diff --git a/common/init.c b/common/init.c
index 3385fa532..dd5c6c01f 100644
--- a/common/init.c
+++ b/common/init.c
@@ -1,362 +1,367 @@
/* init.c - Various initializations
* Copyright (C) 2007 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#ifdef HAVE_W32_SYSTEM
# ifdef HAVE_WINSOCK2_H
# include
# endif
# include
#endif
#ifdef HAVE_W32CE_SYSTEM
# include /* For _assuan_w32ce_finish_pipe. */
#endif
#include
#include "util.h"
#include "i18n.h"
#include "w32help.h"
/* This object is used to register memory cleanup functions.
Technically they are not needed but they can avoid frequent
questions about un-released memory. Note that we use the system
malloc and not any wrappers. */
struct mem_cleanup_item_s;
typedef struct mem_cleanup_item_s *mem_cleanup_item_t;
struct mem_cleanup_item_s
{
mem_cleanup_item_t next;
void (*func) (void);
};
static mem_cleanup_item_t mem_cleanup_list;
/* The default error source of the application. This is different
from GPG_ERR_SOURCE_DEFAULT in that it does not depend on the
source file and thus is usable in code shared by applications.
Note that we need to initialize it because otherwise some linkers
(OS X at least) won't find the symbol when linking the t-*.c
files. */
gpg_err_source_t default_errsource = 0;
#ifdef HAVE_W32CE_SYSTEM
static void parse_std_file_handles (int *argcp, char ***argvp);
static void
sleep_on_exit (void)
{
/* The sshd on CE swallows some of the command output. Sleeping a
while usually helps. */
Sleep (400);
}
#endif /*HAVE_W32CE_SYSTEM*/
#if HAVE_W32_SYSTEM
static void prepare_w32_commandline (int *argcp, char ***argvp);
#endif /*HAVE_W32_SYSTEM*/
static void
run_mem_cleanup (void)
{
mem_cleanup_item_t next;
while (mem_cleanup_list)
{
next = mem_cleanup_list->next;
mem_cleanup_list->func ();
free (mem_cleanup_list);
mem_cleanup_list = next;
}
}
void
register_mem_cleanup_func (void (*func)(void))
{
mem_cleanup_item_t item;
for (item = mem_cleanup_list; item; item = item->next)
if (item->func == func)
return; /* Function has already been registered. */
item = malloc (sizeof *item);
if (item)
{
item->func = func;
item->next = mem_cleanup_list;
mem_cleanup_list = item;
}
}
/* If STRING is not NULL write string to es_stdout or es_stderr. MODE
must be 1 or 2. If STRING is NULL flush the respective stream. */
static int
writestring_via_estream (int mode, const char *string)
{
if (mode == 1 || mode == 2)
{
if (string)
return es_fputs (string, mode == 1? es_stdout : es_stderr);
else
return es_fflush (mode == 1? es_stdout : es_stderr);
}
else
return -1;
}
/* This function should be the first called after main. */
void
early_system_init (void)
{
}
/* This function is to be used early at program startup to make sure
that some subsystems are initialized. This is in particular
important for W32 to initialize the sockets so that our socket
emulation code used directly as well as in libassuan may be used.
It should best be called before any I/O is done so that setup
required for logging is ready. ARGCP and ARGVP are the addresses
of the parameters given to main. This function may modify them.
This function should be called only via the macro
init_common_subsystems.
CAUTION: This might be called while running suid(root). */
void
_init_common_subsystems (gpg_err_source_t errsource, int *argcp, char ***argvp)
{
/* Store the error source in a global variable. */
default_errsource = errsource;
atexit (run_mem_cleanup);
/* Try to auto set the character set. */
set_native_charset (NULL);
#ifdef HAVE_W32_SYSTEM
/* For W32 we need to initialize the socket layer. This is because
we use recv and send in libassuan as well as at some other
places. */
{
WSADATA wsadat;
WSAStartup (0x202, &wsadat);
}
#endif
#ifdef HAVE_W32CE_SYSTEM
/* Register the sleep exit function before the estream init so that
the sleep will be called after the estream registered atexit
function which flushes the left open estream streams and in
particular es_stdout. */
atexit (sleep_on_exit);
#endif
if (!gcry_check_version (NEED_LIBGCRYPT_VERSION))
{
log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt",
NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL));
}
/* Initialize the Estream library. */
gpgrt_init ();
gpgrt_set_alloc_func (gcry_realloc);
#ifdef HAVE_W32CE_SYSTEM
/* Special hack for Windows CE: We extract some options from arg
to setup the standard handles. */
parse_std_file_handles (argcp, argvp);
#endif
/* Access the standard estreams as early as possible. If we don't
do this the original stdio streams may have been closed when
_es_get_std_stream is first use and in turn it would connect to
the bit bucket. */
{
int i;
for (i=0; i < 3; i++)
(void)_gpgrt_get_std_stream (i);
}
/* --version et al shall use estream as well. */
gnupg_set_usage_outfnc (writestring_via_estream);
/* Register our string mapper with gpgrt. */
gnupg_set_fixed_string_mapper (map_static_macro_string);
/* Logging shall use the standard socket directory as fallback. */
log_set_socket_dir_cb (gnupg_socketdir);
#if HAVE_W32_SYSTEM
/* For Standard Windows we use our own parser for the command line
* so that we can return an array of utf-8 encoded strings. */
prepare_w32_commandline (argcp, argvp);
#else
(void)argcp;
(void)argvp;
#endif
}
/* WindowsCE uses a very strange way of handling the standard streams.
There is a function SetStdioPath to associate a standard stream
with a file or a device but what we really want is to use pipes as
standard streams. Despite that we implement pipes using a device,
we would have some limitations on the number of open pipes due to
the 3 character limit of device file name. Thus we don't take this
path. Another option would be to install a file system driver with
support for pipes; this would allow us to get rid of the device
name length limitation. However, with GnuPG we can get away be
redefining the standard streams and passing the handles to be used
on the command line. This has also the advantage that it makes
creating a process much easier and does not require the
SetStdioPath set and restore game. The caller needs to pass the
rendezvous ids using up to three options:
-&S0= -&S1= -&S2=
They are all optional but they must be the first arguments on the
command line. Parsing stops as soon as an invalid option is found.
These rendezvous ids are then used to finish the pipe creation.*/
#ifdef HAVE_W32CE_SYSTEM
static void
parse_std_file_handles (int *argcp, char ***argvp)
{
int argc = *argcp;
char **argv = *argvp;
const char *s;
assuan_fd_t fd;
int i;
int fixup = 0;
if (!argc)
return;
for (argc--, argv++; argc; argc--, argv++)
{
s = *argv;
if (*s == '-' && s[1] == '&' && s[2] == 'S'
&& (s[3] == '0' || s[3] == '1' || s[3] == '2')
&& s[4] == '='
&& (strchr ("-01234567890", s[5]) || !strcmp (s+5, "null")))
{
if (s[5] == 'n')
fd = ASSUAN_INVALID_FD;
else
fd = _assuan_w32ce_finish_pipe (atoi (s+5), s[3] != '0');
_es_set_std_fd (s[3] - '0', (int)fd);
fixup++;
}
else
break;
}
if (fixup)
{
argc = *argcp;
argc -= fixup;
*argcp = argc;
argv = *argvp;
for (i=1; i < argc; i++)
argv[i] = argv[i + fixup];
for (; i < argc + fixup; i++)
argv[i] = NULL;
}
}
#endif /*HAVE_W32CE_SYSTEM*/
/* For Windows we need to parse the command line so that we can
* provide an UTF-8 encoded argv. If there is any Unicode character
* we return a new array but if there is no Unicode character we do
* nothing. */
#ifdef HAVE_W32_SYSTEM
static void
prepare_w32_commandline (int *r_argc, char ***r_argv)
{
const wchar_t *wcmdline, *ws;
char *cmdline;
int argc;
char **argv;
const char *s;
- int globing;
+ int i, globing, itemsalloced;
s = strusage (95);
globing = (s && *s == '1');
wcmdline = GetCommandLineW ();
if (!wcmdline)
{
log_error ("GetCommandLineW failed\n");
return; /* Ooops. */
}
if (!globing)
{
/* If globbing is not enabled we use our own parser only if
* there are any non-ASCII characters. */
for (ws=wcmdline; *ws; ws++)
if (!iswascii (*ws))
break;
if (!*ws)
return; /* No Unicode - return directly. */
}
cmdline = wchar_to_utf8 (wcmdline);
if (!cmdline)
{
log_error ("parsing command line failed: %s\n", strerror (errno));
return; /* Ooops. */
}
gpgrt_annotate_leaked_object (cmdline);
- argv = w32_parse_commandline (cmdline, globing, &argc);
+ argv = w32_parse_commandline (cmdline, globing, &argc, &itemsalloced);
if (!argv)
{
log_error ("parsing command line failed: %s\n", "internal error");
return; /* Ooops. */
}
gpgrt_annotate_leaked_object (argv);
+ if (itemsalloced)
+ {
+ for (i=0; i < argc; i++)
+ gpgrt_annotate_leaked_object (argv[i]);
+ }
*r_argv = argv;
*r_argc = argc;
}
#endif /*HAVE_W32_SYSTEM*/
diff --git a/common/t-w32-cmdline.c b/common/t-w32-cmdline.c
index 172489c70..a1039d07a 100644
--- a/common/t-w32-cmdline.c
+++ b/common/t-w32-cmdline.c
@@ -1,191 +1,250 @@
/* t-w32-cmdline.c - Test the parser for the Windows command line
* Copyright (C) 2021 g10 Code GmbH
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#include
#include
#include
#include
#include
+#ifdef HAVE_W32_SYSTEM
+# define WIN32_LEAN_AND_MEAN
+# include
+#endif
#include "t-support.h"
+#include "utf8conv.h"
#include "w32help.h"
#define PGM "t-w32-cmdline"
static int verbose;
static int debug;
static int errcount;
static void
test_all (void)
{
static struct {
const char *cmdline;
int argc; /* Expected number of args. */
char *argv[10]; /* Expected results. */
+ int use_glob;
} tests[] = {
/* Examples from "Parsing C++ Command-Line Arguments" dated 11/18/2006.
* https://docs.microsoft.com/en-us/previous-versions/17w5ykft(v=vs.85)
*/
{ "\"abc\" d e", 3, { "abc", "d", "e" }},
{ "a\\\\\\b d\"e f\"g h", 3, { "a\\\\\\b", "de fg", "h" }},
{ "a\\\\\\\"b c d", 3, { "a\\\"b", "c", "d" }},
{ "a\\\\\\\\\"b c\" d e", 3, { "a\\\\b c", "d", "e" }},
/* Examples from "Parsing C Command-Line Arguments" dated 11/09/2020.
* https://docs.microsoft.com/en-us/cpp/c-language/\
* parsing-c-command-line-arguments?view=msvc-160
*/
{ "\"a b c\" d e", 3, { "a b c", "d", "e" }},
{ "\"ab\\\"c\" \"\\\\\" d", 3, { "ab\"c", "\\", "d" }},
{ "a\\\\\\b d\"e f\"g h", 3, { "a\\\\\\b", "de fg", "h" }},
{ "a\\\\\\\"b c d", 3, { "a\\\"b", "c", "d" }},
{ "a\\\\\\\\\"b c\" d e", 3, { "a\\\\b c", "d", "e" }},
{ "a\"b\"\" c d", 1, { "ab\" c d" }},
/* Some arbitrary tests created using mingw.
* But I am not sure whether their parser is fully correct.
*/
{ "e:a a b\"c\" ", 3, { "e:a", "a", "bc" }},
/* { "e:a a b\"c\"\" d\"\"e \" ", */
/* 5, { "e:a", "a", "bc\"", "de", " " }}, */
/* { "e:a a b\"c\"\" d\"\"e\" f\\gh ", */
/* 4, { "e:a", "a", "bc\"", "de f\\gh "}}, */
/* { "e:a a b\"c\"\" d\"\"e\" f\\\"gh \" ", */
/* 4, { "e:a", "a", "bc\"", "de f\"gh " }},*/
{ "\"foo bar\"", 1 , { "foo bar" }},
+
+#ifndef HAVE_W32_SYSTEM
+ /* We actually don't use this code on Unix but we provide a way to
+ * test some of the blobing code. */
+ { "foo", 1, { "foo" }, 1 },
+ { "foo*", 2, { "[* follows]", "foo*" }, 1 },
+ { "foo?", 2, { "[? follows]", "foo?" }, 1 },
+ { "? \"*\" *", 5, { "[? follows]", "?", "*", "[* follows]", "*" }, 1 },
+#endif /*!HAVE_W32_SYSTEM*/
{ "", 1 , { "" }}
};
int tidx;
- int i, any, argc;
+ int i, any, itemsalloced, argc;
char *cmdline;
char **argv;
for (tidx = 0; tidx < DIM(tests); tidx++)
{
cmdline = xstrdup (tests[tidx].cmdline);
if (verbose && tidx)
putchar ('\n');
if (verbose)
printf ("test %d: line ->%s<-\n", tidx, cmdline);
- argv = w32_parse_commandline (cmdline, 0, &argc);
+ argv = w32_parse_commandline (cmdline, tests[tidx].use_glob,
+ &argc, &itemsalloced);
if (!argv)
{
fail (tidx);
xfree (cmdline);
continue;
}
if (tests[tidx].argc != argc)
{
fprintf (stderr, PGM": test %d: argc wrong (want %d, got %d)\n",
tidx, tests[tidx].argc, argc);
any = 1;
}
else
any = 0;
for (i=0; i < tests[tidx].argc; i++)
{
if (verbose)
printf ("test %d: argv[%d] ->%s<-\n",
tidx, i, tests[tidx].argv[i]);
if (i < argc && strcmp (tests[tidx].argv[i], argv[i]))
{
if (verbose)
printf ("test %d: got[%d] ->%s<- ERROR\n",
tidx, i, argv[i]);
any = 1;
}
}
if (any)
{
fprintf (stderr, PGM": test %d: error%s\n",
tidx, verbose? "":" (use --verbose)");
errcount++;
}
+
+ if (itemsalloced)
+ {
+ for (i=0; i < argc; i++)
+ xfree (argv[i]);
+ }
xfree (argv);
+ xfree (cmdline);
}
}
int
main (int argc, char **argv)
{
int last_argc = -1;
no_exit_on_fail = 1;
if (argc)
{ argc--; argv++; }
while (argc && last_argc != argc )
{
last_argc = argc;
if (!strcmp (*argv, "--"))
{
argc--; argv++;
break;
}
else if (!strcmp (*argv, "--help"))
{
- fputs ("usage: " PGM " [FILE]\n"
+ fputs ("usage: " PGM " [test args]\n"
"Options:\n"
" --verbose Print timings etc.\n"
" --debug Flyswatter\n"
, stdout);
exit (0);
}
else if (!strcmp (*argv, "--verbose"))
{
verbose++;
argc--; argv++;
}
else if (!strcmp (*argv, "--debug"))
{
verbose += 2;
debug++;
argc--; argv++;
}
else if (!strncmp (*argv, "--", 2))
{
fprintf (stderr, PGM ": unknown option '%s'\n", *argv);
exit (1);
}
}
if (argc)
{
- fprintf (stderr, PGM ": no arguments allowed\n");
- exit (1);
- }
+#ifdef HAVE_W32_SYSTEM
+ const wchar_t *wcmdline;
+ char *cmdline;
+ int i, myargc;
+ char **myargv;
+
+ wcmdline = GetCommandLineW ();
+ if (!wcmdline)
+ {
+ fprintf (stderr, PGM ": GetCommandLine failed\n");
+ exit (1);
+ }
+
+ cmdline = wchar_to_utf8 (wcmdline);
+ if (!cmdline)
+ {
+ fprintf (stderr, PGM ": wchar_to_utf8 failed\n");
+ exit (1);
+ }
- test_all ();
+ printf ("cmdline ->%s<\n", cmdline);
+ myargv = w32_parse_commandline (cmdline, 1, &myargc, NULL);
+ if (!myargv)
+ {
+ fprintf (stderr, PGM ": w32_parse_commandline failed\n");
+ exit (1);
+ }
+
+ for (i=0; i < myargc; i++)
+ printf ("argv[%d] ->%s<-\n", i, myargv[i]);
+ fflush (stdout);
+
+ xfree (myargv);
+ xfree (cmdline);
+#else
+ fprintf (stderr, PGM ": manual test mode not available on Unix\n");
+ errcount++;
+#endif
+ }
+ else
+ test_all ();
return !!errcount;
}
diff --git a/common/util.h b/common/util.h
index cd2feab67..ed0355fce 100644
--- a/common/util.h
+++ b/common/util.h
@@ -1,408 +1,410 @@
/* util.h - Utility functions for GnuPG
* Copyright (C) 2001, 2002, 2003, 2004, 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute and/or modify this
* part of GnuPG under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* GnuPG is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copies of the GNU General Public License
* and the GNU Lesser General Public License along with this program;
* if not, see .
*/
#ifndef GNUPG_COMMON_UTIL_H
#define GNUPG_COMMON_UTIL_H
#include /* We need this for the memory function protos. */
#include /* We need errno. */
#include /* We need gpg_error_t and estream. */
/* These error codes might be used but not defined in the required
* libgpg-error version. Define them here.
* Example: (#if GPG_ERROR_VERSION_NUMBER < 0x011500 // 1.21)
*/
#if GPG_ERROR_VERSION_NUMBER < 0x012400 /* 1.36 */
# define GPG_ERR_NO_AUTH 314
# define GPG_ERR_BAD_AUTH 315
#endif
#ifndef EXTERN_UNLESS_MAIN_MODULE
# if !defined (INCLUDED_BY_MAIN_MODULE)
# define EXTERN_UNLESS_MAIN_MODULE extern
# else
# define EXTERN_UNLESS_MAIN_MODULE
# endif
#endif
/* Hash function used with libksba. */
#define HASH_FNC ((void (*)(void *, const void*,size_t))gcry_md_write)
/* The length of the keygrip. This is a SHA-1 hash of the key
* parameters as generated by gcry_pk_get_keygrip. */
#define KEYGRIP_LEN 20
/* Get all the stuff from jnlib. */
#include "../common/logging.h"
#include "../common/argparse.h"
#include "../common/stringhelp.h"
#include "../common/mischelp.h"
#include "../common/strlist.h"
#include "../common/dotlock.h"
#include "../common/utf8conv.h"
#include "../common/dynload.h"
#include "../common/fwddecl.h"
#include "../common/utilproto.h"
#include "gettime.h"
/* Redefine asprintf by our estream version which uses our own memory
allocator.. */
#define asprintf gpgrt_asprintf
#define vasprintf gpgrt_vasprintf
/* Due to a bug in mingw32's snprintf related to the 'l' modifier and
for increased portability we use our snprintf on all systems. */
#undef snprintf
#define snprintf gpgrt_snprintf
/* Replacements for macros not available with libgpg-error < 1.20. */
/* We need this type even if we are not using libreadline and or we
did not include libreadline in the current file. */
#ifndef GNUPG_LIBREADLINE_H_INCLUDED
typedef char **rl_completion_func_t (const char *, int, int);
#endif /*!GNUPG_LIBREADLINE_H_INCLUDED*/
/* Handy malloc macros - please use only them. */
#define xtrymalloc(a) gcry_malloc ((a))
#define xtrymalloc_secure(a) gcry_malloc_secure ((a))
#define xtrycalloc(a,b) gcry_calloc ((a),(b))
#define xtrycalloc_secure(a,b) gcry_calloc_secure ((a),(b))
#define xtryrealloc(a,b) gcry_realloc ((a),(b))
#define xtrystrdup(a) gcry_strdup ((a))
#define xfree(a) gcry_free ((a))
#define xfree_fnc gcry_free
#define xmalloc(a) gcry_xmalloc ((a))
#define xmalloc_secure(a) gcry_xmalloc_secure ((a))
#define xcalloc(a,b) gcry_xcalloc ((a),(b))
#define xcalloc_secure(a,b) gcry_xcalloc_secure ((a),(b))
#define xrealloc(a,b) gcry_xrealloc ((a),(b))
#define xstrdup(a) gcry_xstrdup ((a))
/* For compatibility with gpg 1.4 we also define these: */
#define xmalloc_clear(a) gcry_xcalloc (1, (a))
#define xmalloc_secure_clear(a) gcry_xcalloc_secure (1, (a))
/* The default error source of the application. This is different
from GPG_ERR_SOURCE_DEFAULT in that it does not depend on the
source file and thus is usable in code shared by applications.
Defined by init.c. */
extern gpg_err_source_t default_errsource;
/* Convenience function to return a gpg-error code for memory
allocation failures. This function makes sure that an error will
be returned even if accidentally ERRNO is not set. */
static inline gpg_error_t
out_of_core (void)
{
return gpg_error_from_syserror ();
}
/*-- yesno.c --*/
int answer_is_yes (const char *s);
int answer_is_yes_no_default (const char *s, int def_answer);
int answer_is_yes_no_quit (const char *s);
int answer_is_okay_cancel (const char *s, int def_answer);
/*-- xreadline.c --*/
ssize_t read_line (FILE *fp,
char **addr_of_buffer, size_t *length_of_buffer,
size_t *max_length);
/*-- b64enc.c and b64dec.c --*/
struct b64state
{
unsigned int flags;
int idx;
int quad_count;
FILE *fp;
estream_t stream;
char *title;
unsigned char radbuf[4];
u32 crc;
int stop_seen:1;
int invalid_encoding:1;
gpg_error_t lasterr;
};
gpg_error_t b64enc_start (struct b64state *state, FILE *fp, const char *title);
gpg_error_t b64enc_start_es (struct b64state *state, estream_t fp,
const char *title);
gpg_error_t b64enc_write (struct b64state *state,
const void *buffer, size_t nbytes);
gpg_error_t b64enc_finish (struct b64state *state);
gpg_error_t b64dec_start (struct b64state *state, const char *title);
gpg_error_t b64dec_proc (struct b64state *state, void *buffer, size_t length,
size_t *r_nbytes);
gpg_error_t b64dec_finish (struct b64state *state);
/*-- sexputil.c */
char *canon_sexp_to_string (const unsigned char *canon, size_t canonlen);
void log_printcanon (const char *text,
const unsigned char *sexp, size_t sexplen);
void log_printsexp (const char *text, gcry_sexp_t sexp);
gpg_error_t make_canon_sexp (gcry_sexp_t sexp,
unsigned char **r_buffer, size_t *r_buflen);
gpg_error_t make_canon_sexp_pad (gcry_sexp_t sexp, int secure,
unsigned char **r_buffer, size_t *r_buflen);
gpg_error_t keygrip_from_canon_sexp (const unsigned char *key, size_t keylen,
unsigned char *grip);
int cmp_simple_canon_sexp (const unsigned char *a, const unsigned char *b);
int cmp_canon_sexp (const unsigned char *a, size_t alen,
const unsigned char *b, size_t blen,
int (*tcmp)(void *ctx, int depth,
const unsigned char *aval, size_t avallen,
const unsigned char *bval, size_t bvallen),
void *tcmpctx);
unsigned char *make_simple_sexp_from_hexstr (const char *line,
size_t *nscanned);
int hash_algo_from_sigval (const unsigned char *sigval);
unsigned char *make_canon_sexp_from_rsa_pk (const void *m, size_t mlen,
const void *e, size_t elen,
size_t *r_len);
gpg_error_t get_rsa_pk_from_canon_sexp (const unsigned char *keydata,
size_t keydatalen,
unsigned char const **r_n,
size_t *r_nlen,
unsigned char const **r_e,
size_t *r_elen);
gpg_error_t get_ecc_q_from_canon_sexp (const unsigned char *keydata,
size_t keydatalen,
unsigned char const **r_q,
size_t *r_qlen);
gpg_error_t uncompress_ecc_q_in_canon_sexp (const unsigned char *keydata,
size_t keydatalen,
unsigned char **r_newkeydata,
size_t *r_newkeydatalen);
int get_pk_algo_from_key (gcry_sexp_t key);
int get_pk_algo_from_canon_sexp (const unsigned char *keydata,
size_t keydatalen);
char *pubkey_algo_string (gcry_sexp_t s_pkey, enum gcry_pk_algos *r_algoid);
const char *pubkey_algo_to_string (int algo);
const char *hash_algo_to_string (int algo);
const char *cipher_mode_to_string (int mode);
/*-- convert.c --*/
int hex2bin (const char *string, void *buffer, size_t length);
int hexcolon2bin (const char *string, void *buffer, size_t length);
char *bin2hex (const void *buffer, size_t length, char *stringbuf);
char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf);
const char *hex2str (const char *hexstring,
char *buffer, size_t bufsize, size_t *buflen);
char *hex2str_alloc (const char *hexstring, size_t *r_count);
/*-- percent.c --*/
char *percent_plus_escape (const char *string);
char *percent_data_escape (int plus_escape, const char *prefix,
const void *data, size_t datalen);
char *percent_plus_unescape (const char *string, int nulrepl);
char *percent_unescape (const char *string, int nulrepl);
size_t percent_plus_unescape_inplace (char *string, int nulrepl);
size_t percent_unescape_inplace (char *string, int nulrepl);
/*-- openpgp-oid.c --*/
gpg_error_t openpgp_oid_from_str (const char *string, gcry_mpi_t *r_mpi);
char *openpgp_oidbuf_to_str (const unsigned char *buf, size_t len);
char *openpgp_oid_to_str (gcry_mpi_t a);
int openpgp_oidbuf_is_ed25519 (const void *buf, size_t len);
int openpgp_oid_is_ed25519 (gcry_mpi_t a);
int openpgp_oidbuf_is_cv25519 (const void *buf, size_t len);
int openpgp_oid_is_cv25519 (gcry_mpi_t a);
const char *openpgp_curve_to_oid (const char *name,
unsigned int *r_nbits, int *r_algo);
const char *openpgp_oid_to_curve (const char *oid, int canon);
const char *openpgp_enum_curves (int *idxp);
const char *openpgp_is_curve_supported (const char *name,
int *r_algo, unsigned int *r_nbits);
/*-- homedir.c --*/
const char *standard_homedir (void);
const char *default_homedir (void);
void gnupg_set_homedir (const char *newdir);
void gnupg_maybe_make_homedir (const char *fname, int quiet);
const char *gnupg_homedir (void);
int gnupg_default_homedir_p (void);
const char *gnupg_daemon_rootdir (void);
const char *gnupg_socketdir (void);
const char *gnupg_sysconfdir (void);
const char *gnupg_bindir (void);
const char *gnupg_libexecdir (void);
const char *gnupg_libdir (void);
const char *gnupg_datadir (void);
const char *gnupg_localedir (void);
const char *gnupg_cachedir (void);
const char *dirmngr_socket_name (void);
char *_gnupg_socketdir_internal (int skip_checks, unsigned *r_info);
/* All module names. We also include gpg and gpgsm for the sake for
gpgconf. */
#define GNUPG_MODULE_NAME_AGENT 1
#define GNUPG_MODULE_NAME_PINENTRY 2
#define GNUPG_MODULE_NAME_SCDAEMON 3
#define GNUPG_MODULE_NAME_DIRMNGR 4
#define GNUPG_MODULE_NAME_PROTECT_TOOL 5
#define GNUPG_MODULE_NAME_CHECK_PATTERN 6
#define GNUPG_MODULE_NAME_GPGSM 7
#define GNUPG_MODULE_NAME_GPG 8
#define GNUPG_MODULE_NAME_CONNECT_AGENT 9
#define GNUPG_MODULE_NAME_GPGCONF 10
#define GNUPG_MODULE_NAME_DIRMNGR_LDAP 11
#define GNUPG_MODULE_NAME_GPGV 12
const char *gnupg_module_name (int which);
void gnupg_module_name_flush_some (void);
void gnupg_set_builddir (const char *newdir);
/*-- gpgrlhelp.c --*/
void gnupg_rl_initialize (void);
/*-- helpfile.c --*/
char *gnupg_get_help_string (const char *key, int only_current_locale);
/*-- localename.c --*/
const char *gnupg_messages_locale_name (void);
/*-- sysutils.c --*/
FILE *gnupg_fopen (const char *fname, const char *mode);
/*-- miscellaneous.c --*/
/* This function is called at startup to tell libgcrypt to use our own
logging subsystem. */
void setup_libgcrypt_logging (void);
/* Print an out of core message and die. */
void xoutofcore (void);
/* Same as estream_asprintf but die on memory failure. */
char *xasprintf (const char *fmt, ...) GPGRT_ATTR_PRINTF(1,2);
/* This is now an alias to estream_asprintf. */
char *xtryasprintf (const char *fmt, ...) GPGRT_ATTR_PRINTF(1,2);
+void *xtryreallocarray (void *a, size_t oldnmemb, size_t nmemb, size_t size);
+
/* Replacement for gcry_cipher_algo_name. */
const char *gnupg_cipher_algo_name (int algo);
void obsolete_option (const char *configname, unsigned int configlineno,
const char *name);
const char *print_fname_stdout (const char *s);
const char *print_fname_stdin (const char *s);
void print_utf8_buffer3 (estream_t fp, const void *p, size_t n,
const char *delim);
void print_utf8_buffer2 (estream_t fp, const void *p, size_t n, int delim);
void print_utf8_buffer (estream_t fp, const void *p, size_t n);
void print_utf8_string (estream_t stream, const char *p);
void print_hexstring (FILE *fp, const void *buffer, size_t length,
int reserved);
char *try_make_printable_string (const void *p, size_t n, int delim);
char *make_printable_string (const void *p, size_t n, int delim);
int is_file_compressed (const char *s, int *ret_rc);
int match_multistr (const char *multistr,const char *match);
int gnupg_compare_version (const char *a, const char *b);
struct debug_flags_s
{
unsigned int flag;
const char *name;
};
int parse_debug_flag (const char *string, unsigned int *debugvar,
const struct debug_flags_s *flags);
/*-- Simple replacement functions. */
/* We use the gnupg_ttyname macro to be safe not to run into conflicts
which an extisting but broken ttyname. */
#if !defined(HAVE_TTYNAME) || defined(HAVE_BROKEN_TTYNAME)
# define gnupg_ttyname(n) _gnupg_ttyname ((n))
/* Systems without ttyname (W32) will merely return NULL. */
static inline char *
_gnupg_ttyname (int fd)
{
(void)fd;
return NULL;
}
#else /*HAVE_TTYNAME*/
# define gnupg_ttyname(n) ttyname ((n))
#endif /*HAVE_TTYNAME */
#ifdef HAVE_W32CE_SYSTEM
#define getpid() GetCurrentProcessId ()
char *_gnupg_getenv (const char *name); /* See sysutils.c */
#define getenv(a) _gnupg_getenv ((a))
char *_gnupg_setenv (const char *name); /* See sysutils.c */
#define setenv(a,b,c) _gnupg_setenv ((a),(b),(c))
int _gnupg_isatty (int fd);
#define gnupg_isatty(a) _gnupg_isatty ((a))
#else
#define gnupg_isatty(a) isatty ((a))
#endif
/*-- Macros to replace ctype ones to avoid locale problems. --*/
#define spacep(p) (*(p) == ' ' || *(p) == '\t')
#define digitp(p) (*(p) >= '0' && *(p) <= '9')
#define alphap(p) ((*(p) >= 'A' && *(p) <= 'Z') \
|| (*(p) >= 'a' && *(p) <= 'z'))
#define alnump(p) (alphap (p) || digitp (p))
#define hexdigitp(a) (digitp (a) \
|| (*(a) >= 'A' && *(a) <= 'F') \
|| (*(a) >= 'a' && *(a) <= 'f'))
/* Note this isn't identical to a C locale isspace() without \f and
\v, but works for the purposes used here. */
#define ascii_isspace(a) ((a)==' ' || (a)=='\n' || (a)=='\r' || (a)=='\t')
/* The atoi macros assume that the buffer has only valid digits. */
#define atoi_1(p) (*(p) - '0' )
#define atoi_2(p) ((atoi_1(p) * 10) + atoi_1((p)+1))
#define atoi_4(p) ((atoi_2(p) * 100) + atoi_2((p)+2))
#define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \
*(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10))
#define xtoi_2(p) ((xtoi_1(p) * 16) + xtoi_1((p)+1))
#define xtoi_4(p) ((xtoi_2(p) * 256) + xtoi_2((p)+2))
#endif /*GNUPG_COMMON_UTIL_H*/
diff --git a/common/w32-misc.c b/common/w32-misc.c
index ae194facb..2a0ba86e5 100644
--- a/common/w32-misc.c
+++ b/common/w32-misc.c
@@ -1,209 +1,450 @@
/* w32-misc.c - Helper functions needed in Windows
* Copyright (C) 2021 g10 Code GmbH
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
+#ifdef HAVE_W32_SYSTEM
+# define WIN32_LEAN_AND_MEAN
+# include
+#endif /*!HAVE_W32_SYSTEM*/
+
#include "util.h"
#include "w32help.h"
+/* Helper object for add_arg. */
+struct add_arg_s
+{
+ char **argv; /* Calloced array. */
+ int argc; /* Number of items in argc. */
+ int size; /* Allocated size of argv. */
+};
+
+
+/* Add STRING to the argv of PARM. Returns 0 on success; on error
+ * sets ERRNO and returns -1. */
+static int
+add_arg (struct add_arg_s *parm, const char *string)
+{
+ if (parm->argc == parm->size)
+ {
+ char **newargv;
+ int newsize;
+
+ if (parm->size < 256)
+ newsize = ((parm->size + 31) / 32 + 1) * 32;
+ else
+ newsize = ((parm->size + 255) / 256 + 1) * 256;
+ /* We allocate one more item for the trailing NULL. */
+ newargv = xtryreallocarray (parm->argv, parm->size, newsize+1,
+ sizeof *newargv);
+ if (!newargv)
+ return -1;
+ parm->argv = newargv;
+ parm->size = newsize;
+ }
+ parm->argv[parm->argc] = xtrystrdup (string);
+ if (!parm->argv[parm->argc])
+ return -1;
+ parm->argc++;
+ return 0;
+}
+
+
+/* Glob PATTERN and add to the argv of PARM. Returns 0 on success; on
+ * error sets ERRNO and returns -1. */
+static int
+glob_arg (struct add_arg_s *parm, const char *pattern)
+{
+ int rc;
+ const char *s;
+
+#ifdef HAVE_W32_SYSTEM
+ HANDLE hd;
+ WIN32_FIND_DATAW dir;
+ uintptr_t pos; /* Offset to the last slash in pattern/buffer or 0. */
+ char *buffer, *p;
+ int any = 0;
+
+ s = strpbrk (pattern, "*?");
+ if (!s)
+ {
+ /* Called without wildcards. */
+ return add_arg (parm, pattern);
+ }
+ for (; s != pattern && *s != '/' && *s != '\\'; s--)
+ ;
+ pos = s - pattern;
+ if (*s == '/' || *s == L'\\')
+ pos++;
+
+ {
+ wchar_t *wpattern;
+
+ wpattern = utf8_to_wchar (pattern);
+ if (!wpattern)
+ return -1;
+
+ hd = FindFirstFileW (wpattern, &dir);
+ xfree (wpattern);
+ }
+ if (hd == INVALID_HANDLE_VALUE)
+ return add_arg (parm, pattern);
+
+ /* We allocate enough space to hold all kind of UTF-8 strings. */
+ buffer = xtrymalloc (strlen (pattern) + MAX_PATH*6 + 1);
+ if (!buffer)
+ {
+ FindClose (hd);
+ return -1;
+ }
+ mem2str (buffer, pattern, pos+1);
+ for (p=buffer; *p; p++)
+ if (*p == '\\')
+ *p = '/';
+
+ do
+ {
+ if (!(dir.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY))
+ {
+ char *name;
+
+ name = wchar_to_utf8 (dir.cFileName);
+ if (!name)
+ rc = -1;
+ else
+ {
+ mem2str (buffer + pos, name, MAX_PATH*6);
+ xfree (name);
+ rc = add_arg (parm, buffer);
+ }
+ if (rc)
+ {
+ FindClose (hd);
+ xfree (buffer);
+ return rc;
+ }
+ any = 1;
+ }
+ }
+ while (FindNextFileW (hd, &dir));
+
+ FindClose (hd);
+ xfree (buffer);
+
+ rc = any? 0 : add_arg (parm, pattern);
+
+#else /* Unix */
+
+ /* We use some dummy code here because this is only used in the Unix
+ * test suite. */
+ s = strpbrk (pattern, "*?");
+ if (!s)
+ {
+ /* Called without wildcards. */
+ return add_arg (parm, pattern);
+ }
+
+ if (strchr (pattern, '?'))
+ rc = add_arg (parm, "[? follows]");
+ else if (strchr (pattern, '*'))
+ rc = add_arg (parm, "[* follows]");
+ else
+ rc = add_arg (parm, "[no glob!]"); /* Should not happen. */
+ if (!rc)
+ rc = add_arg (parm, pattern);
+
+#endif /* Unix */
+
+ return rc;
+}
+
+
/* Return the number of backslashes. */
static unsigned int
count_backslashes (const char *s)
{
unsigned int count = 0;
for ( ;*s == '\\'; s++)
count++;
return count;
}
static void
strip_one_arg (char *string, int endquote)
{
char *s, *d;
unsigned int n, i;
for (s=d=string; *s; s++)
if (*s == '\\')
{
n = count_backslashes (s);
if (s[n] == '"')
{
for (i=0; i < n/2; i++)
*d++ = '\\';
if ((n&1)) /* Odd number of backslashes. */
*d++ = '"'; /* Print the quote. */
}
else if (!s[n] && endquote)
{
for (i=0; i < n/2; i++)
*d++ = '\\';
s--;
}
else /* Print all backslashes. */
{
for (i=0; i < n; i++)
*d++ = '\\';
n--; /* Adjust for the increment in the for. */
}
s += n;
}
else if (*s == '"' && s[1])
*d++ = *++s;
else
*d++ = *s;
*d = 0;
}
-/* Helper for parse_w32_commandline. */
+/* Helper for parse_w32_commandline. If ARGV and ARGVFLAGS are not
+ * NULL, ARGVFLAGS is expected to be allocated at the same size of
+ * ARGV and zeroed; on return 1 is stored for all arguments which are
+ * quoted (args like (foo"bar"baz") also count as quoted. */
static int
-parse_cmdstring (char *string, char **argv)
+parse_cmdstring (char *string, char **argv, unsigned char *argvflags)
{
int argc = 0;
int inquote = 0;
char *p0, *p;
unsigned int n;
p0 = string;
for (p=string; *p; p++)
{
if (inquote)
{
if (*p == '\\' && p[1] == '"')
p++;
else if (*p == '\\' && p[1] == '\\')
p++;
else if (*p == '"')
{
if (p[1] == ' ' || p[1] == '\t' || !p[1])
{
if (argv)
{
*p = 0;
strip_one_arg (p0, 1);
argv[argc] = p0;
+ if (argvflags)
+ argvflags[argc] = 1;
}
argc++;
p0 = NULL;
}
inquote = 0;
}
}
else if (*p == '\\' && (n=count_backslashes (p)))
{
if (!p0) /* First non-WS; set start. */
p0 = p;
if (p[n] == '"')
{
if (!(n&1)) /* Even number. */
inquote = 1;
p++;
}
p += n;
}
else if (*p == '"')
{
inquote = 1;
if (!p0 || p == string) /* First non-WS or first char; set start. */
p0 = p + 1;
}
else if (*p == ' ' || *p == '\t')
{
if (p0) /* We are in an argument and reached WS. */
{
if (argv)
{
*p = 0;
strip_one_arg (p0, inquote);
argv[argc] = p0;
+ if (argvflags && inquote)
+ argvflags[argc] = 1;
}
argc++;
p0 = NULL;
}
}
else if (!p0) /* First non-WS; set start. */
p0 = p;
}
if (inquote || p0)
{
/* Closing quote missing (we accept this as argument anyway) or
* an open argument. */
if (argv)
{
*p = 0;
strip_one_arg (p0, inquote);
argv[argc] = p0;
+ if (argvflags && inquote)
+ argvflags[argc] = 1;
}
argc++;
}
return argc;
}
/* This is a Windows command line parser, returning an array with
* strings and its count. The argument CMDLINE is expected to be
* utf-8 encoded and may be modified after returning from this
* function. The returned array points into CMDLINE, so this should
* not be freed. If GLOBING is set to true globing is done for all
* items. Returns NULL on error. The number of items in the array is
- * returned at R_ARGC. */
+ * returned at R_ARGC. If R_ITEMSALLOCED is NOT NULL, it's value is
+ * set to true if the items at R_ALLOC are allocated and not point
+ * into to CMDLINE. */
char **
-w32_parse_commandline (char *cmdline, int globing, int *r_argc)
+w32_parse_commandline (char *cmdline, int globing, int *r_argc,
+ int *r_itemsalloced)
{
int argc, i;
char **argv;
+ char *argvflags;
- (void)globing;
+ if (r_itemsalloced)
+ *r_itemsalloced = 0;
- argc = parse_cmdstring (cmdline, NULL);
+ argc = parse_cmdstring (cmdline, NULL, NULL);
if (!argc)
{
log_error ("%s failed: %s\n", __func__, "internal error");
return NULL; /* Ooops. */
}
argv = xtrycalloc (argc+1, sizeof *argv);
if (!argv)
{
- log_error ("%s failed: %s\n", __func__, strerror (errno));
+ log_error ("%s failed: %s\n", __func__,
+ gpg_strerror (gpg_error_from_syserror ()));
return NULL; /* Ooops. */
}
- i = parse_cmdstring (cmdline, argv);
+ if (globing)
+ {
+ argvflags = xtrycalloc (argc+1, sizeof *argvflags);
+ if (!argvflags)
+ {
+ log_error ("%s failed: %s\n", __func__,
+ gpg_strerror (gpg_error_from_syserror ()));
+ xfree (argv);
+ return NULL; /* Ooops. */
+ }
+ }
+ else
+ argvflags = NULL;
+
+ i = parse_cmdstring (cmdline, argv, argvflags);
if (argc != i)
{
log_error ("%s failed (argc=%d i=%d)\n", __func__, argc, i);
xfree (argv);
+ xfree (argvflags);
return NULL; /* Ooops. */
}
+
+ if (globing)
+ {
+ for (i=0; i < argc; i++)
+ if (argvflags[i] != 1 && strpbrk (argv[i], "*?"))
+ break;
+ if (i < argc)
+ {
+ /* Indeed some unquoted arguments contain wildcards. We
+ * need to do the globing and thus a dynamically re-allocate
+ * the argv array and strdup all items. */
+ struct add_arg_s parm;
+ int rc;
+
+ if (argc < 32)
+ parm.size = ((argc + 31) / 32 + 1) * 32;
+ else
+ parm.size = ((argc + 255) / 256 + 1) * 256;
+ parm.argc = 0;
+ /* We allocate one more item for the trailing NULL. */
+ parm.argv = xtryreallocarray (NULL, 0, parm.size + 1,
+ sizeof *parm.argv);
+ if (!parm.argv)
+ {
+ log_error ("%s: error allocating array: %s\n", __func__,
+ gpg_strerror (gpg_error_from_syserror ()));
+ xfree (argv);
+ xfree (argvflags);
+ return NULL; /* Ooops. */
+ }
+ rc = 0;
+ for (i=0; i < argc; i++)
+ {
+ if (argvflags[i] != 1)
+ rc = glob_arg (&parm, argv[i]);
+ else
+ rc = add_arg (&parm, argv[i]);
+ if (rc)
+ {
+ log_error ("%s: error adding or blobing: %s\n", __func__,
+ gpg_strerror (gpg_error_from_syserror ()));
+ for (i=0; i < parm.argc; i++)
+ xfree (parm.argv[i]);
+ xfree (parm.argv);
+ xfree (argv);
+ xfree (argvflags);
+ return NULL; /* Ooops. */
+ }
+ }
+ xfree (argv);
+ argv = parm.argv;
+ argc = parm.argc;
+ if (r_itemsalloced)
+ *r_itemsalloced = 1;
+ }
+ }
+
+ xfree (argvflags);
*r_argc = argc;
return argv;
}
diff --git a/common/w32help.h b/common/w32help.h
index ca5ccf8bd..7f97f0d3e 100644
--- a/common/w32help.h
+++ b/common/w32help.h
@@ -1,63 +1,65 @@
/* w32help.h - W32 speicif functions
* Copyright (C) 2007 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute and/or modify this
* part of GnuPG under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* GnuPG is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copies of the GNU General Public License
* and the GNU Lesser General Public License along with this program;
* if not, see .
*/
#ifndef GNUPG_COMMON_W32HELP_H
#define GNUPG_COMMON_W32HELP_H
/*-- w32-misc.c --*/
+
/* This module is also part of the Unix tests. */
-char **w32_parse_commandline (char *cmdline, int globing, int *r_argc);
+char **w32_parse_commandline (char *cmdline, int globing, int *r_argv,
+ int *r_itemsalloced);
#ifdef HAVE_W32_SYSTEM
/*-- w32-reg.c --*/
char *read_w32_registry_string (const char *root,
const char *dir, const char *name );
/* Other stuff. */
#ifdef HAVE_W32CE_SYSTEM
/* Setmode is missing in cegcc but available since CE 5.0. */
int _setmode (int handle, int mode);
# define setmode(a,b) _setmode ((a),(b))
static inline int
umask (int a)
{
(void)a;
return 0;
}
#endif /*HAVE_W32CE_SYSTEM*/
#endif /*HAVE_W32_SYSTEM*/
#endif /*GNUPG_COMMON_MISCHELP_H*/
diff --git a/common/xasprintf.c b/common/xasprintf.c
index 00ff66a75..7e37e5be6 100644
--- a/common/xasprintf.c
+++ b/common/xasprintf.c
@@ -1,70 +1,123 @@
/* xasprintf.c
* Copyright (C) 2003, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 2020 g10 Code GmbH
*
* This file is part of GnuPG.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
#include
#include
#include
#include "util.h"
/* Same as asprintf but return an allocated buffer suitable to be
freed using xfree. This function simply dies on memory failure,
thus no extra check is required.
FIXME: We should remove these functions in favor of gpgrt_bsprintf
and a xgpgrt_bsprintf or rename them to xbsprintf and
xtrybsprintf. */
char *
xasprintf (const char *fmt, ...)
{
va_list ap;
char *buf;
va_start (ap, fmt);
if (gpgrt_vasprintf (&buf, fmt, ap) < 0)
log_fatal ("estream_asprintf failed: %s\n", strerror (errno));
va_end (ap);
return buf;
}
/* Same as above but return NULL on memory failure. */
char *
xtryasprintf (const char *fmt, ...)
{
int rc;
va_list ap;
char *buf;
va_start (ap, fmt);
rc = gpgrt_vasprintf (&buf, fmt, ap);
va_end (ap);
if (rc < 0)
return NULL;
return buf;
}
+
+
+/* This is safe version of realloc useful for reallocing a calloced
+ * array. There are two ways to call it: The first example
+ * reallocates the array A to N elements each of SIZE but does not
+ * clear the newly allocated elements:
+ *
+ * p = xtryreallocarray (a, n, n, nsize);
+ *
+ * Note that when NOLD is larger than N no cleaning is needed anyway.
+ * The second example reallocates an array of size NOLD to N elements
+ * each of SIZE but clear the newly allocated elements:
+ *
+ * p = xtryreallocarray (a, nold, n, nsize);
+ *
+ * Note that xtryreallocarray (NULL, 0, n, nsize) is equivalent to
+ * xtrycalloc (n, nsize).
+ *
+ * The same function under the name gpgrt_reallocarray exists in
+ * libgpg-error but only since version 1.38 and thus we use a copy
+ * here.
+ */
+void *
+xtryreallocarray (void *a, size_t oldnmemb, size_t nmemb, size_t size)
+{
+ size_t oldbytes, bytes;
+ char *p;
+
+ bytes = nmemb * size; /* size_t is unsigned so the behavior on overflow
+ * is defined. */
+ if (size && bytes / size != nmemb)
+ {
+ gpg_err_set_errno (ENOMEM);
+ return NULL;
+ }
+
+ p = xtryrealloc (a, bytes);
+ if (p && oldnmemb < nmemb)
+ {
+ /* OLDNMEMBS is lower than NMEMB thus the user asked for a
+ calloc. Clear all newly allocated members. */
+ oldbytes = oldnmemb * size;
+ if (size && oldbytes / size != oldnmemb)
+ {
+ xfree (p);
+ gpg_err_set_errno (ENOMEM);
+ return NULL;
+ }
+ memset (p + oldbytes, 0, bytes - oldbytes);
+ }
+ return p;
+}