dbus-string.c 70.4 KB
Newer Older
1
/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
John Palmieri's avatar
John Palmieri committed
2
/* dbus-string.c String utility class (internal to D-Bus implementation)
3
 * 
4
 * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc.
5
 * Copyright (C) 2006 Ralf Habacker <ralf.habacker@freenet.de>
6
 *
7
 * Licensed under the Academic Free License version 2.1
8 9 10 11 12 13 14 15 16 17 18 19 20
 * 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
21
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
22 23 24
 *
 */

25
#include <config.h>
26
#include "dbus-internals.h"
27 28 29
#include "dbus-string.h"
/* we allow a system header here, for speed/convenience */
#include <string.h>
30 31
/* for vsnprintf */
#include <stdio.h>
32 33
#define DBUS_CAN_USE_DBUS_STRING_PRIVATE 1
#include "dbus-string-private.h"
34 35 36
#include "dbus-marshal-basic.h" /* probably should be removed by moving the usage of DBUS_TYPE
                                 * into the marshaling-related files
                                 */
37 38
/* for DBUS_VA_COPY */
#include "dbus-sysdeps.h"
39 40

/**
41
 * @defgroup DBusString DBusString class
42
 * @ingroup  DBusInternals
43
 * @brief DBusString data structure for safer string handling
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
 *
 * Types and functions related to DBusString. DBusString is intended
 * to be a string class that makes it hard to mess up security issues
 * (and just in general harder to write buggy code).  It should be
 * used (or extended and then used) rather than the libc stuff in
 * string.h.  The string class is a bit inconvenient at spots because
 * it handles out-of-memory failures and tries to be extra-robust.
 * 
 * A DBusString has a maximum length set at initialization time; this
 * can be used to ensure that a buffer doesn't get too big.  The
 * _dbus_string_lengthen() method checks for overflow, and for max
 * length being exceeded.
 * 
 * Try to avoid conversion to a plain C string, i.e. add methods on
 * the string object instead, only convert to C string when passing
 * things out to the public API. In particular, no sprintf, strcpy,
 * strcat, any of that should be used. The GString feature of
 * accepting negative numbers for "length of string" is also absent,
 * because it could keep us from detecting bogus huge lengths. i.e. if
 * we passed in some bogus huge length it would be taken to mean
 * "current length of string" instead of "broken crack"
65 66 67 68 69 70
 *
 * @todo #DBusString needs a lot of cleaning up; some of the
 * API is no longer used, and the API is pretty inconsistent.
 * In particular all the "append" APIs, especially those involving
 * alignment but probably lots of them, are no longer used by the
 * marshaling code which always does "inserts" now.
71 72 73 74 75 76 77
 */

/**
 * @addtogroup DBusString
 * @{
 */

78 79 80
static void
fixup_alignment (DBusRealString *real)
{
81 82
  unsigned char *aligned;
  unsigned char *real_block;
83 84 85
  unsigned int old_align_offset;

  /* we have to have extra space in real->allocated for the align offset and nul byte */
86
  _dbus_assert (real->len <= real->allocated - _DBUS_STRING_ALLOCATION_PADDING);
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
  
  old_align_offset = real->align_offset;
  real_block = real->str - old_align_offset;
  
  aligned = _DBUS_ALIGN_ADDRESS (real_block, 8);

  real->align_offset = aligned - real_block;
  real->str = aligned;
  
  if (old_align_offset != real->align_offset)
    {
      /* Here comes the suck */
      memmove (real_block + real->align_offset,
               real_block + old_align_offset,
               real->len + 1);
    }

  _dbus_assert (real->align_offset < 8);
  _dbus_assert (_DBUS_ALIGN_ADDRESS (real->str, 8) == real->str);
}
107

108 109 110 111 112 113 114 115 116 117
static void
undo_alignment (DBusRealString *real)
{
  if (real->align_offset != 0)
    {
      memmove (real->str - real->align_offset,
               real->str,
               real->len + 1);

      real->str = real->str - real->align_offset;
118
      real->align_offset = 0;
119 120 121
    }
}

122
/**
123 124 125
 * Initializes a string that can be up to the given allocation size
 * before it has to realloc. The string starts life with zero length.
 * The string must eventually be freed with _dbus_string_free().
Havoc Pennington's avatar
Havoc Pennington committed
126
 * 
127
 * @param str memory to hold the string
128
 * @param allocate_size amount to preallocate
129 130
 * @returns #TRUE on success, #FALSE if no memory
 */
131
dbus_bool_t
132 133
_dbus_string_init_preallocated (DBusString *str,
                                int         allocate_size)
134 135
{
  DBusRealString *real;
136 137 138

  _DBUS_STATIC_ASSERT (sizeof (DBusString) == sizeof (DBusRealString));

139 140 141 142 143 144 145 146 147 148
  _dbus_assert (str != NULL);

  real = (DBusRealString*) str;

  /* It's very important not to touch anything
   * other than real->str if we're going to fail,
   * since we also use this function to reset
   * an existing string, e.g. in _dbus_string_steal_data()
   */
  
149
  real->str = dbus_malloc (_DBUS_STRING_ALLOCATION_PADDING + allocate_size);
150
  if (real->str == NULL)
151 152
    return FALSE;  
  
153
  real->allocated = _DBUS_STRING_ALLOCATION_PADDING + allocate_size;
154 155 156 157 158
  real->len = 0;
  real->str[real->len] = '\0';
  
  real->constant = FALSE;
  real->locked = FALSE;
159
  real->valid = TRUE;
160 161 162
  real->align_offset = 0;
  
  fixup_alignment (real);
163
  
164 165 166
  return TRUE;
}

167 168 169 170 171 172 173 174 175 176 177 178 179
/**
 * Initializes a string. The string starts life with zero length.  The
 * string must eventually be freed with _dbus_string_free().
 * 
 * @param str memory to hold the string
 * @returns #TRUE on success, #FALSE if no memory
 */
dbus_bool_t
_dbus_string_init (DBusString *str)
{
  return _dbus_string_init_preallocated (str, 0);
}

180 181 182 183
/**
 * Initializes a constant string. The value parameter is not copied
 * (should be static), and the string may never be modified.
 * It is safe but not necessary to call _dbus_string_free()
184
 * on a const string. The string has a length limit of MAXINT - 8.
185 186 187 188 189 190 191
 * 
 * @param str memory to use for the string
 * @param value a string to be stored in str (not copied!!!)
 */
void
_dbus_string_init_const (DBusString *str,
                         const char *value)
192
{
193 194
  _dbus_assert (value != NULL);
  
195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212
  _dbus_string_init_const_len (str, value,
                               strlen (value));
}

/**
 * Initializes a constant string with a length. The value parameter is
 * not copied (should be static), and the string may never be
 * modified.  It is safe but not necessary to call _dbus_string_free()
 * on a const string.
 * 
 * @param str memory to use for the string
 * @param value a string to be stored in str (not copied!!!)
 * @param len the length to use
 */
void
_dbus_string_init_const_len (DBusString *str,
                             const char *value,
                             int         len)
213 214 215 216
{
  DBusRealString *real;
  
  _dbus_assert (str != NULL);
217
  _dbus_assert (len == 0 || value != NULL);
218
  _dbus_assert (len <= _DBUS_STRING_MAX_LENGTH);
219 220
  _dbus_assert (len >= 0);
  
221 222
  real = (DBusRealString*) str;
  
223
  real->str = (unsigned char*) value;
224
  real->len = len;
225
  real->allocated = real->len + _DBUS_STRING_ALLOCATION_PADDING; /* a lie, just to avoid special-case assertions... */
226
  real->constant = TRUE;
227
  real->locked = TRUE;
228
  real->valid = TRUE;
229
  real->align_offset = 0;
230 231 232 233

  /* We don't require const strings to be 8-byte aligned as the
   * memory is coming from elsewhere.
   */
234 235
}

236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252
/**
 * Initializes a string from another string. The
 * string must eventually be freed with _dbus_string_free().
 *
 * @param str memory to hold the string
 * @param from instance from which the string is initialized
 * @returns #TRUE on success, #FALSE if no memory
 */
dbus_bool_t
_dbus_string_init_from_string(DBusString       *str,
                              const DBusString *from)
{
 if (!_dbus_string_init (str))
     return FALSE;
 return _dbus_string_append (str, _dbus_string_get_const_data (from));
}

253
/**
254 255 256 257 258 259
 * Frees a string created by _dbus_string_init(), and fills it with the
 * same contents as #_DBUS_STRING_INIT_INVALID.
 *
 * Unlike all other #DBusString API, it is also valid to call this function
 * for a string that was filled with #_DBUS_STRING_INIT_INVALID.
 * This is convenient for error rollback.
260 261 262 263 264 265
 *
 * @param str memory where the string is stored.
 */
void
_dbus_string_free (DBusString *str)
{
266
  DBusRealString *real = (DBusRealString*) str;
267 268 269 270 271 272 273 274 275 276
  /* DBusRealString and DBusString have the same members in the same order,
   * just differently-named */
  DBusRealString invalid = _DBUS_STRING_INIT_INVALID;

  /* Allow for the _DBUS_STRING_INIT_INVALID case */
  if (real->str == NULL && real->len == 0 && real->allocated == 0 &&
      !real->constant && !real->locked && !real->valid &&
      real->align_offset == 0)
    return;

277
  DBUS_GENERIC_STRING_PREAMBLE (real);
278 279
  
  if (real->constant)
280
    goto wipe;
281 282 283 284 285 286

  /* so it's safe if @p str returned by a failed
   * _dbus_string_init call
   * Bug: https://bugs.freedesktop.org/show_bug.cgi?id=65959
   */
  if (real->str == NULL)
287
    goto wipe;
288

289
  dbus_free (real->str - real->align_offset);
290

291 292
wipe:
  *real = invalid;
293
  real->valid = FALSE;
294 295
}

296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321
static dbus_bool_t
compact (DBusRealString *real,
         int             max_waste)
{
  unsigned char *new_str;
  int new_allocated;
  int waste;

  waste = real->allocated - (real->len + _DBUS_STRING_ALLOCATION_PADDING);

  if (waste <= max_waste)
    return TRUE;

  new_allocated = real->len + _DBUS_STRING_ALLOCATION_PADDING;

  new_str = dbus_realloc (real->str - real->align_offset, new_allocated);
  if (_DBUS_UNLIKELY (new_str == NULL))
    return FALSE;

  real->str = new_str + real->align_offset;
  real->allocated = new_allocated;
  fixup_alignment (real);

  return TRUE;
}

322
#ifdef DBUS_ENABLE_EMBEDDED_TESTS
323
/* Not using this feature at the moment,
324
 * so marked DBUS_ENABLE_EMBEDDED_TESTS-only
325
 */
326
/**
327 328 329 330 331
 * Locks a string such that any attempts to change the string will
 * result in aborting the program. Also, if the string is wasting a
 * lot of memory (allocation is sufficiently larger than what the
 * string is really using), _dbus_string_lock() will realloc the
 * string's data to "compact" it.
332 333 334 335 336 337 338 339 340 341 342 343 344
 *
 * @param str the string to lock.
 */
void
_dbus_string_lock (DBusString *str)
{  
  DBUS_LOCKED_STRING_PREAMBLE (str); /* can lock multiple times */

  real->locked = TRUE;

  /* Try to realloc to avoid excess memory usage, since
   * we know we won't change the string further
   */
345
#define MAX_WASTE 48
346
  compact (real, MAX_WASTE);
347
}
348
#endif /* DBUS_ENABLE_EMBEDDED_TESTS */
349

350
static dbus_bool_t
351 352
reallocate_for_length (DBusRealString *real,
                       int             new_length)
353
{
354
  int new_allocated;
355
  unsigned char *new_str;
356

357 358 359
  /* at least double our old allocation to avoid O(n), avoiding
   * overflow
   */
360 361
  if (real->allocated > (_DBUS_STRING_MAX_LENGTH + _DBUS_STRING_ALLOCATION_PADDING) / 2)
    new_allocated = _DBUS_STRING_MAX_LENGTH + _DBUS_STRING_ALLOCATION_PADDING;
362 363
  else
    new_allocated = real->allocated * 2;
364

365
  /* if you change the code just above here, run the tests without
366
   * the following assert-only hack before you commit
367
   */
368 369 370 371
  /* This is keyed off asserts in addition to tests so when you
   * disable asserts to profile, you don't get this destroyer
   * of profiles.
   */
372
#if defined (DBUS_ENABLE_EMBEDDED_TESTS) && !defined (DBUS_DISABLE_ASSERT)
373 374 375
  new_allocated = 0; /* ensure a realloc every time so that we go
                      * through all malloc failure codepaths
                      */
376
#endif
377

378
  /* But be sure we always alloc at least space for the new length */
379
  new_allocated = MAX (new_allocated,
380
                       new_length + _DBUS_STRING_ALLOCATION_PADDING);
381

382 383
  _dbus_assert (new_allocated >= real->allocated); /* code relies on this */
  new_str = dbus_realloc (real->str - real->align_offset, new_allocated);
384
  if (_DBUS_UNLIKELY (new_str == NULL))
385
    return FALSE;
386

387 388 389
  real->str = new_str + real->align_offset;
  real->allocated = new_allocated;
  fixup_alignment (real);
390 391 392 393

  return TRUE;
}

394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413
/**
 * Compacts the string to avoid wasted memory.  Wasted memory is
 * memory that is allocated but not actually required to store the
 * current length of the string.  The compact is only done if more
 * than the given amount of memory is being wasted (otherwise the
 * waste is ignored and the call does nothing).
 *
 * @param str the string
 * @param max_waste the maximum amount of waste to ignore
 * @returns #FALSE if the compact failed due to realloc failure
 */
dbus_bool_t
_dbus_string_compact (DBusString *str,
                      int         max_waste)
{
  DBUS_STRING_PREAMBLE (str);

  return compact (real, max_waste);
}

414 415 416 417 418 419 420
static dbus_bool_t
set_length (DBusRealString *real,
            int             new_length)
{
  /* Note, we are setting the length not including nul termination */

  /* exceeding max length is the same as failure to allocate memory */
421
  if (_DBUS_UNLIKELY (new_length > _DBUS_STRING_MAX_LENGTH))
422
    return FALSE;
423
  else if (new_length > (real->allocated - _DBUS_STRING_ALLOCATION_PADDING) &&
424
           _DBUS_UNLIKELY (!reallocate_for_length (real, new_length)))
425 426 427 428
    return FALSE;
  else
    {
      real->len = new_length;
429
      real->str[new_length] = '\0';
430 431 432 433
      return TRUE;
    }
}

434 435 436 437 438 439 440 441
static dbus_bool_t
open_gap (int             len,
          DBusRealString *dest,
          int             insert_at)
{
  if (len == 0)
    return TRUE;

442
  if (len > _DBUS_STRING_MAX_LENGTH - dest->len)
443 444
    return FALSE; /* detected overflow of dest->len + len below */
  
445 446 447 448 449 450 451 452 453 454
  if (!set_length (dest, dest->len + len))
    return FALSE;

  memmove (dest->str + insert_at + len, 
           dest->str + insert_at,
           dest->len - len - insert_at);

  return TRUE;
}

455
#ifndef _dbus_string_get_data
456 457 458 459 460 461 462 463 464
/**
 * Gets the raw character buffer from the string.  The returned buffer
 * will be nul-terminated, but note that strings may contain binary
 * data so there may be extra nul characters prior to the termination.
 * This function should be little-used, extend DBusString or add
 * stuff to dbus-sysdeps.c instead. It's an error to use this
 * function on a const string.
 *
 * @param str the string
465
 * @returns the data
466
 */
467 468
char*
_dbus_string_get_data (DBusString *str)
469 470 471
{
  DBUS_STRING_PREAMBLE (str);
  
472
  return (char*) real->str;
473
}
474
#endif /* _dbus_string_get_data */
475

476 477
/* only do the function if we don't have the macro */
#ifndef _dbus_string_get_const_data
478
/**
479 480
 * Gets the raw character buffer from a const string.
 *
481
 * @param str the string
482
 * @returns the string data
483
 */
484 485
const char*
_dbus_string_get_const_data (const DBusString  *str)
486 487 488
{
  DBUS_CONST_STRING_PREAMBLE (str);
  
489
  return (const char*) real->str;
490
}
491
#endif /* _dbus_string_get_const_data */
492 493 494 495 496 497 498 499 500 501 502 503

/**
 * Gets a sub-portion of the raw character buffer from the
 * string. The "len" field is required simply for error
 * checking, to be sure you don't try to use more
 * string than exists. The nul termination of the
 * returned buffer remains at the end of the entire
 * string, not at start + len.
 *
 * @param str the string
 * @param start byte offset to return
 * @param len length of segment to return
504
 * @returns the string data
505
 */
506
char*
507 508 509 510 511 512 513
_dbus_string_get_data_len (DBusString *str,
                           int         start,
                           int         len)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (start >= 0);
  _dbus_assert (len >= 0);
514 515
  _dbus_assert (start <= real->len);
  _dbus_assert (len <= real->len - start);
516
  
517
  return (char*) real->str + start;
518 519
}

520 521
/* only do the function if we don't have the macro */
#ifndef _dbus_string_get_const_data_len
522 523 524 525 526 527
/**
 * const version of _dbus_string_get_data_len().
 *
 * @param str the string
 * @param start byte offset to return
 * @param len length of segment to return
528
 * @returns the string data
529
 */
530
const char*
531 532 533 534 535 536 537
_dbus_string_get_const_data_len (const DBusString  *str,
                                 int                start,
                                 int                len)
{
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (start >= 0);
  _dbus_assert (len >= 0);
538 539
  _dbus_assert (start <= real->len);
  _dbus_assert (len <= real->len - start);
540
  
541
  return (const char*) real->str + start;
542
}
543
#endif /* _dbus_string_get_const_data_len */
544

545 546
/* only do the function if we don't have the macro */
#ifndef _dbus_string_set_byte
547 548 549 550 551 552 553 554 555 556 557 558 559 560
/**
 * Sets the value of the byte at the given position.
 *
 * @param str the string
 * @param i the position
 * @param byte the new value
 */
void
_dbus_string_set_byte (DBusString    *str,
                       int            i,
                       unsigned char  byte)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (i < real->len);
561 562
  _dbus_assert (i >= 0);
  
563 564
  real->str[i] = byte;
}
565
#endif /* _dbus_string_set_byte */
566

567 568
/* only have the function if we didn't create a macro */
#ifndef _dbus_string_get_byte
569
/**
570 571 572
 * Gets the byte at the given position. It is
 * allowed to ask for the nul byte at the end of
 * the string.
573 574 575 576 577
 *
 * @param str the string
 * @param start the position
 * @returns the byte at that position
 */
578
unsigned char
579 580 581 582
_dbus_string_get_byte (const DBusString  *str,
                       int                start)
{
  DBUS_CONST_STRING_PREAMBLE (str);
583
  _dbus_assert (start <= real->len);
584 585
  _dbus_assert (start >= 0);
  
586 587
  return real->str[start];
}
588
#endif /* _dbus_string_get_byte */
589

590
/**
591 592
 * Inserts a number of bytes of a given value at the
 * given position.
593 594 595
 *
 * @param str the string
 * @param i the position
596
 * @param n_bytes number of bytes
597 598 599 600
 * @param byte the value to insert
 * @returns #TRUE on success
 */
dbus_bool_t
601 602 603 604
_dbus_string_insert_bytes (DBusString   *str,
			   int           i,
			   int           n_bytes,
			   unsigned char byte)
605 606 607
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (i <= real->len);
608
  _dbus_assert (i >= 0);
609 610 611 612
  _dbus_assert (n_bytes >= 0);

  if (n_bytes == 0)
    return TRUE;
613
  
614
  if (!open_gap (n_bytes, real, i))
615 616
    return FALSE;
  
617
  memset (real->str + i, byte, n_bytes);
618 619 620 621

  return TRUE;
}

622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646
/**
 * Inserts a single byte at the given position.
 *
 * @param str the string
 * @param i the position
 * @param byte the value to insert
 * @returns #TRUE on success
 */
dbus_bool_t
_dbus_string_insert_byte (DBusString   *str,
			   int           i,
			   unsigned char byte)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (i <= real->len);
  _dbus_assert (i >= 0);
  
  if (!open_gap (1, real, i))
    return FALSE;

  real->str[i] = byte;

  return TRUE;
}

647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662
/**
 * Like _dbus_string_get_data(), but removes the
 * gotten data from the original string. The caller
 * must free the data returned. This function may
 * fail due to lack of memory, and return #FALSE.
 *
 * @param str the string
 * @param data_return location to return the buffer
 * @returns #TRUE on success
 */
dbus_bool_t
_dbus_string_steal_data (DBusString        *str,
                         char             **data_return)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (data_return != NULL);
663 664

  undo_alignment (real);
665
  
666
  *data_return = (char*) real->str;
667 668

  /* reset the string */
669
  if (!_dbus_string_init (str))
670 671
    {
      /* hrm, put it back then */
672
      real->str = (unsigned char*) *data_return;
673
      *data_return = NULL;
674
      fixup_alignment (real);
675 676 677 678 679 680
      return FALSE;
    }

  return TRUE;
}

681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703
/**
 * Copies the data from the string into a char*
 *
 * @param str the string
 * @param data_return place to return the data
 * @returns #TRUE on success, #FALSE on no memory
 */
dbus_bool_t
_dbus_string_copy_data (const DBusString  *str,
                        char             **data_return)
{
  DBUS_CONST_STRING_PREAMBLE (str);
  _dbus_assert (data_return != NULL);
  
  *data_return = dbus_malloc (real->len + 1);
  if (*data_return == NULL)
    return FALSE;

  memcpy (*data_return, real->str, real->len + 1);

  return TRUE;
}

704
/**
705 706 707
 * Copies the contents of a DBusString into a different buffer. It is
 * a bug if avail_len is too short to hold the string contents. nul
 * termination is not copied, just the supplied bytes.
708 709 710 711 712 713 714 715 716 717 718 719 720
 * 
 * @param str a string
 * @param buffer a C buffer to copy data to
 * @param avail_len maximum length of C buffer
 */
void
_dbus_string_copy_to_buffer (const DBusString  *str,
			     char              *buffer,
			     int                avail_len)
{
  DBUS_CONST_STRING_PREAMBLE (str);

  _dbus_assert (avail_len >= 0);
721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740
  _dbus_assert (avail_len >= real->len);
  
  memcpy (buffer, real->str, real->len);
}

/**
 * Copies the contents of a DBusString into a different buffer. It is
 * a bug if avail_len is too short to hold the string contents plus a
 * nul byte. 
 * 
 * @param str a string
 * @param buffer a C buffer to copy data to
 * @param avail_len maximum length of C buffer
 */
void
_dbus_string_copy_to_buffer_with_nul (const DBusString  *str,
                                      char              *buffer,
                                      int                avail_len)
{
  DBUS_CONST_STRING_PREAMBLE (str);
741

742 743 744 745
  _dbus_assert (avail_len >= 0);
  _dbus_assert (avail_len > real->len);
  
  memcpy (buffer, real->str, real->len+1);
746 747
}

748 749
/* Only have the function if we don't have the macro */
#ifndef _dbus_string_get_length
750 751 752 753 754 755 756 757 758 759 760 761
/**
 * Gets the length of a string (not including nul termination).
 *
 * @returns the length.
 */
int
_dbus_string_get_length (const DBusString  *str)
{
  DBUS_CONST_STRING_PREAMBLE (str);
  
  return real->len;
}
762
#endif /* !_dbus_string_get_length */
763 764 765 766 767 768 769

/**
 * Makes a string longer by the given number of bytes.  Checks whether
 * adding additional_length to the current length would overflow an
 * integer, and checks for exceeding a string's max length.
 * The new bytes are not initialized, other than nul-terminating
 * the end of the string. The uninitialized bytes may contain
770
 * nul bytes or other junk.
771 772 773 774 775 776 777 778 779 780 781
 *
 * @param str a string
 * @param additional_length length to add to the string.
 * @returns #TRUE on success.
 */
dbus_bool_t
_dbus_string_lengthen (DBusString *str,
                       int         additional_length)
{
  DBUS_STRING_PREAMBLE (str);  
  _dbus_assert (additional_length >= 0);
782

783
  if (_DBUS_UNLIKELY (additional_length > _DBUS_STRING_MAX_LENGTH - real->len))
784
    return FALSE; /* would overflow */
785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827
  
  return set_length (real,
                     real->len + additional_length);
}

/**
 * Makes a string shorter by the given number of bytes.
 *
 * @param str a string
 * @param length_to_remove length to remove from the string.
 */
void
_dbus_string_shorten (DBusString *str,
                      int         length_to_remove)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (length_to_remove >= 0);
  _dbus_assert (length_to_remove <= real->len);

  set_length (real,
              real->len - length_to_remove);
}

/**
 * Sets the length of a string. Can be used to truncate or lengthen
 * the string. If the string is lengthened, the function may fail and
 * return #FALSE. Newly-added bytes are not initialized, as with
 * _dbus_string_lengthen().
 *
 * @param str a string
 * @param length new length of the string.
 * @returns #FALSE on failure.
 */
dbus_bool_t
_dbus_string_set_length (DBusString *str,
                         int         length)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (length >= 0);

  return set_length (real, length);
}

828
static dbus_bool_t
829 830 831 832
align_insert_point_then_open_gap (DBusString *str,
                                  int        *insert_at_p,
                                  int         alignment,
                                  int         gap_size)
833
{
834
  unsigned long new_len; /* ulong to avoid _DBUS_ALIGN_VALUE overflow */
835 836
  unsigned long gap_pos;
  int insert_at;
837 838 839
  int delta;
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (alignment >= 1);
840
  _dbus_assert (alignment <= 8); /* it has to be a bug if > 8 */
841

842 843 844 845 846 847 848
  insert_at = *insert_at_p;

  _dbus_assert (insert_at <= real->len);
  
  gap_pos = _DBUS_ALIGN_VALUE (insert_at, alignment);
  new_len = real->len + (gap_pos - insert_at) + gap_size;
  
849
  if (_DBUS_UNLIKELY (new_len > (unsigned long) _DBUS_STRING_MAX_LENGTH))
850 851
    return FALSE;
  
852 853 854
  delta = new_len - real->len;
  _dbus_assert (delta >= 0);

855 856 857 858 859
  if (delta == 0) /* only happens if gap_size == 0 and insert_at is aligned already */
    {
      _dbus_assert (((unsigned long) *insert_at_p) == gap_pos);
      return TRUE;
    }
860

861 862
  if (_DBUS_UNLIKELY (!open_gap (new_len - real->len,
                                 real, insert_at)))
863 864
    return FALSE;

865 866
  /* nul the padding if we had to add any padding */
  if (gap_size < delta)
867
    {
868 869
      memset (&real->str[insert_at], '\0',
              gap_pos - insert_at);
870
    }
871 872 873

  *insert_at_p = gap_pos;
  
874 875 876
  return TRUE;
}

877 878 879 880 881 882 883 884 885 886 887 888 889 890
static dbus_bool_t
align_length_then_lengthen (DBusString *str,
                            int         alignment,
                            int         then_lengthen_by)
{
  int insert_at;

  insert_at = _dbus_string_get_length (str);
  
  return align_insert_point_then_open_gap (str,
                                           &insert_at,
                                           alignment, then_lengthen_by);
}

891 892 893 894 895 896 897 898 899 900 901 902 903 904 905
/**
 * Align the length of a string to a specific alignment (typically 4 or 8)
 * by appending nul bytes to the string.
 *
 * @param str a string
 * @param alignment the alignment
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_align_length (DBusString *str,
                           int         alignment)
{
  return align_length_then_lengthen (str, alignment, 0);
}

906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925
/**
 * Preallocate extra_bytes such that a future lengthening of the
 * string by extra_bytes is guaranteed to succeed without an out of
 * memory error.
 *
 * @param str a string
 * @param extra_bytes bytes to alloc
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_alloc_space (DBusString        *str,
                          int                extra_bytes)
{
  if (!_dbus_string_lengthen (str, extra_bytes))
    return FALSE;
  _dbus_string_shorten (str, extra_bytes);

  return TRUE;
}

926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954
static dbus_bool_t
append (DBusRealString *real,
        const char     *buffer,
        int             buffer_len)
{
  if (buffer_len == 0)
    return TRUE;

  if (!_dbus_string_lengthen ((DBusString*)real, buffer_len))
    return FALSE;

  memcpy (real->str + (real->len - buffer_len),
          buffer,
          buffer_len);

  return TRUE;
}

/**
 * Appends a nul-terminated C-style string to a DBusString.
 *
 * @param str the DBusString
 * @param buffer the nul-terminated characters to append
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_append (DBusString *str,
                     const char *buffer)
{
955
  unsigned long buffer_len;
956 957 958 959 960
  
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (buffer != NULL);
  
  buffer_len = strlen (buffer);
961
  if (buffer_len > (unsigned long) _DBUS_STRING_MAX_LENGTH)
962 963
    return FALSE;
  
964 965 966
  return append (real, buffer, buffer_len);
}

967 968 969
/** assign 2 bytes from one string to another */
#define ASSIGN_2_OCTETS(p, octets) \
  *((dbus_uint16_t*)(p)) = *((dbus_uint16_t*)(octets));
970

971
/** assign 4 bytes from one string to another */
972 973 974
#define ASSIGN_4_OCTETS(p, octets) \
  *((dbus_uint32_t*)(p)) = *((dbus_uint32_t*)(octets));

975
/** assign 8 bytes from one string to another */
976 977 978
#define ASSIGN_8_OCTETS(p, octets) \
  *((dbus_uint64_t*)(p)) = *((dbus_uint64_t*)(octets));

979 980 981 982 983 984 985 986 987 988 989 990
/**
 * Inserts 2 bytes aligned on a 2 byte boundary
 * with any alignment padding initialized to 0.
 *
 * @param str the DBusString
 * @param insert_at where to insert
 * @param octets 2 bytes to insert
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_2_aligned (DBusString         *str,
                               int                 insert_at,
Chengwei Yang's avatar
Chengwei Yang committed
991
                               const unsigned char octets[2])
992 993 994 995 996 997 998 999 1000 1001 1002
{
  DBUS_STRING_PREAMBLE (str);
  
  if (!align_insert_point_then_open_gap (str, &insert_at, 2, 2))
    return FALSE;

  ASSIGN_2_OCTETS (real->str + insert_at, octets);

  return TRUE;
}

1003 1004 1005 1006 1007
/**
 * Inserts 4 bytes aligned on a 4 byte boundary
 * with any alignment padding initialized to 0.
 *
 * @param str the DBusString
1008
 * @param insert_at where to insert
1009 1010 1011 1012 1013 1014 1015 1016
 * @param octets 4 bytes to insert
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_4_aligned (DBusString         *str,
                               int                 insert_at,
                               const unsigned char octets[4])
{
1017 1018
  DBUS_STRING_PREAMBLE (str);
  
1019
  if (!align_insert_point_then_open_gap (str, &insert_at, 4, 4))
1020 1021
    return FALSE;

1022 1023 1024 1025 1026 1027 1028 1029 1030 1031
  ASSIGN_4_OCTETS (real->str + insert_at, octets);

  return TRUE;
}

/**
 * Inserts 8 bytes aligned on an 8 byte boundary
 * with any alignment padding initialized to 0.
 *
 * @param str the DBusString
1032
 * @param insert_at where to insert
1033 1034 1035 1036 1037 1038 1039 1040 1041
 * @param octets 8 bytes to insert
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_8_aligned (DBusString         *str,
                               int                 insert_at,
                               const unsigned char octets[8])
{
  DBUS_STRING_PREAMBLE (str);
1042
  
1043 1044 1045
  if (!align_insert_point_then_open_gap (str, &insert_at, 8, 8))
    return FALSE;

1046 1047
  _dbus_assert (_DBUS_ALIGN_VALUE (insert_at, 8) == (unsigned) insert_at);
  
1048
  ASSIGN_8_OCTETS (real->str + insert_at, octets);
1049 1050 1051 1052

  return TRUE;
}

1053 1054 1055 1056 1057 1058 1059 1060

/**
 * Inserts padding at *insert_at such to align it to the given
 * boundary. Initializes the padding to nul bytes. Sets *insert_at
 * to the aligned position.
 *
 * @param str the DBusString
 * @param insert_at location to be aligned
1061
 * @param alignment alignment boundary (1, 2, 4, or 8)
1062 1063 1064 1065 1066 1067 1068 1069 1070
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_insert_alignment (DBusString        *str,
                               int               *insert_at,
                               int                alignment)
{
  DBUS_STRING_PREAMBLE (str);
  
1071
  if (!align_insert_point_then_open_gap (str, insert_at, alignment, 0))
1072 1073
    return FALSE;

1074
  _dbus_assert (_DBUS_ALIGN_VALUE (*insert_at, alignment) == (unsigned) *insert_at);
1075 1076 1077 1078

  return TRUE;
}

1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092
/**
 * Appends a printf-style formatted string
 * to the #DBusString.
 *
 * @param str the string
 * @param format printf format
 * @param args variable argument list
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_append_printf_valist  (DBusString        *str,
                                    const char        *format,
                                    va_list            args)
{
1093
  dbus_bool_t ret = FALSE;
1094
  int len;
1095
  va_list args_copy;
1096

1097
  DBUS_STRING_PREAMBLE (str);
1098 1099 1100

  DBUS_VA_COPY (args_copy, args);

1101
  /* Measure the message length without terminating nul */
John Palmieri's avatar
John Palmieri committed
1102
  len = _dbus_printf_string_upper_bound (format, args);
1103

1104
  if (len < 0)
1105
    goto out;
1106

1107
  if (!_dbus_string_lengthen (str, len))
1108
    {
1109
      goto out;
1110 1111
    }
  
1112
  vsprintf ((char*) (real->str + (real->len - len)),
1113
            format, args_copy);
1114
  ret = TRUE;
1115

1116
out:
1117
  va_end (args_copy);
1118

1119
  return ret;
1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144
}

/**
 * Appends a printf-style formatted string
 * to the #DBusString.
 *
 * @param str the string
 * @param format printf format
 * @returns #FALSE if no memory
 */
dbus_bool_t
_dbus_string_append_printf (DBusString        *str,
                            const char        *format,
                            ...)
{
  va_list args;
  dbus_bool_t retval;
  
  va_start (args, format);
  retval = _dbus_string_append_printf_valist (str, format, args);
  va_end (args);

  return retval;
}

1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216
/**
 * Appends block of bytes with the given length to a DBusString.
 *
 * @param str the DBusString
 * @param buffer the bytes to append
 * @param len the number of bytes to append
 * @returns #FALSE if not enough memory.
 */
dbus_bool_t
_dbus_string_append_len (DBusString *str,
                         const char *buffer,
                         int         len)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (buffer != NULL);
  _dbus_assert (len >= 0);

  return append (real, buffer, len);
}

/**
 * Appends a single byte to the string, returning #FALSE
 * if not enough memory.
 *
 * @param str the string
 * @param byte the byte to append
 * @returns #TRUE on success
 */
dbus_bool_t
_dbus_string_append_byte (DBusString    *str,
                          unsigned char  byte)
{
  DBUS_STRING_PREAMBLE (str);

  if (!set_length (real, real->len + 1))
    return FALSE;

  real->str[real->len-1] = byte;

  return TRUE;
}

static void
delete (DBusRealString *real,
        int             start,
        int             len)
{
  if (len == 0)
    return;
  
  memmove (real->str + start, real->str + start + len, real->len - (start + len));
  real->len -= len;
  real->str[real->len] = '\0';
}

/**
 * Deletes a segment of a DBusString with length len starting at
 * start. (Hint: to clear an entire string, setting length to 0
 * with _dbus_string_set_length() is easier.)
 *
 * @param str the DBusString
 * @param start where to start deleting
 * @param len the number of bytes to delete
 */
void
_dbus_string_delete (DBusString       *str,
                     int               start,
                     int               len)
{
  DBUS_STRING_PREAMBLE (str);
  _dbus_assert (start >= 0);
  _dbus_assert (len >= 0);
1217 1218
  _dbus_assert (start <= real->len);
  _dbus_assert (len <= real->len - start);
1219
  
1220 1221 1222
  delete (real, start, len);
}

1223 1224 1225 1226 1227 1228 1229
static dbus_bool_t
copy (DBusRealString *source,
      int             start,
      int             len,
      DBusRealString *dest,
      int             insert_at)
{
1230 1231 1232
  if (len == 0)
    return TRUE;

1233 1234
  if (!open_gap (len, dest, insert_at))
    return FALSE;
1235
  
1236 1237 1238
  memmove (dest->str + insert_at,
           source->str + start,
           len);
1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280

  return TRUE;
}

/**
 * Checks assertions for two strings we're copying a segment between,
 * and declares real_source/real_dest variables.
 *
 * @param source the source string
 * @param start the starting offset
 * @param dest the dest string
 * @param insert_at where the copied segment is inserted
 */
#define DBUS_STRING_COPY_PREAMBLE(source, start, dest, insert_at)       \
  DBusRealString *real_source = (DBusRealString*) source;               \
  DBusRealString *real_dest = (DBusRealString*) dest;                   \
  _dbus_assert ((source) != (dest));                                    \
  DBUS_GENERIC_STRING_PREAMBLE (real_source);                           \
  DBUS_GENERIC_STRING_PREAMBLE (real_dest);                             \
  _dbus_assert (!real_dest->constant);                                  \
  _dbus_assert (!real_dest->locked);                                    \
  _dbus_assert ((start) >= 0);                                          \
  _dbus_assert ((start) <= real_source->len);                           \
  _dbus_assert ((insert_at) >= 0);                                      \
  _dbus_assert ((insert_at) <= real_dest->len)

/**
 * Moves the end of one string into another string. Both strings
 * must be initialized, valid strings.
 *
 * @param source the source string
 * @param start where to chop off the source string
 * @param dest the destination string
 * @param insert_at where to move the chopped-off part of source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_move (DBusString       *source,
                   int               start,
                   DBusString       *dest,
                   int               insert_at)
{
1281 1282
  DBusRealString *real_source = (DBusRealString*) source;
  _dbus_assert (start <= real_source->len);
1283
  
1284 1285 1286
  return _dbus_string_move_len (source, start,
                                real_source->len - start,
                                dest, insert_at);
1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315
}

/**
 * Like _dbus_string_move(), but does not delete the section
 * of the source string that's copied to the dest string.
 *
 * @param source the source string
 * @param start where to start copying the source string
 * @param dest the destination string
 * @param insert_at where to place the copied part of source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_copy (const DBusString *source,
                   int               start,
                   DBusString       *dest,
                   int               insert_at)
{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, insert_at);

  return copy (real_source, start,
               real_source->len - start,
               real_dest,
               insert_at);
}

/**
 * Like _dbus_string_move(), but can move a segment from
 * the middle of the source string.
1316
 *
1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336
 * @param source the source string
 * @param start first byte of source string to move
 * @param len length of segment to move
 * @param dest the destination string
 * @param insert_at where to move the bytes from the source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_move_len (DBusString       *source,
                       int               start,
                       int               len,
                       DBusString       *dest,
                       int               insert_at)

{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, insert_at);
  _dbus_assert (len >= 0);
  _dbus_assert ((start + len) <= real_source->len);


1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358
  if (len == 0)
    {
      return TRUE;
    }
  else if (start == 0 &&
           len == real_source->len &&
           real_dest->len == 0)
    {
      /* Short-circuit moving an entire existing string to an empty string
       * by just swapping the buffers.
       */
      /* we assume ->constant doesn't matter as you can't have
       * a constant string involved in a move.
       */
#define ASSIGN_DATA(a, b) do {                  \
        (a)->str = (b)->str;                    \
        (a)->len = (b)->len;                    \
        (a)->allocated = (b)->allocated;        \
        (a)->align_offset = (b)->align_offset;  \
      } while (0)
      
      DBusRealString tmp;
1359

1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377
      ASSIGN_DATA (&tmp, real_source);
      ASSIGN_DATA (real_source, real_dest);
      ASSIGN_DATA (real_dest, &tmp);

      return TRUE;
    }
  else
    {
      if (!copy (real_source, start, len,
                 real_dest,
                 insert_at))
        return FALSE;
      
      delete (real_source, start,
              len);
      
      return TRUE;
    }
1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 1399
}

/**
 * Like _dbus_string_copy(), but can copy a segment from the middle of
 * the source string.
 *
 * @param source the source string
 * @param start where to start copying the source string
 * @param len length of segment to copy
 * @param dest the destination string
 * @param insert_at where to place the copied segment of source string
 * @returns #FALSE if not enough memory
 */
dbus_bool_t
_dbus_string_copy_len (const DBusString *source,
                       int               start,
                       int               len,
                       DBusString       *dest,
                       int               insert_at)
{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, insert_at);
  _dbus_assert (len >= 0);
1400 1401
  _dbus_assert (start <= real_source->len);
  _dbus_assert (len <= real_source->len - start);
1402 1403 1404 1405 1406 1407
  
  return copy (real_source, start, len,
               real_dest,
               insert_at);
}

1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429
/**
 * Replaces a segment of dest string with a segment of source string.
 *
 * @param source the source string
 * @param start where to start copying the source string
 * @param len length of segment to copy
 * @param dest the destination string
 * @param replace_at start of segment of dest string to replace
 * @param replace_len length of segment of dest string to replace
 * @returns #FALSE if not enough memory
 *
 */
dbus_bool_t
_dbus_string_replace_len (const DBusString *source,
                          int               start,
                          int               len,
                          DBusString       *dest,
                          int               replace_at,
                          int               replace_len)
{
  DBUS_STRING_COPY_PREAMBLE (source, start, dest, replace_at);
  _dbus_assert (len >= 0);
1430 1431
  _dbus_assert (start <= real_source->len);
  _dbus_assert (len <= real_source->len - start);
1432
  _dbus_assert (replace_at >= 0);
1433 1434
  _dbus_assert (replace_at <= real_dest->len);
  _dbus_assert (replace_len <= real_dest->len - replace_at);
1435

1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462
  if (len == replace_len)
    {
      memmove (real_dest->str + replace_at,
               real_source->str + start, len);
    }
  else if (len < replace_len)
    {
      memmove (real_dest->str + replace_at,
               real_source->str + start, len);
      delete (real_dest, replace_at + len,
              replace_len - len);
    }
  else
    {
      int diff;

      _dbus_assert (len > replace_len);

      diff = len - replace_len;

      /* First of all we check if destination string can be enlarged as
       * required, then we overwrite previous bytes
       */

      if (!copy (real_source, start + replace_len, diff,
                 real_dest, replace_at + replace_len))
        return FALSE;
1463

1464 1465 1466
      memmove (real_dest->str + replace_at,
               real_source->str + start, replace_len);
    }
1467 1468 1469 1470

  return TRUE;
}

1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512
/**
 * Looks for the first occurance of a byte, deletes that byte,
 * and moves everything after the byte to the beginning of a
 * separate string.  Both strings must be initialized, valid
 * strings.
 *
 * @param source the source string
 * @param byte the byte to remove and split the string at
 * @param tail the split off string
 * @returns #FALSE if not enough memory or if byte could not be found
 *
 */
dbus_bool_t
_dbus_string_split_on_byte (DBusString        *source,
                            unsigned char      byte,
                            DBusString        *tail)
{
  int byte_position;
  char byte_string[2] = "";
  int head_length;
  int tail_length;

  byte_string[0] = (char) byte;

  if (!_dbus_string_find (source, 0, byte_string, &byte_position))
    return FALSE;

  head_length = byte_position;
  tail_length = _dbus_string_get_length (source) - head_length - 1;

  if (!_dbus_string_move_len (source, byte_position + 1, tail_length,
                              tail, 0))
    return FALSE;

  /* remove the trailing delimiter byte from the head now.
   */
  if (!_dbus_string_set_length (source, head_length))
    return FALSE;

  return TRUE;
}

1513 1514 1515
/* Unicode macros and utf8_validate() from GLib Owen Taylor, Havoc
 * Pennington, and Tom Tromey are the authors and authorized relicense.
 */
1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552

/** computes length and mask of a unicode character
 * @param Char the char
 * @param Mask the mask variable to assign to
 * @param Len the length variable to assign to
 */
#define UTF8_COMPUTE(Char, Mask, Len)					      \
  if (Char < 128)							      \
    {									      \
      Len = 1;								      \
      Mask = 0x7f;							      \
    }									      \
  else if ((Char & 0xe0) == 0xc0)					      \
    {									      \
      Len = 2;								      \
      Mask = 0x1f;							      \
    }									      \
  else if ((Char & 0xf0) == 0xe0)					      \
    {									      \
      Len = 3;								      \
      Mask = 0x0f;							      \
    }									      \
  else if ((Char & 0xf8) == 0xf0)					      \
    {									      \
      Len = 4;								      \
      Mask = 0x07;							      \
    }									      \
  else if ((Char & 0xfc) == 0xf8)					      \
    {									      \
      Len = 5;								      \
      Mask = 0x03;							      \
    }									      \
  else if ((Char & 0xfe) == 0xfc)					      \
    {									      \
      Len = 6;								      \
      Mask = 0x01;							      \
    }									      \
1553 1554 1555 1556 1557
  else                                                                        \
    {                                                                         \
      Len = 0;                                                               \
      Mask = 0;                                                               \
    }
1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592

/**
 * computes length of a unicode character in UTF-8
 * @param Char the char
 */
#define UTF8_LENGTH(Char)              \
  ((Char) < 0x80 ? 1 :                 \
   ((Char) < 0x800 ? 2 :               \
    ((Char) < 0x10000 ? 3 :            \
     ((Char) < 0x200000 ? 4 :          \
      ((Char) < 0x4000000 ? 5 : 6)))))
   
/**
 * Gets a UTF-8 value.
 *
 * @param Result variable for extracted unicode char.
 * @param Chars the bytes to decode
 * @param Count counter variable
 * @param Mask mask for this char
 * @param Len length for this char in bytes
 */
#define UTF8_GET(Result, Chars, Count, Mask, Len)			      \
  (Result) = (Chars)[0] & (Mask);					      \
  for ((Count) = 1; (Count) < (Len); ++(Count))				      \
    {									      \
      if (((Chars)[(Count)] & 0xc0) != 0x80)				      \
	{								      \
	  (Result) = -1;						      \
	  break;							      \
	}								      \
      (Result) <<= 6;							      \
      (Result) |= ((Chars)[(Count)] & 0x3f);				      \
    }

/**
1593 1594 1595 1596 1597 1598 1599
 * Check whether a Unicode (5.2) char is in a valid range.
 *
 * The first check comes from the Unicode guarantee to never encode
 * a point above 0x0010ffff, since UTF-16 couldn't represent it.
 *
 * The second check covers surrogate pairs (category Cs).
 *
1600 1601 1602 1603
 * @param Char the character
 */
#define UNICODE_VALID(Char)                   \
    ((Char) < 0x110000 &&                     \
1604
     (((Char) & 0xFFFFF800) != 0xD800))
1605

1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625
/**
 * Finds the given substring in the string,
 * returning #TRUE and filling in the byte index
 * where the substring was found, if it was found.
 * Returns #FALSE if the substring wasn't found.
 * Sets *start to the length of the string if the substring
 * is not found.
 *
 * @param str the string
 * @param start where to start looking
 * @param substr the substring
 * @param found return location for where it was found, or #NULL
 * @returns #TRUE if found
 */
dbus_bool_t
_dbus_string_find (const DBusString *str,
                   int               start,
                   const char       *substr,
                   int              *found)
{
1626 1627 1628
  return _dbus_string_find_to (str, start,
                               ((const DBusRealString*)str)->len,
                               substr, found);
1629 1630
}

1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644
/**
 * Finds end of line ("\r\n" or "\n") in the string,
 * returning #TRUE and filling in the byte index
 * where the eol string was found, if it was found.
 * Returns #FALSE if eol wasn't found.
 *
 * @param str the string
 * @param start where to start looking
 * @param found return location for where eol was found or string length otherwise
 * @param found_len return length of found eol string or zero otherwise
 * @returns #TRUE if found
 */
dbus_bool_t
_dbus_string_find_eol (const DBusString *str,
1645 1646 1647
                       int               start,
                       int              *found,
                       int