1 /*- 2 * Copyright (c) 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Casey Leedom of Lawrence Livermore National Laboratory. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)getcap.c 8.3 (Berkeley) 3/25/94 33 * $FreeBSD: src/lib/libc/gen/getcap.c,v 1.20 2007/01/09 00:27:53 imp Exp $ 34 * $DragonFly: src/lib/libc/gen/getcap.c,v 1.7 2005/11/19 22:32:53 swildner Exp $ 35 */ 36 37 #include "namespace.h" 38 #include <sys/types.h> 39 40 #include <ctype.h> 41 #include <errno.h> 42 #include <fcntl.h> 43 #include <limits.h> 44 #include <stdio.h> 45 #include <stdlib.h> 46 #include <string.h> 47 #include <unistd.h> 48 #include "un-namespace.h" 49 50 #include <db.h> 51 52 #define BFRAG 1024 53 #define BSIZE 1024 54 #define ESC ('[' & 037) /* ASCII ESC */ 55 #define MAX_RECURSION 32 /* maximum getent recursion */ 56 #define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ 57 58 #define RECOK (char)0 59 #define TCERR (char)1 60 #define SHADOW (char)2 61 62 static size_t topreclen; /* toprec length */ 63 static char *toprec; /* Additional record specified by cgetset() */ 64 static int gottoprec; /* Flag indicating retrieval of toprecord */ 65 66 static int cdbget(DB *, char **, const char *); 67 static int getent(char **, u_int *, char **, int, const char *, int, char *); 68 static int nfcmp(char *, char *); 69 70 /* 71 * Cgetset() allows the addition of a user specified buffer to be added 72 * to the database array, in effect "pushing" the buffer on top of the 73 * virtual database. 0 is returned on success, -1 on failure. 74 */ 75 int 76 cgetset(const char *ent) 77 { 78 if (ent == NULL) { 79 if (toprec) 80 free(toprec); 81 toprec = NULL; 82 topreclen = 0; 83 return (0); 84 } 85 topreclen = strlen(ent); 86 if ((toprec = malloc (topreclen + 1)) == NULL) { 87 errno = ENOMEM; 88 return (-1); 89 } 90 gottoprec = 0; 91 strcpy(toprec, ent); 92 return (0); 93 } 94 95 /* 96 * Cgetcap searches the capability record buf for the capability cap with 97 * type `type'. A pointer to the value of cap is returned on success, NULL 98 * if the requested capability couldn't be found. 99 * 100 * Specifying a type of ':' means that nothing should follow cap (:cap:). 101 * In this case a pointer to the terminating ':' or NUL will be returned if 102 * cap is found. 103 * 104 * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) 105 * return NULL. 106 */ 107 char * 108 cgetcap(char *buf, const char *cap, int type) 109 { 110 char *bp; 111 const char *cp; 112 113 bp = buf; 114 for (;;) { 115 /* 116 * Skip past the current capability field - it's either the 117 * name field if this is the first time through the loop, or 118 * the remainder of a field whose name failed to match cap. 119 */ 120 for (;;) 121 if (*bp == '\0') 122 return (NULL); 123 else 124 if (*bp++ == ':') 125 break; 126 127 /* 128 * Try to match (cap, type) in buf. 129 */ 130 for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) 131 continue; 132 if (*cp != '\0') 133 continue; 134 if (*bp == '@') 135 return (NULL); 136 if (type == ':') { 137 if (*bp != '\0' && *bp != ':') 138 continue; 139 return(bp); 140 } 141 if (*bp != type) 142 continue; 143 bp++; 144 return (*bp == '@' ? NULL : bp); 145 } 146 /* NOTREACHED */ 147 } 148 149 /* 150 * Cgetent extracts the capability record name from the NULL terminated file 151 * array db_array and returns a pointer to a malloc'd copy of it in buf. 152 * Buf must be retained through all subsequent calls to cgetcap, cgetnum, 153 * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, 154 * -1 if the requested record couldn't be found, -2 if a system error was 155 * encountered (couldn't open/read a file, etc.), and -3 if a potential 156 * reference loop is detected. 157 */ 158 int 159 cgetent(char **buf, char **db_array, const char *name) 160 { 161 u_int dummy; 162 163 return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); 164 } 165 166 /* 167 * Getent implements the functions of cgetent. If fd is non-negative, 168 * *db_array has already been opened and fd is the open file descriptor. We 169 * do this to save time and avoid using up file descriptors for tc= 170 * recursions. 171 * 172 * Getent returns the same success/failure codes as cgetent. On success, a 173 * pointer to a malloc'ed capability record with all tc= capabilities fully 174 * expanded and its length (not including trailing ASCII NUL) are left in 175 * *cap and *len. 176 * 177 * Basic algorithm: 178 * + Allocate memory incrementally as needed in chunks of size BFRAG 179 * for capability buffer. 180 * + Recurse for each tc=name and interpolate result. Stop when all 181 * names interpolated, a name can't be found, or depth exceeds 182 * MAX_RECURSION. 183 */ 184 static int 185 getent(char **cap, u_int *len, char **db_array, int fd, const char *name, 186 int depth, char *nfield) 187 { 188 DB *capdbp; 189 char *r_end, *rp, **db_p; 190 int myfd, eof, foundit, retval, clen; 191 char *record, *cbuf; 192 int tc_not_resolved; 193 char pbuf[_POSIX_PATH_MAX]; 194 195 rp = NULL; 196 myfd = 0; 197 198 /* 199 * Return with ``loop detected'' error if we've recursed more than 200 * MAX_RECURSION times. 201 */ 202 if (depth > MAX_RECURSION) 203 return (-3); 204 205 /* 206 * Check if we have a top record from cgetset(). 207 */ 208 if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { 209 if ((record = malloc (topreclen + BFRAG)) == NULL) { 210 errno = ENOMEM; 211 return (-2); 212 } 213 strcpy(record, toprec); 214 myfd = 0; 215 db_p = db_array; 216 rp = record + topreclen + 1; 217 r_end = rp + BFRAG; 218 goto tc_exp; 219 } 220 /* 221 * Allocate first chunk of memory. 222 */ 223 if ((record = malloc(BFRAG)) == NULL) { 224 errno = ENOMEM; 225 return (-2); 226 } 227 r_end = record + BFRAG; 228 foundit = 0; 229 /* 230 * Loop through database array until finding the record. 231 */ 232 233 for (db_p = db_array; *db_p != NULL; db_p++) { 234 eof = 0; 235 236 /* 237 * Open database if not already open. 238 */ 239 240 if (fd >= 0) { 241 lseek(fd, (off_t)0, SEEK_SET); 242 myfd = 0; 243 } else { 244 snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); 245 if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) 246 != NULL) { 247 free(record); 248 retval = cdbget(capdbp, &record, name); 249 if (retval < 0) { 250 /* no record available */ 251 capdbp->close(capdbp); 252 return (retval); 253 } 254 /* save the data; close frees it */ 255 clen = strlen(record); 256 cbuf = malloc(clen + 1); 257 memcpy(cbuf, record, clen + 1); 258 if (capdbp->close(capdbp) < 0) { 259 free(cbuf); 260 return (-2); 261 } 262 *len = clen; 263 *cap = cbuf; 264 return (retval); 265 } else { 266 fd = _open(*db_p, O_RDONLY, 0); 267 if (fd < 0) 268 continue; 269 myfd = 1; 270 } 271 } 272 /* 273 * Find the requested capability record ... 274 */ 275 { 276 char buf[BUFSIZ]; 277 char *b_end, *bp; 278 int c; 279 280 /* 281 * Loop invariants: 282 * There is always room for one more character in record. 283 * R_end always points just past end of record. 284 * Rp always points just past last character in record. 285 * B_end always points just past last character in buf. 286 * Bp always points at next character in buf. 287 */ 288 b_end = buf; 289 bp = buf; 290 for (;;) { 291 292 /* 293 * Read in a line implementing (\, newline) 294 * line continuation. 295 */ 296 rp = record; 297 for (;;) { 298 if (bp >= b_end) { 299 int n; 300 301 n = _read(fd, buf, sizeof(buf)); 302 if (n <= 0) { 303 if (myfd) 304 _close(fd); 305 if (n < 0) { 306 free(record); 307 return (-2); 308 } else { 309 fd = -1; 310 eof = 1; 311 break; 312 } 313 } 314 b_end = buf+n; 315 bp = buf; 316 } 317 318 c = *bp++; 319 if (c == '\n') { 320 if (rp > record && *(rp-1) == '\\') { 321 rp--; 322 continue; 323 } else 324 break; 325 } 326 *rp++ = c; 327 328 /* 329 * Enforce loop invariant: if no room 330 * left in record buffer, try to get 331 * some more. 332 */ 333 if (rp >= r_end) { 334 u_int pos; 335 size_t newsize; 336 337 pos = rp - record; 338 newsize = r_end - record + BFRAG; 339 record = reallocf(record, newsize); 340 if (record == NULL) { 341 errno = ENOMEM; 342 if (myfd) 343 _close(fd); 344 return (-2); 345 } 346 r_end = record + newsize; 347 rp = record + pos; 348 } 349 } 350 /* loop invariant let's us do this */ 351 *rp++ = '\0'; 352 353 /* 354 * If encountered eof check next file. 355 */ 356 if (eof) 357 break; 358 359 /* 360 * Toss blank lines and comments. 361 */ 362 if (*record == '\0' || *record == '#') 363 continue; 364 365 /* 366 * See if this is the record we want ... 367 */ 368 if (cgetmatch(record, name) == 0) { 369 if (nfield == NULL || !nfcmp(nfield, record)) { 370 foundit = 1; 371 break; /* found it! */ 372 } 373 } 374 } 375 } 376 if (foundit) 377 break; 378 } 379 380 if (!foundit) { 381 free(record); 382 return (-1); 383 } 384 385 /* 386 * Got the capability record, but now we have to expand all tc=name 387 * references in it ... 388 */ 389 tc_exp: { 390 char *newicap, *s; 391 int newilen; 392 u_int ilen; 393 int diff, iret, tclen; 394 char *icap, *scan, *tc, *tcstart, *tcend; 395 396 /* 397 * Loop invariants: 398 * There is room for one more character in record. 399 * R_end points just past end of record. 400 * Rp points just past last character in record. 401 * Scan points at remainder of record that needs to be 402 * scanned for tc=name constructs. 403 */ 404 scan = record; 405 tc_not_resolved = 0; 406 for (;;) { 407 if ((tc = cgetcap(scan, "tc", '=')) == NULL) 408 break; 409 410 /* 411 * Find end of tc=name and stomp on the trailing `:' 412 * (if present) so we can use it to call ourselves. 413 */ 414 s = tc; 415 for (;;) 416 if (*s == '\0') 417 break; 418 else 419 if (*s++ == ':') { 420 *(s - 1) = '\0'; 421 break; 422 } 423 tcstart = tc - 3; 424 tclen = s - tcstart; 425 tcend = s; 426 427 iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, 428 NULL); 429 newicap = icap; /* Put into a register. */ 430 newilen = ilen; 431 if (iret != 0) { 432 /* an error */ 433 if (iret < -1) { 434 if (myfd) 435 _close(fd); 436 free(record); 437 return (iret); 438 } 439 if (iret == 1) 440 tc_not_resolved = 1; 441 /* couldn't resolve tc */ 442 if (iret == -1) { 443 *(s - 1) = ':'; 444 scan = s - 1; 445 tc_not_resolved = 1; 446 continue; 447 448 } 449 } 450 /* not interested in name field of tc'ed record */ 451 s = newicap; 452 for (;;) 453 if (*s == '\0') 454 break; 455 else 456 if (*s++ == ':') 457 break; 458 newilen -= s - newicap; 459 newicap = s; 460 461 /* make sure interpolated record is `:'-terminated */ 462 s += newilen; 463 if (*(s-1) != ':') { 464 *s = ':'; /* overwrite NUL with : */ 465 newilen++; 466 } 467 468 /* 469 * Make sure there's enough room to insert the 470 * new record. 471 */ 472 diff = newilen - tclen; 473 if (diff >= r_end - rp) { 474 u_int pos, tcpos, tcposend; 475 size_t newsize; 476 477 pos = rp - record; 478 newsize = r_end - record + diff + BFRAG; 479 tcpos = tcstart - record; 480 tcposend = tcend - record; 481 record = reallocf(record, newsize); 482 if (record == NULL) { 483 errno = ENOMEM; 484 if (myfd) 485 _close(fd); 486 free(icap); 487 return (-2); 488 } 489 r_end = record + newsize; 490 rp = record + pos; 491 tcstart = record + tcpos; 492 tcend = record + tcposend; 493 } 494 495 /* 496 * Insert tc'ed record into our record. 497 */ 498 s = tcstart + newilen; 499 bcopy(tcend, s, rp - tcend); 500 bcopy(newicap, tcstart, newilen); 501 rp += diff; 502 free(icap); 503 504 /* 505 * Start scan on `:' so next cgetcap works properly 506 * (cgetcap always skips first field). 507 */ 508 scan = s-1; 509 } 510 511 } 512 /* 513 * Close file (if we opened it), give back any extra memory, and 514 * return capability, length and success. 515 */ 516 if (myfd) 517 _close(fd); 518 *len = rp - record - 1; /* don't count NUL */ 519 if (r_end > rp) 520 if ((record = 521 reallocf(record, (size_t)(rp - record))) == NULL) { 522 errno = ENOMEM; 523 return (-2); 524 } 525 526 *cap = record; 527 if (tc_not_resolved) 528 return (1); 529 return (0); 530 } 531 532 static int 533 cdbget(DB *capdbp, char **bp, const char *name) 534 { 535 DBT key, data; 536 char *namebuf; 537 538 namebuf = strdup(name); 539 if (namebuf == NULL) 540 return (-2); 541 key.data = namebuf; 542 key.size = strlen(namebuf); 543 544 for (;;) { 545 /* Get the reference. */ 546 switch(capdbp->get(capdbp, &key, &data, 0)) { 547 case -1: 548 free(namebuf); 549 return (-2); 550 case 1: 551 free(namebuf); 552 return (-1); 553 } 554 555 /* If not an index to another record, leave. */ 556 if (((char *)data.data)[0] != SHADOW) 557 break; 558 559 key.data = (char *)data.data + 1; 560 key.size = data.size - 1; 561 } 562 563 *bp = (char *)data.data + 1; 564 free(namebuf); 565 return (((char *)(data.data))[0] == TCERR ? 1 : 0); 566 } 567 568 /* 569 * Cgetmatch will return 0 if name is one of the names of the capability 570 * record buf, -1 if not. 571 */ 572 int 573 cgetmatch(const char *buf, const char *name) 574 { 575 const char *np, *bp; 576 577 if (name == NULL || *name == '\0') 578 return -1; 579 580 /* 581 * Start search at beginning of record. 582 */ 583 bp = buf; 584 for (;;) { 585 /* 586 * Try to match a record name. 587 */ 588 np = name; 589 for (;;) 590 if (*np == '\0') 591 if (*bp == '|' || *bp == ':' || *bp == '\0') 592 return (0); 593 else 594 break; 595 else 596 if (*bp++ != *np++) 597 break; 598 599 /* 600 * Match failed, skip to next name in record. 601 */ 602 bp--; /* a '|' or ':' may have stopped the match */ 603 for (;;) 604 if (*bp == '\0' || *bp == ':') 605 return (-1); /* match failed totally */ 606 else 607 if (*bp++ == '|') 608 break; /* found next name */ 609 } 610 } 611 612 613 614 615 616 int 617 cgetfirst(char **buf, char **db_array) 618 { 619 cgetclose(); 620 return (cgetnext(buf, db_array)); 621 } 622 623 static FILE *pfp; 624 static int slash; 625 static char **dbp; 626 627 int 628 cgetclose(void) 629 { 630 if (pfp != NULL) { 631 fclose(pfp); 632 pfp = NULL; 633 } 634 dbp = NULL; 635 gottoprec = 0; 636 slash = 0; 637 return(0); 638 } 639 640 /* 641 * Cgetnext() gets either the first or next entry in the logical database 642 * specified by db_array. It returns 0 upon completion of the database, 1 643 * upon returning an entry with more remaining, and -1 if an error occurs. 644 */ 645 int 646 cgetnext(char **bp, char **db_array) 647 { 648 size_t len; 649 int done, hadreaderr, i, savederrno, status; 650 char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; 651 u_int dummy; 652 653 savederrno = 0; 654 655 if (dbp == NULL) 656 dbp = db_array; 657 658 if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { 659 cgetclose(); 660 return (-1); 661 } 662 for(;;) { 663 if (toprec && !gottoprec) { 664 gottoprec = 1; 665 line = toprec; 666 } else { 667 line = fgetln(pfp, &len); 668 if (line == NULL && pfp) { 669 hadreaderr = ferror(pfp); 670 if (hadreaderr) 671 savederrno = errno; 672 fclose(pfp); 673 pfp = NULL; 674 if (hadreaderr) { 675 cgetclose(); 676 errno = savederrno; 677 return (-1); 678 } else { 679 if (*++dbp == NULL) { 680 cgetclose(); 681 return (0); 682 } else if ((pfp = 683 fopen(*dbp, "r")) == NULL) { 684 cgetclose(); 685 return (-1); 686 } else 687 continue; 688 } 689 } else 690 line[len - 1] = '\0'; 691 if (len == 1) { 692 slash = 0; 693 continue; 694 } 695 if (isspace((unsigned char)*line) || 696 *line == ':' || *line == '#' || slash) { 697 if (line[len - 2] == '\\') 698 slash = 1; 699 else 700 slash = 0; 701 continue; 702 } 703 if (line[len - 2] == '\\') 704 slash = 1; 705 else 706 slash = 0; 707 } 708 709 710 /* 711 * Line points to a name line. 712 */ 713 i = 0; 714 done = 0; 715 np = nbuf; 716 for (;;) { 717 for (cp = line; *cp != '\0'; cp++) { 718 if (*cp == ':') { 719 *np++ = ':'; 720 done = 1; 721 break; 722 } 723 if (*cp == '\\') 724 break; 725 *np++ = *cp; 726 } 727 if (done) { 728 *np = '\0'; 729 break; 730 } else { /* name field extends beyond the line */ 731 line = fgetln(pfp, &len); 732 if (line == NULL && pfp) { 733 /* Name extends beyond the EOF! */ 734 hadreaderr = ferror(pfp); 735 if (hadreaderr) 736 savederrno = errno; 737 fclose(pfp); 738 pfp = NULL; 739 if (hadreaderr) { 740 cgetclose(); 741 errno = savederrno; 742 return (-1); 743 } else { 744 cgetclose(); 745 return (-1); 746 } 747 } else 748 line[len - 1] = '\0'; 749 } 750 } 751 rp = buf; 752 for(cp = nbuf; *cp != '\0'; cp++) 753 if (*cp == '|' || *cp == ':') 754 break; 755 else 756 *rp++ = *cp; 757 758 *rp = '\0'; 759 /* 760 * XXX 761 * Last argument of getent here should be nbuf if we want true 762 * sequential access in the case of duplicates. 763 * With NULL, getent will return the first entry found 764 * rather than the duplicate entry record. This is a 765 * matter of semantics that should be resolved. 766 */ 767 status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); 768 if (status == -2 || status == -3) 769 cgetclose(); 770 771 return (status + 1); 772 } 773 /* NOTREACHED */ 774 } 775 776 /* 777 * Cgetstr retrieves the value of the string capability cap from the 778 * capability record pointed to by buf. A pointer to a decoded, NUL 779 * terminated, malloc'd copy of the string is returned in the char * 780 * pointed to by str. The length of the string not including the trailing 781 * NUL is returned on success, -1 if the requested string capability 782 * couldn't be found, -2 if a system error was encountered (storage 783 * allocation failure). 784 */ 785 int 786 cgetstr(char *buf, const char *cap, char **str) 787 { 788 u_int m_room; 789 char *bp, *mp; 790 int len; 791 char *mem; 792 793 /* 794 * Find string capability cap 795 */ 796 bp = cgetcap(buf, cap, '='); 797 if (bp == NULL) 798 return (-1); 799 800 /* 801 * Conversion / storage allocation loop ... Allocate memory in 802 * chunks SFRAG in size. 803 */ 804 if ((mem = malloc(SFRAG)) == NULL) { 805 errno = ENOMEM; 806 return (-2); /* couldn't even allocate the first fragment */ 807 } 808 m_room = SFRAG; 809 mp = mem; 810 811 while (*bp != ':' && *bp != '\0') { 812 /* 813 * Loop invariants: 814 * There is always room for one more character in mem. 815 * Mp always points just past last character in mem. 816 * Bp always points at next character in buf. 817 */ 818 if (*bp == '^') { 819 bp++; 820 if (*bp == ':' || *bp == '\0') 821 break; /* drop unfinished escape */ 822 if (*bp == '?') { 823 *mp++ = '\177'; 824 bp++; 825 } else 826 *mp++ = *bp++ & 037; 827 } else if (*bp == '\\') { 828 bp++; 829 if (*bp == ':' || *bp == '\0') 830 break; /* drop unfinished escape */ 831 if ('0' <= *bp && *bp <= '7') { 832 int n, i; 833 834 n = 0; 835 i = 3; /* maximum of three octal digits */ 836 do { 837 n = n * 8 + (*bp++ - '0'); 838 } while (--i && '0' <= *bp && *bp <= '7'); 839 *mp++ = n; 840 } 841 else switch (*bp++) { 842 case 'b': case 'B': 843 *mp++ = '\b'; 844 break; 845 case 't': case 'T': 846 *mp++ = '\t'; 847 break; 848 case 'n': case 'N': 849 *mp++ = '\n'; 850 break; 851 case 'f': case 'F': 852 *mp++ = '\f'; 853 break; 854 case 'r': case 'R': 855 *mp++ = '\r'; 856 break; 857 case 'e': case 'E': 858 *mp++ = ESC; 859 break; 860 case 'c': case 'C': 861 *mp++ = ':'; 862 break; 863 default: 864 /* 865 * Catches '\', '^', and 866 * everything else. 867 */ 868 *mp++ = *(bp-1); 869 break; 870 } 871 } else 872 *mp++ = *bp++; 873 m_room--; 874 875 /* 876 * Enforce loop invariant: if no room left in current 877 * buffer, try to get some more. 878 */ 879 if (m_room == 0) { 880 size_t size = mp - mem; 881 882 if ((mem = reallocf(mem, size + SFRAG)) == NULL) 883 return (-2); 884 m_room = SFRAG; 885 mp = mem + size; 886 } 887 } 888 *mp++ = '\0'; /* loop invariant let's us do this */ 889 m_room--; 890 len = mp - mem - 1; 891 892 /* 893 * Give back any extra memory and return value and success. 894 */ 895 if (m_room != 0) 896 if ((mem = reallocf(mem, (size_t)(mp - mem))) == NULL) 897 return (-2); 898 *str = mem; 899 return (len); 900 } 901 902 /* 903 * Cgetustr retrieves the value of the string capability cap from the 904 * capability record pointed to by buf. The difference between cgetustr() 905 * and cgetstr() is that cgetustr does not decode escapes but rather treats 906 * all characters literally. A pointer to a NUL terminated malloc'd 907 * copy of the string is returned in the char pointed to by str. The 908 * length of the string not including the trailing NUL is returned on success, 909 * -1 if the requested string capability couldn't be found, -2 if a system 910 * error was encountered (storage allocation failure). 911 */ 912 int 913 cgetustr(char *buf, const char *cap, char **str) 914 { 915 u_int m_room; 916 char *bp, *mp; 917 int len; 918 char *mem; 919 920 /* 921 * Find string capability cap 922 */ 923 if ((bp = cgetcap(buf, cap, '=')) == NULL) 924 return (-1); 925 926 /* 927 * Conversion / storage allocation loop ... Allocate memory in 928 * chunks SFRAG in size. 929 */ 930 if ((mem = malloc(SFRAG)) == NULL) { 931 errno = ENOMEM; 932 return (-2); /* couldn't even allocate the first fragment */ 933 } 934 m_room = SFRAG; 935 mp = mem; 936 937 while (*bp != ':' && *bp != '\0') { 938 /* 939 * Loop invariants: 940 * There is always room for one more character in mem. 941 * Mp always points just past last character in mem. 942 * Bp always points at next character in buf. 943 */ 944 *mp++ = *bp++; 945 m_room--; 946 947 /* 948 * Enforce loop invariant: if no room left in current 949 * buffer, try to get some more. 950 */ 951 if (m_room == 0) { 952 size_t size = mp - mem; 953 954 if ((mem = reallocf(mem, size + SFRAG)) == NULL) 955 return (-2); 956 m_room = SFRAG; 957 mp = mem + size; 958 } 959 } 960 *mp++ = '\0'; /* loop invariant let's us do this */ 961 m_room--; 962 len = mp - mem - 1; 963 964 /* 965 * Give back any extra memory and return value and success. 966 */ 967 if (m_room != 0) 968 if ((mem = reallocf(mem, (size_t)(mp - mem))) == NULL) 969 return (-2); 970 *str = mem; 971 return (len); 972 } 973 974 /* 975 * Cgetnum retrieves the value of the numeric capability cap from the 976 * capability record pointed to by buf. The numeric value is returned in 977 * the long pointed to by num. 0 is returned on success, -1 if the requested 978 * numeric capability couldn't be found. 979 */ 980 int 981 cgetnum(char *buf, const char *cap, long *num) 982 { 983 long n; 984 int base, digit; 985 char *bp; 986 987 /* 988 * Find numeric capability cap 989 */ 990 bp = cgetcap(buf, cap, '#'); 991 if (bp == NULL) 992 return (-1); 993 994 /* 995 * Look at value and determine numeric base: 996 * 0x... or 0X... hexadecimal, 997 * else 0... octal, 998 * else decimal. 999 */ 1000 if (*bp == '0') { 1001 bp++; 1002 if (*bp == 'x' || *bp == 'X') { 1003 bp++; 1004 base = 16; 1005 } else 1006 base = 8; 1007 } else 1008 base = 10; 1009 1010 /* 1011 * Conversion loop ... 1012 */ 1013 n = 0; 1014 for (;;) { 1015 if ('0' <= *bp && *bp <= '9') 1016 digit = *bp - '0'; 1017 else if ('a' <= *bp && *bp <= 'f') 1018 digit = 10 + *bp - 'a'; 1019 else if ('A' <= *bp && *bp <= 'F') 1020 digit = 10 + *bp - 'A'; 1021 else 1022 break; 1023 1024 if (digit >= base) 1025 break; 1026 1027 n = n * base + digit; 1028 bp++; 1029 } 1030 1031 /* 1032 * Return value and success. 1033 */ 1034 *num = n; 1035 return (0); 1036 } 1037 1038 1039 /* 1040 * Compare name field of record. 1041 */ 1042 static int 1043 nfcmp(char *nf, char *rec) 1044 { 1045 char *cp, tmp; 1046 int ret; 1047 1048 for (cp = rec; *cp != ':'; cp++) 1049 ; 1050 1051 tmp = *(cp + 1); 1052 *(cp + 1) = '\0'; 1053 ret = strcmp(nf, rec); 1054 *(cp + 1) = tmp; 1055 1056 return (ret); 1057 } 1058