1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187

use bytes::BufMut;
use std::ops::Deref;
use std::io;

/// Safe wrapper around Vec<u8> with custom `bytes::BufMut` and `std::io::Write`
/// implementations that ensure the buffer never exceeds maximum capacity.
pub struct CappedBuffer {
    buf: Vec<u8>,
    max: usize,
}

impl CappedBuffer {
    /// Create a new `CappedBuffer` with initial `capacity`, and a limit
    /// capacity set to `max`.
    pub fn new(mut capacity: usize, max: usize) -> Self {
        if capacity > max {
            capacity = max;
        }

        Self {
            buf: Vec::with_capacity(capacity),
            max,
        }
    }

    /// Remaining amount of bytes that can be written to the buffer
    /// before reaching max capacity
    #[inline]
    pub fn remaining(&self) -> usize {
        self.max - self.buf.len()
    }

    /// Shift the content of the buffer to the left by `shift`,
    /// effectively forgetting the shifted out bytes.
    /// New length of the buffer will be adjusted accordingly.
    pub fn shift(&mut self, shift: usize) {
        if shift >= self.buf.len() {
            self.buf.clear();
            return;
        }

        let src = self.buf[shift..].as_ptr();
        let dst = self.buf.as_mut_ptr();
        let new_len = self.buf.len() - shift;

        // This is a simple, potentially overlapping memcpy within
        // the buffer, shifting `new_len` bytes at offset `shift` (`src`)
        // to the beginning of the buffer (`dst`)
        unsafe {
            std::ptr::copy(src, dst, new_len);
            self.buf.set_len(new_len);
        }
    }
}

impl AsRef<[u8]> for CappedBuffer {
    fn as_ref(&self) -> &[u8] {
        &self.buf
    }
}

impl AsMut<[u8]> for CappedBuffer {
    fn as_mut(&mut self) -> &mut [u8] {
        &mut self.buf
    }
}

impl Deref for CappedBuffer {
    type Target = Vec<u8>;

    fn deref(&self) -> &Vec<u8> {
        &self.buf
    }
}

impl io::Write for CappedBuffer {
    fn write(&mut self, mut buf: &[u8]) -> io::Result<usize> {
        if buf.len() > self.remaining() {
            buf = &buf[..self.remaining()];
        }
        self.buf.extend_from_slice(buf);
        Ok(buf.len())
    }

    fn write_all(&mut self, buf: &[u8]) -> io::Result<()> {
        if buf.len() <= self.remaining() {
            self.buf.extend_from_slice(buf);
            Ok(())
        } else {
            Err(io::Error::new(io::ErrorKind::InvalidInput, "Exceeded maximum buffer capacity"))
        }
    }

    fn flush(&mut self) -> io::Result<()> {
        self.buf.flush()
    }
}

impl BufMut for CappedBuffer {
    fn remaining_mut(&self) -> usize {
        self.remaining()
    }

    unsafe fn advance_mut(&mut self, cnt: usize) {
        assert!(cnt <= self.remaining(), "Exceeded buffer capacity");

        self.buf.advance_mut(cnt);
    }

    unsafe fn bytes_mut(&mut self) -> &mut [u8] {
        let remaining = self.remaining();

        // `self.buf.bytes_mut` does an implicit allocation
        if remaining == 0 {
            return &mut [];
        }

        let mut bytes = self.buf.bytes_mut();

        if bytes.len() > remaining {
            bytes = &mut bytes[..remaining];
        }

        bytes
    }
}

#[cfg(test)]
mod test {
    use std::io::Write;
    use super::*;

    #[test]
    fn shift() {
        let mut buffer = CappedBuffer::new(10, 20);

        buffer.write_all(b"Hello World").unwrap();
        buffer.shift(6);

        assert_eq!(&*buffer, b"World");
        assert_eq!(buffer.remaining(), 15);
    }

    #[test]
    fn shift_zero() {
        let mut buffer = CappedBuffer::new(10, 20);

        buffer.write_all(b"Hello World").unwrap();
        buffer.shift(0);

        assert_eq!(&*buffer, b"Hello World");
        assert_eq!(buffer.remaining(), 9);
    }

    #[test]
    fn shift_all() {
        let mut buffer = CappedBuffer::new(10, 20);

        buffer.write_all(b"Hello World").unwrap();
        buffer.shift(11);

        assert_eq!(&*buffer, b"");
        assert_eq!(buffer.remaining(), 20);
    }

    #[test]
    fn shift_capacity() {
        let mut buffer = CappedBuffer::new(10, 20);

        buffer.write_all(b"Hello World").unwrap();
        buffer.shift(20);

        assert_eq!(&*buffer, b"");
        assert_eq!(buffer.remaining(), 20);
    }

    #[test]
    fn shift_over_capacity() {
        let mut buffer = CappedBuffer::new(10, 20);

        buffer.write_all(b"Hello World").unwrap();
        buffer.shift(50);

        assert_eq!(&*buffer, b"");
        assert_eq!(buffer.remaining(), 20);
    }
}