the null pointer constantpracticalswift
2017-08-16Merge #10965: Replace deprecated throw() with noexcept specifier (C++11)MarcoFalke
986255026 Use the noexcept specifier (C++11) instead of deprecated throw() (practicalswift) Pull request description: Use the `noexcept` specifier (C++11) instead of deprecated `throw()`. Tree-SHA512: cf9b6b18f61f2f59bbeceb2e43b5cd07a60f5e569c8def05c410cb72326d597c80cb731059969ef89fa5fddaae1242225886e6109fcb535c4ad62d56ebcdf1ea
2017-08-07scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift
instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
2017-07-31Use the noexcept specifier (C++11) instead of deprecated throw()practicalswift
2017-06-28Use the override specifier (C++11) where we expect to be overriding the ↵practicalswift
virtual function of a base class
2017-06-22Merge #9517: [refactor] Switched httpserver.cpp to use RAII wrapped libevents.Wladimir J. van der Laan
1ae86ec Changed event RAII helper functions to inline to deal with duplicate symbol linker errors. (Karl-Johan Alm) fd369d2 Switched httpserver.cpp to use RAII wrapped libevents. (Kalle Alm) Tree-SHA512: 877e431f211024d42a3b0800e860e02833398611433e8393f8d5d4970f47f4bd670b900443678c067fec110c087aaab7dc1981ccbf17f6057676fdbbda89aed9
2017-05-03[wallet] Securely erase potentially sensitive keys/valuesThomas Snider
2017-04-14Changed event RAII helper functions to inline to deal with duplicate symbol ↵Karl-Johan Alm
linker errors.
2017-03-03Merge #8808: Do not shadow variables (gcc set)Wladimir J. van der Laan
ad1ae7a Check and enable -Wshadow by default. (Pavel JanĂ­k) 9de90bb Do not shadow variables (gcc set) (Pavel JanĂ­k) Tree-SHA512: 9517feb423dc8ddd63896016b25324673bfbe0bffa97f22996f59d7a3fcbdc2ebf2e43ac02bc067546f54e293e9b2f2514be145f867321e9031f895c063d9fb8
2017-01-05Merge #9387: [Refactor] RAII of libevent stuff using unique ptrs with deletersWladimir J. van der Laan
05a55a6 Added EVENT_CFLAGS to test makefile to explicitly include libevent headers. (Karl-Johan Alm) 280a559 Added some simple tests for the RAII-style events. (Karl-Johan Alm) 7f7f102 Switched bitcoin-cli.cpp to use RAII unique pointers with deleters. (Karl-Johan Alm) e5534d2 Added std::unique_ptr<> wrappers with deleters for libevent modules. (Karl-Johan Alm)
2016-12-31Increment MIT Licence copyright header year on files modified in 2016isle2983
Edited via: $ contrib/devtools/copyright_header.py update .
2016-12-21Added some simple tests for the RAII-style events.Karl-Johan Alm
2016-12-20Added std::unique_ptr<> wrappers with deleters for libevent modules.Karl-Johan Alm
2016-12-05Do not shadow variables (gcc set)Pavel JanĂ­k
2016-11-28Fix some typosfsb4000