dbus-string.c 69.7 KB
Newer Older
1
/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
John Palmieri's avatar
John Palmieri committed
2
/* dbus-string.c String utility class (internal to D-Bus implementation)
3
 * 
4
 * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc.
5
 * Copyright (C) 2006 Ralf Habacker <ralf.habacker@freenet.de>
6
 *
7
 * Licensed under the Academic Free License version 2.1
8 9 10 11 12 13 14 15 16 17 18 19 20
 * 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
21
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
22 23 24
 *
 */

25
#include <config.h>
26
#include "dbus-internals.h"
27 28 29
#include "dbus-string.h"
/* we allow a system header here, for speed/convenience */
#include <string.h>
30 31
/* for vsnprintf */
#include <stdio.h>
32 33
#define DBUS_CAN_USE_DBUS_STRING_PRIVATE 1
#include "dbus-string-private.h"
34 35 36
#include "dbus-marshal-basic.h" /* probably should be removed by moving the usage of DBUS_TYPE
                                 * into the marshaling-related files
                                 */
37 38
/* for DBUS_VA_COPY */
#include "dbus-sysdeps.h"
39 40

/**
41
 * @defgroup DBusString DBusString class
42
 * @ingroup  DBusInternals
43
 * @brief DBusString data structure for safer string handling
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
 *
 * Types and functions related to DBusString. DBusString is intended
 * to be a string class that makes it hard to mess up security issues
 * (and just in general harder to write buggy code).  It should be
 * used (or extended and then used) rather than the libc stuff in
 * string.h.  The string class is a bit inconvenient at spots because
 * it handles out-of-memory failures and tries to be extra-robust.
 * 
 * A DBusString has a maximum length set at initialization time; this
 * can be used to ensure that a buffer doesn't get too big.  The
 * _dbus_string_lengthen() method checks for overflow, and for max
 * length being exceeded.
 * 
 * Try to avoid conversion to a plain C string, i.e. add methods on
 * the string object instead, only convert to C string when passing
 * things out to the public API. In particular, no sprintf, strcpy,
 * strcat, any of that should be used. The GString feature of
 * accepting negative numbers for "length of string" is also absent,
 * because it could keep us from detecting bogus huge lengths. i.e. if
 * we passed in some bogus huge length it would be taken to mean
 * "current length of string" instead of "broken crack"
65 66 67 68 69 70
 *
 * @todo #DBusString needs a lot of cleaning up; some of the
 * API is no longer used, and the API is pretty inconsistent.
 * In particular all the "append" APIs, especially those involving
 * alignment but probably lots of them, are no longer used by the
 * marshaling code which always does "inserts" now.
71 72 73 74 75 76 77
 */

/**
 * @addtogroup DBusString
 * @{
 */

78 79 80
static void
fixup_alignment (DBusRealString *real)
{
81 82
  unsigned char *aligned;
  unsigned char *real_block;
83 84 85
  unsigned int old_align_offset;

  /* we have to have extra space in real->allocated for the align offset and nul byte */
86
  _dbus_assert (real->len <= real->allocated - _DBUS_STRING_ALLOCATION_PADDING);
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
  
  old_align_offset = real->align_offset;
  real_block = real->str - old_align_offset;
  
  aligned = _DBUS_ALIGN_ADDRESS (real_block, 8);

  real->align_offset = aligned - real_block;
  real->str = aligned;
  
  if (old_align_offset != real->align_offset)
    {
      /* Here comes the suck */
      memmove (real_block + real->align_offset,
               real_block + old_align_offset,
               real->len + 1);
    }

  _dbus_assert (real->align_offset < 8);
  _dbus_assert (_DBUS_ALIGN_ADDRESS (real->str, 8) == real->str);
}
107

108 109 110 111 112 113 114 115 116 117
static void
undo_alignment (DBusRealString *real)
{
  if (real->align_offset != 0)
    {
      memmove (real->str - real->align_offset,
               real->str,
               real->len + 1);

      real->str = real->str - real->align_offset;
118
      real->align_offset = 0;
119 120 121
    }
}

122
/**
123 124 125
 * Initializes a string that can be up to the given allocation size
 * before it has to realloc. The string starts life with zero length.
 * The string must eventually be freed with _dbus_string_free().
Havoc Pennington's avatar
Havoc Pennington committed
126
 * 
127
 * @param str memory to hold the string
128
 * @param allocate_size amount to preallocate
129 130
 * @returns #TRUE on success, #FALSE if no memory
 */
131
dbus_bool_t
132 133
_dbus_string_init_preallocated (DBusString *str,
                                int         allocate_size)
134 135
{
  DBusRealString *real;
136 137 138

  _DBUS_STATIC_ASSERT (sizeof (DBusString) == sizeof (DBusRealString));

139 140 141 142 143 144 145 146 147 148
  _dbus_assert (str != NULL);

  real = (DBusRealString*) str;

  /* It's very important not to touch anything
   * other than real->str if we're going to fail,
   * since we also use this function to reset
   * an existing string, e.g. in _dbus_string_steal_data()
   */
  
149
  real->str = dbus_malloc (_DBUS_STRING_ALLOCATION_PADDING + allocate_size);
150
  if (real->str == NULL)
151 152
    return FALSE;  
  
153
  real->allocated = _DBUS_STRING_ALLOCATION_PADDING + allocate_size;
154 155 156 157 158 159
  real->len = 0;
  real->str[real->len] = '\0';
  
  real->constant = FALSE;
  real->locked = FALSE;
  real->invalid = FALSE;
160 161 162
  real->align_offset = 0;
  
  fixup_alignment (real);
163
  
164 165 166
  return TRUE;
}

167 168 169 170 171 172 173 174 175 176 177 178 179
/**
 * Initializes a string. The string starts life with zero length.  The
 * string must eventually be freed with _dbus_string_free().
 * 
 * @param str memory to hold the string
 * @returns #TRUE on success, #FALSE if no memory
 */
dbus_bool_t
_dbus_string_init (DBusString *str)
{
  return _dbus_string_init_preallocated (str, 0);
}

180 181 182 183
/**
 * Initializes a constant string. The value parameter is not copied
 * (should be static), and the string may never be modified.
 * It is safe but not necessary to call _dbus_string_free()
184
 * on a const string. The string has a length limit of MAXINT - 8.
185 186 187 188 189 190 191
 * 
 * @param str memory to use for the string
 * @param value a string to be stored in str (not copied!!!)
 */
void
_dbus_string_init_const (DBusString *str,
                         const char *value)
192
{
193 194
  _dbus_assert (value != NULL);
  
195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212
  _dbus_string_init_const_len (str, value,
                               strlen (value));
}

/**
 * Initializes a constant string with a length. The value parameter is
 * not copied (should be static), and the string may never be
 * modified.  It is safe but not necessary to call _dbus_string_free()
 * on a const string.
 * 
 * @param str memory to use for the string
 * @param value a string to be stored in str (not copied!!!)
 * @param len the length to use
 */
void
_dbus_string_init_const_len (DBusString *str,
                             const char *value,
                             int         len)
213 214 215 216
{
  DBusRealString *real;
  
  _dbus_assert (str != NULL);
217
  _dbus_assert (len == 0 || value != NULL);
218
  _dbus_assert (len <= _DBUS_STRING_MAX_LENGTH);
219 220
  _dbus_assert (len >= 0);
  
221 222
  real = (DBusRealString*) str;
  
223
  real->str = (unsigned char*) value;
224
  real->len = len;
225
  real->allocated = real->len + _DBUS_STRING_ALLOCATION_PADDING; /* a lie, just to avoid special-case assertions... */
226
  real->constant = TRUE;
227
  real->locked = TRUE;
228
  real->invalid = FALSE;
229
  real->align_offset = 0;
230 231 232 233

  /* We don't require const strings to be 8-byte aligned as the
   * memory is coming from elsewhere.
   */
234 235
}

236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252
/**
 * Initializes a string from another string. The
 * string must eventually be freed with _dbus_string_free().
 *
 * @param str memory to hold the string
 * @param from instance from which the string is initialized
 * @returns #TRUE on success, #FALSE if no memory
 */
dbus_bool_t
_dbus_string_init_from_string(DBusString       *str,
                              const DBusString *from)
{
 if (!_dbus_string_init (str))
     return FALSE;
 return _dbus_string_append (str, _dbus_string_get_const_data (from));
}

253 254 255 256 257 258 259 260
/**
 * Frees a string created by _dbus_string_init().
 *
 * @param str memory where the string is stored.
 */
void
_dbus_string_free (DBusString *str)
{
261 262
  DBusRealString *real = (DBusRealString*) str;
  DBUS_GENERIC_STRING_PREAMBLE (real);
263 264 265
  
  if (real->constant)
    return;
266 267 268 269 270 271 272 273

  /* so it's safe if @p str returned by a failed
   * _dbus_string_init call
   * Bug: https://bugs.freedesktop.org/show_bug.cgi?id=65959
   */
  if (real->str == NULL)
    return;

274
  dbus_free (real->str - real->align_offset);
275 276 277 278

  real->invalid = TRUE;
}

279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304
static dbus_bool_t
compact (DBusRealString *real,
         int             max_waste)
{
  unsigned char *new_str;
  int new_allocated;
  int waste;

  waste = real->allocated - (real->len + _DBUS_STRING_ALLOCATION_PADDING);

  if (waste <= max_waste)
    return TRUE;

  new_allocated = real->len + _DBUS_STRING_ALLOCATION_PADDING;

  new_str = dbus_realloc (real->str - real->align_offset, new_allocated);
  if (_DBUS_UNLIKELY (new_str == NULL))
    return FALSE;

  real->str = new_str + real->align_offset;
  real->allocated = new_allocated;
  fixup_alignment (real);

  return TRUE;
}

305
#ifdef DBUS_ENABLE_EMBEDDED_TESTS
306
/* Not using this feature at the moment,
307
 * so marked DBUS_ENABLE_EMBEDDED_TESTS-only
308
 */
309
/**
310 311 312 313 314
 * Locks a string such that any attempts to change the string will
 * result in aborting the program. Also, if the string is wasting a
 * lot of memory (allocation is sufficiently larger than what the
 * string is really using), _dbus_string_lock() will realloc the
 * string's data to "compact" it.
315 316 317 318 319 320 321 322 323 324 325 326 327
 *
 * @param str the string to lock.
 */
void
_dbus_string_lock (DBusString *str)
{  
  DBUS_LOCKED_STRING_PREAMBLE (str); /* can lock multiple times */

  real->locked = TRUE;

  /* Try to realloc to avoid excess memory usage, since
   * we know we won't change the string further
   */
328
#define MAX_WASTE 48
329
  compact (real, MAX_WASTE);
330
}
331
#endif /* DBUS_ENABLE_EMBEDDED_TESTS */
332

333
static dbus_bool_t
334 335
reallocate_for_length (DBusRealString *real,
                       int             new_length)
336
{
337
  int new_allocated;
338
  unsigned char *new_str;
339

340 341 342
  /* at least double our old allocation to avoid O(n), avoiding
   * overflow
   */
343 344
  if (real->allocated > (_DBUS_STRING_MAX_LENGTH + _DBUS_STRING_ALLOCATION_PADDING) / 2)
    new_allocated = _DBUS_STRING_MAX_LENGTH + _DBUS_STRING_ALLOCATION_PADDING;
345 346
  else
    new_allocated = real->allocated * 2;
347

348
  /* if you change the code just above here, run the tests without
349
   * the following assert-only hack before you commit
350
   */
351 352 353 354
  /* This is keyed off asserts in addition to tests so when you
   * disable asserts to profile, you don't get this destroyer
   * of profiles.
   */
355
#if defined (DBUS_ENABLE_EMBEDDED_TESTS) && !defined (DBUS_DISABLE_ASSERT)
356 357 358
  new_allocated = 0; /* ensure a realloc every time so that we go
                      * through all malloc failure codepaths
                      */
359
#endif
360

361
  /* But be sure we always alloc at least space for the new length */
362
  new_allocated = MAX (new_allocated,
363
                       new_length + _DBUS_STRING_ALLOCATION_PADDING);
364

365 366
  _dbus_assert (new_allocated >= real->allocated); /* code relies on this */
  new_str = dbus_realloc (real->str - real->align_offset, new_allocated);
367
  if (_DBUS_UNLIKELY (new_str == NULL))
368
    return FALSE;
369

370 371 372
  real->str = new_str + real->align_offset;
  real->allocated = new_allocated;
  fixup_alignment (real);
373 374 375 376

  return TRUE;
}

377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396
/**
 * Compacts the string to avoid wasted memory.  Wasted memory is
 * memory that is allocated but not actually required to store the
 * current length of the string.  The compact is only done if more
 * than the given amount of memory is being wasted (otherwise the
 * waste is ignored and the call does nothing).
 *
 * @param str the string
 * @param max_waste the maximum amount of waste to ignore
 * @returns #FALSE if the compact failed due to realloc failure
 */
dbus_bool_t
_dbus_string_compact (DBusString *str,
                      int         max_waste)
{
  DBUS_STRING_PREAMBLE (str);

  return compact (real, max_waste);
}

397 398 399 400 401 402 403
static dbus_bool_t
set_length (DBusRealString *real,
            int             new_length)
{
  /* Note, we are setting the length not including nul termination */

  /* exceeding max length is the same as failure to allocate memory */
404
  if (_DBUS_UNLIKELY (new_length > _DBUS_STRING_MAX_LENGTH))
405
    return FALSE;
406
  else if (new_length > (real->allocated - _DBUS_STRING_ALLOCATION_PADDING) &&
407
           _DBUS_UNLIKELY (!reallocate_for_length (real, new_length)))
408 409 410 411
    return FALSE;
  else
    {
      real->len = new_length;
412
      real->str[new_length] = '\0';
413 414 415 416
      return TRUE;
    }
}

417 418 419 420 421 422 423 424
static dbus_bool_t
open_gap (int             len,
          DBusRealString *dest,
          int             insert_at)
{
  if (len == 0)
    return TRUE;

425
  if (len > _DBUS_STRING_MAX_LENGTH - dest->len)
426 427
    return FALSE; /* detected overflow of dest->len + len below */
  
428 429 430 431 432 433 434 435 436 437
  if (!set_length (dest, dest->len + len))
    return FALSE;

  memmove (dest->str + insert_at + len, 
           dest->str + insert_at,
           dest->len - len - insert_at);

  return TRUE;
}

438
#ifndef _dbus_string_get_data
439 440 441 442 443 444 445 446 447
/**
 * Gets the raw character buffer from the string.  The returned buffer
 * will be nul-terminated, but note that strings may contain binary
 * data so there may be extra nul characters prior to the termination.
 * This function should be little-used, extend DBusString or add
 * stuff to dbus-sysdeps.c instead. It's an error to use this
 * function on a const string.
 *
 * @param str the string
448
 * @returns the data
449
 */
450 451
char*
_dbus_string_get_data (DBusString *str)
452 453 454
{
  DBUS_STRING_PREAMBLE (str);
  
455
  return (char*) real->str;
456
}
457
#endif /* _dbus_string_get_data */
458

459 460
/* only do the function if we don't have the macro */
#ifndef _dbus_string_get_const_data
461
/**
462 463
 * Gets the raw character buffer from a const string.
 *
464
 * @param str the string
465
 * @returns the string data
466
 */
467 468
const char*
_dbus_string_get_const_data (const DBusString  *str)
469 470 471
{
  DBUS_CONST_STRING_PREAMBLE (str);
  
472
  return (const char*) real->str;
473
}
474
#endif /* _dbus_string_get_const_data */
475 476 477 478 479 480 481 482 483 484 485 486

/**
 * Gets a sub-portion of the raw character buffer from the
 * string. The "len" field is required simply for error
 * checking, to be sure you don't try to use more
 * string than exists. The nul termination of the
 * returned buffer remains at the end of the entire
 * string, not at start + len.
 *
 * @param str the string
 * @param start byte offset to return
 * @param len length of segment to return
487
 * @returns the string data
488
 */
489
char*
490 491 492 493 494 495 496
_dbus_string_get_data_len (DBusString *str,
                           int         start,
                           int         len)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (start >= 0);
  _dbus_assert (len >= 0);
497 498
  _dbus_assert (start <= real->len);
  _dbus_assert (len <= real->len - start);
499
  
500
  return (char*) real->str + start;
501 502
}

503 504
/* only do the function if we don't have the macro */
#ifndef _dbus_string_get_const_data_len
505 506 507 508 509 510
/**
 * const version of _dbus_string_get_data_len().
 *
 * @param str the string
 * @param start byte offset to return
 * @param len length of segment to return
511
 * @returns the string data
512
 */
513
const char*
514 515 516 517 518 519 520
_dbus_string_get_const_data_len (const DBusString  *str,
                                 int                start,
                                 int                len)
{
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (start >= 0);
  _dbus_assert (len >= 0);
521 522
  _dbus_assert (start <= real->len);
  _dbus_assert (len <= real->len - start);
523
  
524
  return (const char*) real->str + start;
525
}
526
#endif /* _dbus_string_get_const_data_len */
527

528 529
/* only do the function if we don't have the macro */
#ifndef _dbus_string_set_byte
530 531 532 533 534 535 536 537 538 539 540 541 542 543
/**
 * Sets the value of the byte at the given position.
 *
 * @param str the string
 * @param i the position
 * @param byte the new value
 */
void
_dbus_string_set_byte (DBusString    *str,
                       int            i,
                       unsigned char  byte)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (i < real->len);
544 545
  _dbus_assert (i >= 0);
  
546 547
  real->str[i] = byte;
}
548
#endif /* _dbus_string_set_byte */
549

550 551
/* only have the function if we didn't create a macro */
#ifndef _dbus_string_get_byte
552
/**
553 554 555
 * Gets the byte at the given position. It is
 * allowed to ask for the nul byte at the end of
 * the string.
556 557 558 559 560
 *
 * @param str the string
 * @param start the position
 * @returns the byte at that position
 */
561
unsigned char
562 563 564 565
_dbus_string_get_byte (const DBusString  *str,
                       int                start)
{
  DBUS_CONST_STRING_PREAMBLE (str);
566
  _dbus_assert (start <= real->len);
567 568
  _dbus_assert (start >= 0);
  
569 570
  return real->str[start];
}
571
#endif /* _dbus_string_get_byte */
572

573
/**
574 575
 * Inserts a number of bytes of a given value at the
 * given position.
576 577 578
 *
 * @param str the string
 * @param i the position
579
 * @param n_bytes number of bytes
580 581 582 583
 * @param byte the value to insert
 * @returns #TRUE on success
 */
dbus_bool_t
584 585 586 587
_dbus_string_insert_bytes (DBusString   *str,
			   int           i,
			   int           n_bytes,
			   unsigned char byte)
588 589 590
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (i <= real->len);
591
  _dbus_assert (i >= 0);
592 593 594 595
  _dbus_assert (n_bytes >= 0);

  if (n_bytes == 0)
    return TRUE;
596
  
597
  if (!open_gap (n_bytes, real, i))
598 599
    return FALSE;
  
600
  memset (real->str + i, byte, n_bytes);
601 602 603 604

  return TRUE;
}

605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629
/**
 * Inserts a single byte at the given position.
 *
 * @param str the string
 * @param i the position
 * @param byte the value to insert
 * @returns #TRUE on success
 */
dbus_bool_t
_dbus_string_insert_byte (DBusString   *str,
			   int           i,
			   unsigned char byte)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (i <= real->len);
  _dbus_assert (i >= 0);
  
  if (!open_gap (1, real, i))
    return FALSE;

  real->str[i] = byte;

  return TRUE;
}

630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645
/**
 * Like _dbus_string_get_data(), but removes the
 * gotten data from the original string. The caller
 * must free the data returned. This function may
 * fail due to lack of memory, and return #FALSE.
 *
 * @param str the string
 * @param data_return location to return the buffer
 * @returns #TRUE on success
 */
dbus_bool_t
_dbus_string_steal_data (DBusString        *str,
                         char             **data_return)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (data_return != NULL);
646 647

  undo_alignment (real);
648
  
649
  *data_return = (char*) real->str;
650 651

  /* reset the string */
652
  if (!_dbus_string_init (str))
653 654
    {
      /* hrm, put it back then */
655
      real->str = (unsigned char*) *data_return;
656
      *data_return = NULL;
657
      fixup_alignment (real);
658 659 660 661 662 663
      return FALSE;
    }

  return TRUE;
}

664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686
/**
 * Copies the data from the string into a char*
 *
 * @param str the string
 * @param data_return place to return the data
 * @returns #TRUE on success, #FALSE on no memory
 */
dbus_bool_t
_dbus_string_copy_data (const DBusString  *str,
                        char             **data_return)
{
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (data_return != NULL);
  
  *data_return = dbus_malloc (real->len + 1);
  if (*data_return == NULL)
    return FALSE;

  memcpy (*data_return, real->str, real->len + 1);

  return TRUE;
}

687
/**
688 689 690
 * Copies the contents of a DBusString into a different buffer. It is
 * a bug if avail_len is too short to hold the string contents. nul
 * termination is not copied, just the supplied bytes.
691 692 693 694 695 696 697 698 699 700 701 702 703
 * 
 * @param str a string
 * @param buffer a C buffer to copy data to
 * @param avail_len maximum length of C buffer
 */
void
_dbus_string_copy_to_buffer (const DBusString  *str,
			     char              *buffer,
			     int                avail_len)
{
  DBUS_CONST_STRING_PREAMBLE (str);

  _dbus_assert (avail_len >= 0);
704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723
  _dbus_assert (avail_len >= real->len);
  
  memcpy (buffer, real->str, real->len);
}

/**
 * Copies the contents of a DBusString into a different buffer. It is
 * a bug if avail_len is too short to hold the string contents plus a
 * nul byte. 
 * 
 * @param str a string
 * @param buffer a C buffer to copy data to
 * @param avail_len maximum length of C buffer
 */
void
_dbus_string_copy_to_buffer_with_nul (const DBusString  *str,
                                      char              *buffer,
                                      int                avail_len)
{
  DBUS_CONST_STRING_PREAMBLE (str);
724

725 726 727 728
  _dbus_assert (avail_len >= 0);
  _dbus_assert (avail_len > real->len);
  
  memcpy (buffer, real->str, real->len+1);
729 730
}

731 732
/* Only have the function if we don't have the macro */
#ifndef _dbus_string_get_length
733 734 735 736 737 738 739 740 741 742 743 744
/**
 * Gets the length of a string (not including nul termination).
 *
 * @returns the length.
 */
int
_dbus_string_get_length (const DBusString  *str)
{
  DBUS_CONST_STRING_PREAMBLE (str);
  
  return real->len;
}
745
#endif /* !_dbus_string_get_length */
746 747 748 749 750 751 752

/**
 * Makes a string longer by the given number of bytes.  Checks whether
 * adding additional_length to the current length would overflow an
 * integer, and checks for exceeding a string's max length.
 * The new bytes are not initialized, other than nul-terminating
 * the end of the string. The uninitialized bytes may contain
753
 * nul bytes or other junk.
754 755 756 757 758 759 760 761 762 763 764
 *
 * @param str a string
 * @param additional_length length to add to the string.
 * @returns #TRUE on success.
 */
dbus_bool_t
_dbus_string_lengthen (DBusString *str,
                       int         additional_length)
{
  DBUS_STRING_PREAMBLE (str);  
  _dbus_assert (additional_length >= 0);
765

766
  if (_DBUS_UNLIKELY (additional_length > _DBUS_STRING_MAX_LENGTH - real->len))
767
    return FALSE; /* would overflow */
768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810
  
  return set_length (real,
                     real->len + additional_length);
}

/**
 * Makes a string shorter by the given number of bytes.
 *
 * @param str a string
 * @param length_to_remove length to remove from the string.
 */
void
_dbus_string_shorten (DBusString *str,
                      int         length_to_remove)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (length_to_remove >= 0);
  _dbus_assert (length_to_remove <= real->len);

  set_length (real,
              real->len - length_to_remove);
}

/**
 * Sets the length of a string. Can be used to truncate or lengthen
 * the string. If the string is lengthened, the function may fail and
 * return #FALSE. Newly-added bytes are not initialized, as with
 * _dbus_string_lengthen().
 *
 * @param str a string
 * @param length new length of the string.
 * @returns #FALSE on failure.
 */
dbus_bool_t
_dbus_string_set_length (DBusString *str,
                         int         length)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (length >= 0);

  return set_length (real, length);
}

811
static dbus_bool_t
812 813 814 815
align_insert_point_then_open_gap (DBusString *str,
                                  int        *insert_at_p,
                                  int         alignment,
                                  int         gap_size)
816
{
817
  unsigned long new_len; /* ulong to avoid _DBUS_ALIGN_VALUE overflow */
818 819
  unsigned long gap_pos;
  int insert_at;
820 821 822
  int delta;
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (alignment >= 1);
823
  _dbus_assert (alignment <= 8); /* it has to be a bug if > 8 */
824

825 826 827 828 829 830 831
  insert_at = *insert_at_p;

  _dbus_assert (insert_at <= real->len);
  
  gap_pos = _DBUS_ALIGN_VALUE (insert_at, alignment);
  new_len = real->len + (gap_pos - insert_at) + gap_size;
  
832
  if (_DBUS_UNLIKELY (new_len > (unsigned long) _DBUS_STRING_MAX_LENGTH))
833 834
    return FALSE;
  
835 836 837
  delta = new_len - real->len;
  _dbus_assert (delta >= 0);

838 839 840 841 842
  if (delta == 0) /* only happens if gap_size == 0 and insert_at is aligned already */
    {
      _dbus_assert (((unsigned long) *insert_at_p) == gap_pos);
      return TRUE;
    }
843

844 845
  if (_DBUS_UNLIKELY (!open_gap (new_len - real->len,
                                 real, insert_at)))
846 847
    return FALSE;

848 849
  /* nul the padding if we had to add any padding */
  if (gap_size < delta)
850
    {
851 852
      memset (&real->str[insert_at], '\0',
              gap_pos - insert_at);
853
    }
854 855 856

  *insert_at_p = gap_pos;
  
857 858 859
  return TRUE;
}

860 861 862 863 864 865 866 867 868 869 870 871 872 873
static dbus_bool_t
align_length_then_lengthen (DBusString *str,
                            int         alignment,
                            int         then_lengthen_by)
{
  int insert_at;

  insert_at = _dbus_string_get_length (str);
  
  return align_insert_point_then_open_gap (str,
                                           &insert_at,
                                           alignment, then_lengthen_by);
}

874 875 876 877 878 879 880 881 882 883 884 885 886 887 888
/**
 * Align the length of a string to a specific alignment (typically 4 or 8)
 * by appending nul bytes to the string.
 *
 * @param str a string
 * @param alignment the alignment
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_align_length (DBusString *str,
                           int         alignment)
{
  return align_length_then_lengthen (str, alignment, 0);
}

889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908
/**
 * Preallocate extra_bytes such that a future lengthening of the
 * string by extra_bytes is guaranteed to succeed without an out of
 * memory error.
 *
 * @param str a string
 * @param extra_bytes bytes to alloc
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_alloc_space (DBusString        *str,
                          int                extra_bytes)
{
  if (!_dbus_string_lengthen (str, extra_bytes))
    return FALSE;
  _dbus_string_shorten (str, extra_bytes);

  return TRUE;
}

909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937
static dbus_bool_t
append (DBusRealString *real,
        const char     *buffer,
        int             buffer_len)
{
  if (buffer_len == 0)
    return TRUE;

  if (!_dbus_string_lengthen ((DBusString*)real, buffer_len))
    return FALSE;

  memcpy (real->str + (real->len - buffer_len),
          buffer,
          buffer_len);

  return TRUE;
}

/**
 * Appends a nul-terminated C-style string to a DBusString.
 *
 * @param str the DBusString
 * @param buffer the nul-terminated characters to append
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_append (DBusString *str,
                     const char *buffer)
{
938
  unsigned long buffer_len;
939 940 941 942 943
  
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (buffer != NULL);
  
  buffer_len = strlen (buffer);
944
  if (buffer_len > (unsigned long) _DBUS_STRING_MAX_LENGTH)
945 946
    return FALSE;
  
947 948 949
  return append (real, buffer, buffer_len);
}

950 951 952
/** assign 2 bytes from one string to another */
#define ASSIGN_2_OCTETS(p, octets) \
  *((dbus_uint16_t*)(p)) = *((dbus_uint16_t*)(octets));
953

954
/** assign 4 bytes from one string to another */
955 956 957
#define ASSIGN_4_OCTETS(p, octets) \
  *((dbus_uint32_t*)(p)) = *((dbus_uint32_t*)(octets));

958
/** assign 8 bytes from one string to another */
959 960 961
#define ASSIGN_8_OCTETS(p, octets) \
  *((dbus_uint64_t*)(p)) = *((dbus_uint64_t*)(octets));

962 963 964 965 966 967 968 969 970 971 972 973
/**
 * Inserts 2 bytes aligned on a 2 byte boundary
 * with any alignment padding initialized to 0.
 *
 * @param str the DBusString
 * @param insert_at where to insert
 * @param octets 2 bytes to insert
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_2_aligned (DBusString         *str,
                               int                 insert_at,
Chengwei Yang's avatar
Chengwei Yang committed
974
                               const unsigned char octets[2])
975 976 977 978 979 980 981 982 983 984 985
{
  DBUS_STRING_PREAMBLE (str);
  
  if (!align_insert_point_then_open_gap (str, &insert_at, 2, 2))
    return FALSE;

  ASSIGN_2_OCTETS (real->str + insert_at, octets);

  return TRUE;
}

986 987 988 989 990
/**
 * Inserts 4 bytes aligned on a 4 byte boundary
 * with any alignment padding initialized to 0.
 *
 * @param str the DBusString
991
 * @param insert_at where to insert
992 993 994 995 996 997 998 999
 * @param octets 4 bytes to insert
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_4_aligned (DBusString         *str,
                               int                 insert_at,
                               const unsigned char octets[4])
{
1000 1001
  DBUS_STRING_PREAMBLE (str);
  
1002
  if (!align_insert_point_then_open_gap (str, &insert_at, 4, 4))
1003 1004
    return FALSE;

1005 1006 1007 1008 1009 1010 1011 1012 1013 1014
  ASSIGN_4_OCTETS (real->str + insert_at, octets);

  return TRUE;
}

/**
 * Inserts 8 bytes aligned on an 8 byte boundary
 * with any alignment padding initialized to 0.
 *
 * @param str the DBusString
1015
 * @param insert_at where to insert
1016 1017 1018 1019 1020 1021 1022 1023 1024
 * @param octets 8 bytes to insert
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_8_aligned (DBusString         *str,
                               int                 insert_at,
                               const unsigned char octets[8])
{
  DBUS_STRING_PREAMBLE (str);
1025
  
1026 1027 1028
  if (!align_insert_point_then_open_gap (str, &insert_at, 8, 8))
    return FALSE;

1029 1030
  _dbus_assert (_DBUS_ALIGN_VALUE (insert_at, 8) == (unsigned) insert_at);
  
1031
  ASSIGN_8_OCTETS (real->str + insert_at, octets);
1032 1033 1034 1035

  return TRUE;
}

1036 1037 1038 1039 1040 1041 1042 1043

/**
 * Inserts padding at *insert_at such to align it to the given
 * boundary. Initializes the padding to nul bytes. Sets *insert_at
 * to the aligned position.
 *
 * @param str the DBusString
 * @param insert_at location to be aligned
1044
 * @param alignment alignment boundary (1, 2, 4, or 8)
1045 1046 1047 1048 1049 1050 1051 1052 1053
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_alignment (DBusString        *str,
                               int               *insert_at,
                               int                alignment)
{
  DBUS_STRING_PREAMBLE (str);
  
1054
  if (!align_insert_point_then_open_gap (str, insert_at, alignment, 0))
1055 1056
    return FALSE;

1057
  _dbus_assert (_DBUS_ALIGN_VALUE (*insert_at, alignment) == (unsigned) *insert_at);
1058 1059 1060 1061

  return TRUE;
}

1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075
/**
 * Appends a printf-style formatted string
 * to the #DBusString.
 *
 * @param str the string
 * @param format printf format
 * @param args variable argument list
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_append_printf_valist  (DBusString        *str,
                                    const char        *format,
                                    va_list            args)
{
1076
  dbus_bool_t ret = FALSE;
1077
  int len;
1078
  va_list args_copy;
1079

1080
  DBUS_STRING_PREAMBLE (str);
1081 1082 1083

  DBUS_VA_COPY (args_copy, args);

1084
  /* Measure the message length without terminating nul */
John Palmieri's avatar
John Palmieri committed
1085
  len = _dbus_printf_string_upper_bound (format, args);
1086

1087
  if (len < 0)
1088
    goto out;
1089

1090
  if (!_dbus_string_lengthen (str, len))
1091
    {
1092
      goto out;
1093 1094
    }
  
1095
  vsprintf ((char*) (real->str + (real->len - len)),
1096
            format, args_copy);
1097
  ret = TRUE;
1098

1099
out:
1100
  va_end (args_copy);
1101

1102
  return ret;
1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127
}

/**
 * Appends a printf-style formatted string
 * to the #DBusString.
 *
 * @param str the string
 * @param format printf format
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_append_printf (DBusString        *str,
                            const char        *format,
                            ...)
{
  va_list args;
  dbus_bool_t retval;
  
  va_start (args, format);
  retval = _dbus_string_append_printf_valist (str, format, args);
  va_end (args);

  return retval;
}

1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199
/**
 * Appends block of bytes with the given length to a DBusString.
 *
 * @param str the DBusString
 * @param buffer the bytes to append
 * @param len the number of bytes to append
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_append_len (DBusString *str,
                         const char *buffer,
                         int         len)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (buffer != NULL);
  _dbus_assert (len >= 0);

  return append (real, buffer, len);
}

/**
 * Appends a single byte to the string, returning #FALSE
 * if not enough memory.
 *
 * @param str the string
 * @param byte the byte to append
 * @returns #TRUE on success
 */
dbus_bool_t
_dbus_string_append_byte (DBusString    *str,
                          unsigned char  byte)
{
  DBUS_STRING_PREAMBLE (str);

  if (!set_length (real, real->len + 1))
    return FALSE;

  real->str[real->len-1] = byte;

  return TRUE;
}

static void
delete (DBusRealString *real,
        int             start,
        int             len)
{
  if (len == 0)
    return;
  
  memmove (real->str + start, real->str + start + len, real->len - (start + len));
  real->len -= len;
  real->str[real->len] = '\0';
}

/**
 * Deletes a segment of a DBusString with length len starting at
 * start. (Hint: to clear an entire string, setting length to 0
 * with _dbus_string_set_length() is easier.)
 *
 * @param str the DBusString
 * @param start where to start deleting
 * @param len the number of bytes to delete
 */
void
_dbus_string_delete (DBusString       *str,
                     int               start,
                     int               len)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (start >= 0);
  _dbus_assert (len >= 0);
1200 1201
  _dbus_assert (start <= real->len);
  _dbus_assert (len <= real->len - start);
1202
  
1203 1204 1205
  delete (real, start, len);
}

1206 1207 1208 1209 1210 1211 1212
static dbus_bool_t
copy (DBusRealString *source,
      int             start,
      int             len,
      DBusRealString *dest,
      int             insert_at)
{
1213 1214 1215
  if (len == 0)
    return TRUE;

1216 1217
  if (!open_gap (len, dest, insert_at))
    return FALSE;
1218
  
1219 1220 1221
  memmove (dest->str + insert_at,
           source->str + start,
           len);
1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263

  return TRUE;
}

/**
 * Checks assertions for two strings we're copying a segment between,
 * and declares real_source/real_dest variables.
 *
 * @param source the source string
 * @param start the starting offset
 * @param dest the dest string
 * @param insert_at where the copied segment is inserted
 */
#define DBUS_STRING_COPY_PREAMBLE(source, start, dest, insert_at)       \
  DBusRealString *real_source = (DBusRealString*) source;               \
  DBusRealString *real_dest = (DBusRealString*) dest;                   \
  _dbus_assert ((source) != (dest));                                    \
  DBUS_GENERIC_STRING_PREAMBLE (real_source);                           \
  DBUS_GENERIC_STRING_PREAMBLE (real_dest);                             \
  _dbus_assert (!real_dest->constant);                                  \
  _dbus_assert (!real_dest->locked);                                    \
  _dbus_assert ((start) >= 0);                                          \
  _dbus_assert ((start) <= real_source->len);                           \
  _dbus_assert ((insert_at) >= 0);                                      \
  _dbus_assert ((insert_at) <= real_dest->len)

/**
 * Moves the end of one string into another string. Both strings
 * must be initialized, valid strings.
 *
 * @param source the source string
 * @param start where to chop off the source string
 * @param dest the destination string
 * @param insert_at where to move the chopped-off part of source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_move (DBusString       *source,
                   int               start,
                   DBusString       *dest,
                   int               insert_at)
{
1264 1265
  DBusRealString *real_source = (DBusRealString*) source;
  _dbus_assert (start <= real_source->len);
1266
  
1267 1268 1269
  return _dbus_string_move_len (source, start,
                                real_source->len - start,
                                dest, insert_at);
1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298
}

/**
 * Like _dbus_string_move(), but does not delete the section
 * of the source string that's copied to the dest string.
 *
 * @param source the source string
 * @param start where to start copying the source string
 * @param dest the destination string
 * @param insert_at where to place the copied part of source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_copy (const DBusString *source,
                   int               start,
                   DBusString       *dest,
                   int               insert_at)
{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, insert_at);

  return copy (real_source, start,
               real_source->len - start,
               real_dest,
               insert_at);
}

/**
 * Like _dbus_string_move(), but can move a segment from
 * the middle of the source string.
1299
 *
1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319
 * @param source the source string
 * @param start first byte of source string to move
 * @param len length of segment to move
 * @param dest the destination string
 * @param insert_at where to move the bytes from the source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_move_len (DBusString       *source,
                       int               start,
                       int               len,
                       DBusString       *dest,
                       int               insert_at)

{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, insert_at);
  _dbus_assert (len >= 0);
  _dbus_assert ((start + len) <= real_source->len);


1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341
  if (len == 0)
    {
      return TRUE;
    }
  else if (start == 0 &&
           len == real_source->len &&
           real_dest->len == 0)
    {
      /* Short-circuit moving an entire existing string to an empty string
       * by just swapping the buffers.
       */
      /* we assume ->constant doesn't matter as you can't have
       * a constant string involved in a move.
       */
#define ASSIGN_DATA(a, b) do {                  \
        (a)->str = (b)->str;                    \
        (a)->len = (b)->len;                    \
        (a)->allocated = (b)->allocated;        \
        (a)->align_offset = (b)->align_offset;  \
      } while (0)
      
      DBusRealString tmp;
1342

1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360
      ASSIGN_DATA (&tmp, real_source);
      ASSIGN_DATA (real_source, real_dest);
      ASSIGN_DATA (real_dest, &tmp);

      return TRUE;
    }
  else
    {
      if (!copy (real_source, start, len,
                 real_dest,
                 insert_at))
        return FALSE;
      
      delete (real_source, start,
              len);
      
      return TRUE;
    }
1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382
}

/**
 * Like _dbus_string_copy(), but can copy a segment from the middle of
 * the source string.
 *
 * @param source the source string
 * @param start where to start copying the source string
 * @param len length of segment to copy
 * @param dest the destination string
 * @param insert_at where to place the copied segment of source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_copy_len (const DBusString *source,
                       int               start,
                       int               len,
                       DBusString       *dest,
                       int               insert_at)
{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, insert_at);
  _dbus_assert (len >= 0);
1383 1384
  _dbus_assert (start <= real_source->len);
  _dbus_assert (len <= real_source->len - start);
1385 1386 1387 1388 1389 1390
  
  return copy (real_source, start, len,
               real_dest,
               insert_at);
}

1391 1392 1393 1394 1395 1396 1397 1398 1399 1400 1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412
/**
 * Replaces a segment of dest string with a segment of source string.
 *
 * @param source the source string
 * @param start where to start copying the source string
 * @param len length of segment to copy
 * @param dest the destination string
 * @param replace_at start of segment of dest string to replace
 * @param replace_len length of segment of dest string to replace
 * @returns #FALSE if not enough memory
 *
 */
dbus_bool_t
_dbus_string_replace_len (const DBusString *source,
                          int               start,
                          int               len,
                          DBusString       *dest,
                          int               replace_at,
                          int               replace_len)
{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, replace_at);
  _dbus_assert (len >= 0);
1413 1414
  _dbus_assert (start <= real_source->len);
  _dbus_assert (len <= real_source->len - start);
1415
  _dbus_assert (replace_at >= 0);
1416 1417
  _dbus_assert (replace_at <= real_dest->len);
  _dbus_assert (replace_len <= real_dest->len - replace_at);
1418

1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445
  if (len == replace_len)
    {
      memmove (real_dest->str + replace_at,
               real_source->str + start, len);
    }
  else if (len < replace_len)
    {
      memmove (real_dest->str + replace_at,
               real_source->str + start, len);
      delete (real_dest, replace_at + len,
              replace_len - len);
    }
  else
    {
      int diff;

      _dbus_assert (len > replace_len);

      diff = len - replace_len;

      /* First of all we check if destination string can be enlarged as
       * required, then we overwrite previous bytes
       */

      if (!copy (real_source, start + replace_len, diff,
                 real_dest, replace_at + replace_len))
        return FALSE;
1446

1447 1448 1449
      memmove (real_dest->str + replace_at,
               real_source->str + start, replace_len);
    }
1450 1451 1452 1453

  return TRUE;
}

1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495
/**
 * Looks for the first occurance of a byte, deletes that byte,
 * and moves everything after the byte to the beginning of a
 * separate string.  Both strings must be initialized, valid
 * strings.
 *
 * @param source the source string
 * @param byte the byte to remove and split the string at
 * @param tail the split off string
 * @returns #FALSE if not enough memory or if byte could not be found
 *
 */
dbus_bool_t
_dbus_string_split_on_byte (DBusString        *source,
                            unsigned char      byte,
                            DBusString        *tail)
{
  int byte_position;
  char byte_string[2] = "";
  int head_length;
  int tail_length;

  byte_string[0] = (char) byte;

  if (!_dbus_string_find (source, 0, byte_string, &byte_position))
    return FALSE;

  head_length = byte_position;
  tail_length = _dbus_string_get_length (source) - head_length - 1;

  if (!_dbus_string_move_len (source, byte_position + 1, tail_length,
                              tail, 0))
    return FALSE;

  /* remove the trailing delimiter byte from the head now.
   */
  if (!_dbus_string_set_length (source, head_length))
    return FALSE;

  return TRUE;
}

1496 1497 1498
/* Unicode macros and utf8_validate() from GLib Owen Taylor, Havoc
 * Pennington, and Tom Tromey are the authors and authorized relicense.
 */
1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535

/** computes length and mask of a unicode character
 * @param Char the char
 * @param Mask the mask variable to assign to
 * @param Len the length variable to assign to
 */
#define UTF8_COMPUTE(Char, Mask, Len)					      \
  if (Char < 128)							      \
    {									      \
      Len = 1;								      \
      Mask = 0x7f;							      \
    }									      \
  else if ((Char & 0xe0) == 0xc0)					      \
    {									      \
      Len = 2;								      \
      Mask = 0x1f;							      \
    }									      \
  else if ((Char & 0xf0) == 0xe0)					      \
    {									      \
      Len = 3;								      \
      Mask = 0x0f;							      \
    }									      \
  else if ((Char & 0xf8) == 0xf0)					      \
    {									      \
      Len = 4;								      \
      Mask = 0x07;							      \
    }									      \
  else if ((Char & 0xfc) == 0xf8)					      \
    {									      \
      Len = 5;								      \
      Mask = 0x03;							      \
    }									      \
  else if ((Char & 0xfe) == 0xfc)					      \
    {									      \
      Len = 6;								      \
      Mask = 0x01;							      \
    }									      \
1536 1537 1538 1539 1540
  else                                                                        \
    {                                                                         \
      Len = 0;                                                               \
      Mask = 0;                                                               \
    }
1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575

/**
 * computes length of a unicode character in UTF-8
 * @param Char the char
 */
#define UTF8_LENGTH(Char)              \
  ((Char) < 0x80 ? 1 :                 \
   ((Char) < 0x800 ? 2 :               \
    ((Char) < 0x10000 ? 3 :            \
     ((Char) < 0x200000 ? 4 :          \
      ((Char) < 0x4000000 ? 5 : 6)))))
   
/**
 * Gets a UTF-8 value.
 *
 * @param Result variable for extracted unicode char.
 * @param Chars the bytes to decode
 * @param Count counter variable
 * @param Mask mask for this char
 * @param Len length for this char in bytes
 */
#define UTF8_GET(Result, Chars, Count, Mask, Len)			      \
  (Result) = (Chars)[0] & (Mask);					      \
  for ((Count) = 1; (Count) < (Len); ++(Count))				      \
    {									      \
      if (((Chars)[(Count)] & 0xc0) != 0x80)				      \
	{								      \
	  (Result) = -1;						      \
	  break;							      \
	}								      \
      (Result) <<= 6;							      \
      (Result) |= ((Chars)[(Count)] & 0x3f);				      \
    }

/**
1576 1577 1578 1579 1580 1581 1582
 * Check whether a Unicode (5.2) char is in a valid range.
 *
 * The first check comes from the Unicode guarantee to never encode
 * a point above 0x0010ffff, since UTF-16 couldn't represent it.
 *
 * The second check covers surrogate pairs (category Cs).
 *
1583 1584 1585 1586
 * @param Char the character
 */
#define UNICODE_VALID(Char)                   \
    ((Char) < 0x110000 &&                     \
1587
     (((Char) & 0xFFFFF800) != 0xD800))
1588

1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608
/**
 * Finds the given substring in the string,
 * returning #TRUE and filling in the byte index
 * where the substring was found, if it was found.
 * Returns #FALSE if the substring wasn't found.
 * Sets *start to the length of the string if the substring
 * is not found.
 *
 * @param str the string
 * @param start where to start looking
 * @param substr the substring
 * @param found return location for where it was found, or #NULL
 * @returns #TRUE if found
 */
dbus_bool_t
_dbus_string_find (const DBusString *str,
                   int               start,
                   const char       *substr,
                   int              *found)
{
1609 1610 1611
  return _dbus_string_find_to (str, start,
                               ((const DBusRealString*)str)->len,
                               substr, found);
1612 1613
}

1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627
/**
 * Finds end of line ("\r\n" or "\n") in the string,
 * returning #TRUE and filling in the byte index
 * where the eol string was found, if it was found.
 * Returns #FALSE if eol wasn't found.
 *
 * @param str the string
 * @param start where to start looking
 * @param found return location for where eol was found or string length otherwise
 * @param found_len return length of found eol string or zero otherwise
 * @returns #TRUE if found
 */
dbus_bool_t
_dbus_string_find_eol (const DBusString *str,
1628 1629 1630
                       int               start,
                       int              *found,
                       int              *found_len)
1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666
{
  int i;

  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (start <= real->len);
  _dbus_assert (start >= 0);
  
  i = start;
  while (i < real->len)
    {
      if (real->str[i] == '\r') 
        {
          if ((i+1) < real->len && real->str[i+1] == '\n') /* "\r\n" */
            {
              if (found) 
                *found = i;
              if (found_len)
                *found_len = 2;
              return TRUE;
            } 
          else /* only "\r" */
            {
              if (found) 
                *found = i;
              if (found_len)
                *found_len = 1;
              return TRUE;
            }
        } 
      else if (real->str[i] == '\n')  /* only "\n" */
        {
          if (found) 
            *found = i;
          if (found_len)
            *found_len = 1;
          return TRUE;
1667
        }
1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679
      ++i;
    }

  if (found)
    *found = real->len;

  if (found_len)
    *found_len = 0;
  
  return FALSE;
}

1680 1681 1682 1683 1684 1685 1686 1687 1688 1689 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706
/**
 * Finds the given substring in the string,
 * up to a certain position,
 * returning #TRUE and filling in the byte index
 * where the substring was found, if it was found.
 * Returns #FALSE if the substring wasn't found.
 * Sets *start to the length of the string if the substring
 * is not found.
 *
 * @param str the string
 * @param start where to start looking
 * @param end where to stop looking
 * @param substr the substring
 * @param found return location for where it was found, or #NULL
 * @returns #TRUE if found
 */
dbus_bool_t
_dbus_string_find_to (const DBusString *str,
		      int               start,
		      int               end,
		      const char       *substr,
		      int              *found)
{
  int i;
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (substr != NULL);
  _dbus_assert (start <= real->len);
1707 1708
  _dbus_assert (start >= 0);
  _dbus_assert (substr != NULL);
1709
  _dbus_assert (end <= real->len);
1710
  _dbus_assert (start <= end);
1711 1712 1713 1714 1715

  /* we always "find" an empty string */
  if (*substr == '\0')
    {
      if (found)
1716
        *found = start;
1717 1718 1719 1720
      return TRUE;
    }

  i = start;
1721
  while (i < end)
1722 1723 1724 1725 1726
    {
      if (real->str[i] == substr[0])
        {
          int j = i + 1;
          
1727
          while (j < end)
1728 1729 1730 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753
            {
              if (substr[j - i] == '\0')
                break;
              else if (real->str[j] != substr[j - i])
                break;
              
              ++j;
            }

          if (substr[j - i] == '\0')
            {
              if (found)
                *found = i;
              return TRUE;
            }
        }
      
      ++i;
    }

  if (found)
    *found = end;
  
  return FALSE;  
}

1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771
/**
 * Finds a blank (space or tab) in the string. Returns #TRUE
 * if found, #FALSE otherwise. If a blank is not found sets
 * *found to the length of the string.
 *
 * @param str the string
 * @param start byte index to start looking
 * @param found place to store the location of the first blank
 * @returns #TRUE if a blank was found
 */
dbus_bool_t
_dbus_string_find_blank (const DBusString *str,
                         int               start,
                         int              *found)
{
  int i;
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (start <= real->len);
1772
  _dbus_assert (start >= 0);
1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795
  
  i = start;
  while (i < real->len)
    {
      if (real->str[i] == ' ' ||
          real->str[i] == '\t')
        {
          if (found)
            *found = i;
          return TRUE;
        }
      
      ++i;
    }

  if (found)
    *found = real->len;
  
  return FALSE;
}

/**
 * Skips blanks from start, storing the first non-blank in *end
1796
 * (blank is space or tab).
1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809
 *
 * @param str the string
 * @param start where to start
 * @param end where to store the first non-blank byte index
 */
void
_dbus_string_skip_blank (const DBusString *str,
                         int               start,
                         int              *end)
{
  int i;
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (start <= real->len);
1810
  _dbus_assert (start >= 0);
1811 1812 1813 1814
  
  i = start;
  while (i < real->len)
    {
1815
      if (!DBUS_IS_ASCII_BLANK (real->str[i]))
1816 1817 1818 1819 1820
        break;
      
      ++i;
    }

1821
  _dbus_assert (i == real->len || !DBUS_IS_ASCII_WHITE (real->str[i]));
1822
  
1823 1824 1825 1826
  if (end)
    *end = i;
}

1827 1828 1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 1851 1852 1853 1854 1855 1856 1857 1858 1859 1860 1861 1862 1863 1864 1865 1866 1867 1868 1869 1870 1871 1872 1873 1874 1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892

/**
 * Skips whitespace from start, storing the first non-whitespace in *end.
 * (whitespace is space, tab, newline, CR).
 *
 * @param str the string
 * @param start where to start
 * @param end where to store the first non-whitespace byte index
 */
void
_dbus_string_skip_white (const DBusString *str,
                         int               start,
                         int              *end)
{
  int i;
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (start <= real->len);
  _dbus_assert (start >= 0);
  
  i = start;
  while (i < real->len)
    {
      if (!DBUS_IS_ASCII_WHITE (real->str[i]))
        break;
      
      ++i;
    }

  _dbus_assert (i == real->len || !(DBUS_IS_ASCII_WHITE (real->str[i])));
  
  if (end)
    *end = i;
}

/**
 * Skips whitespace from end, storing the start index of the trailing
 * whitespace in *start. (whitespace is space, tab, newline, CR).
 *
 * @param str the string
 * @param end where to start scanning backward
 * @param start where to store the start of whitespace chars
 */
void
_dbus_string_skip_white_reverse (const DBusString *str,
                                 int               end,
                                 int              *start)
{
  int i;
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (end <= real->len);
  _dbus_assert (end >= 0);
  
  i = end;
  while (i > 0)
    {
      if (!DBUS_IS_ASCII_WHITE (real->str[i-1]))
        break;
      --i;
    }

  _dbus_assert (i >= 0 && (i == 0 || !(DBUS_IS_ASCII_WHITE (real->str[i-1]))));
  
  if (start)
    *start = i;
}

1893
/**
1894
 * Assigns a newline-terminated or \\r\\n-terminated line from the front
1895 1896 1897
 * of the string to the given dest string. The dest string's previous
 * contents are deleted. If the source string contains no newline,
 * moves the entire source string to the dest string.
1898 1899 1900 1901
 *
 * @todo owen correctly notes that this is a stupid function (it was
 * written purely for test code,
 * e.g. dbus-message-builder.c). Probably should be enforced as test
1902
 * code only with ifdef DBUS_ENABLE_EMBEDDED_TESTS
1903 1904 1905 1906 1907 1908 1909 1910 1911
 * 
 * @param source the source string
 * @param dest the destination string (contents are replaced)
 * @returns #FALSE if no memory, or source has length 0
 */
dbus_bool_t
_dbus_string_pop_line (DBusString *source,
                       DBusString *dest)
{
1912
  int eol, eol_len;
1913 1914 1915 1916
  
  _dbus_string_set_length (dest, 0);
  
  eol = 0;
1917
  eol_len = 0;
1918
  if (!_dbus_string_find_eol (source, 0, &eol, &eol_len))
1919 1920 1921 1922 1923 1924 1925 1926 1927
    {
      _dbus_assert (eol == _dbus_string_get_length (source));
      if (eol == 0)
        {
          /* If there's no newline and source has zero length, we're done */
          return FALSE;
        }
      /* otherwise, the last line of the file has no eol characters */
    }
1928

1929 1930