X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/c2f669a4994192344613569e198c7b503d46d45e..9c487ba56fed466d931374cda2cba1e483a0b847:/src/src/string.c diff --git a/src/src/string.c b/src/src/string.c index 963948f77..3abe2a3bd 100644 --- a/src/src/string.c +++ b/src/src/string.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2016 */ +/* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ /* Miscellaneous string-handling functions. Some are not required for @@ -42,7 +42,7 @@ int yield = 4; /* If an optional mask is permitted, check for it. If found, pass back the offset. */ -if (maskptr != NULL) +if (maskptr) { const uschar *ss = s + Ustrlen(s); *maskptr = 0; @@ -79,7 +79,7 @@ if (Ustrchr(s, ':') != NULL) if we hit the / that introduces a mask or the % that introduces the interface specifier (scope id) of a link-local address. */ - if (*s == 0 || *s == '%' || *s == '/') return had_double_colon? yield : 0; + if (*s == 0 || *s == '%' || *s == '/') return had_double_colon ? yield : 0; /* If a component starts with an additional colon, we have hit a double colon. This is permitted to appear once only, and counts as at least @@ -135,13 +135,16 @@ if (Ustrchr(s, ':') != NULL) for (i = 0; i < 4; i++) { + long n; + uschar * end; + if (i != 0 && *s++ != '.') return 0; - if (!isdigit(*s++)) return 0; - if (isdigit(*s) && isdigit(*(++s))) s++; + n = strtol(CCS s, CSS &end, 10); + if (n > 255 || n < 0 || end <= s || end > s+3) return 0; + s = end; } -return (*s == 0 || (*s == '/' && maskptr != NULL && *maskptr != 0))? - yield : 0; +return !*s || (*s == '/' && maskptr && *maskptr != 0) ? yield : 0; } #endif /* COMPILE_UTILITY */ @@ -306,7 +309,7 @@ expanded string. */ ss = store_get(length + nonprintcount * 3 + 1); -/* Copy everying, escaping non printers. */ +/* Copy everything, escaping non printers. */ t = s; tt = ss; @@ -911,7 +914,7 @@ sep_is_special = iscntrl(sep); /* Handle the case when a buffer is provided. */ -if (buffer != NULL) +if (buffer) { int p = 0; for (; *s != 0; s++) @@ -927,9 +930,8 @@ if (buffer != NULL) else { - int size = 0; - int ptr = 0; const uschar *ss; + gstring * g = NULL; /* We know that *s != 0 at this point. However, it might be pointing to a separator, which could indicate an empty string, or (if an ispunct() @@ -951,13 +953,14 @@ else for (;;) { - for (ss = s + 1; *ss != 0 && *ss != sep; ss++); - buffer = string_catn(buffer, &size, &ptr, s, ss-s); + for (ss = s + 1; *ss != 0 && *ss != sep; ss++) ; + g = string_catn(g, s, ss-s); s = ss; if (*s == 0 || *(++s) != sep || sep_is_special) break; } - while (ptr > 0 && isspace(buffer[ptr-1])) ptr--; - buffer[ptr] = 0; + while (g->ptr > 0 && isspace(g->s[g->ptr-1])) g->ptr--; + buffer = string_from_gstring(g); + gstring_reset_unused(g); } /* Update the current pointer and return the new string */ @@ -965,104 +968,176 @@ else *listptr = s; return buffer; } -#endif /* COMPILE_UTILITY */ -#ifndef COMPILE_UTILITY +static const uschar * +Ustrnchr(const uschar * s, int c, unsigned * len) +{ +unsigned siz = *len; +while (siz) + { + if (!*s) return NULL; + if (*s == c) + { + *len = siz; + return s; + } + s++; + siz--; + } +return NULL; +} + + /************************************************ * Add element to separated list * ************************************************/ -/* This function is used to build a list, returning -an allocated null-terminated growable string. The -given element has any embedded seperator characters +/* This function is used to build a list, returning an allocated null-terminated +growable string. The given element has any embedded separator characters doubled. +Despite having the same growable-string interface as string_cat() the list is +always returned null-terminated. + Arguments: - list points to the start of the list that is being built, or NULL + list expanding-string for the list that is being built, or NULL if this is a new list that has no contents yet - sep list seperator charactoer - ele new lement to be appended to the list + sep list separator character + ele new element to be appended to the list Returns: pointer to the start of the list, changed if copied for expansion. */ -uschar * -string_append_listele(uschar * list, uschar sep, const uschar * ele) +gstring * +string_append_listele(gstring * list, uschar sep, const uschar * ele) { -uschar * new = NULL; -int sz = 0, off = 0; uschar * sp; -if (list) - { - new = string_cat (new, &sz, &off, list); - new = string_catn(new, &sz, &off, &sep, 1); - } +if (list && list->ptr) + list = string_catn(list, &sep, 1); while((sp = Ustrchr(ele, sep))) { - new = string_catn(new, &sz, &off, ele, sp-ele+1); - new = string_catn(new, &sz, &off, &sep, 1); + list = string_catn(list, ele, sp-ele+1); + list = string_catn(list, &sep, 1); ele = sp+1; } -new = string_cat(new, &sz, &off, ele); -new[off] = '\0'; -return new; +list = string_cat(list, ele); +(void) string_from_gstring(list); +return list; } -static const uschar * -Ustrnchr(const uschar * s, int c, unsigned * len) -{ -unsigned siz = *len; -while (siz) - { - if (!*s) return NULL; - if (*s == c) - { - *len = siz; - return s; - } - s++; - siz--; - } -return NULL; -} - -uschar * -string_append_listele_n(uschar * list, uschar sep, const uschar * ele, - unsigned len) +gstring * +string_append_listele_n(gstring * list, uschar sep, const uschar * ele, + unsigned len) { -uschar * new = NULL; -int sz = 0, off = 0; const uschar * sp; -if (list) - { - new = string_cat (new, &sz, &off, list); - new = string_catn(new, &sz, &off, &sep, 1); - } +if (list && list->ptr) + list = string_catn(list, &sep, 1); while((sp = Ustrnchr(ele, sep, &len))) { - new = string_catn(new, &sz, &off, ele, sp-ele+1); - new = string_catn(new, &sz, &off, &sep, 1); + list = string_catn(list, ele, sp-ele+1); + list = string_catn(list, &sep, 1); ele = sp+1; len--; } -new = string_catn(new, &sz, &off, ele, len); -new[off] = '\0'; -return new; +list = string_catn(list, ele, len); +(void) string_from_gstring(list); +return list; } -#endif /* COMPILE_UTILITY */ -#ifndef COMPILE_UTILITY +/* A slightly-bogus listmaker utility; the separator is a string so +can be multiple chars - there is no checking for the element content +containing any of the separator. */ + +gstring * +string_append2_listele_n(gstring * list, const uschar * sepstr, + const uschar * ele, unsigned len) +{ +if (list && list->ptr) + list = string_cat(list, sepstr); + +list = string_catn(list, ele, len); +(void) string_from_gstring(list); +return list; +} + + + +/************************************************/ +/* Create a growable-string with some preassigned space */ + +gstring * +string_get(unsigned size) +{ +gstring * g = store_get(sizeof(gstring) + size); +g->size = size; +g->ptr = 0; +g->s = US(g + 1); +return g; +} + +/* NUL-terminate the C string in the growable-string, and return it. */ + +uschar * +string_from_gstring(gstring * g) +{ +if (!g) return NULL; +g->s[g->ptr] = '\0'; +return g->s; +} + +void +gstring_reset_unused(gstring * g) +{ +store_reset(g->s + (g->size = g->ptr + 1)); +} + /************************************************* * Add chars to string * *************************************************/ +/* Arguments: + g the grawable-string + p current end of data + count amount to grow by +*/ + +static void +gstring_grow(gstring * g, int p, int count) +{ +int oldsize = g->size; + +/* Mostly, string_cat() is used to build small strings of a few hundred +characters at most. There are times, however, when the strings are very much +longer (for example, a lookup that returns a vast number of alias addresses). +To try to keep things reasonable, we use increments whose size depends on the +existing length of the string. */ + +unsigned inc = oldsize < 4096 ? 127 : 1023; +g->size = ((p + count + inc) & ~inc) + 1; + +/* Try to extend an existing allocation. If the result of calling +store_extend() is false, either there isn't room in the current memory block, +or this string is not the top item on the dynamic store stack. We then have +to get a new chunk of store and copy the old string. When building large +strings, it is helpful to call store_release() on the old string, to release +memory blocks that have become empty. (The block will be freed if the string +is at its start.) However, we can do this only if we know that the old string +was the last item on the dynamic memory stack. This is the case if it matches +store_last_get. */ + +if (!store_extend(g->s, oldsize, g->size)) + g->s = store_newblock(g->s, g->size, p); +} + + + /* This function is used when building up strings of unknown length. Room is always left for a terminating zero to be added to the string that is being built. This function does not require the string that is being added to be NUL @@ -1072,15 +1147,9 @@ sometimes called to extract parts of other strings. Arguments: string points to the start of the string that is being built, or NULL if this is a new string that has no contents yet - size points to a variable that holds the current capacity of the memory - block (updated if changed) - ptr points to a variable that holds the offset at which to add - characters, updated to the new offset s points to characters to add count count of characters to add; must not exceed the length of s, if s - is a C string. If -1 given, strlen(s) is used. - -If string is given as NULL, *size and *ptr should both be zero. + is a C string. Returns: pointer to the start of the string, changed if copied for expansion. Note that a NUL is not added, though space is left for one. This is @@ -1090,74 +1159,40 @@ Returns: pointer to the start of the string, changed if copied for expansion. */ /* coverity[+alloc] */ -uschar * -string_catn(uschar *string, int *size, int *ptr, const uschar *s, int count) +gstring * +string_catn(gstring * g, const uschar *s, int count) { -int p = *ptr; +int p; -if (p + count >= *size) +if (!g) { - int oldsize = *size; - - /* Mostly, string_cat() is used to build small strings of a few hundred - characters at most. There are times, however, when the strings are very much - longer (for example, a lookup that returns a vast number of alias addresses). - To try to keep things reasonable, we use increments whose size depends on the - existing length of the string. */ - - int inc = (oldsize < 4096)? 100 : 1024; - while (*size <= p + count) *size += inc; - - /* New string */ - - if (string == NULL) string = store_get(*size); - - /* Try to extend an existing allocation. If the result of calling - store_extend() is false, either there isn't room in the current memory block, - or this string is not the top item on the dynamic store stack. We then have - to get a new chunk of store and copy the old string. When building large - strings, it is helpful to call store_release() on the old string, to release - memory blocks that have become empty. (The block will be freed if the string - is at its start.) However, we can do this only if we know that the old string - was the last item on the dynamic memory stack. This is the case if it matches - store_last_get. */ - - else if (!store_extend(string, oldsize, *size)) - { - BOOL release_ok = store_last_get[store_pool] == string; - uschar *newstring = store_get(*size); - memcpy(newstring, string, p); - if (release_ok) store_release(string); - string = newstring; - } + unsigned inc = count < 4096 ? 127 : 1023; + unsigned size = ((count + inc) & ~inc) + 1; + g = string_get(size); } +p = g->ptr; +if (p + count >= g->size) + gstring_grow(g, p, count); + /* Because we always specify the exact number of characters to copy, we can use memcpy(), which is likely to be more efficient than strncopy() because the -latter has to check for zero bytes. - -The Coverity annotation deals with the lack of correlated variable tracking; -common use is a null string and zero size and pointer, on first use for a -string being built. The "if" above then allocates, but Coverity assume that -the "if" might not happen and whines for a null-deref done by the memcpy(). */ +latter has to check for zero bytes. */ -/* coverity[deref_parm_field_in_call] */ -memcpy(string + p, s, count); -*ptr = p + count; -return string; +memcpy(g->s + p, s, count); +g->ptr = p + count; +return g; } - - -uschar * -string_cat(uschar *string, int *size, int *ptr, const uschar *s) + + +gstring * +string_cat(gstring *string, const uschar *s) { -return string_catn(string, size, ptr, s, Ustrlen(s)); +return string_catn(string, s, Ustrlen(s)); } -#endif /* COMPILE_UTILITY */ -#ifndef COMPILE_UTILITY /************************************************* * Append strings to another string * *************************************************/ @@ -1166,12 +1201,8 @@ return string_catn(string, size, ptr, s, Ustrlen(s)); It calls string_cat() to do the dirty work. Arguments: - string points to the start of the string that is being built, or NULL + string expanding-string that is being built, or NULL if this is a new string that has no contents yet - size points to a variable that holds the current capacity of the memory - block (updated if changed) - ptr points to a variable that holds the offset at which to add - characters, updated to the new offset count the number of strings to append ... "count" uschar* arguments, which must be valid zero-terminated C strings @@ -1180,17 +1211,16 @@ Returns: pointer to the start of the string, changed if copied for expansion. The string is not zero-terminated - see string_cat() above. */ -uschar * -string_append(uschar *string, int *size, int *ptr, int count, ...) +__inline__ gstring * +string_append(gstring *string, int count, ...) { va_list ap; -int i; va_start(ap, count); -for (i = 0; i < count; i++) +while (count-- > 0) { uschar *t = va_arg(ap, uschar *); - string = string_cat(string, size, ptr, t); + string = string_cat(string, t); } va_end(ap); @@ -1212,10 +1242,10 @@ on whether the variable length list of data arguments are given explicitly or as a va_list item. The formats are the usual printf() ones, with some omissions (never used) and -two additions for strings: %S forces lower case, and %#s or %#S prints nothing -for a NULL string. Without the # "NULL" is printed (useful in debugging). There -is also the addition of %D and %M, which insert the date in the form used for -datestamped log files. +three additions for strings: %S forces lower case, %T forces upper case, and +%#s or %#S prints nothing for a NULL string. Without the # "NULL" is printed +(useful in debugging). There is also the addition of %D and %M, which insert +the date in the form used for datestamped log files. Arguments: buffer a buffer in which to put the formatted string @@ -1359,20 +1389,28 @@ while (*fp != 0) switch(length) { case L_SHORT: - case L_NORMAL: sprintf(CS p, newformat, va_arg(ap, int)); break; - case L_LONG: sprintf(CS p, newformat, va_arg(ap, long int)); break; - case L_LONGLONG: sprintf(CS p, newformat, va_arg(ap, LONGLONG_T)); break; - case L_SIZE: sprintf(CS p, newformat, va_arg(ap, size_t)); break; + case L_NORMAL: p += sprintf(CS p, newformat, va_arg(ap, int)); break; + case L_LONG: p += sprintf(CS p, newformat, va_arg(ap, long int)); break; + case L_LONGLONG: p += sprintf(CS p, newformat, va_arg(ap, LONGLONG_T)); break; + case L_SIZE: p += sprintf(CS p, newformat, va_arg(ap, size_t)); break; } - while (*p) p++; break; case 'p': - if (p >= last - 24) { yield = FALSE; goto END_FORMAT; } - strncpy(newformat, item_start, fp - item_start); - newformat[fp - item_start] = 0; - sprintf(CS p, newformat, va_arg(ap, void *)); - while (*p) p++; + { + void * ptr; + if (p >= last - 24) { yield = FALSE; goto END_FORMAT; } + /* sprintf() saying "(nil)" for a null pointer seems unreliable. + Handle it explicitly. */ + if ((ptr = va_arg(ap, void *))) + { + strncpy(newformat, item_start, fp - item_start); + newformat[fp - item_start] = 0; + p += sprintf(CS p, newformat, ptr); + } + else + p += sprintf(CS p, "(nil)"); + } break; /* %f format is inherently insecure if the numbers that it may be @@ -1392,10 +1430,9 @@ while (*fp != 0) strncpy(newformat, item_start, fp - item_start); newformat[fp-item_start] = 0; if (length == L_LONGDOUBLE) - sprintf(CS p, newformat, va_arg(ap, long double)); + p += sprintf(CS p, newformat, va_arg(ap, long double)); else - sprintf(CS p, newformat, va_arg(ap, double)); - while (*p) p++; + p += sprintf(CS p, newformat, va_arg(ap, double)); break; /* String types */ @@ -1428,6 +1465,7 @@ while (*fp != 0) case 's': case 'S': /* Forces *lower* case */ + case 'T': /* Forces *upper* case */ s = va_arg(ap, char *); if (s == NULL) s = null; @@ -1475,6 +1513,8 @@ while (*fp != 0) sprintf(CS p, "%*.*s", width, precision, s); if (fp[-1] == 'S') while (*p) { *p = tolower(*p); p++; } + else if (fp[-1] == 'T') + while (*p) { *p = toupper(*p); p++; } else while (*p) p++; if (!yield) goto END_FORMAT; @@ -1544,177 +1584,6 @@ return (eno == EACCES)? -#ifndef COMPILE_UTILITY -/************************************************* -* Generate local prt for logging * -*************************************************/ - -/* This function is a subroutine for use in string_log_address() below. - -Arguments: - addr the address being logged - yield the current dynamic buffer pointer - sizeptr points to current size - ptrptr points to current insert pointer - -Returns: the new value of the buffer pointer -*/ - -static uschar * -string_get_localpart(address_item *addr, uschar *yield, int *sizeptr, - int *ptrptr) -{ -uschar * s; - -s = addr->prefix; -if (testflag(addr, af_include_affixes) && s) - { -#ifdef SUPPORT_I18N - if (testflag(addr, af_utf8_downcvt)) - s = string_localpart_utf8_to_alabel(s, NULL); -#endif - yield = string_cat(yield, sizeptr, ptrptr, s); - } - -s = addr->local_part; -#ifdef SUPPORT_I18N -if (testflag(addr, af_utf8_downcvt)) - s = string_localpart_utf8_to_alabel(s, NULL); -#endif -yield = string_cat(yield, sizeptr, ptrptr, s); - -s = addr->suffix; -if (testflag(addr, af_include_affixes) && s) - { -#ifdef SUPPORT_I18N - if (testflag(addr, af_utf8_downcvt)) - s = string_localpart_utf8_to_alabel(s, NULL); -#endif - yield = string_cat(yield, sizeptr, ptrptr, s); - } - -return yield; -} - - -/************************************************* -* Generate log address list * -*************************************************/ - -/* This function generates a list consisting of an address and its parents, for -use in logging lines. For saved onetime aliased addresses, the onetime parent -field is used. If the address was delivered by a transport with rcpt_include_ -affixes set, the af_include_affixes bit will be set in the address. In that -case, we include the affixes here too. - -Arguments: - addr bottom (ultimate) address - all_parents if TRUE, include all parents - success TRUE for successful delivery - -Returns: a string in dynamic store -*/ - -uschar * -string_log_address(address_item *addr, BOOL all_parents, BOOL success) -{ -int size = 64; -int ptr = 0; -BOOL add_topaddr = TRUE; -uschar *yield = store_get(size); -address_item *topaddr; - -/* Find the ultimate parent */ - -for (topaddr = addr; topaddr->parent != NULL; topaddr = topaddr->parent); - -/* We start with just the local part for pipe, file, and reply deliveries, and -for successful local deliveries from routers that have the log_as_local flag -set. File deliveries from filters can be specified as non-absolute paths in -cases where the transport is goin to complete the path. If there is an error -before this happens (expansion failure) the local part will not be updated, and -so won't necessarily look like a path. Add extra text for this case. */ - -if (testflag(addr, af_pfr) || - (success && - addr->router != NULL && addr->router->log_as_local && - addr->transport != NULL && addr->transport->info->local)) - { - if (testflag(addr, af_file) && addr->local_part[0] != '/') - yield = string_catn(yield, &size, &ptr, CUS"save ", 5); - yield = string_get_localpart(addr, yield, &size, &ptr); - } - -/* Other deliveries start with the full address. It we have split it into local -part and domain, use those fields. Some early failures can happen before the -splitting is done; in those cases use the original field. */ - -else - { - if (addr->local_part != NULL) - { - const uschar * s; - yield = string_get_localpart(addr, yield, &size, &ptr); - yield = string_catn(yield, &size, &ptr, US"@", 1); - s = addr->domain; -#ifdef SUPPORT_I18N - if (testflag(addr, af_utf8_downcvt)) - s = string_localpart_utf8_to_alabel(s, NULL); -#endif - yield = string_cat(yield, &size, &ptr, s); - } - else - yield = string_cat(yield, &size, &ptr, addr->address); - yield[ptr] = 0; - - /* If the address we are going to print is the same as the top address, - and all parents are not being included, don't add on the top address. First - of all, do a caseless comparison; if this succeeds, do a caseful comparison - on the local parts. */ - - if (strcmpic(yield, topaddr->address) == 0 && - Ustrncmp(yield, topaddr->address, Ustrchr(yield, '@') - yield) == 0 && - addr->onetime_parent == NULL && - (!all_parents || addr->parent == NULL || addr->parent == topaddr)) - add_topaddr = FALSE; - } - -/* If all parents are requested, or this is a local pipe/file/reply, and -there is at least one intermediate parent, show it in brackets, and continue -with all of them if all are wanted. */ - -if ((all_parents || testflag(addr, af_pfr)) && - addr->parent != NULL && - addr->parent != topaddr) - { - uschar *s = US" ("; - address_item *addr2; - for (addr2 = addr->parent; addr2 != topaddr; addr2 = addr2->parent) - { - yield = string_catn(yield, &size, &ptr, s, 2); - yield = string_cat (yield, &size, &ptr, addr2->address); - if (!all_parents) break; - s = US", "; - } - yield = string_catn(yield, &size, &ptr, US")", 1); - } - -/* Add the top address if it is required */ - -if (add_topaddr) - { - yield = string_catn(yield, &size, &ptr, US" <", 2); - - yield = string_cat(yield, &size, &ptr, - addr->onetime_parent ? addr->onetime_parent : topaddr->address); - - yield = string_catn(yield, &size, &ptr, US">", 1); - } - -yield[ptr] = 0; /* string_cat() leaves space */ -return yield; -} -#endif /* COMPILE_UTILITY */ #ifndef COMPILE_UTILITY