1 /*
2  * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the OpenSSL license (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include <string.h>
12 #include "internal/cryptlib.h"
13 #include "crypto/ctype.h"
14 #include "internal/numbers.h"
15 #include <openssl/bio.h>
16 
17 /*
18  * Copyright Patrick Powell 1995
19  * This code is based on code written by Patrick Powell <papowell@astart.com>
20  * It may be used for any purpose as long as this notice remains intact
21  * on all source code distributions.
22  */
23 
24 #ifdef HAVE_LONG_DOUBLE
25 # define LDOUBLE long double
26 #else
27 # define LDOUBLE double
28 #endif
29 
30 static int fmtstr(char **, char **, size_t *, size_t *,
31                   const char *, int, int, int);
32 static int fmtint(char **, char **, size_t *, size_t *,
33                   int64_t, int, int, int, int);
34 static int fmtfp(char **, char **, size_t *, size_t *,
35                  LDOUBLE, int, int, int, int);
36 static int doapr_outch(char **, char **, size_t *, size_t *, int);
37 static int _dopr(char **sbuffer, char **buffer,
38                  size_t *maxlen, size_t *retlen, int *truncated,
39                  const char *format, va_list args);
40 
41 /* format read states */
42 #define DP_S_DEFAULT    0
43 #define DP_S_FLAGS      1
44 #define DP_S_MIN        2
45 #define DP_S_DOT        3
46 #define DP_S_MAX        4
47 #define DP_S_MOD        5
48 #define DP_S_CONV       6
49 #define DP_S_DONE       7
50 
51 /* format flags - Bits */
52 /* left-aligned padding */
53 #define DP_F_MINUS      (1 << 0)
54 /* print an explicit '+' for a value with positive sign */
55 #define DP_F_PLUS       (1 << 1)
56 /* print an explicit ' ' for a value with positive sign */
57 #define DP_F_SPACE      (1 << 2)
58 /* print 0/0x prefix for octal/hex and decimal point for floating point */
59 #define DP_F_NUM        (1 << 3)
60 /* print leading zeroes */
61 #define DP_F_ZERO       (1 << 4)
62 /* print HEX in UPPPERcase */
63 #define DP_F_UP         (1 << 5)
64 /* treat value as unsigned */
65 #define DP_F_UNSIGNED   (1 << 6)
66 
67 /* conversion flags */
68 #define DP_C_SHORT      1
69 #define DP_C_LONG       2
70 #define DP_C_LDOUBLE    3
71 #define DP_C_LLONG      4
72 #define DP_C_SIZE       5
73 
74 /* Floating point formats */
75 #define F_FORMAT        0
76 #define E_FORMAT        1
77 #define G_FORMAT        2
78 
79 /* some handy macros */
80 #define char_to_int(p) (p - '0')
81 #define OSSL_MAX(p,q) ((p >= q) ? p : q)
82 
83 static int
_dopr(char ** sbuffer,char ** buffer,size_t * maxlen,size_t * retlen,int * truncated,const char * format,va_list args)84 _dopr(char **sbuffer,
85       char **buffer,
86       size_t *maxlen,
87       size_t *retlen, int *truncated, const char *format, va_list args)
88 {
89     char ch;
90     int64_t value;
91     LDOUBLE fvalue;
92     char *strvalue;
93     int min;
94     int max;
95     int state;
96     int flags;
97     int cflags;
98     size_t currlen;
99 
100     state = DP_S_DEFAULT;
101     flags = currlen = cflags = min = 0;
102     max = -1;
103     ch = *format++;
104 
105     while (state != DP_S_DONE) {
106         if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
107             state = DP_S_DONE;
108 
109         switch (state) {
110         case DP_S_DEFAULT:
111             if (ch == '%')
112                 state = DP_S_FLAGS;
113             else
114                 if (!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
115                     return 0;
116             ch = *format++;
117             break;
118         case DP_S_FLAGS:
119             switch (ch) {
120             case '-':
121                 flags |= DP_F_MINUS;
122                 ch = *format++;
123                 break;
124             case '+':
125                 flags |= DP_F_PLUS;
126                 ch = *format++;
127                 break;
128             case ' ':
129                 flags |= DP_F_SPACE;
130                 ch = *format++;
131                 break;
132             case '#':
133                 flags |= DP_F_NUM;
134                 ch = *format++;
135                 break;
136             case '0':
137                 flags |= DP_F_ZERO;
138                 ch = *format++;
139                 break;
140             default:
141                 state = DP_S_MIN;
142                 break;
143             }
144             break;
145         case DP_S_MIN:
146             if (ossl_isdigit(ch)) {
147                 min = 10 * min + char_to_int(ch);
148                 ch = *format++;
149             } else if (ch == '*') {
150                 min = va_arg(args, int);
151                 ch = *format++;
152                 state = DP_S_DOT;
153             } else
154                 state = DP_S_DOT;
155             break;
156         case DP_S_DOT:
157             if (ch == '.') {
158                 state = DP_S_MAX;
159                 ch = *format++;
160             } else
161                 state = DP_S_MOD;
162             break;
163         case DP_S_MAX:
164             if (ossl_isdigit(ch)) {
165                 if (max < 0)
166                     max = 0;
167                 max = 10 * max + char_to_int(ch);
168                 ch = *format++;
169             } else if (ch == '*') {
170                 max = va_arg(args, int);
171                 ch = *format++;
172                 state = DP_S_MOD;
173             } else
174                 state = DP_S_MOD;
175             break;
176         case DP_S_MOD:
177             switch (ch) {
178             case 'h':
179                 cflags = DP_C_SHORT;
180                 ch = *format++;
181                 break;
182             case 'l':
183                 if (*format == 'l') {
184                     cflags = DP_C_LLONG;
185                     format++;
186                 } else
187                     cflags = DP_C_LONG;
188                 ch = *format++;
189                 break;
190             case 'q':
191             case 'j':
192                 cflags = DP_C_LLONG;
193                 ch = *format++;
194                 break;
195             case 'L':
196                 cflags = DP_C_LDOUBLE;
197                 ch = *format++;
198                 break;
199             case 'z':
200                 cflags = DP_C_SIZE;
201                 ch = *format++;
202                 break;
203             default:
204                 break;
205             }
206             state = DP_S_CONV;
207             break;
208         case DP_S_CONV:
209             switch (ch) {
210             case 'd':
211             case 'i':
212                 switch (cflags) {
213                 case DP_C_SHORT:
214                     value = (short int)va_arg(args, int);
215                     break;
216                 case DP_C_LONG:
217                     value = va_arg(args, long int);
218                     break;
219                 case DP_C_LLONG:
220                     value = va_arg(args, int64_t);
221                     break;
222                 case DP_C_SIZE:
223                     value = va_arg(args, ossl_ssize_t);
224                     break;
225                 default:
226                     value = va_arg(args, int);
227                     break;
228                 }
229                 if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
230                             max, flags))
231                     return 0;
232                 break;
233             case 'X':
234                 flags |= DP_F_UP;
235                 /* FALLTHROUGH */
236             case 'x':
237             case 'o':
238             case 'u':
239                 flags |= DP_F_UNSIGNED;
240                 switch (cflags) {
241                 case DP_C_SHORT:
242                     value = (unsigned short int)va_arg(args, unsigned int);
243                     break;
244                 case DP_C_LONG:
245                     value = va_arg(args, unsigned long int);
246                     break;
247                 case DP_C_LLONG:
248                     value = va_arg(args, uint64_t);
249                     break;
250                 case DP_C_SIZE:
251                     value = va_arg(args, size_t);
252                     break;
253                 default:
254                     value = va_arg(args, unsigned int);
255                     break;
256                 }
257                 if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
258                             ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
259                             min, max, flags))
260                     return 0;
261                 break;
262             case 'f':
263                 if (cflags == DP_C_LDOUBLE)
264                     fvalue = va_arg(args, LDOUBLE);
265                 else
266                     fvalue = va_arg(args, double);
267                 if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
268                            flags, F_FORMAT))
269                     return 0;
270                 break;
271             case 'E':
272                 flags |= DP_F_UP;
273                 /* fall thru */
274             case 'e':
275                 if (cflags == DP_C_LDOUBLE)
276                     fvalue = va_arg(args, LDOUBLE);
277                 else
278                     fvalue = va_arg(args, double);
279                 if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
280                            flags, E_FORMAT))
281                     return 0;
282                 break;
283             case 'G':
284                 flags |= DP_F_UP;
285                 /* fall thru */
286             case 'g':
287                 if (cflags == DP_C_LDOUBLE)
288                     fvalue = va_arg(args, LDOUBLE);
289                 else
290                     fvalue = va_arg(args, double);
291                 if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
292                            flags, G_FORMAT))
293                     return 0;
294                 break;
295             case 'c':
296                 if (!doapr_outch(sbuffer, buffer, &currlen, maxlen,
297                                  va_arg(args, int)))
298                     return 0;
299                 break;
300             case 's':
301                 strvalue = va_arg(args, char *);
302                 if (max < 0) {
303                     if (buffer)
304                         max = INT_MAX;
305                     else
306                         max = *maxlen;
307                 }
308                 if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
309                             flags, min, max))
310                     return 0;
311                 break;
312             case 'p':
313                 value = (size_t)va_arg(args, void *);
314                 if (!fmtint(sbuffer, buffer, &currlen, maxlen,
315                             value, 16, min, max, flags | DP_F_NUM))
316                     return 0;
317                 break;
318             case 'n':
319                 {
320                     int *num;
321                     num = va_arg(args, int *);
322                     *num = currlen;
323                 }
324                 break;
325             case '%':
326                 if (!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
327                     return 0;
328                 break;
329             case 'w':
330                 /* not supported yet, treat as next char */
331                 ch = *format++;
332                 break;
333             default:
334                 /* unknown, skip */
335                 break;
336             }
337             ch = *format++;
338             state = DP_S_DEFAULT;
339             flags = cflags = min = 0;
340             max = -1;
341             break;
342         case DP_S_DONE:
343             break;
344         default:
345             break;
346         }
347     }
348     /*
349      * We have to truncate if there is no dynamic buffer and we have filled the
350      * static buffer.
351      */
352     if (buffer == NULL) {
353         *truncated = (currlen > *maxlen - 1);
354         if (*truncated)
355             currlen = *maxlen - 1;
356     }
357     if (!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
358         return 0;
359     *retlen = currlen - 1;
360     return 1;
361 }
362 
363 static int
fmtstr(char ** sbuffer,char ** buffer,size_t * currlen,size_t * maxlen,const char * value,int flags,int min,int max)364 fmtstr(char **sbuffer,
365        char **buffer,
366        size_t *currlen,
367        size_t *maxlen, const char *value, int flags, int min, int max)
368 {
369     int padlen;
370     size_t strln;
371     int cnt = 0;
372 
373     if (value == 0)
374         value = "<NULL>";
375 
376     strln = OPENSSL_strnlen(value, max < 0 ? SIZE_MAX : (size_t)max);
377 
378     padlen = min - strln;
379     if (min < 0 || padlen < 0)
380         padlen = 0;
381     if (max >= 0) {
382         /*
383          * Calculate the maximum output including padding.
384          * Make sure max doesn't overflow into negativity
385          */
386         if (max < INT_MAX - padlen)
387             max += padlen;
388         else
389             max = INT_MAX;
390     }
391     if (flags & DP_F_MINUS)
392         padlen = -padlen;
393 
394     while ((padlen > 0) && (max < 0 || cnt < max)) {
395         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
396             return 0;
397         --padlen;
398         ++cnt;
399     }
400     while (strln > 0 && (max < 0 || cnt < max)) {
401         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
402             return 0;
403         --strln;
404         ++cnt;
405     }
406     while ((padlen < 0) && (max < 0 || cnt < max)) {
407         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
408             return 0;
409         ++padlen;
410         ++cnt;
411     }
412     return 1;
413 }
414 
415 static int
fmtint(char ** sbuffer,char ** buffer,size_t * currlen,size_t * maxlen,int64_t value,int base,int min,int max,int flags)416 fmtint(char **sbuffer,
417        char **buffer,
418        size_t *currlen,
419        size_t *maxlen, int64_t value, int base, int min, int max, int flags)
420 {
421     int signvalue = 0;
422     const char *prefix = "";
423     uint64_t uvalue;
424     char convert[DECIMAL_SIZE(value) + 3];
425     int place = 0;
426     int spadlen = 0;
427     int zpadlen = 0;
428     int caps = 0;
429 
430     if (max < 0)
431         max = 0;
432     uvalue = value;
433     if (!(flags & DP_F_UNSIGNED)) {
434         if (value < 0) {
435             signvalue = '-';
436             uvalue = 0 - (uint64_t)value;
437         } else if (flags & DP_F_PLUS)
438             signvalue = '+';
439         else if (flags & DP_F_SPACE)
440             signvalue = ' ';
441     }
442     if (flags & DP_F_NUM) {
443         if (base == 8)
444             prefix = "0";
445         if (base == 16)
446             prefix = "0x";
447     }
448     if (flags & DP_F_UP)
449         caps = 1;
450     do {
451         convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef")
452             [uvalue % (unsigned)base];
453         uvalue = (uvalue / (unsigned)base);
454     } while (uvalue && (place < (int)sizeof(convert)));
455     if (place == sizeof(convert))
456         place--;
457     convert[place] = 0;
458 
459     zpadlen = max - place;
460     spadlen =
461         min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
462     if (zpadlen < 0)
463         zpadlen = 0;
464     if (spadlen < 0)
465         spadlen = 0;
466     if (flags & DP_F_ZERO) {
467         zpadlen = OSSL_MAX(zpadlen, spadlen);
468         spadlen = 0;
469     }
470     if (flags & DP_F_MINUS)
471         spadlen = -spadlen;
472 
473     /* spaces */
474     while (spadlen > 0) {
475         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
476             return 0;
477         --spadlen;
478     }
479 
480     /* sign */
481     if (signvalue)
482         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
483             return 0;
484 
485     /* prefix */
486     while (*prefix) {
487         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
488             return 0;
489         prefix++;
490     }
491 
492     /* zeros */
493     if (zpadlen > 0) {
494         while (zpadlen > 0) {
495             if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
496                 return 0;
497             --zpadlen;
498         }
499     }
500     /* digits */
501     while (place > 0) {
502         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
503             return 0;
504     }
505 
506     /* left justified spaces */
507     while (spadlen < 0) {
508         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
509             return 0;
510         ++spadlen;
511     }
512     return 1;
513 }
514 
abs_val(LDOUBLE value)515 static LDOUBLE abs_val(LDOUBLE value)
516 {
517     LDOUBLE result = value;
518     if (value < 0)
519         result = -value;
520     return result;
521 }
522 
pow_10(int in_exp)523 static LDOUBLE pow_10(int in_exp)
524 {
525     LDOUBLE result = 1;
526     while (in_exp) {
527         result *= 10;
528         in_exp--;
529     }
530     return result;
531 }
532 
roundv(LDOUBLE value)533 static long roundv(LDOUBLE value)
534 {
535     long intpart;
536     intpart = (long)value;
537     value = value - intpart;
538     if (value >= 0.5)
539         intpart++;
540     return intpart;
541 }
542 
543 static int
fmtfp(char ** sbuffer,char ** buffer,size_t * currlen,size_t * maxlen,LDOUBLE fvalue,int min,int max,int flags,int style)544 fmtfp(char **sbuffer,
545       char **buffer,
546       size_t *currlen,
547       size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags, int style)
548 {
549     int signvalue = 0;
550     LDOUBLE ufvalue;
551     LDOUBLE tmpvalue;
552     char iconvert[20];
553     char fconvert[20];
554     char econvert[20];
555     int iplace = 0;
556     int fplace = 0;
557     int eplace = 0;
558     int padlen = 0;
559     int zpadlen = 0;
560     long exp = 0;
561     unsigned long intpart;
562     unsigned long fracpart;
563     unsigned long max10;
564     int realstyle;
565 
566     if (max < 0)
567         max = 6;
568 
569     if (fvalue < 0)
570         signvalue = '-';
571     else if (flags & DP_F_PLUS)
572         signvalue = '+';
573     else if (flags & DP_F_SPACE)
574         signvalue = ' ';
575 
576     /*
577      * G_FORMAT sometimes prints like E_FORMAT and sometimes like F_FORMAT
578      * depending on the number to be printed. Work out which one it is and use
579      * that from here on.
580      */
581     if (style == G_FORMAT) {
582         if (fvalue == 0.0) {
583             realstyle = F_FORMAT;
584         } else if (fvalue < 0.0001) {
585             realstyle = E_FORMAT;
586         } else if ((max == 0 && fvalue >= 10)
587                     || (max > 0 && fvalue >= pow_10(max))) {
588             realstyle = E_FORMAT;
589         } else {
590             realstyle = F_FORMAT;
591         }
592     } else {
593         realstyle = style;
594     }
595 
596     if (style != F_FORMAT) {
597         tmpvalue = fvalue;
598         /* Calculate the exponent */
599         if (fvalue != 0.0) {
600             while (tmpvalue < 1) {
601                 tmpvalue *= 10;
602                 exp--;
603             }
604             while (tmpvalue > 10) {
605                 tmpvalue /= 10;
606                 exp++;
607             }
608         }
609         if (style == G_FORMAT) {
610             /*
611              * In G_FORMAT the "precision" represents significant digits. We
612              * always have at least 1 significant digit.
613              */
614             if (max == 0)
615                 max = 1;
616             /* Now convert significant digits to decimal places */
617             if (realstyle == F_FORMAT) {
618                 max -= (exp + 1);
619                 if (max < 0) {
620                     /*
621                      * Should not happen. If we're in F_FORMAT then exp < max?
622                      */
623                     return 0;
624                 }
625             } else {
626                 /*
627                  * In E_FORMAT there is always one significant digit in front
628                  * of the decimal point, so:
629                  * significant digits == 1 + decimal places
630                  */
631                 max--;
632             }
633         }
634         if (realstyle == E_FORMAT)
635             fvalue = tmpvalue;
636     }
637     ufvalue = abs_val(fvalue);
638     /*
639      * By subtracting 65535 (2^16-1) we cancel the low order 15 bits
640      * of ULONG_MAX to avoid using imprecise floating point values.
641      */
642     if (ufvalue >= (double)(ULONG_MAX - 65535) + 65536.0) {
643         /* Number too big */
644         return 0;
645     }
646     intpart = (unsigned long)ufvalue;
647 
648     /*
649      * sorry, we only support 9 digits past the decimal because of our
650      * conversion method
651      */
652     if (max > 9)
653         max = 9;
654 
655     /*
656      * we "cheat" by converting the fractional part to integer by multiplying
657      * by a factor of 10
658      */
659     max10 = roundv(pow_10(max));
660     fracpart = roundv(pow_10(max) * (ufvalue - intpart));
661 
662     if (fracpart >= max10) {
663         intpart++;
664         fracpart -= max10;
665     }
666 
667     /* convert integer part */
668     do {
669         iconvert[iplace++] = "0123456789"[intpart % 10];
670         intpart = (intpart / 10);
671     } while (intpart && (iplace < (int)sizeof(iconvert)));
672     if (iplace == sizeof(iconvert))
673         iplace--;
674     iconvert[iplace] = 0;
675 
676     /* convert fractional part */
677     while (fplace < max) {
678         if (style == G_FORMAT && fplace == 0 && (fracpart % 10) == 0) {
679             /* We strip trailing zeros in G_FORMAT */
680             max--;
681             fracpart = fracpart / 10;
682             if (fplace < max)
683                 continue;
684             break;
685         }
686         fconvert[fplace++] = "0123456789"[fracpart % 10];
687         fracpart = (fracpart / 10);
688     }
689 
690     if (fplace == sizeof(fconvert))
691         fplace--;
692     fconvert[fplace] = 0;
693 
694     /* convert exponent part */
695     if (realstyle == E_FORMAT) {
696         int tmpexp;
697         if (exp < 0)
698             tmpexp = -exp;
699         else
700             tmpexp = exp;
701 
702         do {
703             econvert[eplace++] = "0123456789"[tmpexp % 10];
704             tmpexp = (tmpexp / 10);
705         } while (tmpexp > 0 && eplace < (int)sizeof(econvert));
706         /* Exponent is huge!! Too big to print */
707         if (tmpexp > 0)
708             return 0;
709         /* Add a leading 0 for single digit exponents */
710         if (eplace == 1)
711             econvert[eplace++] = '0';
712     }
713 
714     /*
715      * -1 for decimal point (if we have one, i.e. max > 0),
716      * another -1 if we are printing a sign
717      */
718     padlen = min - iplace - max - (max > 0 ? 1 : 0) - ((signvalue) ? 1 : 0);
719     /* Take some off for exponent prefix "+e" and exponent */
720     if (realstyle == E_FORMAT)
721         padlen -= 2 + eplace;
722     zpadlen = max - fplace;
723     if (zpadlen < 0)
724         zpadlen = 0;
725     if (padlen < 0)
726         padlen = 0;
727     if (flags & DP_F_MINUS)
728         padlen = -padlen;
729 
730     if ((flags & DP_F_ZERO) && (padlen > 0)) {
731         if (signvalue) {
732             if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
733                 return 0;
734             --padlen;
735             signvalue = 0;
736         }
737         while (padlen > 0) {
738             if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
739                 return 0;
740             --padlen;
741         }
742     }
743     while (padlen > 0) {
744         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
745             return 0;
746         --padlen;
747     }
748     if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
749         return 0;
750 
751     while (iplace > 0) {
752         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
753             return 0;
754     }
755 
756     /*
757      * Decimal point. This should probably use locale to find the correct
758      * char to print out.
759      */
760     if (max > 0 || (flags & DP_F_NUM)) {
761         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
762             return 0;
763 
764         while (fplace > 0) {
765             if (!doapr_outch(sbuffer, buffer, currlen, maxlen,
766                              fconvert[--fplace]))
767                 return 0;
768         }
769     }
770     while (zpadlen > 0) {
771         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
772             return 0;
773         --zpadlen;
774     }
775     if (realstyle == E_FORMAT) {
776         char ech;
777 
778         if ((flags & DP_F_UP) == 0)
779             ech = 'e';
780         else
781             ech = 'E';
782         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ech))
783                 return 0;
784         if (exp < 0) {
785             if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '-'))
786                     return 0;
787         } else {
788             if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '+'))
789                     return 0;
790         }
791         while (eplace > 0) {
792             if (!doapr_outch(sbuffer, buffer, currlen, maxlen,
793                              econvert[--eplace]))
794                 return 0;
795         }
796     }
797 
798     while (padlen < 0) {
799         if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
800             return 0;
801         ++padlen;
802     }
803     return 1;
804 }
805 
806 #define BUFFER_INC  1024
807 
808 static int
doapr_outch(char ** sbuffer,char ** buffer,size_t * currlen,size_t * maxlen,int c)809 doapr_outch(char **sbuffer,
810             char **buffer, size_t *currlen, size_t *maxlen, int c)
811 {
812     /* If we haven't at least one buffer, someone has done a big booboo */
813     if (!ossl_assert(*sbuffer != NULL || buffer != NULL))
814         return 0;
815 
816     /* |currlen| must always be <= |*maxlen| */
817     if (!ossl_assert(*currlen <= *maxlen))
818         return 0;
819 
820     if (buffer && *currlen == *maxlen) {
821         if (*maxlen > INT_MAX - BUFFER_INC)
822             return 0;
823 
824         *maxlen += BUFFER_INC;
825         if (*buffer == NULL) {
826             if ((*buffer = OPENSSL_malloc(*maxlen)) == NULL) {
827                 BIOerr(BIO_F_DOAPR_OUTCH, ERR_R_MALLOC_FAILURE);
828                 return 0;
829             }
830             if (*currlen > 0) {
831                 if (!ossl_assert(*sbuffer != NULL))
832                     return 0;
833                 memcpy(*buffer, *sbuffer, *currlen);
834             }
835             *sbuffer = NULL;
836         } else {
837             char *tmpbuf;
838             tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
839             if (tmpbuf == NULL)
840                 return 0;
841             *buffer = tmpbuf;
842         }
843     }
844 
845     if (*currlen < *maxlen) {
846         if (*sbuffer)
847             (*sbuffer)[(*currlen)++] = (char)c;
848         else
849             (*buffer)[(*currlen)++] = (char)c;
850     }
851 
852     return 1;
853 }
854 
855 /***************************************************************************/
856 
BIO_printf(BIO * bio,const char * format,...)857 int BIO_printf(BIO *bio, const char *format, ...)
858 {
859     va_list args;
860     int ret;
861 
862     va_start(args, format);
863 
864     ret = BIO_vprintf(bio, format, args);
865 
866     va_end(args);
867     return ret;
868 }
869 
BIO_vprintf(BIO * bio,const char * format,va_list args)870 int BIO_vprintf(BIO *bio, const char *format, va_list args)
871 {
872     int ret;
873     size_t retlen;
874     char hugebuf[1024 * 2];     /* Was previously 10k, which is unreasonable
875                                  * in small-stack environments, like threads
876                                  * or DOS programs. */
877     char *hugebufp = hugebuf;
878     size_t hugebufsize = sizeof(hugebuf);
879     char *dynbuf = NULL;
880     int ignored;
881 
882     dynbuf = NULL;
883     if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
884                 args)) {
885         OPENSSL_free(dynbuf);
886         return -1;
887     }
888     if (dynbuf) {
889         ret = BIO_write(bio, dynbuf, (int)retlen);
890         OPENSSL_free(dynbuf);
891     } else {
892         ret = BIO_write(bio, hugebuf, (int)retlen);
893     }
894     return ret;
895 }
896 
897 /*
898  * As snprintf is not available everywhere, we provide our own
899  * implementation. This function has nothing to do with BIOs, but it's
900  * closely related to BIO_printf, and we need *some* name prefix ... (XXX the
901  * function should be renamed, but to what?)
902  */
BIO_snprintf(char * buf,size_t n,const char * format,...)903 int BIO_snprintf(char *buf, size_t n, const char *format, ...)
904 {
905     va_list args;
906     int ret;
907 
908     va_start(args, format);
909 
910     ret = BIO_vsnprintf(buf, n, format, args);
911 
912     va_end(args);
913     return ret;
914 }
915 
BIO_vsnprintf(char * buf,size_t n,const char * format,va_list args)916 int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
917 {
918     size_t retlen;
919     int truncated;
920 
921     if (!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
922         return -1;
923 
924     if (truncated)
925         /*
926          * In case of truncation, return -1 like traditional snprintf.
927          * (Current drafts for ISO/IEC 9899 say snprintf should return the
928          * number of characters that would have been written, had the buffer
929          * been large enough.)
930          */
931         return -1;
932     else
933         return (retlen <= INT_MAX) ? (int)retlen : -1;
934 }
935