-const char miscutil_rcs[] = "$Id: miscutil.c,v 1.39 2006/07/18 14:48:46 david__schmidt Exp $";
+const char miscutil_rcs[] = "$Id: miscutil.c,v 1.61 2008/10/18 11:09:23 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/miscutil.c,v $
* These are each too small to deserve their own file
* but don't really fit in any other file.
*
- * Copyright : Written by and Copyright (C) 2001 the SourceForge
- * Privoxy team. http://www.privoxy.org/
+ * Copyright : Written by and Copyright (C) 2001-2007
+ * the SourceForge Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
* by and Copyright (C) 1997 Anonymous Coders and
* Junkbusters Corporation. http://www.junkbusters.com
*
+ * The timegm replacement function was taken from GnuPG,
+ * Copyright (C) 2004 Free Software Foundation, Inc.
+ *
+ * The snprintf replacement function is written by
+ * Mark Martinec who also holds the copyright. It can be
+ * used under the terms of the GPL or the terms of the
+ * "Frontier Artistic License".
+ *
* This program is free software; you can redistribute it
* and/or modify it under the terms of the GNU General
* Public License as published by the Free Software
*
* Revisions :
* $Log: miscutil.c,v $
+ * Revision 1.61 2008/10/18 11:09:23 fabiankeil
+ * Improve seed used by pick_from_range() on mingw32.
+ *
+ * Revision 1.60 2008/09/07 12:35:05 fabiankeil
+ * Add mutex lock support for _WIN32.
+ *
+ * Revision 1.59 2008/09/04 08:13:58 fabiankeil
+ * Prepare for critical sections on Windows by adding a
+ * layer of indirection before the pthread mutex functions.
+ *
+ * Revision 1.58 2008/04/17 14:53:30 fabiankeil
+ * Move simplematch() into urlmatch.c as it's only
+ * used to match (old-school) domain patterns.
+ *
+ * Revision 1.57 2008/03/24 15:29:51 fabiankeil
+ * Pet gcc43.
+ *
+ * Revision 1.56 2007/12/01 12:59:05 fabiankeil
+ * Some sanity checks for pick_from_range().
+ *
+ * Revision 1.55 2007/11/03 17:34:49 fabiankeil
+ * Log the "weak randomization factor" warning only
+ * once for mingw32 and provide some more details.
+ *
+ * Revision 1.54 2007/09/19 20:28:37 fabiankeil
+ * If privoxy_strlcpy() is called with a "buffer" size
+ * of 0, don't touch whatever destination points to.
+ *
+ * Revision 1.53 2007/09/09 18:20:20 fabiankeil
+ * Turn privoxy_strlcpy() into a function and try to work with
+ * b0rked snprintf() implementations too. Reported by icmp30.
+ *
+ * Revision 1.52 2007/08/19 12:32:34 fabiankeil
+ * Fix a conversion warning.
+ *
+ * Revision 1.51 2007/06/17 16:12:22 fabiankeil
+ * #ifdef _WIN32 the last commit. According to David Shaw,
+ * one of the gnupg developers, the changes are mingw32-specific.
+ *
+ * Revision 1.50 2007/06/10 14:59:59 fabiankeil
+ * Change replacement timegm() to better match our style, plug a small
+ * but guaranteed memory leak and fix "time zone breathing" on mingw32.
+ *
+ * Revision 1.49 2007/05/11 11:48:15 fabiankeil
+ * - Delete strsav() which was replaced
+ * by string_append() years ago.
+ * - Add a strlcat() look-alike.
+ * - Use strlcat() and strlcpy() in those parts
+ * of the code that are run on unixes.
+ *
+ * Revision 1.48 2007/04/09 17:48:51 fabiankeil
+ * Check for HAVE_SNPRINTF instead of __OS2__
+ * before including the portable snprintf() code.
+ *
+ * Revision 1.47 2007/03/17 11:52:15 fabiankeil
+ * - Use snprintf instead of sprintf.
+ * - Mention copyright for the replacement
+ * functions in the copyright header.
+ *
+ * Revision 1.46 2007/01/18 15:03:20 fabiankeil
+ * Don't include replacement timegm() if
+ * putenv() or tzset() isn't available.
+ *
+ * Revision 1.45 2006/12/26 17:31:41 fabiankeil
+ * Mutex protect rand() if POSIX threading
+ * is used, warn the user if that's not possible
+ * and stop using it on _WIN32 where it could
+ * cause crashes.
+ *
+ * Revision 1.44 2006/11/07 12:46:43 fabiankeil
+ * Silence compiler warning on NetBSD 3.1.
+ *
+ * Revision 1.43 2006/09/23 13:26:38 roro
+ * Replace TABs by spaces in source code.
+ *
+ * Revision 1.42 2006/09/09 14:01:45 fabiankeil
+ * Integrated Oliver Yeoh's domain pattern fix
+ * to make sure *x matches xx. Closes Patch 1217393
+ * and Bug 1170767.
+ *
+ * Revision 1.41 2006/08/18 16:03:17 david__schmidt
+ * Tweak for OS/2 build happiness.
+ *
+ * Revision 1.40 2006/08/17 17:15:10 fabiankeil
+ * - Back to timegm() using GnuPG's replacement if necessary.
+ * Using mktime() and localtime() could add a on hour offset if
+ * the randomize factor was big enough to lead to a summer/wintertime
+ * switch.
+ *
+ * - Removed now-useless Privoxy 3.0.3 compatibility glue.
+ *
+ * - Moved randomization code into pick_from_range().
+ *
+ * - Changed parse_header_time definition.
+ * time_t isn't guaranteed to be signed and
+ * if it isn't, -1 isn't available as error code.
+ * Changed some variable types in client_if_modified_since()
+ * because of the same reason.
+ *
* Revision 1.39 2006/07/18 14:48:46 david__schmidt
* Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
* with what was really the latest development (the v_3_0_branch branch)
#include <ctype.h>
#include <assert.h>
-#ifndef HAVE_TIMEGM
+#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
#include <time.h>
-#endif /* #ifndef HAVE_TIMEGM */
+#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
#include "project.h"
#include "miscutil.h"
for ( ; *s; ++s )
{
- h = 5 * h + *s;
+ h = 5 * h + (unsigned int)*s;
}
return (h);
if (s == NULL)
{
- sprintf(buf, "(errno = %d)", err);
+ snprintf(buf, sizeof(buf), "(errno = %d)", err);
s = buf;
}
*********************************************************************/
int strncmpic(const char *s1, const char *s2, size_t n)
{
- if (n <= 0) return(0);
+ if (n <= (size_t)0) return(0);
if (!s1) s1 = "";
if (!s2) s2 = "";
break;
}
- if (--n <= 0) break;
+ if (--n <= (size_t)0) break;
s1++, s2++;
}
}
-/*********************************************************************
- *
- * Function : strsav
- *
- * Description : Reallocate "old" and append text to it. This makes
- * it easier to append to malloc'd strings.
- * Running out of memory is a FATAL error.
- *
- * Parameters :
- * 1 : old = Old text that is to be extended. Will be
- * free()d by this routine. May be NULL.
- * 2 : text_to_append = Text to be appended to old.
- * May be NULL.
- *
- * Returns : Pointer to newly malloc'ed appended string.
- * If there is no text to append, return old. Caller
- * must free().
- *
- *********************************************************************/
-char *strsav(char *old, const char *text_to_append)
-{
- size_t old_len, new_len = 0;
- char *p;
-
- if ((text_to_append == NULL) || (*text_to_append == '\0'))
- {
- return(old);
- }
-
- if (NULL == old)
- {
- if ((p = strdup(text_to_append)) == NULL)
- {
- log_error(LOG_LEVEL_FATAL, "strdup() failed!");
- /* Never get here - LOG_LEVEL_FATAL causes program exit */
- }
- return p;
- }
-
- old_len = strlen(old);
- new_len = old_len + strlen(text_to_append) + 1;
-
- if ((p = realloc(old, new_len)) == NULL)
- {
- log_error(LOG_LEVEL_FATAL, "realloc(%d) bytes failed!", new_len);
- /* Never get here - LOG_LEVEL_FATAL causes program exit */
- }
-
- strcpy(p + old_len, text_to_append);
- return(p);
-}
-
-
/*********************************************************************
*
* Function : string_append
{
size_t old_len;
char *new_string;
+ size_t new_size;
assert(target_string);
assert(text_to_append);
old_len = strlen(*target_string);
- if (NULL == (new_string = realloc(*target_string,
- strlen(text_to_append) + old_len + 1)))
+ new_size = strlen(text_to_append) + old_len + 1;
+
+ if (NULL == (new_string = realloc(*target_string, new_size)))
{
free(*target_string);
return JB_ERR_MEMORY;
}
- strcpy(new_string + old_len, text_to_append);
+ strlcpy(new_string + old_len, text_to_append, new_size - old_len);
*target_string = new_string;
return JB_ERR_OK;
err = string_append(target_string, text_to_append);
- free(text_to_append);
+ freez(text_to_append);
return err;
}
while (*q != '\0')
{
- *p++ = toupper(*q++);
+ *p++ = (char)toupper((int) *q++);
}
return result;
}
-/*********************************************************************
- *
- * Function : simplematch
- *
- * Description : String matching, with a (greedy) '*' wildcard that
- * stands for zero or more arbitrary characters and
- * character classes in [], which take both enumerations
- * and ranges.
- *
- * Parameters :
- * 1 : pattern = pattern for matching
- * 2 : text = text to be matched
- *
- * Returns : 0 if match, else nonzero
- *
- *********************************************************************/
-int simplematch(char *pattern, char *text)
-{
- unsigned char *pat = (unsigned char *) pattern;
- unsigned char *txt = (unsigned char *) text;
- unsigned char *fallback = pat;
- int wildcard = 0;
-
- unsigned char lastchar = 'a';
- unsigned i;
- unsigned char charmap[32];
-
- while (*txt)
- {
-
- /* EOF pattern but !EOF text? */
- if (*pat == '\0')
- {
- if (wildcard)
- {
- pat = fallback;
- }
- else
- {
- return 1;
- }
- }
-
- /* '*' in the pattern? */
- if (*pat == '*')
- {
-
- /* The pattern ends afterwards? Speed up the return. */
- if (*++pat == '\0')
- {
- return 0;
- }
-
- /* Else, set wildcard mode and remember position after '*' */
- wildcard = 1;
- fallback = pat;
- }
-
- /* Character range specification? */
- if (*pat == '[')
- {
- memset(charmap, '\0', sizeof(charmap));
-
- while (*++pat != ']')
- {
- if (!*pat)
- {
- return 1;
- }
- else if (*pat == '-')
- {
- if ((*++pat == ']') || *pat == '\0')
- {
- return(1);
- }
- for(i = lastchar; i <= *pat; i++)
- {
- charmap[i / 8] |= (1 << (i % 8));
- }
- }
- else
- {
- charmap[*pat / 8] |= (1 << (*pat % 8));
- lastchar = *pat;
- }
- }
- } /* -END- if Character range specification */
-
-
- /*
- * Char match, or char range match?
- */
- if ( (*pat == *txt)
- || (*pat == '?')
- || ((*pat == ']') && (charmap[*txt / 8] & (1 << (*txt % 8)))) )
- {
- /*
- * Sucess: Go ahead
- */
- pat++;
- }
- else if (!wildcard)
- {
- /*
- * No match && no wildcard: No luck
- */
- return 1;
- }
- else if (pat != fallback)
- {
- /*
- * Wildcard mode && nonmatch beyond fallback: Rewind pattern
- */
- pat = fallback;
- }
- txt++;
- }
-
- /* Cut off extra '*'s */
- if(*pat == '*') pat++;
-
- /* If this is the pattern's end, fine! */
- return(*pat);
-
-}
-
-
/*********************************************************************
*
* Function : bindup
strncpy(path,dir,512);
}
path[511]=0;
- } else {
+ }
+ else
+ {
path[0]=0;
}
if(AddPart(path,file,512))
{
return strdup(path);
- } else {
+ }
+ else
+ {
return NULL;
}
#else /* ndef AMIGA */
else
{
char * path;
+ size_t path_size = strlen(dir) + strlen(file) + 2; /* +2 for trailing (back)slash and \0 */
#if defined(unix)
if ( *dir != '/' && basedir && *basedir )
{
- path = malloc( strlen( basedir ) + strlen(dir) + strlen(file) + 3);
+ /*
+ * Relative path, so start with the base directory.
+ */
+ path_size += strlen(basedir) + 1; /* +1 for the slash */
+ path = malloc(path_size);
if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
- strcpy(path, basedir);
- strcat(path, "/");
- strcat(path, dir);
+ strlcpy(path, basedir, path_size);
+ strlcat(path, "/", path_size);
+ strlcat(path, dir, path_size);
}
else
+#endif /* defined unix */
{
- path = malloc(strlen(dir) + strlen(file) + 2);
+ path = malloc(path_size);
if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
- strcpy(path, dir);
+ strlcpy(path, dir, path_size);
}
-#else
-
- path = malloc(strlen(dir) + strlen(file) + 2);
- if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
- strcpy(path, dir);
-
-#endif /* defined unix */
#if defined(_WIN32) || defined(__OS2__)
if(path[strlen(path)-1] != '\\')
{
- strcat(path, "\\");
+ strlcat(path, "\\", path_size);
}
#else /* ifndef _WIN32 || __OS2__ */
if(path[strlen(path)-1] != '/')
{
- strcat(path, "/");
+ strlcat(path, "/", path_size);
}
#endif /* ifndef _WIN32 || __OS2__ */
- strcat(path, file);
+ strlcat(path, file, path_size);
return path;
}
* Returns : Picked number.
*
*********************************************************************/
-
long int pick_from_range(long int range)
{
long int number;
-#ifndef HAVE_RANDOM
- unsigned int weak_seed;
+#ifdef _WIN32
+ static unsigned long seed = 0;
+#endif /* def _WIN32 */
- weak_seed = (unsigned int)(time(NULL) | range);
- srand(weak_seed);
+ assert(range != 0);
+ assert(range > 0);
+
+ if (range <= 0) return 0;
+
+#ifdef HAVE_RANDOM
+ number = random() % range + 1;
+#elif defined(MUTEX_LOCKS_AVAILABLE)
+ privoxy_mutex_lock(&rand_mutex);
+#ifdef _WIN32
+ if (!seed)
+ {
+ seed = (unsigned long)(GetCurrentThreadId()+GetTickCount());
+ }
+ srand(seed);
+ seed = (unsigned long)((rand() << 16) + rand());
+#endif /* def _WIN32 */
+ number = (unsigned long)((rand() << 16) + (rand())) % (unsigned long)(range + 1);
+ privoxy_mutex_unlock(&rand_mutex);
+#else
/*
- * Some rand implementations aren't that random and return mostly
- * lower numbers. Low entropy doesn't matter for the header times,
- * but higher "random" factors are prefered.
+ * XXX: Which platforms reach this and are there
+ * better options than just using rand() and hoping
+ * that it's safe?
*/
- number = (rand() * 12345) % (long int)(range + 1);
- /* Overflows don't matter either, positive numbers do. */
- if(number<0)
+ log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Header time randomization "
+ "might cause crashes, predictable results or even combine these fine options.");
+ number = rand() % (long int)(range + 1);
+
+#endif /* (def HAVE_RANDOM) */
+
+ return number;
+}
+
+
+#ifdef USE_PRIVOXY_STRLCPY
+/*********************************************************************
+ *
+ * Function : privoxy_strlcpy
+ *
+ * Description : strlcpy(3) look-alike for those without decent libc.
+ *
+ * Parameters :
+ * 1 : destination: buffer to copy into.
+ * 2 : source: String to copy.
+ * 3 : size: Size of destination buffer.
+ *
+ * Returns : The length of the string that privoxy_strlcpy() tried to create.
+ *
+ *********************************************************************/
+size_t privoxy_strlcpy(char *destination, const char *source, const size_t size)
+{
+ if (0 < size)
{
- number*= -1;
+ snprintf(destination, size, "%s", source);
+ /*
+ * Platforms that lack strlcpy() also tend to have
+ * a broken snprintf implementation that doesn't
+ * guarantee nul termination.
+ *
+ * XXX: the configure script should detect and reject those.
+ */
+ destination[size-1] = '\0';
}
-#else
- number = random() % range + 1;
-#endif /* (ifndef HAVE_RANDOM) */
- return (number);
+ return strlen(source);
+}
+#endif /* def USE_PRIVOXY_STRLCPY */
+
+
+#ifndef HAVE_STRLCAT
+/*********************************************************************
+ *
+ * Function : privoxy_strlcat
+ *
+ * Description : strlcat(3) look-alike for those without decent libc.
+ *
+ * Parameters :
+ * 1 : destination: C string.
+ * 2 : source: String to copy.
+ * 3 : size: Size of destination buffer.
+ *
+ * Returns : The length of the string that privoxy_strlcat() tried to create.
+ *
+ *********************************************************************/
+size_t privoxy_strlcat(char *destination, const char *source, const size_t size)
+{
+ const size_t old_length = strlen(destination);
+ return old_length + strlcpy(destination + old_length, source, size - old_length);
}
+#endif /* ndef HAVE_STRLCAT */
-#ifndef HAVE_TIMEGM
+#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
/*********************************************************************
*
* Function : timegm
*
- * Description : libc replacement function for the inverse of gmtime()
+ * Description : libc replacement function for the inverse of gmtime().
* Copyright (C) 2004 Free Software Foundation, Inc.
- * Code copied from GnuPG with minor style changes.
+ *
+ * Code originally copied from GnuPG, modifications done
+ * for Privoxy: style changed, #ifdefs for _WIN32 added
+ * to have it work on mingw32.
+ *
+ * XXX: It's very unlikely to happen, but if the malloc()
+ * call fails the time zone will be permanently set to UTC.
*
* Parameters :
* 1 : tm: Broken-down time struct.
* Returns : tm converted into time_t seconds.
*
*********************************************************************/
-
time_t timegm(struct tm *tm)
{
time_t answer;
char *zone;
- zone=getenv("TZ");
+ zone = getenv("TZ");
putenv("TZ=UTC");
tzset();
- answer=mktime(tm);
- if(zone)
+ answer = mktime(tm);
+ if (zone)
{
char *old_zone;
- old_zone=malloc(3+strlen(zone)+1);
- if(old_zone)
+ old_zone = malloc(3 + strlen(zone) + 1);
+ if (old_zone)
{
- strcpy(old_zone,"TZ=");
- strcat(old_zone,zone);
- putenv(old_zone);
+ strcpy(old_zone, "TZ=");
+ strcat(old_zone, zone);
+ putenv(old_zone);
+#ifdef _WIN32
+ free(old_zone);
+#endif /* def _WIN32 */
}
}
else
{
#ifdef HAVE_UNSETENV
unsetenv("TZ");
+#elif defined(_WIN32)
+ putenv("TZ=");
#else
putenv("TZ");
#endif
}
tzset();
+
return answer;
}
-#endif /* (ifndef HAVE_TIMEGM) */
+#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
+#ifndef HAVE_SNPRINTF
/*
* What follows is a portable snprintf routine, written by Mark Martinec.
* See: http://www.ijs.si/software/snprintf/
- * Anyone who needs it can add a define for themselves... so far, only
- * OS/2 (native) lacks snprintf.
snprintf.c
- a portable implementation of snprintf,
*/
-#ifdef __OS2__
-
#define PORTABLE_SNPRINTF_VERSION_MAJOR 2
#define PORTABLE_SNPRINTF_VERSION_MINOR 2
return (int) str_l;
}
#endif
-#endif /* __OS2__ */
+#endif /* ndef HAVE_SNPRINTF */
/*
Local Variables:
tab-width: 3