#include "pb_encode.h"
#include <string.h>
-typedef bool (*pb_encoder_t)(pb_ostream_t *stream, const pb_field_t *field, const void *src);
+#ifdef __GNUC__
+/* Verify that we remember to check all return values for proper error propagation */
+#define checkreturn __attribute__((warn_unused_result))
+#else
+#define checkreturn
+#endif
+
+
+typedef bool (*pb_encoder_t)(pb_ostream_t *stream, const pb_field_t *field, const void *src) checkreturn;
/* --- Function pointers to field encoders ---
* Order in the array must match pb_action_t LTYPE numbering.
/* pb_ostream_t implementation */
-static bool buf_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
+static bool checkreturn buf_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
{
uint8_t *dest = (uint8_t*)stream->state;
memcpy(dest, buf, count);
return stream;
}
-bool pb_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
+bool checkreturn pb_write(pb_ostream_t *stream, const uint8_t *buf, size_t count)
{
if (stream->callback != NULL)
{
/* Main encoding stuff */
-static bool encode_array(pb_ostream_t *stream, const pb_field_t *field,
+/* Callbacks don't need this function because they usually know the data type
+ * without examining the field structure.
+ * Therefore it is static for now.
+ */
+static bool checkreturn encode_array(pb_ostream_t *stream, const pb_field_t *field,
const void *pData, size_t count, pb_encoder_t func)
{
int i;
const void *p;
size_t size;
- if (PB_LTYPE(field->type) < PB_LTYPE_LAST_PACKABLE)
+ if (count == 0)
+ return true;
+
+ if (PB_LTYPE(field->type) <= PB_LTYPE_LAST_PACKABLE)
{
if (!pb_encode_tag(stream, PB_WT_STRING, field->tag))
return false;
size = sizestream.bytes_written;
}
- pb_encode_varint(stream, size);
+ if (!pb_encode_varint(stream, size))
+ return false;
if (stream->callback == NULL)
return pb_write(stream, NULL, size); /* Just sizing.. */
return true;
}
-bool pb_encode(pb_ostream_t *stream, const pb_field_t fields[], const void *src_struct)
+bool checkreturn pb_encode(pb_ostream_t *stream, const pb_field_t fields[], const void *src_struct)
{
const pb_field_t *field = fields;
const void *pData = src_struct;
const void *pSize;
+ size_t prev_size = 0;
while (field->tag != 0)
{
- pData = (const char*)pData + field->data_offset;
+ pData = (const char*)pData + prev_size + field->data_offset;
pSize = (const char*)pData + field->size_offset;
+ prev_size = field->data_size;
+ if (PB_HTYPE(field->type) == PB_HTYPE_ARRAY)
+ prev_size *= field->array_size;
+
pb_encoder_t func = PB_ENCODERS[PB_LTYPE(field->type)];
switch (PB_HTYPE(field->type))
}
/* Helper functions */
-bool pb_encode_varint(pb_ostream_t *stream, uint64_t value)
+bool checkreturn pb_encode_varint(pb_ostream_t *stream, uint64_t value)
{
uint8_t buffer[10];
int i = 0;
return pb_write(stream, buffer, i);
}
-bool pb_encode_tag(pb_ostream_t *stream, pb_wire_type_t wiretype, int field_number)
+bool checkreturn pb_encode_tag(pb_ostream_t *stream, pb_wire_type_t wiretype, int field_number)
{
int tag = wiretype | (field_number << 3);
return pb_encode_varint(stream, tag);
}
-bool pb_encode_tag_for_field(pb_ostream_t *stream, const pb_field_t *field)
+bool checkreturn pb_encode_tag_for_field(pb_ostream_t *stream, const pb_field_t *field)
{
pb_wire_type_t wiretype;
switch (PB_LTYPE(field->type))
return pb_encode_tag(stream, wiretype, field->tag);
}
-bool pb_encode_string(pb_ostream_t *stream, const uint8_t *buffer, size_t size)
+bool checkreturn pb_encode_string(pb_ostream_t *stream, const uint8_t *buffer, size_t size)
{
if (!pb_encode_varint(stream, size))
return false;
#endif
}
-bool pb_enc_varint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_varint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
{
uint64_t value = 0;
endian_copy(&value, src, sizeof(value), field->data_size);
return pb_encode_varint(stream, value);
}
-bool pb_enc_svarint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_svarint(pb_ostream_t *stream, const pb_field_t *field, const void *src)
{
uint64_t value = 0;
uint64_t zigzagged;
return pb_encode_varint(stream, zigzagged);
}
-bool pb_enc_fixed(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_fixed(pb_ostream_t *stream, const pb_field_t *field, const void *src)
{
#ifdef __BIG_ENDIAN__
uint8_t bytes[8] = {0};
#endif
}
-bool pb_enc_bytes(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_bytes(pb_ostream_t *stream, const pb_field_t *field, const void *src)
{
pb_bytes_array_t *bytes = (pb_bytes_array_t*)src;
return pb_encode_string(stream, bytes->bytes, bytes->size);
}
-bool pb_enc_string(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_string(pb_ostream_t *stream, const pb_field_t *field, const void *src)
{
return pb_encode_string(stream, (uint8_t*)src, strlen((char*)src));
}
-bool pb_enc_submessage(pb_ostream_t *stream, const pb_field_t *field, const void *src)
+bool checkreturn pb_enc_submessage(pb_ostream_t *stream, const pb_field_t *field, const void *src)
{
- pb_ostream_t sizestream = {0};
+ pb_ostream_t substream = {0};
size_t size;
+ bool status;
if (field->ptr == NULL)
return false;
- if (!pb_encode(&sizestream, (pb_field_t*)field->ptr, src))
+ if (!pb_encode(&substream, (pb_field_t*)field->ptr, src))
return false;
- size = sizestream.bytes_written;
+ size = substream.bytes_written;
if (!pb_encode_varint(stream, size))
return false;
if (stream->callback == NULL)
return pb_write(stream, NULL, size); /* Just sizing */
- return pb_encode(stream, (pb_field_t*)field->ptr, src);
+ if (stream->bytes_written + size > stream->max_size)
+ return false;
+
+ /* Use a substream to verify that a callback doesn't write more than
+ * what it did the first time. */
+ substream.callback = stream->callback;
+ substream.state = stream->state;
+ substream.max_size = size;
+ substream.bytes_written = 0;
+
+ status = pb_encode(&substream, (pb_field_t*)field->ptr, src);
+
+ stream->bytes_written += substream.bytes_written;
+
+ if (substream.bytes_written != size)
+ return false;
+
+ return status;
}