1 /* $NetBSD: getcap.c,v 1.9 1995/02/25 13:41:26 cgd Exp $ */ 2 3 /*- 4 * Copyright (c) 1992, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Casey Leedom of Lawrence Livermore National Laboratory. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 */ 38 39 #if defined(LIBC_SCCS) && !defined(lint) 40 #if 0 41 static char sccsid[] = "@(#)getcap.c 8.3 (Berkeley) 3/25/94"; 42 #else 43 static char rcsid[] = "$NetBSD: getcap.c,v 1.9 1995/02/25 13:41:26 cgd Exp $"; 44 #endif 45 #endif /* LIBC_SCCS and not lint */ 46 47 #include <sys/types.h> 48 49 #include <ctype.h> 50 #include <db.h> 51 #include <errno.h> 52 #include <fcntl.h> 53 #include <limits.h> 54 #include <stdio.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <unistd.h> 58 59 #define BFRAG 1024 60 #define BSIZE 1024 61 #define ESC ('[' & 037) /* ASCII ESC */ 62 #define MAX_RECURSION 32 /* maximum getent recursion */ 63 #define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ 64 65 #define RECOK (char)0 66 #define TCERR (char)1 67 #define SHADOW (char)2 68 69 static size_t topreclen; /* toprec length */ 70 static char *toprec; /* Additional record specified by cgetset() */ 71 static int gottoprec; /* Flag indicating retrieval of toprecord */ 72 73 static int cdbget __P((DB *, char **, char *)); 74 static int getent __P((char **, u_int *, char **, int, char *, int, char *)); 75 static int nfcmp __P((char *, char *)); 76 77 /* 78 * Cgetset() allows the addition of a user specified buffer to be added 79 * to the database array, in effect "pushing" the buffer on top of the 80 * virtual database. 0 is returned on success, -1 on failure. 81 */ 82 int 83 cgetset(ent) 84 char *ent; 85 { 86 if (ent == NULL) { 87 if (toprec) 88 free(toprec); 89 toprec = NULL; 90 topreclen = 0; 91 return (0); 92 } 93 topreclen = strlen(ent); 94 if ((toprec = malloc (topreclen + 1)) == NULL) { 95 errno = ENOMEM; 96 return (-1); 97 } 98 gottoprec = 0; 99 (void)strcpy(toprec, ent); 100 return (0); 101 } 102 103 /* 104 * Cgetcap searches the capability record buf for the capability cap with 105 * type `type'. A pointer to the value of cap is returned on success, NULL 106 * if the requested capability couldn't be found. 107 * 108 * Specifying a type of ':' means that nothing should follow cap (:cap:). 109 * In this case a pointer to the terminating ':' or NUL will be returned if 110 * cap is found. 111 * 112 * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) 113 * return NULL. 114 */ 115 char * 116 cgetcap(buf, cap, type) 117 char *buf, *cap; 118 int type; 119 { 120 register char *bp, *cp; 121 122 bp = buf; 123 for (;;) { 124 /* 125 * Skip past the current capability field - it's either the 126 * name field if this is the first time through the loop, or 127 * the remainder of a field whose name failed to match cap. 128 */ 129 for (;;) 130 if (*bp == '\0') 131 return (NULL); 132 else 133 if (*bp++ == ':') 134 break; 135 136 /* 137 * Try to match (cap, type) in buf. 138 */ 139 for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) 140 continue; 141 if (*cp != '\0') 142 continue; 143 if (*bp == '@') 144 return (NULL); 145 if (type == ':') { 146 if (*bp != '\0' && *bp != ':') 147 continue; 148 return(bp); 149 } 150 if (*bp != type) 151 continue; 152 bp++; 153 return (*bp == '@' ? NULL : bp); 154 } 155 /* NOTREACHED */ 156 } 157 158 /* 159 * Cgetent extracts the capability record name from the NULL terminated file 160 * array db_array and returns a pointer to a malloc'd copy of it in buf. 161 * Buf must be retained through all subsequent calls to cgetcap, cgetnum, 162 * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, 163 * -1 if the requested record couldn't be found, -2 if a system error was 164 * encountered (couldn't open/read a file, etc.), and -3 if a potential 165 * reference loop is detected. 166 */ 167 int 168 cgetent(buf, db_array, name) 169 char **buf, **db_array, *name; 170 { 171 u_int dummy; 172 173 return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); 174 } 175 176 /* 177 * Getent implements the functions of cgetent. If fd is non-negative, 178 * *db_array has already been opened and fd is the open file descriptor. We 179 * do this to save time and avoid using up file descriptors for tc= 180 * recursions. 181 * 182 * Getent returns the same success/failure codes as cgetent. On success, a 183 * pointer to a malloc'ed capability record with all tc= capabilities fully 184 * expanded and its length (not including trailing ASCII NUL) are left in 185 * *cap and *len. 186 * 187 * Basic algorithm: 188 * + Allocate memory incrementally as needed in chunks of size BFRAG 189 * for capability buffer. 190 * + Recurse for each tc=name and interpolate result. Stop when all 191 * names interpolated, a name can't be found, or depth exceeds 192 * MAX_RECURSION. 193 */ 194 static int 195 getent(cap, len, db_array, fd, name, depth, nfield) 196 char **cap, **db_array, *name, *nfield; 197 u_int *len; 198 int fd, depth; 199 { 200 DB *capdbp; 201 DBT key, data; 202 register char *r_end, *rp, **db_p; 203 int myfd, eof, foundit, retval, clen; 204 char *record, *cbuf; 205 int tc_not_resolved; 206 char pbuf[_POSIX_PATH_MAX]; 207 208 /* 209 * Return with ``loop detected'' error if we've recursed more than 210 * MAX_RECURSION times. 211 */ 212 if (depth > MAX_RECURSION) 213 return (-3); 214 215 /* 216 * Check if we have a top record from cgetset(). 217 */ 218 if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { 219 if ((record = malloc (topreclen + BFRAG)) == NULL) { 220 errno = ENOMEM; 221 return (-2); 222 } 223 (void)strcpy(record, toprec); 224 myfd = 0; 225 db_p = db_array; 226 rp = record + topreclen + 1; 227 r_end = rp + BFRAG; 228 goto tc_exp; 229 } 230 /* 231 * Allocate first chunk of memory. 232 */ 233 if ((record = malloc(BFRAG)) == NULL) { 234 errno = ENOMEM; 235 return (-2); 236 } 237 r_end = record + BFRAG; 238 foundit = 0; 239 /* 240 * Loop through database array until finding the record. 241 */ 242 243 for (db_p = db_array; *db_p != NULL; db_p++) { 244 eof = 0; 245 246 /* 247 * Open database if not already open. 248 */ 249 250 if (fd >= 0) { 251 (void)lseek(fd, (off_t)0, L_SET); 252 myfd = 0; 253 } else { 254 (void)snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); 255 if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) 256 != NULL) { 257 free(record); 258 retval = cdbget(capdbp, &record, name); 259 if (retval < 0) { 260 /* no record available */ 261 (void)capdbp->close(capdbp); 262 return (retval); 263 } 264 /* save the data; close frees it */ 265 clen = strlen(record); 266 cbuf = malloc(clen + 1); 267 memcpy(cbuf, record, clen + 1); 268 if (capdbp->close(capdbp) < 0) { 269 free(cbuf); 270 return (-2); 271 } 272 *len = clen; 273 *cap = cbuf; 274 return (retval); 275 } else { 276 fd = open(*db_p, O_RDONLY, 0); 277 if (fd < 0) { 278 /* No error on unfound file. */ 279 if (errno == ENOENT) 280 continue; 281 free(record); 282 return (-2); 283 } 284 myfd = 1; 285 } 286 } 287 /* 288 * Find the requested capability record ... 289 */ 290 { 291 char buf[BUFSIZ]; 292 register char *b_end, *bp; 293 register int c; 294 295 /* 296 * Loop invariants: 297 * There is always room for one more character in record. 298 * R_end always points just past end of record. 299 * Rp always points just past last character in record. 300 * B_end always points just past last character in buf. 301 * Bp always points at next character in buf. 302 */ 303 b_end = buf; 304 bp = buf; 305 for (;;) { 306 307 /* 308 * Read in a line implementing (\, newline) 309 * line continuation. 310 */ 311 rp = record; 312 for (;;) { 313 if (bp >= b_end) { 314 int n; 315 316 n = read(fd, buf, sizeof(buf)); 317 if (n <= 0) { 318 if (myfd) 319 (void)close(fd); 320 if (n < 0) { 321 free(record); 322 return (-2); 323 } else { 324 fd = -1; 325 eof = 1; 326 break; 327 } 328 } 329 b_end = buf+n; 330 bp = buf; 331 } 332 333 c = *bp++; 334 if (c == '\n') { 335 if (rp > record && *(rp-1) == '\\') { 336 rp--; 337 continue; 338 } else 339 break; 340 } 341 *rp++ = c; 342 343 /* 344 * Enforce loop invariant: if no room 345 * left in record buffer, try to get 346 * some more. 347 */ 348 if (rp >= r_end) { 349 u_int pos; 350 size_t newsize; 351 352 pos = rp - record; 353 newsize = r_end - record + BFRAG; 354 record = realloc(record, newsize); 355 if (record == NULL) { 356 errno = ENOMEM; 357 if (myfd) 358 (void)close(fd); 359 return (-2); 360 } 361 r_end = record + newsize; 362 rp = record + pos; 363 } 364 } 365 /* loop invariant let's us do this */ 366 *rp++ = '\0'; 367 368 /* 369 * If encountered eof check next file. 370 */ 371 if (eof) 372 break; 373 374 /* 375 * Toss blank lines and comments. 376 */ 377 if (*record == '\0' || *record == '#') 378 continue; 379 380 /* 381 * See if this is the record we want ... 382 */ 383 if (cgetmatch(record, name) == 0) { 384 if (nfield == NULL || !nfcmp(nfield, record)) { 385 foundit = 1; 386 break; /* found it! */ 387 } 388 } 389 } 390 } 391 if (foundit) 392 break; 393 } 394 395 if (!foundit) 396 return (-1); 397 398 /* 399 * Got the capability record, but now we have to expand all tc=name 400 * references in it ... 401 */ 402 tc_exp: { 403 register char *newicap, *s; 404 register int newilen; 405 u_int ilen; 406 int diff, iret, tclen; 407 char *icap, *scan, *tc, *tcstart, *tcend; 408 409 /* 410 * Loop invariants: 411 * There is room for one more character in record. 412 * R_end points just past end of record. 413 * Rp points just past last character in record. 414 * Scan points at remainder of record that needs to be 415 * scanned for tc=name constructs. 416 */ 417 scan = record; 418 tc_not_resolved = 0; 419 for (;;) { 420 if ((tc = cgetcap(scan, "tc", '=')) == NULL) 421 break; 422 423 /* 424 * Find end of tc=name and stomp on the trailing `:' 425 * (if present) so we can use it to call ourselves. 426 */ 427 s = tc; 428 for (;;) 429 if (*s == '\0') 430 break; 431 else 432 if (*s++ == ':') { 433 *(s - 1) = '\0'; 434 break; 435 } 436 tcstart = tc - 3; 437 tclen = s - tcstart; 438 tcend = s; 439 440 iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, 441 NULL); 442 newicap = icap; /* Put into a register. */ 443 newilen = ilen; 444 if (iret != 0) { 445 /* an error */ 446 if (iret < -1) { 447 if (myfd) 448 (void)close(fd); 449 free(record); 450 return (iret); 451 } 452 if (iret == 1) 453 tc_not_resolved = 1; 454 /* couldn't resolve tc */ 455 if (iret == -1) { 456 *(s - 1) = ':'; 457 scan = s - 1; 458 tc_not_resolved = 1; 459 continue; 460 461 } 462 } 463 /* not interested in name field of tc'ed record */ 464 s = newicap; 465 for (;;) 466 if (*s == '\0') 467 break; 468 else 469 if (*s++ == ':') 470 break; 471 newilen -= s - newicap; 472 newicap = s; 473 474 /* make sure interpolated record is `:'-terminated */ 475 s += newilen; 476 if (*(s-1) != ':') { 477 *s = ':'; /* overwrite NUL with : */ 478 newilen++; 479 } 480 481 /* 482 * Make sure there's enough room to insert the 483 * new record. 484 */ 485 diff = newilen - tclen; 486 if (diff >= r_end - rp) { 487 u_int pos, tcpos, tcposend; 488 size_t newsize; 489 490 pos = rp - record; 491 newsize = r_end - record + diff + BFRAG; 492 tcpos = tcstart - record; 493 tcposend = tcend - record; 494 record = realloc(record, newsize); 495 if (record == NULL) { 496 errno = ENOMEM; 497 if (myfd) 498 (void)close(fd); 499 free(icap); 500 return (-2); 501 } 502 r_end = record + newsize; 503 rp = record + pos; 504 tcstart = record + tcpos; 505 tcend = record + tcposend; 506 } 507 508 /* 509 * Insert tc'ed record into our record. 510 */ 511 s = tcstart + newilen; 512 bcopy(tcend, s, rp - tcend); 513 bcopy(newicap, tcstart, newilen); 514 rp += diff; 515 free(icap); 516 517 /* 518 * Start scan on `:' so next cgetcap works properly 519 * (cgetcap always skips first field). 520 */ 521 scan = s-1; 522 } 523 524 } 525 /* 526 * Close file (if we opened it), give back any extra memory, and 527 * return capability, length and success. 528 */ 529 if (myfd) 530 (void)close(fd); 531 *len = rp - record - 1; /* don't count NUL */ 532 if (r_end > rp) 533 if ((record = 534 realloc(record, (size_t)(rp - record))) == NULL) { 535 errno = ENOMEM; 536 return (-2); 537 } 538 539 *cap = record; 540 if (tc_not_resolved) 541 return (1); 542 return (0); 543 } 544 545 static int 546 cdbget(capdbp, bp, name) 547 DB *capdbp; 548 char **bp, *name; 549 { 550 DBT key, data; 551 char *buf; 552 int st; 553 554 key.data = name; 555 key.size = strlen(name); 556 557 for (;;) { 558 /* Get the reference. */ 559 switch(capdbp->get(capdbp, &key, &data, 0)) { 560 case -1: 561 return (-2); 562 case 1: 563 return (-1); 564 } 565 566 /* If not an index to another record, leave. */ 567 if (((char *)data.data)[0] != SHADOW) 568 break; 569 570 key.data = (char *)data.data + 1; 571 key.size = data.size - 1; 572 } 573 574 *bp = (char *)data.data + 1; 575 return (((char *)(data.data))[0] == TCERR ? 1 : 0); 576 } 577 578 /* 579 * Cgetmatch will return 0 if name is one of the names of the capability 580 * record buf, -1 if not. 581 */ 582 int 583 cgetmatch(buf, name) 584 char *buf, *name; 585 { 586 register char *np, *bp; 587 588 /* 589 * Start search at beginning of record. 590 */ 591 bp = buf; 592 for (;;) { 593 /* 594 * Try to match a record name. 595 */ 596 np = name; 597 for (;;) 598 if (*np == '\0') 599 if (*bp == '|' || *bp == ':' || *bp == '\0') 600 return (0); 601 else 602 break; 603 else 604 if (*bp++ != *np++) 605 break; 606 607 /* 608 * Match failed, skip to next name in record. 609 */ 610 bp--; /* a '|' or ':' may have stopped the match */ 611 for (;;) 612 if (*bp == '\0' || *bp == ':') 613 return (-1); /* match failed totally */ 614 else 615 if (*bp++ == '|') 616 break; /* found next name */ 617 } 618 } 619 620 621 622 623 624 int 625 cgetfirst(buf, db_array) 626 char **buf, **db_array; 627 { 628 (void)cgetclose(); 629 return (cgetnext(buf, db_array)); 630 } 631 632 static FILE *pfp; 633 static int slash; 634 static char **dbp; 635 636 int 637 cgetclose() 638 { 639 if (pfp != NULL) { 640 (void)fclose(pfp); 641 pfp = NULL; 642 } 643 dbp = NULL; 644 gottoprec = 0; 645 slash = 0; 646 return(0); 647 } 648 649 /* 650 * Cgetnext() gets either the first or next entry in the logical database 651 * specified by db_array. It returns 0 upon completion of the database, 1 652 * upon returning an entry with more remaining, and -1 if an error occurs. 653 */ 654 int 655 cgetnext(bp, db_array) 656 register char **bp; 657 char **db_array; 658 { 659 size_t len; 660 int status, i, done; 661 char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; 662 u_int dummy; 663 664 if (dbp == NULL) 665 dbp = db_array; 666 667 if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { 668 (void)cgetclose(); 669 return (-1); 670 } 671 for(;;) { 672 if (toprec && !gottoprec) { 673 gottoprec = 1; 674 line = toprec; 675 } else { 676 line = fgetln(pfp, &len); 677 if (line == NULL && pfp) { 678 (void)fclose(pfp); 679 if (ferror(pfp)) { 680 (void)cgetclose(); 681 return (-1); 682 } else { 683 if (*++dbp == NULL) { 684 (void)cgetclose(); 685 return (0); 686 } else if ((pfp = 687 fopen(*dbp, "r")) == NULL) { 688 (void)cgetclose(); 689 return (-1); 690 } else 691 continue; 692 } 693 } else 694 line[len - 1] = '\0'; 695 if (len == 1) { 696 slash = 0; 697 continue; 698 } 699 if (isspace(*line) || 700 *line == ':' || *line == '#' || slash) { 701 if (line[len - 2] == '\\') 702 slash = 1; 703 else 704 slash = 0; 705 continue; 706 } 707 if (line[len - 2] == '\\') 708 slash = 1; 709 else 710 slash = 0; 711 } 712 713 714 /* 715 * Line points to a name line. 716 */ 717 i = 0; 718 done = 0; 719 np = nbuf; 720 for (;;) { 721 for (cp = line; *cp != '\0'; cp++) { 722 if (*cp == ':') { 723 *np++ = ':'; 724 done = 1; 725 break; 726 } 727 if (*cp == '\\') 728 break; 729 *np++ = *cp; 730 } 731 if (done) { 732 *np = '\0'; 733 break; 734 } else { /* name field extends beyond the line */ 735 line = fgetln(pfp, &len); 736 if (line == NULL && pfp) { 737 (void)fclose(pfp); 738 if (ferror(pfp)) { 739 (void)cgetclose(); 740 return (-1); 741 } 742 } else 743 line[len - 1] = '\0'; 744 } 745 } 746 rp = buf; 747 for(cp = nbuf; *cp != NULL; cp++) 748 if (*cp == '|' || *cp == ':') 749 break; 750 else 751 *rp++ = *cp; 752 753 *rp = '\0'; 754 /* 755 * XXX 756 * Last argument of getent here should be nbuf if we want true 757 * sequential access in the case of duplicates. 758 * With NULL, getent will return the first entry found 759 * rather than the duplicate entry record. This is a 760 * matter of semantics that should be resolved. 761 */ 762 status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); 763 if (status == -2 || status == -3) 764 (void)cgetclose(); 765 766 return (status + 1); 767 } 768 /* NOTREACHED */ 769 } 770 771 /* 772 * Cgetstr retrieves the value of the string capability cap from the 773 * capability record pointed to by buf. A pointer to a decoded, NUL 774 * terminated, malloc'd copy of the string is returned in the char * 775 * pointed to by str. The length of the string not including the trailing 776 * NUL is returned on success, -1 if the requested string capability 777 * couldn't be found, -2 if a system error was encountered (storage 778 * allocation failure). 779 */ 780 int 781 cgetstr(buf, cap, str) 782 char *buf, *cap; 783 char **str; 784 { 785 register u_int m_room; 786 register char *bp, *mp; 787 int len; 788 char *mem; 789 790 /* 791 * Find string capability cap 792 */ 793 bp = cgetcap(buf, cap, '='); 794 if (bp == NULL) 795 return (-1); 796 797 /* 798 * Conversion / storage allocation loop ... Allocate memory in 799 * chunks SFRAG in size. 800 */ 801 if ((mem = malloc(SFRAG)) == NULL) { 802 errno = ENOMEM; 803 return (-2); /* couldn't even allocate the first fragment */ 804 } 805 m_room = SFRAG; 806 mp = mem; 807 808 while (*bp != ':' && *bp != '\0') { 809 /* 810 * Loop invariants: 811 * There is always room for one more character in mem. 812 * Mp always points just past last character in mem. 813 * Bp always points at next character in buf. 814 */ 815 if (*bp == '^') { 816 bp++; 817 if (*bp == ':' || *bp == '\0') 818 break; /* drop unfinished escape */ 819 *mp++ = *bp++ & 037; 820 } else if (*bp == '\\') { 821 bp++; 822 if (*bp == ':' || *bp == '\0') 823 break; /* drop unfinished escape */ 824 if ('0' <= *bp && *bp <= '7') { 825 register int n, i; 826 827 n = 0; 828 i = 3; /* maximum of three octal digits */ 829 do { 830 n = n * 8 + (*bp++ - '0'); 831 } while (--i && '0' <= *bp && *bp <= '7'); 832 *mp++ = n; 833 } 834 else switch (*bp++) { 835 case 'b': case 'B': 836 *mp++ = '\b'; 837 break; 838 case 't': case 'T': 839 *mp++ = '\t'; 840 break; 841 case 'n': case 'N': 842 *mp++ = '\n'; 843 break; 844 case 'f': case 'F': 845 *mp++ = '\f'; 846 break; 847 case 'r': case 'R': 848 *mp++ = '\r'; 849 break; 850 case 'e': case 'E': 851 *mp++ = ESC; 852 break; 853 case 'c': case 'C': 854 *mp++ = ':'; 855 break; 856 default: 857 /* 858 * Catches '\', '^', and 859 * everything else. 860 */ 861 *mp++ = *(bp-1); 862 break; 863 } 864 } else 865 *mp++ = *bp++; 866 m_room--; 867 868 /* 869 * Enforce loop invariant: if no room left in current 870 * buffer, try to get some more. 871 */ 872 if (m_room == 0) { 873 size_t size = mp - mem; 874 875 if ((mem = realloc(mem, size + SFRAG)) == NULL) 876 return (-2); 877 m_room = SFRAG; 878 mp = mem + size; 879 } 880 } 881 *mp++ = '\0'; /* loop invariant let's us do this */ 882 m_room--; 883 len = mp - mem - 1; 884 885 /* 886 * Give back any extra memory and return value and success. 887 */ 888 if (m_room != 0) 889 if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) 890 return (-2); 891 *str = mem; 892 return (len); 893 } 894 895 /* 896 * Cgetustr retrieves the value of the string capability cap from the 897 * capability record pointed to by buf. The difference between cgetustr() 898 * and cgetstr() is that cgetustr does not decode escapes but rather treats 899 * all characters literally. A pointer to a NUL terminated malloc'd 900 * copy of the string is returned in the char pointed to by str. The 901 * length of the string not including the trailing NUL is returned on success, 902 * -1 if the requested string capability couldn't be found, -2 if a system 903 * error was encountered (storage allocation failure). 904 */ 905 int 906 cgetustr(buf, cap, str) 907 char *buf, *cap, **str; 908 { 909 register u_int m_room; 910 register char *bp, *mp; 911 int len; 912 char *mem; 913 914 /* 915 * Find string capability cap 916 */ 917 if ((bp = cgetcap(buf, cap, '=')) == NULL) 918 return (-1); 919 920 /* 921 * Conversion / storage allocation loop ... Allocate memory in 922 * chunks SFRAG in size. 923 */ 924 if ((mem = malloc(SFRAG)) == NULL) { 925 errno = ENOMEM; 926 return (-2); /* couldn't even allocate the first fragment */ 927 } 928 m_room = SFRAG; 929 mp = mem; 930 931 while (*bp != ':' && *bp != '\0') { 932 /* 933 * Loop invariants: 934 * There is always room for one more character in mem. 935 * Mp always points just past last character in mem. 936 * Bp always points at next character in buf. 937 */ 938 *mp++ = *bp++; 939 m_room--; 940 941 /* 942 * Enforce loop invariant: if no room left in current 943 * buffer, try to get some more. 944 */ 945 if (m_room == 0) { 946 size_t size = mp - mem; 947 948 if ((mem = realloc(mem, size + SFRAG)) == NULL) 949 return (-2); 950 m_room = SFRAG; 951 mp = mem + size; 952 } 953 } 954 *mp++ = '\0'; /* loop invariant let's us do this */ 955 m_room--; 956 len = mp - mem - 1; 957 958 /* 959 * Give back any extra memory and return value and success. 960 */ 961 if (m_room != 0) 962 if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) 963 return (-2); 964 *str = mem; 965 return (len); 966 } 967 968 /* 969 * Cgetnum retrieves the value of the numeric capability cap from the 970 * capability record pointed to by buf. The numeric value is returned in 971 * the long pointed to by num. 0 is returned on success, -1 if the requested 972 * numeric capability couldn't be found. 973 */ 974 int 975 cgetnum(buf, cap, num) 976 char *buf, *cap; 977 long *num; 978 { 979 register long n; 980 register int base, digit; 981 register char *bp; 982 983 /* 984 * Find numeric capability cap 985 */ 986 bp = cgetcap(buf, cap, '#'); 987 if (bp == NULL) 988 return (-1); 989 990 /* 991 * Look at value and determine numeric base: 992 * 0x... or 0X... hexadecimal, 993 * else 0... octal, 994 * else decimal. 995 */ 996 if (*bp == '0') { 997 bp++; 998 if (*bp == 'x' || *bp == 'X') { 999 bp++; 1000 base = 16; 1001 } else 1002 base = 8; 1003 } else 1004 base = 10; 1005 1006 /* 1007 * Conversion loop ... 1008 */ 1009 n = 0; 1010 for (;;) { 1011 if ('0' <= *bp && *bp <= '9') 1012 digit = *bp - '0'; 1013 else if ('a' <= *bp && *bp <= 'f') 1014 digit = 10 + *bp - 'a'; 1015 else if ('A' <= *bp && *bp <= 'F') 1016 digit = 10 + *bp - 'A'; 1017 else 1018 break; 1019 1020 if (digit >= base) 1021 break; 1022 1023 n = n * base + digit; 1024 bp++; 1025 } 1026 1027 /* 1028 * Return value and success. 1029 */ 1030 *num = n; 1031 return (0); 1032 } 1033 1034 1035 /* 1036 * Compare name field of record. 1037 */ 1038 static int 1039 nfcmp(nf, rec) 1040 char *nf, *rec; 1041 { 1042 char *cp, tmp; 1043 int ret; 1044 1045 for (cp = rec; *cp != ':'; cp++) 1046 ; 1047 1048 tmp = *(cp + 1); 1049 *(cp + 1) = '\0'; 1050 ret = strcmp(nf, rec); 1051 *(cp + 1) = tmp; 1052 1053 return (ret); 1054 } 1055