1 /*- 2 * Copyright (c) 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Casey Leedom of Lawrence Livermore National Laboratory. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * $FreeBSD: src/lib/libc/gen/getcap.c,v 1.11.2.2 2001/01/15 06:48:09 gad Exp $ 37 * $DragonFly: src/lib/libc/gen/getcap.c,v 1.6 2005/11/13 00:07:42 swildner Exp $ 38 * 39 * @(#)getcap.c 8.3 (Berkeley) 3/25/94 40 */ 41 42 #include "namespace.h" 43 #include <sys/types.h> 44 45 #include <ctype.h> 46 #include <errno.h> 47 #include <fcntl.h> 48 #include <limits.h> 49 #include <stdio.h> 50 #include <stdlib.h> 51 #include <string.h> 52 #include <unistd.h> 53 #include "un-namespace.h" 54 55 #include <db.h> 56 57 #define BFRAG 1024 58 #define BSIZE 1024 59 #define ESC ('[' & 037) /* ASCII ESC */ 60 #define MAX_RECURSION 32 /* maximum getent recursion */ 61 #define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ 62 63 #define RECOK (char)0 64 #define TCERR (char)1 65 #define SHADOW (char)2 66 67 static size_t topreclen; /* toprec length */ 68 static char *toprec; /* Additional record specified by cgetset() */ 69 static int gottoprec; /* Flag indicating retrieval of toprecord */ 70 71 static int cdbget (DB *, char **, char *); 72 static int getent (char **, u_int *, char **, int, char *, int, char *); 73 static int nfcmp (char *, char *); 74 75 /* 76 * Cgetset() allows the addition of a user specified buffer to be added 77 * to the database array, in effect "pushing" the buffer on top of the 78 * virtual database. 0 is returned on success, -1 on failure. 79 */ 80 int 81 cgetset(char *ent) 82 { 83 if (ent == NULL) { 84 if (toprec) 85 free(toprec); 86 toprec = NULL; 87 topreclen = 0; 88 return (0); 89 } 90 topreclen = strlen(ent); 91 if ((toprec = malloc (topreclen + 1)) == NULL) { 92 errno = ENOMEM; 93 return (-1); 94 } 95 gottoprec = 0; 96 strcpy(toprec, ent); 97 return (0); 98 } 99 100 /* 101 * Cgetcap searches the capability record buf for the capability cap with 102 * type `type'. A pointer to the value of cap is returned on success, NULL 103 * if the requested capability couldn't be found. 104 * 105 * Specifying a type of ':' means that nothing should follow cap (:cap:). 106 * In this case a pointer to the terminating ':' or NUL will be returned if 107 * cap is found. 108 * 109 * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) 110 * return NULL. 111 */ 112 char * 113 cgetcap(char *buf, char *cap, int type) 114 { 115 char *bp, *cp; 116 117 bp = buf; 118 for (;;) { 119 /* 120 * Skip past the current capability field - it's either the 121 * name field if this is the first time through the loop, or 122 * the remainder of a field whose name failed to match cap. 123 */ 124 for (;;) 125 if (*bp == '\0') 126 return (NULL); 127 else 128 if (*bp++ == ':') 129 break; 130 131 /* 132 * Try to match (cap, type) in buf. 133 */ 134 for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) 135 continue; 136 if (*cp != '\0') 137 continue; 138 if (*bp == '@') 139 return (NULL); 140 if (type == ':') { 141 if (*bp != '\0' && *bp != ':') 142 continue; 143 return(bp); 144 } 145 if (*bp != type) 146 continue; 147 bp++; 148 return (*bp == '@' ? NULL : bp); 149 } 150 /* NOTREACHED */ 151 } 152 153 /* 154 * Cgetent extracts the capability record name from the NULL terminated file 155 * array db_array and returns a pointer to a malloc'd copy of it in buf. 156 * Buf must be retained through all subsequent calls to cgetcap, cgetnum, 157 * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, 158 * -1 if the requested record couldn't be found, -2 if a system error was 159 * encountered (couldn't open/read a file, etc.), and -3 if a potential 160 * reference loop is detected. 161 */ 162 int 163 cgetent(char **buf, char **db_array, char *name) 164 { 165 u_int dummy; 166 167 return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); 168 } 169 170 /* 171 * Getent implements the functions of cgetent. If fd is non-negative, 172 * *db_array has already been opened and fd is the open file descriptor. We 173 * do this to save time and avoid using up file descriptors for tc= 174 * recursions. 175 * 176 * Getent returns the same success/failure codes as cgetent. On success, a 177 * pointer to a malloc'ed capability record with all tc= capabilities fully 178 * expanded and its length (not including trailing ASCII NUL) are left in 179 * *cap and *len. 180 * 181 * Basic algorithm: 182 * + Allocate memory incrementally as needed in chunks of size BFRAG 183 * for capability buffer. 184 * + Recurse for each tc=name and interpolate result. Stop when all 185 * names interpolated, a name can't be found, or depth exceeds 186 * MAX_RECURSION. 187 */ 188 static int 189 getent(char **cap, u_int *len, char **db_array, int fd, char *name, int depth, 190 char *nfield) 191 { 192 DB *capdbp; 193 char *r_end, *rp, **db_p; 194 int myfd, eof, foundit, retval, clen; 195 char *record, *cbuf; 196 int tc_not_resolved; 197 char pbuf[_POSIX_PATH_MAX]; 198 199 /* 200 * Return with ``loop detected'' error if we've recursed more than 201 * MAX_RECURSION times. 202 */ 203 if (depth > MAX_RECURSION) 204 return (-3); 205 206 /* 207 * Check if we have a top record from cgetset(). 208 */ 209 if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { 210 if ((record = malloc (topreclen + BFRAG)) == NULL) { 211 errno = ENOMEM; 212 return (-2); 213 } 214 strcpy(record, toprec); 215 myfd = 0; 216 db_p = db_array; 217 rp = record + topreclen + 1; 218 r_end = rp + BFRAG; 219 goto tc_exp; 220 } 221 /* 222 * Allocate first chunk of memory. 223 */ 224 if ((record = malloc(BFRAG)) == NULL) { 225 errno = ENOMEM; 226 return (-2); 227 } 228 r_end = record + BFRAG; 229 foundit = 0; 230 /* 231 * Loop through database array until finding the record. 232 */ 233 234 for (db_p = db_array; *db_p != NULL; db_p++) { 235 eof = 0; 236 237 /* 238 * Open database if not already open. 239 */ 240 241 if (fd >= 0) { 242 lseek(fd, (off_t)0, SEEK_SET); 243 myfd = 0; 244 } else { 245 snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); 246 if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) 247 != NULL) { 248 free(record); 249 retval = cdbget(capdbp, &record, name); 250 if (retval < 0) { 251 /* no record available */ 252 capdbp->close(capdbp); 253 return (retval); 254 } 255 /* save the data; close frees it */ 256 clen = strlen(record); 257 cbuf = malloc(clen + 1); 258 memcpy(cbuf, record, clen + 1); 259 if (capdbp->close(capdbp) < 0) { 260 free(cbuf); 261 return (-2); 262 } 263 *len = clen; 264 *cap = cbuf; 265 return (retval); 266 } else { 267 fd = _open(*db_p, O_RDONLY, 0); 268 if (fd < 0) 269 continue; 270 myfd = 1; 271 } 272 } 273 /* 274 * Find the requested capability record ... 275 */ 276 { 277 char buf[BUFSIZ]; 278 char *b_end, *bp; 279 int c; 280 281 /* 282 * Loop invariants: 283 * There is always room for one more character in record. 284 * R_end always points just past end of record. 285 * Rp always points just past last character in record. 286 * B_end always points just past last character in buf. 287 * Bp always points at next character in buf. 288 */ 289 b_end = buf; 290 bp = buf; 291 for (;;) { 292 293 /* 294 * Read in a line implementing (\, newline) 295 * line continuation. 296 */ 297 rp = record; 298 for (;;) { 299 if (bp >= b_end) { 300 int n; 301 302 n = _read(fd, buf, sizeof(buf)); 303 if (n <= 0) { 304 if (myfd) 305 _close(fd); 306 if (n < 0) { 307 free(record); 308 return (-2); 309 } else { 310 fd = -1; 311 eof = 1; 312 break; 313 } 314 } 315 b_end = buf+n; 316 bp = buf; 317 } 318 319 c = *bp++; 320 if (c == '\n') { 321 if (rp > record && *(rp-1) == '\\') { 322 rp--; 323 continue; 324 } else 325 break; 326 } 327 *rp++ = c; 328 329 /* 330 * Enforce loop invariant: if no room 331 * left in record buffer, try to get 332 * some more. 333 */ 334 if (rp >= r_end) { 335 u_int pos; 336 size_t newsize; 337 338 pos = rp - record; 339 newsize = r_end - record + BFRAG; 340 record = reallocf(record, newsize); 341 if (record == NULL) { 342 errno = ENOMEM; 343 if (myfd) 344 _close(fd); 345 return (-2); 346 } 347 r_end = record + newsize; 348 rp = record + pos; 349 } 350 } 351 /* loop invariant let's us do this */ 352 *rp++ = '\0'; 353 354 /* 355 * If encountered eof check next file. 356 */ 357 if (eof) 358 break; 359 360 /* 361 * Toss blank lines and comments. 362 */ 363 if (*record == '\0' || *record == '#') 364 continue; 365 366 /* 367 * See if this is the record we want ... 368 */ 369 if (cgetmatch(record, name) == 0) { 370 if (nfield == NULL || !nfcmp(nfield, record)) { 371 foundit = 1; 372 break; /* found it! */ 373 } 374 } 375 } 376 } 377 if (foundit) 378 break; 379 } 380 381 if (!foundit) { 382 free(record); 383 return (-1); 384 } 385 386 /* 387 * Got the capability record, but now we have to expand all tc=name 388 * references in it ... 389 */ 390 tc_exp: { 391 char *newicap, *s; 392 int newilen; 393 u_int ilen; 394 int diff, iret, tclen; 395 char *icap, *scan, *tc, *tcstart, *tcend; 396 397 /* 398 * Loop invariants: 399 * There is room for one more character in record. 400 * R_end points just past end of record. 401 * Rp points just past last character in record. 402 * Scan points at remainder of record that needs to be 403 * scanned for tc=name constructs. 404 */ 405 scan = record; 406 tc_not_resolved = 0; 407 for (;;) { 408 if ((tc = cgetcap(scan, "tc", '=')) == NULL) 409 break; 410 411 /* 412 * Find end of tc=name and stomp on the trailing `:' 413 * (if present) so we can use it to call ourselves. 414 */ 415 s = tc; 416 for (;;) 417 if (*s == '\0') 418 break; 419 else 420 if (*s++ == ':') { 421 *(s - 1) = '\0'; 422 break; 423 } 424 tcstart = tc - 3; 425 tclen = s - tcstart; 426 tcend = s; 427 428 iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, 429 NULL); 430 newicap = icap; /* Put into a register. */ 431 newilen = ilen; 432 if (iret != 0) { 433 /* an error */ 434 if (iret < -1) { 435 if (myfd) 436 _close(fd); 437 free(record); 438 return (iret); 439 } 440 if (iret == 1) 441 tc_not_resolved = 1; 442 /* couldn't resolve tc */ 443 if (iret == -1) { 444 *(s - 1) = ':'; 445 scan = s - 1; 446 tc_not_resolved = 1; 447 continue; 448 449 } 450 } 451 /* not interested in name field of tc'ed record */ 452 s = newicap; 453 for (;;) 454 if (*s == '\0') 455 break; 456 else 457 if (*s++ == ':') 458 break; 459 newilen -= s - newicap; 460 newicap = s; 461 462 /* make sure interpolated record is `:'-terminated */ 463 s += newilen; 464 if (*(s-1) != ':') { 465 *s = ':'; /* overwrite NUL with : */ 466 newilen++; 467 } 468 469 /* 470 * Make sure there's enough room to insert the 471 * new record. 472 */ 473 diff = newilen - tclen; 474 if (diff >= r_end - rp) { 475 u_int pos, tcpos, tcposend; 476 size_t newsize; 477 478 pos = rp - record; 479 newsize = r_end - record + diff + BFRAG; 480 tcpos = tcstart - record; 481 tcposend = tcend - record; 482 record = reallocf(record, newsize); 483 if (record == NULL) { 484 errno = ENOMEM; 485 if (myfd) 486 _close(fd); 487 free(icap); 488 return (-2); 489 } 490 r_end = record + newsize; 491 rp = record + pos; 492 tcstart = record + tcpos; 493 tcend = record + tcposend; 494 } 495 496 /* 497 * Insert tc'ed record into our record. 498 */ 499 s = tcstart + newilen; 500 bcopy(tcend, s, rp - tcend); 501 bcopy(newicap, tcstart, newilen); 502 rp += diff; 503 free(icap); 504 505 /* 506 * Start scan on `:' so next cgetcap works properly 507 * (cgetcap always skips first field). 508 */ 509 scan = s-1; 510 } 511 512 } 513 /* 514 * Close file (if we opened it), give back any extra memory, and 515 * return capability, length and success. 516 */ 517 if (myfd) 518 _close(fd); 519 *len = rp - record - 1; /* don't count NUL */ 520 if (r_end > rp) 521 if ((record = 522 reallocf(record, (size_t)(rp - record))) == NULL) { 523 errno = ENOMEM; 524 return (-2); 525 } 526 527 *cap = record; 528 if (tc_not_resolved) 529 return (1); 530 return (0); 531 } 532 533 static int 534 cdbget(DB *capdbp, char **bp, char *name) 535 { 536 DBT key, data; 537 538 key.data = name; 539 key.size = strlen(name); 540 541 for (;;) { 542 /* Get the reference. */ 543 switch(capdbp->get(capdbp, &key, &data, 0)) { 544 case -1: 545 return (-2); 546 case 1: 547 return (-1); 548 } 549 550 /* If not an index to another record, leave. */ 551 if (((char *)data.data)[0] != SHADOW) 552 break; 553 554 key.data = (char *)data.data + 1; 555 key.size = data.size - 1; 556 } 557 558 *bp = (char *)data.data + 1; 559 return (((char *)(data.data))[0] == TCERR ? 1 : 0); 560 } 561 562 /* 563 * Cgetmatch will return 0 if name is one of the names of the capability 564 * record buf, -1 if not. 565 */ 566 int 567 cgetmatch(char *buf, char *name) 568 { 569 char *np, *bp; 570 571 /* 572 * Start search at beginning of record. 573 */ 574 bp = buf; 575 for (;;) { 576 /* 577 * Try to match a record name. 578 */ 579 np = name; 580 for (;;) 581 if (*np == '\0') 582 if (*bp == '|' || *bp == ':' || *bp == '\0') 583 return (0); 584 else 585 break; 586 else 587 if (*bp++ != *np++) 588 break; 589 590 /* 591 * Match failed, skip to next name in record. 592 */ 593 bp--; /* a '|' or ':' may have stopped the match */ 594 for (;;) 595 if (*bp == '\0' || *bp == ':') 596 return (-1); /* match failed totally */ 597 else 598 if (*bp++ == '|') 599 break; /* found next name */ 600 } 601 } 602 603 604 605 606 607 int 608 cgetfirst(char **buf, char **db_array) 609 { 610 cgetclose(); 611 return (cgetnext(buf, db_array)); 612 } 613 614 static FILE *pfp; 615 static int slash; 616 static char **dbp; 617 618 int 619 cgetclose(void) 620 { 621 if (pfp != NULL) { 622 fclose(pfp); 623 pfp = NULL; 624 } 625 dbp = NULL; 626 gottoprec = 0; 627 slash = 0; 628 return(0); 629 } 630 631 /* 632 * Cgetnext() gets either the first or next entry in the logical database 633 * specified by db_array. It returns 0 upon completion of the database, 1 634 * upon returning an entry with more remaining, and -1 if an error occurs. 635 */ 636 int 637 cgetnext(char **bp, char **db_array) 638 { 639 size_t len; 640 int done, hadreaderr, i, savederrno, status; 641 char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; 642 u_int dummy; 643 644 if (dbp == NULL) 645 dbp = db_array; 646 647 if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { 648 cgetclose(); 649 return (-1); 650 } 651 for(;;) { 652 if (toprec && !gottoprec) { 653 gottoprec = 1; 654 line = toprec; 655 } else { 656 line = fgetln(pfp, &len); 657 if (line == NULL && pfp) { 658 hadreaderr = ferror(pfp); 659 if (hadreaderr) 660 savederrno = errno; 661 fclose(pfp); 662 pfp = NULL; 663 if (hadreaderr) { 664 cgetclose(); 665 errno = savederrno; 666 return (-1); 667 } else { 668 if (*++dbp == NULL) { 669 cgetclose(); 670 return (0); 671 } else if ((pfp = 672 fopen(*dbp, "r")) == NULL) { 673 cgetclose(); 674 return (-1); 675 } else 676 continue; 677 } 678 } else 679 line[len - 1] = '\0'; 680 if (len == 1) { 681 slash = 0; 682 continue; 683 } 684 if (isspace((unsigned char)*line) || 685 *line == ':' || *line == '#' || slash) { 686 if (line[len - 2] == '\\') 687 slash = 1; 688 else 689 slash = 0; 690 continue; 691 } 692 if (line[len - 2] == '\\') 693 slash = 1; 694 else 695 slash = 0; 696 } 697 698 699 /* 700 * Line points to a name line. 701 */ 702 i = 0; 703 done = 0; 704 np = nbuf; 705 for (;;) { 706 for (cp = line; *cp != '\0'; cp++) { 707 if (*cp == ':') { 708 *np++ = ':'; 709 done = 1; 710 break; 711 } 712 if (*cp == '\\') 713 break; 714 *np++ = *cp; 715 } 716 if (done) { 717 *np = '\0'; 718 break; 719 } else { /* name field extends beyond the line */ 720 line = fgetln(pfp, &len); 721 if (line == NULL && pfp) { 722 /* Name extends beyond the EOF! */ 723 hadreaderr = ferror(pfp); 724 if (hadreaderr) 725 savederrno = errno; 726 fclose(pfp); 727 pfp = NULL; 728 if (hadreaderr) { 729 cgetclose(); 730 errno = savederrno; 731 return (-1); 732 } else { 733 cgetclose(); 734 return (-1); 735 } 736 } else 737 line[len - 1] = '\0'; 738 } 739 } 740 rp = buf; 741 for(cp = nbuf; *cp != '\0'; cp++) 742 if (*cp == '|' || *cp == ':') 743 break; 744 else 745 *rp++ = *cp; 746 747 *rp = '\0'; 748 /* 749 * XXX 750 * Last argument of getent here should be nbuf if we want true 751 * sequential access in the case of duplicates. 752 * With NULL, getent will return the first entry found 753 * rather than the duplicate entry record. This is a 754 * matter of semantics that should be resolved. 755 */ 756 status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); 757 if (status == -2 || status == -3) 758 cgetclose(); 759 760 return (status + 1); 761 } 762 /* NOTREACHED */ 763 } 764 765 /* 766 * Cgetstr retrieves the value of the string capability cap from the 767 * capability record pointed to by buf. A pointer to a decoded, NUL 768 * terminated, malloc'd copy of the string is returned in the char * 769 * pointed to by str. The length of the string not including the trailing 770 * NUL is returned on success, -1 if the requested string capability 771 * couldn't be found, -2 if a system error was encountered (storage 772 * allocation failure). 773 */ 774 int 775 cgetstr(char *buf, char *cap, char **str) 776 { 777 u_int m_room; 778 char *bp, *mp; 779 int len; 780 char *mem; 781 782 /* 783 * Find string capability cap 784 */ 785 bp = cgetcap(buf, cap, '='); 786 if (bp == NULL) 787 return (-1); 788 789 /* 790 * Conversion / storage allocation loop ... Allocate memory in 791 * chunks SFRAG in size. 792 */ 793 if ((mem = malloc(SFRAG)) == NULL) { 794 errno = ENOMEM; 795 return (-2); /* couldn't even allocate the first fragment */ 796 } 797 m_room = SFRAG; 798 mp = mem; 799 800 while (*bp != ':' && *bp != '\0') { 801 /* 802 * Loop invariants: 803 * There is always room for one more character in mem. 804 * Mp always points just past last character in mem. 805 * Bp always points at next character in buf. 806 */ 807 if (*bp == '^') { 808 bp++; 809 if (*bp == ':' || *bp == '\0') 810 break; /* drop unfinished escape */ 811 if (*bp == '?') { 812 *mp++ = '\177'; 813 bp++; 814 } else 815 *mp++ = *bp++ & 037; 816 } else if (*bp == '\\') { 817 bp++; 818 if (*bp == ':' || *bp == '\0') 819 break; /* drop unfinished escape */ 820 if ('0' <= *bp && *bp <= '7') { 821 int n, i; 822 823 n = 0; 824 i = 3; /* maximum of three octal digits */ 825 do { 826 n = n * 8 + (*bp++ - '0'); 827 } while (--i && '0' <= *bp && *bp <= '7'); 828 *mp++ = n; 829 } 830 else switch (*bp++) { 831 case 'b': case 'B': 832 *mp++ = '\b'; 833 break; 834 case 't': case 'T': 835 *mp++ = '\t'; 836 break; 837 case 'n': case 'N': 838 *mp++ = '\n'; 839 break; 840 case 'f': case 'F': 841 *mp++ = '\f'; 842 break; 843 case 'r': case 'R': 844 *mp++ = '\r'; 845 break; 846 case 'e': case 'E': 847 *mp++ = ESC; 848 break; 849 case 'c': case 'C': 850 *mp++ = ':'; 851 break; 852 default: 853 /* 854 * Catches '\', '^', and 855 * everything else. 856 */ 857 *mp++ = *(bp-1); 858 break; 859 } 860 } else 861 *mp++ = *bp++; 862 m_room--; 863 864 /* 865 * Enforce loop invariant: if no room left in current 866 * buffer, try to get some more. 867 */ 868 if (m_room == 0) { 869 size_t size = mp - mem; 870 871 if ((mem = reallocf(mem, size + SFRAG)) == NULL) 872 return (-2); 873 m_room = SFRAG; 874 mp = mem + size; 875 } 876 } 877 *mp++ = '\0'; /* loop invariant let's us do this */ 878 m_room--; 879 len = mp - mem - 1; 880 881 /* 882 * Give back any extra memory and return value and success. 883 */ 884 if (m_room != 0) 885 if ((mem = reallocf(mem, (size_t)(mp - mem))) == NULL) 886 return (-2); 887 *str = mem; 888 return (len); 889 } 890 891 /* 892 * Cgetustr retrieves the value of the string capability cap from the 893 * capability record pointed to by buf. The difference between cgetustr() 894 * and cgetstr() is that cgetustr does not decode escapes but rather treats 895 * all characters literally. A pointer to a NUL terminated malloc'd 896 * copy of the string is returned in the char pointed to by str. The 897 * length of the string not including the trailing NUL is returned on success, 898 * -1 if the requested string capability couldn't be found, -2 if a system 899 * error was encountered (storage allocation failure). 900 */ 901 int 902 cgetustr(char *buf, char *cap, char **str) 903 { 904 u_int m_room; 905 char *bp, *mp; 906 int len; 907 char *mem; 908 909 /* 910 * Find string capability cap 911 */ 912 if ((bp = cgetcap(buf, cap, '=')) == NULL) 913 return (-1); 914 915 /* 916 * Conversion / storage allocation loop ... Allocate memory in 917 * chunks SFRAG in size. 918 */ 919 if ((mem = malloc(SFRAG)) == NULL) { 920 errno = ENOMEM; 921 return (-2); /* couldn't even allocate the first fragment */ 922 } 923 m_room = SFRAG; 924 mp = mem; 925 926 while (*bp != ':' && *bp != '\0') { 927 /* 928 * Loop invariants: 929 * There is always room for one more character in mem. 930 * Mp always points just past last character in mem. 931 * Bp always points at next character in buf. 932 */ 933 *mp++ = *bp++; 934 m_room--; 935 936 /* 937 * Enforce loop invariant: if no room left in current 938 * buffer, try to get some more. 939 */ 940 if (m_room == 0) { 941 size_t size = mp - mem; 942 943 if ((mem = reallocf(mem, size + SFRAG)) == NULL) 944 return (-2); 945 m_room = SFRAG; 946 mp = mem + size; 947 } 948 } 949 *mp++ = '\0'; /* loop invariant let's us do this */ 950 m_room--; 951 len = mp - mem - 1; 952 953 /* 954 * Give back any extra memory and return value and success. 955 */ 956 if (m_room != 0) 957 if ((mem = reallocf(mem, (size_t)(mp - mem))) == NULL) 958 return (-2); 959 *str = mem; 960 return (len); 961 } 962 963 /* 964 * Cgetnum retrieves the value of the numeric capability cap from the 965 * capability record pointed to by buf. The numeric value is returned in 966 * the long pointed to by num. 0 is returned on success, -1 if the requested 967 * numeric capability couldn't be found. 968 */ 969 int 970 cgetnum(char *buf, char *cap, long *num) 971 { 972 long n; 973 int base, digit; 974 char *bp; 975 976 /* 977 * Find numeric capability cap 978 */ 979 bp = cgetcap(buf, cap, '#'); 980 if (bp == NULL) 981 return (-1); 982 983 /* 984 * Look at value and determine numeric base: 985 * 0x... or 0X... hexadecimal, 986 * else 0... octal, 987 * else decimal. 988 */ 989 if (*bp == '0') { 990 bp++; 991 if (*bp == 'x' || *bp == 'X') { 992 bp++; 993 base = 16; 994 } else 995 base = 8; 996 } else 997 base = 10; 998 999 /* 1000 * Conversion loop ... 1001 */ 1002 n = 0; 1003 for (;;) { 1004 if ('0' <= *bp && *bp <= '9') 1005 digit = *bp - '0'; 1006 else if ('a' <= *bp && *bp <= 'f') 1007 digit = 10 + *bp - 'a'; 1008 else if ('A' <= *bp && *bp <= 'F') 1009 digit = 10 + *bp - 'A'; 1010 else 1011 break; 1012 1013 if (digit >= base) 1014 break; 1015 1016 n = n * base + digit; 1017 bp++; 1018 } 1019 1020 /* 1021 * Return value and success. 1022 */ 1023 *num = n; 1024 return (0); 1025 } 1026 1027 1028 /* 1029 * Compare name field of record. 1030 */ 1031 static int 1032 nfcmp(char *nf, char *rec) 1033 { 1034 char *cp, tmp; 1035 int ret; 1036 1037 for (cp = rec; *cp != ':'; cp++) 1038 ; 1039 1040 tmp = *(cp + 1); 1041 *(cp + 1) = '\0'; 1042 ret = strcmp(nf, rec); 1043 *(cp + 1) = tmp; 1044 1045 return (ret); 1046 } 1047