Page MenuHome GnuPG
Files F34306963

No OneTemporary
Actions

View Options

diff --git a/common/mbox-util.c b/common/mbox-util.c
index a9086a3f5..fb6d06780 100644
--- a/common/mbox-util.c
+++ b/common/mbox-util.c
@@ -1,306 +1,277 @@
/* mbox-util.c - Mail address helper functions
* Copyright (C) 1998-2010 Free Software Foundation, Inc.
* Copyright (C) 1998-2015 Werner Koch
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
/* NB: GPGME uses the same code to reflect our idea on how to extract
* a mail address from a user id.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include "util.h"
#include "mbox-util.h"
static int
string_count_chr (const char *string, int c)
{
int count;
for (count=0; *string; string++ )
if ( *string == c )
count++;
return count;
}
static int
mem_count_chr (const void *buffer, int c, size_t length)
{
const char *s = buffer;
int count;
for (count=0; length; length--, s++)
if (*s == c)
count++;
return count;
}
-/* This is a case-sensitive version of our memistr. I wonder why no
- standard function memstr exists but I better do not use the name
- memstr to avoid future conflicts. */
-static const char *
-my_memstr (const void *buffer, size_t buflen, const char *sub)
-{
- const unsigned char *buf = buffer;
- const unsigned char *t = (const unsigned char *)buf;
- const unsigned char *s = (const unsigned char *)sub;
- size_t n = buflen;
-
- for ( ; n ; t++, n-- )
- {
- if (*t == *s)
- {
- for (buf = t++, buflen = n--, s++; n && *t ==*s; t++, s++, n--)
- ;
- if (!*s)
- return (const char*)buf;
- t = (const unsigned char *)buf;
- s = (const unsigned char *)sub ;
- n = buflen;
- }
- }
- return NULL;
-}
-
-
-
static int
string_has_ctrl_or_space (const char *string)
{
for (; *string; string++ )
if (!(*string & 0x80) && *string <= 0x20)
return 1;
return 0;
}
/* Return true if STRING has two consecutive '.' after an '@'
sign. */
static int
has_dotdot_after_at (const char *string)
{
string = strchr (string, '@');
if (!string)
return 0; /* No at-sign. */
string++;
return !!strstr (string, "..");
}
/* Check whether BUFFER has characters not valid in an RFC-822
address. LENGTH gives the length of BUFFER.
To cope with OpenPGP we ignore non-ascii characters so that for
example umlauts are legal in an email address. An OpenPGP user ID
must be utf-8 encoded but there is no strict requirement for
RFC-822. Thus to avoid IDNA encoding we put the address verbatim
as utf-8 into the user ID under the assumption that mail programs
handle IDNA at a lower level and take OpenPGP user IDs as utf-8.
Note that we can't do an utf-8 encoding checking here because in
keygen.c this function is called with the native encoding and
native to utf-8 encoding is only done later. */
int
has_invalid_email_chars (const void *buffer, size_t length)
{
const unsigned char *s = buffer;
int at_seen=0;
const char *valid_chars=
"01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ( ; length && *s; length--, s++ )
{
if ((*s & 0x80))
continue; /* We only care about ASCII. */
if (*s == '@')
at_seen=1;
else if (!at_seen && !(strchr (valid_chars, *s)
|| strchr ("!#$%&'*+/=?^`{|}~", *s)))
return 1;
else if (at_seen && !strchr (valid_chars, *s))
return 1;
}
return 0;
}
/* Same as is_valid_mailbox (see below) but operates on non-nul
terminated buffer. */
int
is_valid_mailbox_mem (const void *name_arg, size_t namelen)
{
const char *name = name_arg;
return !( !name
|| !namelen
|| has_invalid_email_chars (name, namelen)
|| mem_count_chr (name, '@', namelen) != 1
|| *name == '@'
|| name[namelen-1] == '@'
|| name[namelen-1] == '.'
- || my_memstr (name, namelen, ".."));
+ || gnupg_memstr (name, namelen, ".."));
}
/* Check whether NAME represents a valid mailbox according to
RFC822. Returns true if so. */
int
is_valid_mailbox (const char *name)
{
return name? is_valid_mailbox_mem (name, strlen (name)) : 0;
}
/* Return the mailbox (local-part@domain) form a standard user id.
* All plain ASCII characters in the result are converted to
* lowercase. If SUBADDRESS is 1, '+' denoted sub-addresses are not
* included in the result. Caller must free the result. Returns NULL
* if no valid mailbox was found (or we are out of memory). */
char *
mailbox_from_userid (const char *userid, int subaddress)
{
const char *s, *s_end;
size_t len;
char *result = NULL;
s = strchr (userid, '<');
if (s)
{
/* Seems to be a standard user id. */
s++;
s_end = strchr (s, '>');
if (s_end && s_end > s)
{
len = s_end - s;
result = xtrymalloc (len + 1);
if (!result)
return NULL; /* Ooops - out of core. */
strncpy (result, s, len);
result[len] = 0;
/* Apply some basic checks on the address. We do not use
is_valid_mailbox because those checks are too strict. */
if (string_count_chr (result, '@') != 1 /* Need exactly one '@. */
|| *result == '@' /* local-part missing. */
|| result[len-1] == '@' /* domain missing. */
|| result[len-1] == '.' /* ends with a dot. */
|| string_has_ctrl_or_space (result)
|| has_dotdot_after_at (result))
{
xfree (result);
result = NULL;
errno = EINVAL;
}
}
else
errno = EINVAL;
}
else if (is_valid_mailbox (userid))
{
/* The entire user id is a mailbox. Return that one. Note that
this fallback method has some restrictions on the valid
syntax of the mailbox. However, those who want weird
addresses should know about it and use the regular <...>
syntax. */
result = xtrystrdup (userid);
}
else
errno = EINVAL;
if (result && subaddress == 1)
{
char *atsign, *plus;
if ((atsign = strchr (result, '@')))
{
/* We consider a subaddress only if there is a single '+'
* in the local part and the '+' is not the first or last
* character. */
*atsign = 0;
if ((plus = strchr (result, '+'))
&& !strchr (plus+1, '+')
&& result != plus
&& plus[1] )
{
*atsign = '@';
memmove (plus, atsign, strlen (atsign)+1);
}
else
*atsign = '@';
}
}
return result? ascii_strlwr (result): NULL;
}
/* Check whether UID is a valid standard user id of the form
"Heinrich Heine <heinrichh@duesseldorf.de>"
and return true if this is the case. */
int
is_valid_user_id (const char *uid)
{
if (!uid || !*uid)
return 0;
return 1;
}
/* Returns true if STRING is a valid domain name according to the LDH
* rule. */
int
is_valid_domain_name (const char *string)
{
static char const ldh_chars[] =
"01234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-";
const char *s;
/* Note that we do not check the length limit of a label or the
* entire name */
for (s=string; *s; s++)
if (*s == '.')
{
if (string == s)
return 0; /* Dot at the start of the string. */
/* (may also be at the end like in ".") */
if (s[1] == '.')
return 0; /* No - double dot. */
}
else if (!strchr (ldh_chars, *s))
return 0;
else if (*s == '-')
{
if (string == s)
return 0; /* Leading hyphen. */
if (s[-1] == '.')
return 0; /* Hyphen at begin of a label. */
if (s[1] == '.')
return 0; /* Hyphen at start of a label. */
if (!s[1])
return 0; /* Trailing hyphen. */
}
return !!*string;
}
diff --git a/common/recsel.c b/common/recsel.c
index ea0858c84..fa3debaaf 100644
--- a/common/recsel.c
+++ b/common/recsel.c
@@ -1,639 +1,608 @@
/* recsel.c - Record selection
* Copyright (C) 2014, 2016 Werner Koch
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include "util.h"
#include "recsel.h"
/* Select operators. */
typedef enum
{
SELECT_SAME,
SELECT_SUB,
SELECT_NONEMPTY,
SELECT_ISTRUE,
SELECT_EQ, /* Numerically equal. */
SELECT_LE,
SELECT_GE,
SELECT_LT,
SELECT_GT,
SELECT_STRLE, /* String is less or equal. */
SELECT_STRGE,
SELECT_STRLT,
SELECT_STRGT
} select_op_t;
/* Definition for a select expression. */
struct recsel_expr_s
{
recsel_expr_t next;
select_op_t op; /* Operation code. */
unsigned int not:1; /* Negate operators. */
unsigned int disjun:1;/* Start of a disjunction. */
unsigned int xcase:1; /* String match is case sensitive. */
const char *value; /* (Points into NAME.) */
long numvalue; /* strtol of VALUE. */
char name[1]; /* Name of the property. */
};
/* Helper */
static inline gpg_error_t
my_error_from_syserror (void)
{
return gpg_err_make (default_errsource, gpg_err_code_from_syserror ());
}
/* Helper */
static inline gpg_error_t
my_error (gpg_err_code_t ec)
{
return gpg_err_make (default_errsource, ec);
}
-/* This is a case-sensitive version of our memistr. I wonder why no
- * standard function memstr exists but I better do not use the name
- * memstr to avoid future conflicts.
- *
- * FIXME: Move this to a stringhelp.c
- */
-static const char *
-my_memstr (const void *buffer, size_t buflen, const char *sub)
-{
- const unsigned char *buf = buffer;
- const unsigned char *t = (const unsigned char *)buf;
- const unsigned char *s = (const unsigned char *)sub;
- size_t n = buflen;
-
- for ( ; n ; t++, n-- )
- {
- if (*t == *s)
- {
- for (buf = t++, buflen = n--, s++; n && *t ==*s; t++, s++, n--)
- ;
- if (!*s)
- return (const char*)buf;
- t = (const unsigned char *)buf;
- s = (const unsigned char *)sub ;
- n = buflen;
- }
- }
- return NULL;
-}
-
-
/* Return a pointer to the next logical connection operator or NULL if
* none. */
static char *
find_next_lc (char *string)
{
char *p1, *p2;
p1 = strchr (string, '&');
if (p1 && p1[1] != '&')
p1 = NULL;
p2 = strchr (string, '|');
if (p2 && p2[1] != '|')
p2 = NULL;
if (p1 && !p2)
return p1;
if (!p1)
return p2;
return p1 < p2 ? p1 : p2;
}
/* Parse an expression. The expression syntax is:
*
* [<lc>] {{<flag>} PROPNAME <op> VALUE [<lc>]}
*
* A [] indicates an optional part, a {} a repetition. PROPNAME and
* VALUE may not be the empty string. White space between the
* elements is ignored. Numerical values are computed as long int;
* standard C notation applies. <lc> is the logical connection
* operator; either "&&" for a conjunction or "||" for a disjunction.
* A conjunction is assumed at the begin of an expression and
* conjunctions have higher precedence than disjunctions. If VALUE
* starts with one of the characters used in any <op> a space after
* the <op> is required. A VALUE is terminated by an <lc> unless the
* "--" <flag> is used in which case the VALUE spans to the end of the
* expression. <op> may be any of
*
* =~ Substring must match
* !~ Substring must not match
* = The full string must match
* <> The full string must not match
* == The numerical value must match
* != The numerical value must not match
* <= The numerical value of the field must be LE than the value.
* < The numerical value of the field must be LT than the value.
* >= The numerical value of the field must be GT than the value.
* >= The numerical value of the field must be GE than the value.
* -n True if value is not empty (no VALUE parameter allowed).
* -z True if value is empty (no VALUE parameter allowed).
* -t Alias for "PROPNAME != 0" (no VALUE parameter allowed).
* -f Alias for "PROPNAME == 0" (no VALUE parameter allowed).
*
* Values for <flag> must be space separated and any of:
*
* -- VALUE spans to the end of the expression.
* -c The string match in this part is done case-sensitive.
* -t Do not trim leading and trailing spaces from VALUE.
* Note that a space after <op> is here required.
* -r RFU: String match uses a regular expression
*
* For example four calls to recsel_parse_expr() with these values for
* EXPR
*
* "uid =~ Alfa"
* "&& uid !~ Test"
* "|| uid =~ Alpha"
* "uid !~ Test"
*
* or the equivalent expression
*
* "uid =~ Alfa" && uid !~ Test" || uid =~ Alpha" && "uid !~ Test"
*
* are making a selector for records where the "uid" property contains
* the strings "Alfa" or "Alpha" but not the String "test".
*
* The caller must pass the address of a selector variable to this
* function and initialize the value of the function to NULL before
* the first call. recsel_release needs to be called to free the
* selector.
*/
gpg_error_t
recsel_parse_expr (recsel_expr_t *selector, const char *expression)
{
recsel_expr_t se_head = NULL;
recsel_expr_t se, se2;
char *expr_buffer;
char *expr;
char *s0, *s;
int toend = 0;
int xcase = 0;
int notrim = 0;
int disjun = 0;
char *next_lc = NULL;
while (*expression == ' ' || *expression == '\t')
expression++;
expr_buffer = xtrystrdup (expression);
if (!expr_buffer)
return my_error_from_syserror ();
expr = expr_buffer;
if (*expr == '|' && expr[1] == '|')
{
disjun = 1;
expr += 2;
}
else if (*expr == '&' && expr[1] == '&')
expr += 2;
next_term:
while (*expr == ' ' || *expr == '\t')
expr++;
while (*expr == '-')
{
switch (*++expr)
{
case '-': toend = 1; break;
case 'c': xcase = 1; break;
case 't': notrim = 1; break;
default:
log_error ("invalid flag '-%c' in expression\n", *expr);
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_INV_FLAG);
}
expr++;
while (*expr == ' ' || *expr == '\t')
expr++;
}
next_lc = toend? NULL : find_next_lc (expr);
if (next_lc)
*next_lc = 0; /* Terminate this term. */
se = xtrymalloc (sizeof *se + strlen (expr));
if (!se)
{
gpg_error_t err = my_error_from_syserror ();
recsel_release (se_head);
xfree (expr_buffer);
return err;
}
strcpy (se->name, expr);
se->next = NULL;
se->not = 0;
se->disjun = disjun;
se->xcase = xcase;
if (!se_head)
se_head = se;
else
{
for (se2 = se_head; se2->next; se2 = se2->next)
;
se2->next = se;
}
s = strpbrk (expr, "=<>!~-");
if (!s || s == expr )
{
log_error ("no field name given in expression\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_NO_NAME);
}
s0 = s;
if (!strncmp (s, "=~", 2))
{
se->op = SELECT_SUB;
s += 2;
}
else if (!strncmp (s, "!~", 2))
{
se->op = SELECT_SUB;
se->not = 1;
s += 2;
}
else if (!strncmp (s, "<>", 2))
{
se->op = SELECT_SAME;
se->not = 1;
s += 2;
}
else if (!strncmp (s, "==", 2))
{
se->op = SELECT_EQ;
s += 2;
}
else if (!strncmp (s, "!=", 2))
{
se->op = SELECT_EQ;
se->not = 1;
s += 2;
}
else if (!strncmp (s, "<=", 2))
{
se->op = SELECT_LE;
s += 2;
}
else if (!strncmp (s, ">=", 2))
{
se->op = SELECT_GE;
s += 2;
}
else if (!strncmp (s, "<", 1))
{
se->op = SELECT_LT;
s += 1;
}
else if (!strncmp (s, ">", 1))
{
se->op = SELECT_GT;
s += 1;
}
else if (!strncmp (s, "=", 1))
{
se->op = SELECT_SAME;
s += 1;
}
else if (!strncmp (s, "-z", 2))
{
se->op = SELECT_NONEMPTY;
se->not = 1;
s += 2;
}
else if (!strncmp (s, "-n", 2))
{
se->op = SELECT_NONEMPTY;
s += 2;
}
else if (!strncmp (s, "-f", 2))
{
se->op = SELECT_ISTRUE;
se->not = 1;
s += 2;
}
else if (!strncmp (s, "-t", 2))
{
se->op = SELECT_ISTRUE;
s += 2;
}
else if (!strncmp (s, "-le", 3))
{
se->op = SELECT_STRLE;
s += 3;
}
else if (!strncmp (s, "-ge", 3))
{
se->op = SELECT_STRGE;
s += 3;
}
else if (!strncmp (s, "-lt", 3))
{
se->op = SELECT_STRLT;
s += 3;
}
else if (!strncmp (s, "-gt", 3))
{
se->op = SELECT_STRGT;
s += 3;
}
else
{
log_error ("invalid operator in expression\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_INV_OP);
}
/* We require that a space is used if the value starts with any of
the operator characters. */
if (se->op == SELECT_NONEMPTY || se->op == SELECT_ISTRUE)
;
else if (strchr ("=<>!~", *s))
{
log_error ("invalid operator in expression\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_INV_OP);
}
if (*s == ' ' || *s == '\t')
s++;
if (!notrim)
while (*s == ' ' || *s == '\t')
s++;
if (se->op == SELECT_NONEMPTY || se->op == SELECT_ISTRUE)
{
if (*s)
{
log_error ("value given for -n or -z\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_SYNTAX);
}
}
else
{
if (!*s)
{
log_error ("no value given in expression\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_MISSING_VALUE);
}
}
se->name[s0 - expr] = 0;
trim_spaces (se->name);
if (!se->name[0])
{
log_error ("no field name given in expression\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_NO_NAME);
}
if (!notrim)
trim_spaces (se->name + (s - expr));
se->value = se->name + (s - expr);
if (!se->value[0] && !(se->op == SELECT_NONEMPTY || se->op == SELECT_ISTRUE))
{
log_error ("no value given in expression\n");
recsel_release (se_head);
xfree (expr_buffer);
return my_error (GPG_ERR_MISSING_VALUE);
}
se->numvalue = strtol (se->value, NULL, 0);
if (next_lc)
{
disjun = next_lc[1] == '|';
expr = next_lc + 2;
goto next_term;
}
/* Read:y Append to passes last selector. */
if (!*selector)
*selector = se_head;
else
{
for (se2 = *selector; se2->next; se2 = se2->next)
;
se2->next = se_head;
}
xfree (expr_buffer);
return 0;
}
void
recsel_release (recsel_expr_t a)
{
while (a)
{
recsel_expr_t tmp = a->next;
xfree (a);
a = tmp;
}
}
void
recsel_dump (recsel_expr_t selector)
{
recsel_expr_t se;
log_debug ("--- Begin selectors ---\n");
for (se = selector; se; se = se->next)
{
log_debug ("%s %s %s %s '%s'\n",
se==selector? " ": (se->disjun? "||":"&&"),
se->xcase? "-c":" ",
se->name,
se->op == SELECT_SAME? (se->not? "<>":"= "):
se->op == SELECT_SUB? (se->not? "!~":"=~"):
se->op == SELECT_NONEMPTY?(se->not? "-z":"-n"):
se->op == SELECT_ISTRUE? (se->not? "-f":"-t"):
se->op == SELECT_EQ? (se->not? "!=":"=="):
se->op == SELECT_LT? "< ":
se->op == SELECT_LE? "<=":
se->op == SELECT_GT? "> ":
se->op == SELECT_GE? ">=":
se->op == SELECT_STRLT? "-lt":
se->op == SELECT_STRLE? "-le":
se->op == SELECT_STRGT? "-gt":
se->op == SELECT_STRGE? "-ge":
/**/ "[oops]",
se->value);
}
log_debug ("--- End selectors ---\n");
}
/* Return true if the record RECORD has been selected. The GETVAL
* function is called with COOKIE and the NAME of a property used in
* the expression. */
int
recsel_select (recsel_expr_t selector,
const char *(*getval)(void *cookie, const char *propname),
void *cookie)
{
recsel_expr_t se;
const char *value;
size_t selen, valuelen;
long numvalue;
int result = 1;
se = selector;
while (se)
{
value = getval? getval (cookie, se->name) : NULL;
if (!value)
value = "";
if (!*value)
{
/* Field is empty. */
result = 0;
}
else /* Field has a value. */
{
valuelen = strlen (value);
numvalue = strtol (value, NULL, 0);
selen = strlen (se->value);
switch (se->op)
{
case SELECT_SAME:
if (se->xcase)
result = (valuelen==selen && !memcmp (value,se->value,selen));
else
result = (valuelen==selen && !memicmp (value,se->value,selen));
break;
case SELECT_SUB:
if (se->xcase)
- result = !!my_memstr (value, valuelen, se->value);
+ result = !!gnupg_memstr (value, valuelen, se->value);
else
result = !!memistr (value, valuelen, se->value);
break;
case SELECT_NONEMPTY:
result = !!valuelen;
break;
case SELECT_ISTRUE:
result = !!numvalue;
break;
case SELECT_EQ:
result = (numvalue == se->numvalue);
break;
case SELECT_GT:
result = (numvalue > se->numvalue);
break;
case SELECT_GE:
result = (numvalue >= se->numvalue);
break;
case SELECT_LT:
result = (numvalue < se->numvalue);
break;
case SELECT_LE:
result = (numvalue <= se->numvalue);
break;
case SELECT_STRGT:
if (se->xcase)
result = strcmp (value, se->value) > 0;
else
result = strcasecmp (value, se->value) > 0;
break;
case SELECT_STRGE:
if (se->xcase)
result = strcmp (value, se->value) >= 0;
else
result = strcasecmp (value, se->value) >= 0;
break;
case SELECT_STRLT:
if (se->xcase)
result = strcmp (value, se->value) < 0;
else
result = strcasecmp (value, se->value) < 0;
break;
case SELECT_STRLE:
if (se->xcase)
result = strcmp (value, se->value) <= 0;
else
result = strcasecmp (value, se->value) <= 0;
break;
}
}
if (se->not)
result = !result;
if (result)
{
/* This expression evaluated to true. See whether there are
remaining expressions in this conjunction. */
if (!se->next || se->next->disjun)
break; /* All expressions are true. Return True. */
se = se->next; /* Test the next. */
}
else
{
/* This expression evaluated to false and thus the
* conjunction evaluates to false. We skip over the
* remaining expressions of this conjunction and continue
* with the next disjunction if any. */
do
se = se->next;
while (se && !se->disjun);
}
}
return result;
}
diff --git a/common/stringhelp.c b/common/stringhelp.c
index 1049c78e2..5407653de 100644
--- a/common/stringhelp.c
+++ b/common/stringhelp.c
@@ -1,1825 +1,1854 @@
/* stringhelp.c - standard string helper functions
* Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007,
* 2008, 2009, 2010 Free Software Foundation, Inc.
* Copyright (C) 2014 Werner Koch
* Copyright (C) 2015, 2021 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute and/or modify this
* part of GnuPG under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* GnuPG is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copies of the GNU General Public License
* and the GNU Lesser General Public License along with this program;
* if not, see <https://www.gnu.org/licenses/>.
* SPDX-License-Identifier: (LGPL-3.0-or-later OR GPL-2.0-or-later)
*/
#include <config.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include <ctype.h>
#include <errno.h>
#ifdef HAVE_PWD_H
# include <pwd.h>
#endif
#include <unistd.h>
#include <sys/types.h>
#ifdef HAVE_W32_SYSTEM
# ifdef HAVE_WINSOCK2_H
# include <winsock2.h>
# endif
# include <windows.h>
#endif
#include <limits.h>
#include "util.h"
#include "common-defs.h"
#include "utf8conv.h"
#include "sysutils.h"
#include "stringhelp.h"
#define tohex_lower(n) ((n) < 10 ? ((n) + '0') : (((n) - 10) + 'a'))
/* Sometimes we want to avoid mixing slashes and backslashes on W32
and prefer backslashes. There is usual no problem with mixing
them, however a very few W32 API calls can't grok plain slashes.
Printing filenames with mixed slashes also looks a bit strange.
This function has no effext on POSIX. */
static inline char *
change_slashes (char *name)
{
#ifdef HAVE_DOSISH_SYSTEM
char *p;
if (strchr (name, '\\'))
{
for (p=name; *p; p++)
if (*p == '/')
*p = '\\';
}
#endif /*HAVE_DOSISH_SYSTEM*/
return name;
}
/*
* Check whether STRING starts with KEYWORD. The keyword is
* delimited by end of string, a space or a tab. Returns NULL if not
* found or a pointer into STRING to the next non-space character
* after the KEYWORD (which may be end of string).
*/
char *
has_leading_keyword (const char *string, const char *keyword)
{
size_t n = strlen (keyword);
if (!strncmp (string, keyword, n)
&& (!string[n] || string[n] == ' ' || string[n] == '\t'))
{
string += n;
while (*string == ' ' || *string == '\t')
string++;
return (char*)string;
}
return NULL;
}
/*
* Look for the substring SUB in buffer and return a pointer to that
* substring in BUFFER or NULL if not found.
* Comparison is case-insensitive.
*/
const char *
memistr (const void *buffer, size_t buflen, const char *sub)
{
const unsigned char *buf = buffer;
const unsigned char *t = (const unsigned char *)buffer;
const unsigned char *s = (const unsigned char *)sub;
size_t n = buflen;
for ( ; n ; t++, n-- )
{
if ( toupper (*t) == toupper (*s) )
{
for ( buf=t++, buflen = n--, s++;
n && toupper (*t) == toupper (*s); t++, s++, n-- )
;
if (!*s)
return (const char*)buf;
t = buf;
s = (const unsigned char *)sub ;
n = buflen;
}
}
return NULL;
}
const char *
ascii_memistr ( const void *buffer, size_t buflen, const char *sub )
{
const unsigned char *buf = buffer;
const unsigned char *t = (const unsigned char *)buf;
const unsigned char *s = (const unsigned char *)sub;
size_t n = buflen;
for ( ; n ; t++, n-- )
{
if (ascii_toupper (*t) == ascii_toupper (*s) )
{
for ( buf=t++, buflen = n--, s++;
n && ascii_toupper (*t) == ascii_toupper (*s); t++, s++, n-- )
;
if (!*s)
return (const char*)buf;
t = (const unsigned char *)buf;
s = (const unsigned char *)sub ;
n = buflen;
}
}
return NULL;
}
+/* This is a case-sensitive version of our memistr. I wonder why no
+ * standard function memstr exists but we better do not use the name
+ * memstr to avoid future conflicts.
+ */
+const char *
+gnupg_memstr (const void *buffer, size_t buflen, const char *sub)
+{
+ const unsigned char *buf = buffer;
+ const unsigned char *t = (const unsigned char *)buf;
+ const unsigned char *s = (const unsigned char *)sub;
+ size_t n = buflen;
+
+ for ( ; n ; t++, n-- )
+ {
+ if (*t == *s)
+ {
+ for (buf = t++, buflen = n--, s++; n && *t ==*s; t++, s++, n--)
+ ;
+ if (!*s)
+ return (const char*)buf;
+ t = (const unsigned char *)buf;
+ s = (const unsigned char *)sub ;
+ n = buflen;
+ }
+ }
+ return NULL;
+}
+
+
/* This function is similar to strncpy(). However it won't copy more
* than N - 1 characters and makes sure that a '\0' is appended. With
* N given as 0, nothing will happen. With DEST given as NULL, memory
* will be allocated using xmalloc (i.e. if it runs out of core the
* function terminates). Returns DEST or a pointer to the allocated
* memory.
*/
char *
mem2str (char *dest, const void *src, size_t n)
{
char *d;
const char *s;
if (n)
{
if (!dest)
dest = xmalloc (n);
d = dest;
s = src ;
for (n--; n && *s; n--)
*d++ = *s++;
*d = '\0' ;
}
return dest;
}
/****************
* remove leading and trailing white spaces
*/
char *
trim_spaces( char *str )
{
char *string, *p, *mark;
string = str;
/* find first non space character */
for( p=string; *p && isspace( *(byte*)p ) ; p++ )
;
/* move characters */
for( (mark = NULL); (*string = *p); string++, p++ )
if( isspace( *(byte*)p ) ) {
if( !mark )
mark = string ;
}
else
mark = NULL ;
if( mark )
*mark = '\0' ; /* remove trailing spaces */
return str ;
}
/* Same as trim_spaces but only consider, space, tab, cr and lf as space. */
char *
ascii_trim_spaces (char *str)
{
char *string, *p, *mark;
string = str;
/* Find first non-ascii space character. */
for (p=string; *p && ascii_isspace (*p); p++)
;
/* Move characters. */
for (mark=NULL; (*string = *p); string++, p++ )
{
if (ascii_isspace (*p))
{
if (!mark)
mark = string;
}
else
mark = NULL ;
}
if (mark)
*mark = '\0' ; /* Remove trailing spaces. */
return str ;
}
/****************
* remove trailing white spaces
*/
char *
trim_trailing_spaces( char *string )
{
char *p, *mark;
for( mark = NULL, p = string; *p; p++ ) {
if( isspace( *(byte*)p ) ) {
if( !mark )
mark = p;
}
else
mark = NULL;
}
if( mark )
*mark = '\0' ;
return string ;
}
unsigned
trim_trailing_chars( byte *line, unsigned len, const char *trimchars )
{
byte *p, *mark;
unsigned n;
for(mark=NULL, p=line, n=0; n < len; n++, p++ ) {
if( strchr(trimchars, *p ) ) {
if( !mark )
mark = p;
}
else
mark = NULL;
}
if( mark ) {
*mark = 0;
return mark - line;
}
return len;
}
/****************
* remove trailing white spaces and return the length of the buffer
*/
unsigned
trim_trailing_ws( byte *line, unsigned len )
{
return trim_trailing_chars( line, len, " \t\r\n" );
}
size_t
length_sans_trailing_chars (const unsigned char *line, size_t len,
const char *trimchars )
{
const unsigned char *p, *mark;
size_t n;
for( mark=NULL, p=line, n=0; n < len; n++, p++ )
{
if (strchr (trimchars, *p ))
{
if( !mark )
mark = p;
}
else
mark = NULL;
}
if (mark)
return mark - line;
return len;
}
/*
* Return the length of line ignoring trailing white-space.
*/
size_t
length_sans_trailing_ws (const unsigned char *line, size_t len)
{
return length_sans_trailing_chars (line, len, " \t\r\n");
}
/*
* Extract from a given path the filename component. This function
* terminates the process on memory shortage.
*/
char *
make_basename(const char *filepath, const char *inputpath)
{
#ifdef __riscos__
return riscos_make_basename(filepath, inputpath);
#else
char *p;
(void)inputpath; /* Only required for riscos. */
if ( !(p=strrchr(filepath, '/')) )
#ifdef HAVE_DOSISH_SYSTEM
if ( !(p=strrchr(filepath, '\\')) )
#endif
#ifdef HAVE_DRIVE_LETTERS
if ( !(p=strrchr(filepath, ':')) )
#endif
{
return xstrdup(filepath);
}
return xstrdup(p+1);
#endif
}
/*
* Extract from a given filename the path prepended to it. If there
* isn't a path prepended to the filename, a dot is returned ('.').
* This function terminates the process on memory shortage.
*/
char *
make_dirname(const char *filepath)
{
char *dirname;
int dirname_length;
char *p;
if ( !(p=strrchr(filepath, '/')) )
#ifdef HAVE_DOSISH_SYSTEM
if ( !(p=strrchr(filepath, '\\')) )
#endif
#ifdef HAVE_DRIVE_LETTERS
if ( !(p=strrchr(filepath, ':')) )
#endif
{
return xstrdup(".");
}
dirname_length = p-filepath;
dirname = xmalloc(dirname_length+1);
strncpy(dirname, filepath, dirname_length);
dirname[dirname_length] = 0;
return dirname;
}
static char *
get_pwdir (int xmode, const char *name)
{
char *result = NULL;
#ifdef HAVE_PWD_H
struct passwd *pwd = NULL;
if (name)
{
#ifdef HAVE_GETPWNAM
/* Fixme: We should use getpwnam_r if available. */
pwd = getpwnam (name);
#endif
}
else
{
#ifdef HAVE_GETPWUID
/* Fixme: We should use getpwuid_r if available. */
pwd = getpwuid (getuid());
#endif
}
if (pwd)
{
if (xmode)
result = xstrdup (pwd->pw_dir);
else
result = xtrystrdup (pwd->pw_dir);
}
#else /*!HAVE_PWD_H*/
/* No support at all. */
(void)xmode;
(void)name;
#endif /*HAVE_PWD_H*/
return result;
}
/* xmode 0 := Return NULL on error
1 := Terminate on error
2 := Make sure that name is absolute; return NULL on error
3 := Make sure that name is absolute; terminate on error
*/
static char *
do_make_filename (int xmode, const char *first_part, va_list arg_ptr)
{
const char *argv[32];
int argc;
size_t n;
int skip = 1;
char *home_buffer = NULL;
char *name, *home, *p;
int want_abs;
want_abs = !!(xmode & 2);
xmode &= 1;
n = strlen (first_part) + 1;
argc = 0;
while ( (argv[argc] = va_arg (arg_ptr, const char *)) )
{
n += strlen (argv[argc]) + 1;
if (argc >= DIM (argv)-1)
{
if (xmode)
BUG ();
gpg_err_set_errno (EINVAL);
return NULL;
}
argc++;
}
n++;
home = NULL;
if (*first_part == '~')
{
if (first_part[1] == '/' || !first_part[1])
{
/* This is the "~/" or "~" case. */
home = getenv("HOME");
if (!home)
home = home_buffer = get_pwdir (xmode, NULL);
if (home && *home)
n += strlen (home);
}
else
{
/* This is the "~username/" or "~username" case. */
char *user;
if (xmode)
user = xstrdup (first_part+1);
else
{
user = xtrystrdup (first_part+1);
if (!user)
return NULL;
}
p = strchr (user, '/');
if (p)
*p = 0;
skip = 1 + strlen (user);
home = home_buffer = get_pwdir (xmode, user);
xfree (user);
if (home)
n += strlen (home);
else
skip = 1;
}
}
if (xmode)
name = xmalloc (n);
else
{
name = xtrymalloc (n);
if (!name)
{
xfree (home_buffer);
return NULL;
}
}
if (home)
p = stpcpy (stpcpy (name, home), first_part + skip);
else
p = stpcpy (name, first_part);
xfree (home_buffer);
for (argc=0; argv[argc]; argc++)
{
/* Avoid a leading double slash if the first part was "/". */
if (!argc && name[0] == '/' && !name[1])
p = stpcpy (p, argv[argc]);
else
p = stpcpy (stpcpy (p, "/"), argv[argc]);
}
if (want_abs)
{
#ifdef HAVE_DRIVE_LETTERS
p = strchr (name, ':');
if (p)
p++;
else
p = name;
#else
p = name;
#endif
if (*p != '/'
#ifdef HAVE_DRIVE_LETTERS
&& *p != '\\'
#endif
)
{
home = gnupg_getcwd ();
if (!home)
{
if (xmode)
{
fprintf (stderr, "\nfatal: getcwd failed: %s\n",
strerror (errno));
exit(2);
}
xfree (name);
return NULL;
}
n = strlen (home) + 1 + strlen (name) + 1;
if (xmode)
home_buffer = xmalloc (n);
else
{
home_buffer = xtrymalloc (n);
if (!home_buffer)
{
xfree (home);
xfree (name);
return NULL;
}
}
if (p == name)
p = home_buffer;
else /* Windows case. */
{
memcpy (home_buffer, p, p - name + 1);
p = home_buffer + (p - name + 1);
}
/* Avoid a leading double slash if the cwd is "/". */
if (home[0] == '/' && !home[1])
strcpy (stpcpy (p, "/"), name);
else
strcpy (stpcpy (stpcpy (p, home), "/"), name);
xfree (home);
xfree (name);
name = home_buffer;
/* Let's do a simple compression to catch the most common
case of using "." for gpg's --homedir option. */
n = strlen (name);
if (n > 2 && name[n-2] == '/' && name[n-1] == '.')
name[n-2] = 0;
}
}
return change_slashes (name);
}
/* Construct a filename from the NULL terminated list of parts. Tilde
expansion is done for the first argument. This function terminates
the process on memory shortage. */
char *
make_filename (const char *first_part, ... )
{
va_list arg_ptr;
char *result;
va_start (arg_ptr, first_part);
result = do_make_filename (1, first_part, arg_ptr);
va_end (arg_ptr);
return result;
}
/* Construct a filename from the NULL terminated list of parts. Tilde
expansion is done for the first argument. This function may return
NULL on error. */
char *
make_filename_try (const char *first_part, ... )
{
va_list arg_ptr;
char *result;
va_start (arg_ptr, first_part);
result = do_make_filename (0, first_part, arg_ptr);
va_end (arg_ptr);
return result;
}
/* Construct an absolute filename from the NULL terminated list of
parts. Tilde expansion is done for the first argument. This
function terminates the process on memory shortage. */
char *
make_absfilename (const char *first_part, ... )
{
va_list arg_ptr;
char *result;
va_start (arg_ptr, first_part);
result = do_make_filename (3, first_part, arg_ptr);
va_end (arg_ptr);
return result;
}
/* Construct an absolute filename from the NULL terminated list of
parts. Tilde expansion is done for the first argument. This
function may return NULL on error. */
char *
make_absfilename_try (const char *first_part, ... )
{
va_list arg_ptr;
char *result;
va_start (arg_ptr, first_part);
result = do_make_filename (2, first_part, arg_ptr);
va_end (arg_ptr);
return result;
}
/* Compare whether the filenames are identical. This is a
special version of strcmp() taking the semantics of filenames in
account. Note that this function works only on the supplied names
without considering any context like the current directory. See
also same_file_p(). */
int
compare_filenames (const char *a, const char *b)
{
#ifdef HAVE_DOSISH_SYSTEM
for ( ; *a && *b; a++, b++ )
{
if (*a != *b
&& (toupper (*(const unsigned char*)a)
!= toupper (*(const unsigned char*)b) )
&& !((*a == '/' && *b == '\\') || (*a == '\\' && *b == '/')))
break;
}
if ((*a == '/' && *b == '\\') || (*a == '\\' && *b == '/'))
return 0;
else
return (toupper (*(const unsigned char*)a)
- toupper (*(const unsigned char*)b));
#else
return strcmp(a,b);
#endif
}
/* Convert a base-10 number in STRING into a 64 bit unsigned int
* value. Leading white spaces are skipped but no error checking is
* done. Thus it is similar to atoi(). */
uint64_t
string_to_u64 (const char *string)
{
uint64_t val = 0;
while (spacep (string))
string++;
for (; digitp (string); string++)
{
val *= 10;
val += *string - '0';
}
return val;
}
/* Convert 2 hex characters at S to a byte value. Return this value
or -1 if there is an error. */
int
hextobyte (const char *s)
{
int c;
if ( *s >= '0' && *s <= '9' )
c = 16 * (*s - '0');
else if ( *s >= 'A' && *s <= 'F' )
c = 16 * (10 + *s - 'A');
else if ( *s >= 'a' && *s <= 'f' )
c = 16 * (10 + *s - 'a');
else
return -1;
s++;
if ( *s >= '0' && *s <= '9' )
c += *s - '0';
else if ( *s >= 'A' && *s <= 'F' )
c += 10 + *s - 'A';
else if ( *s >= 'a' && *s <= 'f' )
c += 10 + *s - 'a';
else
return -1;
return c;
}
/* Given a string containing an UTF-8 encoded text, return the number
of characters in this string. It differs from strlen in that it
only counts complete UTF-8 characters. SIZE is the maximum length
of the string in bytes. If SIZE is -1, then a NUL character is
taken to be the end of the string. Note, that this function does
not take combined characters into account. */
size_t
utf8_charcount (const char *s, int len)
{
size_t n;
if (len == 0)
return 0;
for (n=0; *s; s++)
{
if ( (*s&0xc0) != 0x80 ) /* Exclude continuation bytes: 10xxxxxx */
n++;
if (len != -1)
{
len --;
if (len == 0)
break;
}
}
return n;
}
/****************************************************
********** W32 specific functions ****************
****************************************************/
#ifdef HAVE_W32_SYSTEM
const char *
w32_strerror (int ec)
{
static char strerr[256];
if (ec == -1)
ec = (int)GetLastError ();
FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM, NULL, ec,
MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
strerr, DIM (strerr)-1, NULL);
{
/* Strip the CR,LF - we want just the string. */
size_t n = strlen (strerr);
if (n > 2 && strerr[n-2] == '\r' && strerr[n-1] == '\n' )
strerr[n-2] = 0;
}
return strerr;
}
#endif /*HAVE_W32_SYSTEM*/
/****************************************************
******** Locale insensitive ctype functions ********
****************************************************/
/* FIXME: replace them by a table lookup and macros */
int
ascii_isupper (int c)
{
return c >= 'A' && c <= 'Z';
}
int
ascii_islower (int c)
{
return c >= 'a' && c <= 'z';
}
int
ascii_toupper (int c)
{
if (c >= 'a' && c <= 'z')
c &= ~0x20;
return c;
}
int
ascii_tolower (int c)
{
if (c >= 'A' && c <= 'Z')
c |= 0x20;
return c;
}
/* Lowercase all ASCII characters in S. */
char *
ascii_strlwr (char *s)
{
char *p = s;
for (p=s; *p; p++ )
if (isascii (*p) && *p >= 'A' && *p <= 'Z')
*p |= 0x20;
return s;
}
/* Upcase all ASCII characters in S. */
char *
ascii_strupr (char *s)
{
char *p = s;
for (p=s; *p; p++ )
if (isascii (*p) && *p >= 'a' && *p <= 'z')
*p &= ~0x20;
return s;
}
int
ascii_strcasecmp( const char *a, const char *b )
{
if (a == b)
return 0;
for (; *a && *b; a++, b++) {
if (*a != *b && ascii_toupper(*a) != ascii_toupper(*b))
break;
}
return *a == *b? 0 : (ascii_toupper (*a) - ascii_toupper (*b));
}
int
ascii_strncasecmp (const char *a, const char *b, size_t n)
{
const unsigned char *p1 = (const unsigned char *)a;
const unsigned char *p2 = (const unsigned char *)b;
unsigned char c1, c2;
if (p1 == p2 || !n )
return 0;
do
{
c1 = ascii_tolower (*p1);
c2 = ascii_tolower (*p2);
if ( !--n || c1 == '\0')
break;
++p1;
++p2;
}
while (c1 == c2);
return c1 - c2;
}
int
ascii_memcasecmp (const void *a_arg, const void *b_arg, size_t n )
{
const char *a = a_arg;
const char *b = b_arg;
if (a == b)
return 0;
for ( ; n; n--, a++, b++ )
{
if( *a != *b && ascii_toupper (*a) != ascii_toupper (*b) )
return *a == *b? 0 : (ascii_toupper (*a) - ascii_toupper (*b));
}
return 0;
}
int
ascii_strcmp( const char *a, const char *b )
{
if (a == b)
return 0;
for (; *a && *b; a++, b++) {
if (*a != *b )
break;
}
return *a == *b? 0 : (*(signed char *)a - *(signed char *)b);
}
void *
ascii_memcasemem (const void *haystack, size_t nhaystack,
const void *needle, size_t nneedle)
{
if (!nneedle)
return (void*)haystack; /* finding an empty needle is really easy */
if (nneedle <= nhaystack)
{
const char *a = haystack;
const char *b = a + nhaystack - nneedle;
for (; a <= b; a++)
{
if ( !ascii_memcasecmp (a, needle, nneedle) )
return (void *)a;
}
}
return NULL;
}
/*********************************************
********** missing string functions *********
*********************************************/
#ifndef HAVE_STPCPY
char *
stpcpy(char *a,const char *b)
{
while( *b )
*a++ = *b++;
*a = 0;
return (char*)a;
}
#endif
#ifndef HAVE_STRPBRK
/* Find the first occurrence in S of any character in ACCEPT.
Code taken from glibc-2.6/string/strpbrk.c (LGPLv2.1+) and modified. */
char *
strpbrk (const char *s, const char *accept)
{
while (*s != '\0')
{
const char *a = accept;
while (*a != '\0')
if (*a++ == *s)
return (char *) s;
++s;
}
return NULL;
}
#endif /*!HAVE_STRPBRK*/
#ifndef HAVE_STRSEP
/* Code taken from glibc-2.2.1/sysdeps/generic/strsep.c. */
char *
strsep (char **stringp, const char *delim)
{
char *begin, *end;
begin = *stringp;
if (begin == NULL)
return NULL;
/* A frequent case is when the delimiter string contains only one
character. Here we don't need to call the expensive 'strpbrk'
function and instead work using 'strchr'. */
if (delim[0] == '\0' || delim[1] == '\0')
{
char ch = delim[0];
if (ch == '\0')
end = NULL;
else
{
if (*begin == ch)
end = begin;
else if (*begin == '\0')
end = NULL;
else
end = strchr (begin + 1, ch);
}
}
else
/* Find the end of the token. */
end = strpbrk (begin, delim);
if (end)
{
/* Terminate the token and set *STRINGP past NUL character. */
*end++ = '\0';
*stringp = end;
}
else
/* No more delimiters; this is the last token. */
*stringp = NULL;
return begin;
}
#endif /*HAVE_STRSEP*/
#ifndef HAVE_STRLWR
char *
strlwr(char *s)
{
char *p;
for(p=s; *p; p++ )
*p = tolower(*p);
return s;
}
#endif
#ifndef HAVE_STRCASECMP
int
strcasecmp( const char *a, const char *b )
{
for( ; *a && *b; a++, b++ ) {
if( *a != *b && toupper(*a) != toupper(*b) )
break;
}
return *(const byte*)a - *(const byte*)b;
}
#endif
/****************
* mingw32/cpd has a memicmp()
*/
#ifndef HAVE_MEMICMP
int
memicmp( const char *a, const char *b, size_t n )
{
for( ; n; n--, a++, b++ )
if( *a != *b && toupper(*(const byte*)a) != toupper(*(const byte*)b) )
return *(const byte *)a - *(const byte*)b;
return 0;
}
#endif
#ifndef HAVE_MEMRCHR
void *
memrchr (const void *buffer, int c, size_t n)
{
const unsigned char *p = buffer;
for (p += n; n ; n--)
if (*--p == c)
return (void *)p;
return NULL;
}
#endif /*HAVE_MEMRCHR*/
/* Percent-escape the string STR by replacing colons with '%3a'. If
EXTRA is not NULL all characters in EXTRA are also escaped. */
static char *
do_percent_escape (const char *str, const char *extra, int die)
{
int i, j;
char *ptr;
if (!str)
return NULL;
for (i=j=0; str[i]; i++)
if (str[i] == ':' || str[i] == '%' || str[i] == '\n'
|| (extra && strchr (extra, str[i])))
j++;
if (die)
ptr = xmalloc (i + 2 * j + 1);
else
{
ptr = xtrymalloc (i + 2 * j + 1);
if (!ptr)
return NULL;
}
i = 0;
while (*str)
{
if (*str == ':')
{
ptr[i++] = '%';
ptr[i++] = '3';
ptr[i++] = 'a';
}
else if (*str == '%')
{
ptr[i++] = '%';
ptr[i++] = '2';
ptr[i++] = '5';
}
else if (*str == '\n')
{
/* The newline is problematic in a line-based format. */
ptr[i++] = '%';
ptr[i++] = '0';
ptr[i++] = 'a';
}
else if (extra && strchr (extra, *str))
{
ptr[i++] = '%';
ptr[i++] = tohex_lower ((*str>>4)&15);
ptr[i++] = tohex_lower (*str&15);
}
else
ptr[i++] = *str;
str++;
}
ptr[i] = '\0';
return ptr;
}
/* Percent-escape the string STR by replacing colons with '%3a'. If
EXTRA is not NULL all characters in EXTRA are also escaped. This
function terminates the process on memory shortage. */
char *
percent_escape (const char *str, const char *extra)
{
return do_percent_escape (str, extra, 1);
}
/* Same as percent_escape but return NULL instead of exiting on memory
error. */
char *
try_percent_escape (const char *str, const char *extra)
{
return do_percent_escape (str, extra, 0);
}
/* Same as strconcat but takes a va_list. Returns EINVAL if the list
* is too long, all other errors are due to an ENOMEM condition. */
char *
vstrconcat (const char *s1, va_list arg_ptr)
{
const char *argv[48];
size_t argc;
size_t needed;
char *buffer, *p;
argc = 0;
argv[argc++] = s1;
needed = strlen (s1);
while (((argv[argc] = va_arg (arg_ptr, const char *))))
{
needed += strlen (argv[argc]);
if (argc >= DIM (argv)-1)
{
gpg_err_set_errno (EINVAL);
return NULL;
}
argc++;
}
needed++;
buffer = xtrymalloc (needed);
if (buffer)
{
for (p = buffer, argc=0; argv[argc]; argc++)
p = stpcpy (p, argv[argc]);
}
return buffer;
}
/* Concatenate the string S1 with all the following strings up to a
NULL. Returns a malloced buffer with the new string or NULL on a
malloc error or if too many arguments are given. */
char *
strconcat (const char *s1, ...)
{
va_list arg_ptr;
char *result;
if (!s1)
result = xtrystrdup ("");
else
{
va_start (arg_ptr, s1);
result = vstrconcat (s1, arg_ptr);
va_end (arg_ptr);
}
return result;
}
/* Same as strconcat but terminate the process with an error message
if something goes wrong. */
char *
xstrconcat (const char *s1, ...)
{
va_list arg_ptr;
char *result;
if (!s1)
result = xstrdup ("");
else
{
va_start (arg_ptr, s1);
result = vstrconcat (s1, arg_ptr);
va_end (arg_ptr);
}
if (!result)
{
if (errno == EINVAL)
fputs ("\nfatal: too many args for xstrconcat\n", stderr);
else
fputs ("\nfatal: out of memory\n", stderr);
exit (2);
}
return result;
}
/* Split a string into fields at DELIM. REPLACEMENT is the character
to replace the delimiter with (normally: '\0' so that each field is
NUL terminated). The caller is responsible for freeing the result.
Note: this function modifies STRING! If you need the original
value, then you should pass a copy to this function.
If malloc fails, this function returns NULL. */
char **
strsplit (char *string, char delim, char replacement, int *count)
{
int fields = 1;
char *t;
char **result;
/* First, count the number of fields. */
for (t = strchr (string, delim); t; t = strchr (t + 1, delim))
fields ++;
result = xtrycalloc ((fields + 1), sizeof (*result));
if (! result)
return NULL;
result[0] = string;
fields = 1;
for (t = strchr (string, delim); t; t = strchr (t + 1, delim))
{
result[fields ++] = t + 1;
*t = replacement;
}
if (count)
*count = fields;
return result;
}
/* Tokenize STRING using the set of delimiters in DELIM. Leading
* spaces and tabs are removed from all tokens. The caller must xfree
* the result.
*
* Returns: A malloced and NULL delimited array with the tokens. On
* memory error NULL is returned and ERRNO is set.
*/
static char **
do_strtokenize (const char *string, const char *delim, int trim)
{
const char *s;
size_t fields;
size_t bytes, n;
char *buffer;
char *p, *px, *pend;
char **result;
/* Count the number of fields. */
for (fields = 1, s = strpbrk (string, delim); s; s = strpbrk (s + 1, delim))
fields++;
fields++; /* Add one for the terminating NULL. */
/* Allocate an array for all fields, a terminating NULL, and space
for a copy of the string. */
bytes = fields * sizeof *result;
if (bytes / sizeof *result != fields)
{
gpg_err_set_errno (ENOMEM);
return NULL;
}
n = strlen (string) + 1;
bytes += n;
if (bytes < n)
{
gpg_err_set_errno (ENOMEM);
return NULL;
}
result = xtrymalloc (bytes);
if (!result)
return NULL;
buffer = (char*)(result + fields);
/* Copy and parse the string. */
strcpy (buffer, string);
for (n = 0, p = buffer; (pend = strpbrk (p, delim)); p = pend + 1)
{
*pend = 0;
if (trim)
{
while (spacep (p))
p++;
for (px = pend - 1; px >= p && spacep (px); px--)
*px = 0;
}
result[n++] = p;
}
if (trim)
{
while (spacep (p))
p++;
for (px = p + strlen (p) - 1; px >= p && spacep (px); px--)
*px = 0;
}
result[n++] = p;
result[n] = NULL;
log_assert ((char*)(result + n + 1) == buffer);
return result;
}
/* Tokenize STRING using the set of delimiters in DELIM. Leading
* spaces and tabs are removed from all tokens. The caller must xfree
* the result.
*
* Returns: A malloced and NULL delimited array with the tokens. On
* memory error NULL is returned and ERRNO is set.
*/
char **
strtokenize (const char *string, const char *delim)
{
return do_strtokenize (string, delim, 1);
}
/* Same as strtokenize but does not trim leading and trailing spaces
* from the fields. */
char **
strtokenize_nt (const char *string, const char *delim)
{
return do_strtokenize (string, delim, 0);
}
/* Split a string into space delimited fields and remove leading and
* trailing spaces from each field. A pointer to each field is stored
* in ARRAY. Stop splitting at ARRAYSIZE fields. The function
* modifies STRING. The number of parsed fields is returned.
* Example:
*
* char *fields[2];
* if (split_fields (string, fields, DIM (fields)) < 2)
* return // Not enough args.
* foo (fields[0]);
* foo (fields[1]);
*/
int
split_fields (char *string, const char **array, int arraysize)
{
int n = 0;
const char *p;
char *pend;
for (p = string; *p == ' '; p++)
;
do
{
if (n == arraysize)
break;
array[n++] = p;
pend = strchr (p, ' ');
if (!pend)
break;
*pend++ = 0;
for (p = pend; *p == ' '; p++)
;
}
while (*p);
return n;
}
/* Split a string into colon delimited fields A pointer to each field
* is stored in ARRAY. Stop splitting at ARRAYSIZE fields. The
* function modifies STRING. The number of parsed fields is returned.
* Note that leading and trailing spaces are not removed from the fields.
* Example:
*
* char *fields[2];
* if (split_fields (string, fields, DIM (fields)) < 2)
* return // Not enough args.
* foo (fields[0]);
* foo (fields[1]);
*/
int
split_fields_colon (char *string, const char **array, int arraysize)
{
int n = 0;
const char *p;
char *pend;
p = string;
do
{
if (n == arraysize)
break;
array[n++] = p;
pend = strchr (p, ':');
if (!pend)
break;
*pend++ = 0;
p = pend;
}
while (*p);
return n;
}
/* Version number parsing. */
/* This function parses the first portion of the version number S and
stores it in *NUMBER. On success, this function returns a pointer
into S starting with the first character, which is not part of the
initial number portion; on failure, NULL is returned. */
static const char*
parse_version_number (const char *s, int *number)
{
int val = 0;
if (*s == '0' && digitp (s+1))
return NULL; /* Leading zeros are not allowed. */
for (; digitp (s); s++)
{
val *= 10;
val += *s - '0';
}
*number = val;
return val < 0 ? NULL : s;
}
/* This function breaks up the complete string-representation of the
version number S, which is of the following structure: <major
number>.<minor number>[.<micro number>]<patch level>. The major,
minor, and micro number components will be stored in *MAJOR, *MINOR
and *MICRO. If MICRO is not given 0 is used instead.
On success, the last component, the patch level, will be returned;
in failure, NULL will be returned. */
static const char *
parse_version_string (const char *s, int *major, int *minor, int *micro)
{
s = parse_version_number (s, major);
if (!s || *s != '.')
return NULL;
s++;
s = parse_version_number (s, minor);
if (!s)
return NULL;
if (*s == '.')
{
s++;
s = parse_version_number (s, micro);
if (!s)
return NULL;
}
else
*micro = 0;
return s; /* Patchlevel. */
}
/* Compare the version string MY_VERSION to the version string
* REQ_VERSION. Returns -1, 0, or 1 if MY_VERSION is found,
* respectively, to be less than, to match, or be greater than
* REQ_VERSION. This function works for three and two part version
* strings; for a two part version string the micro part is assumed to
* be 0. Patch levels are compared as strings. If a version number
* is invalid INT_MIN is returned. If REQ_VERSION is given as NULL
* the function returns 0 if MY_VERSION is parsable version string. */
int
compare_version_strings (const char *my_version, const char *req_version)
{
int my_major, my_minor, my_micro;
int rq_major, rq_minor, rq_micro;
const char *my_patch, *rq_patch;
int result;
if (!my_version)
return INT_MIN;
my_patch = parse_version_string (my_version, &my_major, &my_minor, &my_micro);
if (!my_patch)
return INT_MIN;
if (!req_version)
return 0; /* MY_VERSION can be parsed. */
rq_patch = parse_version_string (req_version, &rq_major, &rq_minor,&rq_micro);
if (!rq_patch)
return INT_MIN;
if (my_major == rq_major)
{
if (my_minor == rq_minor)
{
if (my_micro == rq_micro)
result = strcmp (my_patch, rq_patch);
else
result = my_micro - rq_micro;
}
else
result = my_minor - rq_minor;
}
else
result = my_major - rq_major;
return !result? 0 : result < 0 ? -1 : 1;
}
/* Format a string so that it fits within about TARGET_COLS columns.
* TEXT_IN is copied to a new buffer, which is returned. Normally,
* target_cols will be 72 and max_cols is 80. On error NULL is
* returned and ERRNO is set. */
char *
format_text (const char *text_in, int target_cols, int max_cols)
{
/* const int do_debug = 0; */
/* The character under consideration. */
char *p;
/* The start of the current line. */
char *line;
/* The last space that we saw. */
char *last_space = NULL;
int last_space_cols = 0;
int copied_last_space = 0;
char *text;
text = xtrystrdup (text_in);
if (!text)
return NULL;
p = line = text;
while (1)
{
/* The number of columns including any trailing space. */
int cols;
p = p + strcspn (p, "\n ");
if (! p)
/* P now points to the NUL character. */
p = &text[strlen (text)];
if (*p == '\n')
/* Pass through any newlines. */
{
p ++;
line = p;
last_space = NULL;
last_space_cols = 0;
copied_last_space = 1;
continue;
}
/* Have a space or a NUL. Note: we don't count the trailing
space. */
cols = utf8_charcount (line, (uintptr_t) p - (uintptr_t) line);
if (cols < target_cols)
{
if (! *p)
/* Nothing left to break. */
break;
last_space = p;
last_space_cols = cols;
p ++;
/* Skip any immediately following spaces. If we break:
"... foo bar ..." between "foo" and "bar" then we want:
"... foo\nbar ...", which means that the left space has
to be the first space after foo, not the last space
before bar. */
while (*p == ' ')
p ++;
}
else
{
int cols_with_left_space;
int cols_with_right_space;
int left_penalty;
int right_penalty;
cols_with_left_space = last_space_cols;
cols_with_right_space = cols;
/* if (do_debug) */
/* log_debug ("Breaking: '%.*s'\n", */
/* (int) ((uintptr_t) p - (uintptr_t) line), line); */
/* The number of columns away from TARGET_COLS. We prefer
to underflow than to overflow. */
left_penalty = target_cols - cols_with_left_space;
right_penalty = 2 * (cols_with_right_space - target_cols);
if (cols_with_right_space > max_cols)
/* Add a large penalty for each column that exceeds
max_cols. */
right_penalty += 4 * (cols_with_right_space - max_cols);
/* if (do_debug) */
/* log_debug ("Left space => %d cols (penalty: %d); " */
/* "right space => %d cols (penalty: %d)\n", */
/* cols_with_left_space, left_penalty, */
/* cols_with_right_space, right_penalty); */
if (last_space_cols && left_penalty <= right_penalty)
{
/* Prefer the left space. */
/* if (do_debug) */
/* log_debug ("Breaking at left space.\n"); */
p = last_space;
}
else
{
/* if (do_debug) */
/* log_debug ("Breaking at right space.\n"); */
}
if (! *p)
break;
*p = '\n';
p ++;
if (*p == ' ')
{
int spaces;
for (spaces = 1; p[spaces] == ' '; spaces ++)
;
memmove (p, &p[spaces], strlen (&p[spaces]) + 1);
}
line = p;
last_space = NULL;
last_space_cols = 0;
copied_last_space = 0;
}
}
/* Chop off any trailing space. */
trim_trailing_chars (text, strlen (text), " ");
/* If we inserted the trailing newline, then remove it. */
if (! copied_last_space && *text && text[strlen (text) - 1] == '\n')
text[strlen (text) - 1] = '\0';
return text;
}
/* Substitute variables in STRING and return a new string. GETVAL is
* a function which maps NAME to its value; that value is a string
* which may not change during the execution time of this function.
* If GETVAL returns NULL substitute_vars returns NULL and the caller
* may inspect ERRNO for the reason. In all other error cases this
* function also returns NULL. Caller must free the returned string. */
char *
substitute_vars (const char *string,
const char *(*getval)(void *cookie, const char *name),
void *cookie)
{
char *line, *p, *pend;
const char *value;
size_t valuelen, n;
char *result = NULL;
result = line = xtrystrdup (string);
if (!result)
return NULL; /* Ooops */
while (*line)
{
p = strchr (line, '$');
if (!p)
goto leave; /* No or no more variables. */
if (p[1] == '$') /* Escaped dollar sign. */
{
memmove (p, p+1, strlen (p+1)+1);
line = p + 1;
continue;
}
if (p[1] == '{')
{
int count = 0;
for (pend=p+2; *pend; pend++)
{
if (*pend == '{')
count++;
else if (*pend == '}')
{
if (--count < 0)
break;
}
}
if (!*pend)
goto leave; /* Unclosed - don't substitute. */
}
else
{
for (pend = p+1; *pend && (alnump (pend) || *pend == '_'); pend++)
;
}
if (p[1] == '{' && *pend == '}')
{
int save = *pend;
*pend = 0;
value = getval (cookie, p+2);
*pend++ = save;
}
else
{
int save = *pend;
*pend = 0;
value = getval (cookie, p+1);
*pend = save;
}
if (!value)
{
xfree (result);
return NULL;
}
valuelen = strlen (value);
if (valuelen <= pend - p)
{
memcpy (p, value, valuelen);
p += valuelen;
n = pend - p;
if (n)
memmove (p, p+n, strlen (p+n)+1);
line = p;
}
else
{
char *src = result;
char *dst;
dst = xtrymalloc (strlen (src) + valuelen + 1);
if (!dst)
{
xfree (result);
return NULL;
}
n = p - src;
memcpy (dst, src, n);
memcpy (dst + n, value, valuelen);
n += valuelen;
strcpy (dst + n, pend);
line = dst + n;
xfree (result);
result = dst;
}
}
leave:
return result;
}
/* Helper for substitute_envvars. */
static const char *
subst_getenv (void *cookie, const char *name)
{
const char *s;
(void)cookie;
s = getenv (name);
return s? s : "";
}
/* Substitute environment variables in STRING and return a new string.
* On error the function returns NULL. */
char *
substitute_envvars (const char *string)
{
return substitute_vars (string, subst_getenv, NULL);
}
diff --git a/common/stringhelp.h b/common/stringhelp.h
index cd185e49a..d93373ec5 100644
--- a/common/stringhelp.h
+++ b/common/stringhelp.h
@@ -1,184 +1,185 @@
/* stringhelp.h
* Copyright (C) 1998, 1999, 2000, 2001, 2003,
* 2006, 2007, 2009 Free Software Foundation, Inc.
* 2015 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute and/or modify this
* part of GnuPG under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* GnuPG is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copies of the GNU General Public License
* and the GNU Lesser General Public License along with this program;
* if not, see <https://www.gnu.org/licenses/>.
*/
#ifndef GNUPG_COMMON_STRINGHELP_H
#define GNUPG_COMMON_STRINGHELP_H
#include <stdint.h>
#include "types.h"
/*-- stringhelp.c --*/
char *has_leading_keyword (const char *string, const char *keyword);
const char *memistr (const void *buf, size_t buflen, const char *sub);
+const char *gnupg_memstr (const void *buffer, size_t buflen, const char *sub);
char *mem2str( char *, const void *, size_t);
char *trim_spaces( char *string );
char *ascii_trim_spaces (char *string);
char *trim_trailing_spaces( char *string );
unsigned int trim_trailing_chars( unsigned char *line, unsigned len,
const char *trimchars);
unsigned int trim_trailing_ws( unsigned char *line, unsigned len );
size_t length_sans_trailing_chars (const unsigned char *line, size_t len,
const char *trimchars );
size_t length_sans_trailing_ws (const unsigned char *line, size_t len);
char *make_basename(const char *filepath, const char *inputpath);
char *make_dirname(const char *filepath);
char *make_filename( const char *first_part, ... ) GPGRT_ATTR_SENTINEL(0);
char *make_filename_try (const char *first_part, ... ) GPGRT_ATTR_SENTINEL(0);
char *make_absfilename (const char *first_part, ...) GPGRT_ATTR_SENTINEL(0);
char *make_absfilename_try (const char *first_part,
...) GPGRT_ATTR_SENTINEL(0);
int compare_filenames( const char *a, const char *b );
uint64_t string_to_u64 (const char *string);
int hextobyte (const char *s);
size_t utf8_charcount (const char *s, int len);
#ifdef HAVE_W32_SYSTEM
const char *w32_strerror (int ec);
#endif
int ascii_isupper (int c);
int ascii_islower (int c);
int ascii_toupper (int c);
int ascii_tolower (int c);
char *ascii_strlwr (char *s);
char *ascii_strupr (char *s);
int ascii_strcasecmp( const char *a, const char *b );
int ascii_strncasecmp (const char *a, const char *b, size_t n);
int ascii_memcasecmp( const void *a, const void *b, size_t n );
const char *ascii_memistr ( const void *buf, size_t buflen, const char *sub);
void *ascii_memcasemem (const void *haystack, size_t nhaystack,
const void *needle, size_t nneedle);
#ifndef HAVE_MEMICMP
int memicmp( const char *a, const char *b, size_t n );
#endif
#ifndef HAVE_STPCPY
char *stpcpy(char *a,const char *b);
#endif
#ifndef HAVE_STRPBRK
char *strpbrk (const char *s, const char *accept);
#endif
#ifndef HAVE_STRSEP
char *strsep (char **stringp, const char *delim);
#endif
#ifndef HAVE_STRLWR
char *strlwr(char *a);
#endif
#ifndef HAVE_STRTOUL
# define strtoul(a,b,c) ((unsigned long)strtol((a),(b),(c)))
#endif
#ifndef HAVE_MEMMOVE
# define memmove(d, s, n) bcopy((s), (d), (n))
#endif
#ifndef HAVE_STRICMP
# define stricmp(a,b) strcasecmp( (a), (b) )
#endif
#ifndef HAVE_MEMRCHR
void *memrchr (const void *buffer, int c, size_t n);
#endif
#ifndef HAVE_ISASCII
static inline int
isascii (int c)
{
return (((c) & ~0x7f) == 0);
}
#endif /* !HAVE_ISASCII */
#ifndef STR
# define STR(v) #v
#endif
#define STR2(v) STR(v)
/* Percent-escape the string STR by replacing colons with '%3a'. If
EXTRA is not NULL, also replace all characters given in EXTRA. The
"try_" variant fails with NULL if not enough memory can be
allocated. */
char *percent_escape (const char *str, const char *extra);
char *try_percent_escape (const char *str, const char *extra);
/* Concatenate the string S1 with all the following strings up to a
NULL. Returns a malloced buffer with the new string or NULL on a
malloc error or if too many arguments are given. */
char *strconcat (const char *s1, ...) GPGRT_ATTR_SENTINEL(0);
/* Same but taking a va_list. */
char *vstrconcat (const char *s1, va_list arg_ptr);
/* Ditto, but die on error. */
char *xstrconcat (const char *s1, ...) GPGRT_ATTR_SENTINEL(0);
char **strsplit (char *string, char delim, char replacement, int *count);
/* Tokenize STRING using the set of delimiters in DELIM. */
char **strtokenize (const char *string, const char *delim);
/* Tokenize STRING using the set of delimiters in DELIM but do not
* trim the tokens. */
char **strtokenize_nt (const char *string, const char *delim);
/* Split STRING into space delimited fields and store them in the
* provided ARRAY. */
int split_fields (char *string, const char **array, int arraysize);
/* Split STRING into colon delimited fields and store them in the
* provided ARRAY. */
int split_fields_colon (char *string, const char **array, int arraysize);
/* Return True if MYVERSION is greater or equal than REQ_VERSION. */
int compare_version_strings (const char *my_version, const char *req_version);
/* Format a string so that it fits within about TARGET_COLS columns. */
char *format_text (const char *text, int target_cols, int max_cols);
/* Substitute variables in STRING. */
char *substitute_vars (const char *string,
const char *(*getval)(void *cookie, const char *name),
void *cookie);
char *substitute_envvars (const char *string);
/*-- mapstrings.c --*/
const char *map_static_macro_string (const char *string);
const char *map_static_strings (const char *domain, int key1, int key2,
const char *string1, ...);
#endif /*GNUPG_COMMON_STRINGHELP_H*/

File Metadata

Mime Type
text/x-diff
Expires
Sun, Dec 28, 10:12 PM (4 h, 25 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
ea/88/61f0f064c25d40ca16f02262dcf3

Event Timeline