1 /* $OpenBSD: getcap.c,v 1.27 2006/05/15 04:18:19 hugh Exp $ */ 2 /*- 3 * Copyright (c) 1992, 1993 4 * The Regents of the University of California. All rights reserved. 5 * 6 * This code is derived from software contributed to Berkeley by 7 * Casey Leedom of Lawrence Livermore National Laboratory. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include <sys/types.h> 35 36 #include <ctype.h> 37 #include <db.h> 38 #include <errno.h> 39 #include <fcntl.h> 40 #include <limits.h> 41 #include <stdio.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include <unistd.h> 45 46 #define BFRAG 1024 47 #define BSIZE 1024 48 #define ESC ('[' & 037) /* ASCII ESC */ 49 #define MAX_RECURSION 32 /* maximum getent recursion */ 50 #define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ 51 52 #define RECOK (char)0 53 #define TCERR (char)1 54 #define SHADOW (char)2 55 56 static size_t topreclen; /* toprec length */ 57 static char *toprec; /* Additional record specified by cgetset() */ 58 static int gottoprec; /* Flag indicating retrieval of toprecord */ 59 60 static int cdbget(DB *, char **, const char *); 61 static int getent(char **, u_int *, char **, int, const char *, int, char *); 62 static int nfcmp(const char *, char *); 63 64 static int usedb = 1; 65 66 /* 67 * Cgetusedb() allows the user to specify whether or not to use a .db 68 * version of the database file (if it exists) in preference to the 69 * text version. By default, the getcap(3) routines will use a .db file. 70 */ 71 int 72 cgetusedb(int new_usedb) 73 { 74 int old_usedb = usedb; 75 76 usedb = new_usedb; 77 return(old_usedb); 78 } 79 80 /* 81 * Cgetset() allows the addition of a user specified buffer to be added 82 * to the database array, in effect "pushing" the buffer on top of the 83 * virtual database. 0 is returned on success, -1 on failure. 84 */ 85 int 86 cgetset(const char *ent) 87 { 88 if (ent == NULL) { 89 if (toprec) 90 free(toprec); 91 toprec = NULL; 92 topreclen = 0; 93 return (0); 94 } 95 topreclen = strlen(ent); 96 if ((toprec = malloc(topreclen + 1)) == NULL) 97 return (-1); 98 gottoprec = 0; 99 memcpy(toprec, ent, topreclen + 1); 100 return (0); 101 } 102 103 /* 104 * Cgetcap searches the capability record buf for the capability cap with 105 * type `type'. A pointer to the value of cap is returned on success, NULL 106 * if the requested capability couldn't be found. 107 * 108 * Specifying a type of ':' means that nothing should follow cap (:cap:). 109 * In this case a pointer to the terminating ':' or NUL will be returned if 110 * cap is found. 111 * 112 * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) 113 * return NULL. 114 */ 115 char * 116 cgetcap(char *buf, const char *cap, int type) 117 { 118 char *bp; 119 const char *cp; 120 121 bp = buf; 122 for (;;) { 123 /* 124 * Skip past the current capability field - it's either the 125 * name field if this is the first time through the loop, or 126 * the remainder of a field whose name failed to match cap. 127 */ 128 for (;;) 129 if (*bp == '\0') 130 return (NULL); 131 else 132 if (*bp++ == ':') 133 break; 134 135 /* 136 * Try to match (cap, type) in buf. 137 */ 138 for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) 139 continue; 140 if (*cp != '\0') 141 continue; 142 if (*bp == '@') 143 return (NULL); 144 if (type == ':') { 145 if (*bp != '\0' && *bp != ':') 146 continue; 147 return(bp); 148 } 149 if (*bp != type) 150 continue; 151 bp++; 152 return (*bp == '@' ? NULL : bp); 153 } 154 /* NOTREACHED */ 155 } 156 157 /* 158 * Cgetent extracts the capability record name from the NULL terminated file 159 * array db_array and returns a pointer to a malloc'd copy of it in buf. 160 * Buf must be retained through all subsequent calls to cgetcap, cgetnum, 161 * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, 162 * -1 if the requested record couldn't be found, -2 if a system error was 163 * encountered (couldn't open/read a file, etc.), and -3 if a potential 164 * reference loop is detected. 165 */ 166 int 167 cgetent(char **buf, char **db_array, const char *name) 168 { 169 u_int dummy; 170 171 return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); 172 } 173 174 /* 175 * Getent implements the functions of cgetent. If fd is non-negative, 176 * *db_array has already been opened and fd is the open file descriptor. We 177 * do this to save time and avoid using up file descriptors for tc= 178 * recursions. 179 * 180 * Getent returns the same success/failure codes as cgetent. On success, a 181 * pointer to a malloc'ed capability record with all tc= capabilities fully 182 * expanded and its length (not including trailing ASCII NUL) are left in 183 * *cap and *len. 184 * 185 * Basic algorithm: 186 * + Allocate memory incrementally as needed in chunks of size BFRAG 187 * for capability buffer. 188 * + Recurse for each tc=name and interpolate result. Stop when all 189 * names interpolated, a name can't be found, or depth exceeds 190 * MAX_RECURSION. 191 */ 192 static int 193 getent(char **cap, u_int *len, char **db_array, int fd, 194 const char *name, int depth, char *nfield) 195 { 196 DB *capdbp; 197 char *r_end, *rp, **db_p; 198 int myfd, eof, foundit, opened, retval, clen; 199 char *record, *cbuf; 200 int tc_not_resolved; 201 char pbuf[PATH_MAX]; 202 203 /* 204 * Return with ``loop detected'' error if we've recursed more than 205 * MAX_RECURSION times. 206 */ 207 if (depth > MAX_RECURSION) 208 return (-3); 209 210 opened = 0; 211 212 /* 213 * Check if we have a top record from cgetset(). 214 */ 215 if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { 216 opened++; 217 if ((record = malloc(topreclen + 1 + BFRAG)) == NULL) 218 return (-2); 219 memcpy(record, toprec, topreclen + 1); 220 myfd = 0; 221 db_p = db_array; 222 rp = record + topreclen + 1; 223 r_end = rp + BFRAG; 224 goto tc_exp; 225 } 226 /* 227 * Allocate first chunk of memory. 228 */ 229 if ((record = malloc(BFRAG)) == NULL) 230 return (-2); 231 r_end = record + BFRAG; 232 foundit = 0; 233 /* 234 * Loop through database array until finding the record. 235 */ 236 237 for (db_p = db_array; *db_p != NULL; db_p++) { 238 eof = 0; 239 240 /* 241 * Open database if not already open. 242 */ 243 if (fd >= 0) { 244 (void)lseek(fd, (off_t)0, SEEK_SET); 245 myfd = 0; 246 opened++; 247 } else { 248 char *dbrecord; 249 250 clen = snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); 251 if (clen != -1 && clen < sizeof(pbuf) && usedb && 252 (capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0))) { 253 opened++; 254 retval = cdbget(capdbp, &dbrecord, name); 255 if (retval < 0) { 256 /* no record available */ 257 (void)capdbp->close(capdbp); 258 continue; 259 } 260 free(record); 261 /* save the data; close frees it */ 262 clen = strlen(dbrecord); 263 if ((cbuf = malloc(clen + 1)) == NULL) 264 return (-2); 265 memcpy(cbuf, dbrecord, clen + 1); 266 if (capdbp->close(capdbp) < 0) { 267 free(cbuf); 268 return (-2); 269 } 270 /* assume tc='s have been expanded??? */ 271 *len = clen; 272 *cap = cbuf; 273 return (retval); 274 } else { 275 fd = open(*db_p, O_RDONLY, 0); 276 if (fd < 0) { 277 /* No error on unfound file. */ 278 continue; 279 } 280 myfd = 1; 281 opened++; 282 } 283 } 284 /* 285 * Find the requested capability record ... 286 */ 287 { 288 char buf[BUFSIZ]; 289 char *b_end, *bp; 290 int c; 291 292 /* 293 * Loop invariants: 294 * There is always room for one more character in record. 295 * R_end always points just past end of record. 296 * Rp always points just past last character in record. 297 * B_end always points just past last character in buf. 298 * Bp always points at next character in buf. 299 */ 300 b_end = buf; 301 bp = buf; 302 for (;;) { 303 304 /* 305 * Read in a line implementing (\, newline) 306 * line continuation. 307 */ 308 rp = record; 309 for (;;) { 310 if (bp >= b_end) { 311 int n; 312 313 n = read(fd, buf, sizeof(buf)); 314 if (n <= 0) { 315 if (myfd) 316 (void)close(fd); 317 if (n < 0) { 318 free(record); 319 return (-2); 320 } else { 321 fd = -1; 322 eof = 1; 323 break; 324 } 325 } 326 b_end = buf+n; 327 bp = buf; 328 } 329 330 c = *bp++; 331 if (c == '\n') { 332 if (rp > record && *(rp-1) == '\\') { 333 rp--; 334 continue; 335 } else 336 break; 337 } 338 *rp++ = c; 339 340 /* 341 * Enforce loop invariant: if no room 342 * left in record buffer, try to get 343 * some more. 344 */ 345 if (rp >= r_end) { 346 u_int pos; 347 size_t newsize; 348 char *nrecord; 349 350 pos = rp - record; 351 newsize = r_end - record + BFRAG; 352 nrecord = realloc(record, newsize); 353 if (nrecord == NULL) { 354 if (record) 355 free(record); 356 if (myfd) 357 (void)close(fd); 358 errno = ENOMEM; 359 return (-2); 360 } 361 record = nrecord; 362 r_end = record + newsize; 363 rp = record + pos; 364 } 365 } 366 /* loop invariant lets us do this */ 367 *rp++ = '\0'; 368 369 /* 370 * If encountered EOF check next file. 371 */ 372 if (eof) 373 break; 374 375 /* 376 * Toss blank lines and comments. 377 */ 378 if (*record == '\0' || *record == '#') 379 continue; 380 381 /* 382 * See if this is the record we want ... 383 */ 384 if (cgetmatch(record, name) == 0) { 385 if (nfield == NULL || !nfcmp(nfield, record)) { 386 foundit = 1; 387 break; /* found it! */ 388 } 389 } 390 } 391 } 392 if (foundit) 393 break; 394 } 395 396 if (!foundit) { 397 free(record); 398 return (opened ? -1 : -2); 399 } 400 401 /* 402 * Got the capability record, but now we have to expand all tc=name 403 * references in it ... 404 */ 405 tc_exp: { 406 char *s; 407 u_int ilen; 408 int diff, iret, tclen; 409 char *ibuf, *icap, *scan, *tc, *tcstart, *tcend; 410 411 /* 412 * Loop invariants: 413 * There is room for one more character in record. 414 * R_end points just past end of record. 415 * Rp points just past last character in record. 416 * Scan points at remainder of record that needs to be 417 * scanned for tc=name constructs. 418 */ 419 scan = record; 420 tc_not_resolved = 0; 421 for (;;) { 422 if ((tc = cgetcap(scan, "tc", '=')) == NULL) 423 break; 424 425 /* 426 * Find end of tc=name and stomp on the trailing `:' 427 * (if present) so we can use it to call ourselves. 428 */ 429 s = tc; 430 for (;;) { 431 if (*s == '\0') 432 break; 433 else 434 if (*s++ == ':') { 435 *(s - 1) = '\0'; 436 break; 437 } 438 } 439 tcstart = tc - 3; 440 tclen = s - tcstart; 441 tcend = s; 442 443 iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, 444 NULL); 445 if (iret != 0) { 446 /* an error */ 447 if (iret < -1) { 448 if (myfd) 449 (void)close(fd); 450 free(record); 451 return (iret); 452 } 453 if (iret == 1) 454 tc_not_resolved = 1; 455 /* couldn't resolve tc */ 456 if (iret == -1) { 457 *(s - 1) = ':'; 458 scan = s - 1; 459 tc_not_resolved = 1; 460 continue; 461 462 } 463 } 464 /* not interested in name field of tc'ed record */ 465 s = ibuf = icap; 466 for (;;) 467 if (*s == '\0') 468 break; 469 else 470 if (*s++ == ':') 471 break; 472 ilen -= s - icap; 473 icap = s; 474 475 /* make sure interpolated record is `:'-terminated */ 476 s += ilen; 477 if (*(s-1) != ':') { 478 *s = ':'; /* overwrite NUL with : */ 479 ilen++; 480 } 481 482 /* 483 * Make sure there's enough room to insert the 484 * new record. 485 */ 486 diff = ilen - tclen; 487 if (diff >= r_end - rp) { 488 u_int pos, tcpos, tcposend; 489 size_t newsize; 490 char *nrecord; 491 492 pos = rp - record; 493 newsize = r_end - record + diff + BFRAG; 494 tcpos = tcstart - record; 495 tcposend = tcend - record; 496 nrecord = realloc(record, newsize); 497 if (nrecord == NULL) { 498 if (record) 499 free(record); 500 if (myfd) 501 (void)close(fd); 502 free(ibuf); 503 errno = ENOMEM; 504 return (-2); 505 } 506 record = nrecord; 507 r_end = record + newsize; 508 rp = record + pos; 509 tcstart = record + tcpos; 510 tcend = record + tcposend; 511 } 512 513 /* 514 * Insert tc'ed record into our record. 515 */ 516 s = tcstart + ilen; 517 memmove(s, tcend, rp - tcend); 518 memmove(tcstart, icap, ilen); 519 rp += diff; 520 free(ibuf); 521 522 /* 523 * Start scan on `:' so next cgetcap works properly 524 * (cgetcap always skips first field). 525 */ 526 scan = s-1; 527 } 528 529 } 530 /* 531 * Close file (if we opened it), give back any extra memory, and 532 * return capability, length and success. 533 */ 534 if (myfd) 535 (void)close(fd); 536 *len = rp - record - 1; /* don't count NUL */ 537 if (r_end > rp) { 538 char *nrecord; 539 540 if ((nrecord = 541 realloc(record, (size_t)(rp - record))) == NULL) { 542 if (record) 543 free(record); 544 errno = ENOMEM; 545 return (-2); 546 } 547 record = nrecord; 548 } 549 *cap = record; 550 if (tc_not_resolved) 551 return (1); 552 return (0); 553 } 554 555 static int 556 cdbget(DB *capdbp, char **bp, const char *name) 557 { 558 DBT key, data; 559 560 key.data = (void *)name; 561 key.size = strlen(name); 562 563 for (;;) { 564 /* Get the reference. */ 565 switch(capdbp->get(capdbp, &key, &data, 0)) { 566 case -1: 567 return (-2); 568 case 1: 569 return (-1); 570 } 571 572 /* If not an index to another record, leave. */ 573 if (((char *)data.data)[0] != SHADOW) 574 break; 575 576 key.data = (char *)data.data + 1; 577 key.size = data.size - 1; 578 } 579 580 *bp = (char *)data.data + 1; 581 return (((char *)(data.data))[0] == TCERR ? 1 : 0); 582 } 583 584 /* 585 * Cgetmatch will return 0 if name is one of the names of the capability 586 * record buf, -1 if not. 587 */ 588 int 589 cgetmatch(char *buf, const char *name) 590 { 591 char *bp; 592 const char *np; 593 594 if (*name == '\0') 595 return (-1); 596 /* 597 * Start search at beginning of record. 598 */ 599 bp = buf; 600 for (;;) { 601 /* 602 * Try to match a record name. 603 */ 604 np = name; 605 for (;;) 606 if (*np == '\0') { 607 if (*bp == '|' || *bp == ':' || *bp == '\0') 608 return (0); 609 else 610 break; 611 } else 612 if (*bp++ != *np++) 613 break; 614 615 /* 616 * Match failed, skip to next name in record. 617 */ 618 bp--; /* a '|' or ':' may have stopped the match */ 619 for (;;) 620 if (*bp == '\0' || *bp == ':') 621 return (-1); /* match failed totally */ 622 else 623 if (*bp++ == '|') 624 break; /* found next name */ 625 } 626 } 627 628 int 629 cgetfirst(char **buf, char **db_array) 630 { 631 632 (void)cgetclose(); 633 return (cgetnext(buf, db_array)); 634 } 635 636 static FILE *pfp; 637 static int slash; 638 static char **dbp; 639 640 int 641 cgetclose(void) 642 { 643 644 if (pfp != NULL) { 645 (void)fclose(pfp); 646 pfp = NULL; 647 } 648 dbp = NULL; 649 gottoprec = 0; 650 slash = 0; 651 return(0); 652 } 653 654 /* 655 * Cgetnext() gets either the first or next entry in the logical database 656 * specified by db_array. It returns 0 upon completion of the database, 1 657 * upon returning an entry with more remaining, and -1 if an error occurs. 658 */ 659 int 660 cgetnext(char **bp, char **db_array) 661 { 662 size_t len; 663 int status, done; 664 char *line, *np, buf[BSIZE], nbuf[BSIZE]; 665 u_int dummy; 666 667 if (dbp == NULL) 668 dbp = db_array; 669 670 if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { 671 (void)cgetclose(); 672 return (-1); 673 } 674 for (;;) { 675 if (toprec && !gottoprec) { 676 gottoprec = 1; 677 line = toprec; 678 } else { 679 line = fgetln(pfp, &len); 680 if (line == NULL) { 681 if (ferror(pfp)) { 682 (void)cgetclose(); 683 return (-1); 684 } else { 685 (void)fclose(pfp); 686 pfp = NULL; 687 if (*++dbp == NULL) { 688 (void)cgetclose(); 689 return (0); 690 } else if ((pfp = 691 fopen(*dbp, "r")) == NULL) { 692 (void)cgetclose(); 693 return (-1); 694 } else 695 continue; 696 } 697 } else 698 line[len - 1] = '\0';/* XXX - assumes newline */ 699 if (len == 1) { 700 slash = 0; 701 continue; 702 } 703 if (isspace(*line) || 704 *line == ':' || *line == '#' || slash) { 705 if (line[len - 2] == '\\') 706 slash = 1; 707 else 708 slash = 0; 709 continue; 710 } 711 if (line[len - 2] == '\\') 712 slash = 1; 713 else 714 slash = 0; 715 } 716 717 718 /* 719 * Line points to a name line. 720 */ 721 done = 0; 722 np = nbuf; 723 for (;;) { 724 len = strcspn(line, ":\\"); 725 if (line[len] == ':') { 726 done = 1; 727 ++len; 728 } 729 /* copy substring */ 730 if (len >= sizeof(nbuf) - (np - nbuf)) { 731 (void)cgetclose(); 732 return (-1); 733 } 734 memcpy(np, line, len); 735 np += len; 736 737 if (done) { 738 *np = '\0'; 739 break; 740 } else { /* name field extends beyond the line */ 741 line = fgetln(pfp, &len); 742 if (line == NULL) { 743 if (ferror(pfp)) { 744 (void)cgetclose(); 745 return (-1); 746 } 747 /* Move on to next file. */ 748 (void)fclose(pfp); 749 pfp = NULL; 750 ++dbp; 751 /* NUL terminate nbuf. */ 752 *np = '\0'; 753 break; 754 } else 755 /* XXX - assumes newline */ 756 line[len - 1] = '\0'; 757 } 758 } 759 len = strcspn(nbuf, "|:"); 760 memcpy(buf, nbuf, len); 761 buf[len] = '\0'; 762 /* 763 * XXX 764 * Last argument of getent here should be nbuf if we want true 765 * sequential access in the case of duplicates. 766 * With NULL, getent will return the first entry found 767 * rather than the duplicate entry record. This is a 768 * matter of semantics that should be resolved. 769 */ 770 status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); 771 if (status == -2 || status == -3) 772 (void)cgetclose(); 773 774 return (status + 1); 775 } 776 /* NOTREACHED */ 777 } 778 779 /* 780 * Cgetstr retrieves the value of the string capability cap from the 781 * capability record pointed to by buf. A pointer to a decoded, NUL 782 * terminated, malloc'd copy of the string is returned in the char * 783 * pointed to by str. The length of the string not including the trailing 784 * NUL is returned on success, -1 if the requested string capability 785 * couldn't be found, -2 if a system error was encountered (storage 786 * allocation failure). 787 */ 788 int 789 cgetstr(char *buf, const char *cap, char **str) 790 { 791 u_int m_room; 792 char *bp, *mp; 793 int len; 794 char *mem; 795 796 /* 797 * Find string capability cap 798 */ 799 bp = cgetcap(buf, cap, '='); 800 if (bp == NULL) 801 return (-1); 802 803 /* 804 * Conversion / storage allocation loop ... Allocate memory in 805 * chunks SFRAG in size. 806 */ 807 if ((mem = malloc(SFRAG)) == NULL) 808 return (-2); /* couldn't even allocate the first fragment */ 809 m_room = SFRAG; 810 mp = mem; 811 812 while (*bp != ':' && *bp != '\0') { 813 /* 814 * Loop invariants: 815 * There is always room for one more character in mem. 816 * Mp always points just past last character in mem. 817 * Bp always points at next character in buf. 818 */ 819 if (*bp == '^') { 820 bp++; 821 if (*bp == ':' || *bp == '\0') 822 break; /* drop unfinished escape */ 823 *mp++ = *bp++ & 037; 824 } else if (*bp == '\\') { 825 bp++; 826 if (*bp == ':' || *bp == '\0') 827 break; /* drop unfinished escape */ 828 if ('0' <= *bp && *bp <= '7') { 829 int n, i; 830 831 n = 0; 832 i = 3; /* maximum of three octal digits */ 833 do { 834 n = n * 8 + (*bp++ - '0'); 835 } while (--i && '0' <= *bp && *bp <= '7'); 836 *mp++ = n; 837 } 838 else switch (*bp++) { 839 case 'b': case 'B': 840 *mp++ = '\b'; 841 break; 842 case 't': case 'T': 843 *mp++ = '\t'; 844 break; 845 case 'n': case 'N': 846 *mp++ = '\n'; 847 break; 848 case 'f': case 'F': 849 *mp++ = '\f'; 850 break; 851 case 'r': case 'R': 852 *mp++ = '\r'; 853 break; 854 case 'e': case 'E': 855 *mp++ = ESC; 856 break; 857 case 'c': case 'C': 858 *mp++ = ':'; 859 break; 860 default: 861 /* 862 * Catches '\', '^', and 863 * everything else. 864 */ 865 *mp++ = *(bp-1); 866 break; 867 } 868 } else 869 *mp++ = *bp++; 870 m_room--; 871 872 /* 873 * Enforce loop invariant: if no room left in current 874 * buffer, try to get some more. 875 */ 876 if (m_room == 0) { 877 size_t size = mp - mem; 878 char *nmem; 879 880 if ((nmem = realloc(mem, size + SFRAG)) == NULL) { 881 if (mem) 882 free(mem); 883 return (-2); 884 } 885 mem = nmem; 886 m_room = SFRAG; 887 mp = mem + size; 888 } 889 } 890 *mp++ = '\0'; /* loop invariant let's us do this */ 891 m_room--; 892 len = mp - mem - 1; 893 894 /* 895 * Give back any extra memory and return value and success. 896 */ 897 if (m_room != 0) { 898 char *nmem; 899 900 if ((nmem = realloc(mem, (size_t)(mp - mem))) == NULL) { 901 if (mem) 902 free(mem); 903 return (-2); 904 } 905 mem = nmem; 906 } 907 *str = mem; 908 return (len); 909 } 910 911 /* 912 * Cgetustr retrieves the value of the string capability cap from the 913 * capability record pointed to by buf. The difference between cgetustr() 914 * and cgetstr() is that cgetustr does not decode escapes but rather treats 915 * all characters literally. A pointer to a NUL terminated malloc'd 916 * copy of the string is returned in the char pointed to by str. The 917 * length of the string not including the trailing NUL is returned on success, 918 * -1 if the requested string capability couldn't be found, -2 if a system 919 * error was encountered (storage allocation failure). 920 */ 921 int 922 cgetustr(char *buf, const char *cap, char **str) 923 { 924 u_int m_room; 925 char *bp, *mp; 926 int len; 927 char *mem; 928 929 /* 930 * Find string capability cap 931 */ 932 if ((bp = cgetcap(buf, cap, '=')) == NULL) 933 return (-1); 934 935 /* 936 * Conversion / storage allocation loop ... Allocate memory in 937 * chunks SFRAG in size. 938 */ 939 if ((mem = malloc(SFRAG)) == NULL) 940 return (-2); /* couldn't even allocate the first fragment */ 941 m_room = SFRAG; 942 mp = mem; 943 944 while (*bp != ':' && *bp != '\0') { 945 /* 946 * Loop invariants: 947 * There is always room for one more character in mem. 948 * Mp always points just past last character in mem. 949 * Bp always points at next character in buf. 950 */ 951 *mp++ = *bp++; 952 m_room--; 953 954 /* 955 * Enforce loop invariant: if no room left in current 956 * buffer, try to get some more. 957 */ 958 if (m_room == 0) { 959 size_t size = mp - mem; 960 char *nmem; 961 962 if ((nmem = realloc(mem, size + SFRAG)) == NULL) { 963 if (mem) 964 free(mem); 965 return (-2); 966 } 967 mem = nmem; 968 m_room = SFRAG; 969 mp = mem + size; 970 } 971 } 972 *mp++ = '\0'; /* loop invariant let's us do this */ 973 m_room--; 974 len = mp - mem - 1; 975 976 /* 977 * Give back any extra memory and return value and success. 978 */ 979 if (m_room != 0) { 980 char *nmem; 981 982 if ((nmem = realloc(mem, mp - mem)) == NULL) { 983 if (mem) 984 free(mem); 985 return (-2); 986 } 987 mem = nmem; 988 } 989 *str = mem; 990 return (len); 991 } 992 993 /* 994 * Cgetnum retrieves the value of the numeric capability cap from the 995 * capability record pointed to by buf. The numeric value is returned in 996 * the long pointed to by num. 0 is returned on success, -1 if the requested 997 * numeric capability couldn't be found. 998 */ 999 int 1000 cgetnum(char *buf, const char *cap, long *num) 1001 { 1002 long n; 1003 int base, digit; 1004 char *bp; 1005 1006 /* 1007 * Find numeric capability cap 1008 */ 1009 bp = cgetcap(buf, cap, '#'); 1010 if (bp == NULL) 1011 return (-1); 1012 1013 /* 1014 * Look at value and determine numeric base: 1015 * 0x... or 0X... hexadecimal, 1016 * else 0... octal, 1017 * else decimal. 1018 */ 1019 if (*bp == '0') { 1020 bp++; 1021 if (*bp == 'x' || *bp == 'X') { 1022 bp++; 1023 base = 16; 1024 } else 1025 base = 8; 1026 } else 1027 base = 10; 1028 1029 /* 1030 * Conversion loop ... 1031 */ 1032 n = 0; 1033 for (;;) { 1034 if ('0' <= *bp && *bp <= '9') 1035 digit = *bp - '0'; 1036 else if ('a' <= *bp && *bp <= 'f') 1037 digit = 10 + *bp - 'a'; 1038 else if ('A' <= *bp && *bp <= 'F') 1039 digit = 10 + *bp - 'A'; 1040 else 1041 break; 1042 1043 if (digit >= base) 1044 break; 1045 1046 n = n * base + digit; 1047 bp++; 1048 } 1049 1050 /* 1051 * Return value and success. 1052 */ 1053 *num = n; 1054 return (0); 1055 } 1056 1057 /* 1058 * Compare name field of record. 1059 */ 1060 static int 1061 nfcmp(const char *nf, char *rec) 1062 { 1063 char *cp, tmp; 1064 int ret; 1065 1066 for (cp = rec; *cp != ':'; cp++) 1067 ; 1068 1069 tmp = *(cp + 1); 1070 *(cp + 1) = '\0'; 1071 ret = strcmp(nf, rec); 1072 *(cp + 1) = tmp; 1073 1074 return (ret); 1075 } 1076