X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=miscutil.c;h=ab1ccaed3c04c2adeb9a4ad3f3ee9af71f18d918;hp=5167546d30ef0cbd081c0a13ecc1840ec09546aa;hb=7d0d27186d473655bc895c40515277d4e6488439;hpb=1ec73e0ea959e24fecfea2e5cbd00518f5d582d1 diff --git a/miscutil.c b/miscutil.c index 5167546d..ab1ccaed 100644 --- a/miscutil.c +++ b/miscutil.c @@ -1,4 +1,4 @@ -const char miscutil_rcs[] = "$Id: miscutil.c,v 1.43 2006/09/23 13:26:38 roro Exp $"; +const char miscutil_rcs[] = "$Id: miscutil.c,v 1.53 2007/09/09 18:20:20 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/miscutil.c,v $ @@ -9,13 +9,21 @@ const char miscutil_rcs[] = "$Id: miscutil.c,v 1.43 2006/09/23 13:26:38 roro Exp * These are each too small to deserve their own file * but don't really fit in any other file. * - * Copyright : Written by and Copyright (C) 2001 the SourceForge - * Privoxy team. http://www.privoxy.org/ + * Copyright : Written by and Copyright (C) 2001-2007 + * the SourceForge Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written * by and Copyright (C) 1997 Anonymous Coders and * Junkbusters Corporation. http://www.junkbusters.com * + * The timegm replacement function was taken from GnuPG, + * Copyright (C) 2004 Free Software Foundation, Inc. + * + * The snprintf replacement function is written by + * Mark Martinec who also holds the copyright. It can be + * used under the terms of the GPL or the terms of the + * "Frontier Artistic License". + * * This program is free software; you can redistribute it * and/or modify it under the terms of the GNU General * Public License as published by the Free Software @@ -36,6 +44,50 @@ const char miscutil_rcs[] = "$Id: miscutil.c,v 1.43 2006/09/23 13:26:38 roro Exp * * Revisions : * $Log: miscutil.c,v $ + * Revision 1.53 2007/09/09 18:20:20 fabiankeil + * Turn privoxy_strlcpy() into a function and try to work with + * b0rked snprintf() implementations too. Reported by icmp30. + * + * Revision 1.52 2007/08/19 12:32:34 fabiankeil + * Fix a conversion warning. + * + * Revision 1.51 2007/06/17 16:12:22 fabiankeil + * #ifdef _WIN32 the last commit. According to David Shaw, + * one of the gnupg developers, the changes are mingw32-specific. + * + * Revision 1.50 2007/06/10 14:59:59 fabiankeil + * Change replacement timegm() to better match our style, plug a small + * but guaranteed memory leak and fix "time zone breathing" on mingw32. + * + * Revision 1.49 2007/05/11 11:48:15 fabiankeil + * - Delete strsav() which was replaced + * by string_append() years ago. + * - Add a strlcat() look-alike. + * - Use strlcat() and strlcpy() in those parts + * of the code that are run on unixes. + * + * Revision 1.48 2007/04/09 17:48:51 fabiankeil + * Check for HAVE_SNPRINTF instead of __OS2__ + * before including the portable snprintf() code. + * + * Revision 1.47 2007/03/17 11:52:15 fabiankeil + * - Use snprintf instead of sprintf. + * - Mention copyright for the replacement + * functions in the copyright header. + * + * Revision 1.46 2007/01/18 15:03:20 fabiankeil + * Don't include replacement timegm() if + * putenv() or tzset() isn't available. + * + * Revision 1.45 2006/12/26 17:31:41 fabiankeil + * Mutex protect rand() if POSIX threading + * is used, warn the user if that's not possible + * and stop using it on _WIN32 where it could + * cause crashes. + * + * Revision 1.44 2006/11/07 12:46:43 fabiankeil + * Silence compiler warning on NetBSD 3.1. + * * Revision 1.43 2006/09/23 13:26:38 roro * Replace TABs by spaces in source code. * @@ -260,9 +312,9 @@ const char miscutil_rcs[] = "$Id: miscutil.c,v 1.43 2006/09/23 13:26:38 roro Exp #include #include -#ifndef HAVE_TIMEGM +#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) #include -#endif /* #ifndef HAVE_TIMEGM */ +#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */ #include "project.h" #include "miscutil.h" @@ -355,7 +407,7 @@ unsigned int hash_string( const char* s ) for ( ; *s; ++s ) { - h = 5 * h + *s; + h = 5 * h + (unsigned int)*s; } return (h); @@ -423,7 +475,7 @@ char *safe_strerror(int err) if (s == NULL) { - sprintf(buf, "(errno = %d)", err); + snprintf(buf, sizeof(buf), "(errno = %d)", err); s = buf; } @@ -551,59 +603,6 @@ char *chomp(char *string) } -/********************************************************************* - * - * Function : strsav - * - * Description : Reallocate "old" and append text to it. This makes - * it easier to append to malloc'd strings. - * Running out of memory is a FATAL error. - * - * Parameters : - * 1 : old = Old text that is to be extended. Will be - * free()d by this routine. May be NULL. - * 2 : text_to_append = Text to be appended to old. - * May be NULL. - * - * Returns : Pointer to newly malloc'ed appended string. - * If there is no text to append, return old. Caller - * must free(). - * - *********************************************************************/ -char *strsav(char *old, const char *text_to_append) -{ - size_t old_len, new_len = 0; - char *p; - - if ((text_to_append == NULL) || (*text_to_append == '\0')) - { - return(old); - } - - if (NULL == old) - { - if ((p = strdup(text_to_append)) == NULL) - { - log_error(LOG_LEVEL_FATAL, "strdup() failed!"); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - } - return p; - } - - old_len = strlen(old); - new_len = old_len + strlen(text_to_append) + 1; - - if ((p = realloc(old, new_len)) == NULL) - { - log_error(LOG_LEVEL_FATAL, "realloc(%d) bytes failed!", new_len); - /* Never get here - LOG_LEVEL_FATAL causes program exit */ - } - - strcpy(p + old_len, text_to_append); - return(p); -} - - /********************************************************************* * * Function : string_append @@ -656,6 +655,7 @@ jb_err string_append(char **target_string, const char *text_to_append) { size_t old_len; char *new_string; + size_t new_size; assert(target_string); assert(text_to_append); @@ -672,8 +672,9 @@ jb_err string_append(char **target_string, const char *text_to_append) old_len = strlen(*target_string); - if (NULL == (new_string = realloc(*target_string, - strlen(text_to_append) + old_len + 1))) + new_size = strlen(text_to_append) + old_len + 1; + + if (NULL == (new_string = realloc(*target_string, new_size))) { free(*target_string); @@ -681,7 +682,7 @@ jb_err string_append(char **target_string, const char *text_to_append) return JB_ERR_MEMORY; } - strcpy(new_string + old_len, text_to_append); + strlcpy(new_string + old_len, text_to_append, new_size - old_len); *target_string = new_string; return JB_ERR_OK; @@ -770,7 +771,7 @@ char *string_toupper(const char *string) while (*q != '\0') { - *p++ = toupper((int) *q++); + *p++ = (char)toupper((int) *q++); } return result; @@ -991,13 +992,17 @@ char * make_path(const char * dir, const char * file) strncpy(path,dir,512); } path[511]=0; - } else { + } + else + { path[0]=0; } if(AddPart(path,file,512)) { return strdup(path); - } else { + } + else + { return NULL; } #else /* ndef AMIGA */ @@ -1020,42 +1025,41 @@ char * make_path(const char * dir, const char * file) else { char * path; + size_t path_size = strlen(dir) + strlen(file) + 2; /* +2 for trailing (back)slash and \0 */ #if defined(unix) if ( *dir != '/' && basedir && *basedir ) { - path = malloc( strlen( basedir ) + strlen(dir) + strlen(file) + 3); + /* + * Relative path, so start with the base directory. + */ + path_size += strlen(basedir) + 1; /* +1 for the slash */ + path = malloc(path_size); if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!"); - strcpy(path, basedir); - strcat(path, "/"); - strcat(path, dir); + strlcpy(path, basedir, path_size); + strlcat(path, "/", path_size); + strlcat(path, dir, path_size); } else +#endif /* defined unix */ { - path = malloc(strlen(dir) + strlen(file) + 2); + path = malloc(path_size); if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!"); - strcpy(path, dir); + strlcpy(path, dir, path_size); } -#else - - path = malloc(strlen(dir) + strlen(file) + 2); - if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!"); - strcpy(path, dir); - -#endif /* defined unix */ #if defined(_WIN32) || defined(__OS2__) if(path[strlen(path)-1] != '\\') { - strcat(path, "\\"); + strlcat(path, "\\", path_size); } #else /* ifndef _WIN32 || __OS2__ */ if(path[strlen(path)-1] != '/') { - strcat(path, "/"); + strlcat(path, "/", path_size); } #endif /* ifndef _WIN32 || __OS2__ */ - strcat(path, file); + strlcat(path, file, path_size); return path; } @@ -1077,41 +1081,115 @@ char * make_path(const char * dir, const char * file) * Returns : Picked number. * *********************************************************************/ - long int pick_from_range(long int range) { long int number; -#ifndef HAVE_RANDOM - unsigned int weak_seed; - - weak_seed = (unsigned int)((unsigned int)time(NULL) | (unsigned int)range); - srand(weak_seed); +#ifdef HAVE_RANDOM + number = random() % range + 1; +#elif defined(FEATURE_PTHREAD) + pthread_mutex_lock(&rand_mutex); + number = rand() % (long int)(range + 1); + pthread_mutex_unlock(&rand_mutex); +#else +#ifdef _WIN32 /* - * Some rand implementations aren't that random and return mostly - * lower numbers. Low entropy doesn't matter for the header times, - * but higher "random" factors are prefered. + * On Windows and mingw32 srand() has to be called in every + * rand()-using thread, but can cause crashes if it's not + * mutex protected. + * + * Currently we don't have mutexes for mingw32, and for + * our purpose this cludge is probably preferable to crashes. */ - number = (rand() * 12345) % (long int)(range + 1); - /* Overflows don't matter either, positive numbers do. */ - if(number<0) - { - number*= -1; - } + log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Using weak \'randomization\' factor."); + number = (range + GetCurrentThreadId() % range) / 2; #else - number = random() % range + 1; -#endif /* (ifndef HAVE_RANDOM) */ + /* + * XXX: Which platforms reach this and are there + * better options than just using rand() and hoping + * that it's safe? + */ + log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Header time randomization might cause " + "crashes, predictable results or even combine these fine options."); + number = rand() % (long int)(range + 1); +#endif /* def _WIN32 */ + +#endif /* (def HAVE_RANDOM) */ + return (number); } -#ifndef HAVE_TIMEGM +#ifdef USE_PRIVOXY_STRLCPY +/********************************************************************* + * + * Function : privoxy_strlcpy + * + * Description : strlcpy(3) look-alike for those without decent libc. + * + * Parameters : + * 1 : destination: buffer to copy into. + * 2 : source: String to copy. + * 3 : size: Size of destination buffer. + * + * Returns : The length of the string that privoxy_strlcpy() tried to create. + * + *********************************************************************/ +size_t privoxy_strlcpy(char *destination, const char *source, const size_t size) +{ + if (0 < size) + { + snprintf(destination, size, "%s", source); + /* + * Platforms that lack strlcpy() also tend to have + * a broken snprintf implementation that doesn't + * guarantee nul termination. + * + * XXX: the configure script should detect and reject those. + */ + destination[size-1] = '\0'; + } + return strlen(source); +} +#endif /* def USE_PRIVOXY_STRLCPY */ + + +#ifndef HAVE_STRLCAT +/********************************************************************* + * + * Function : privoxy_strlcat + * + * Description : strlcat(3) look-alike for those without decent libc. + * + * Parameters : + * 1 : destination: C string. + * 2 : source: String to copy. + * 3 : size: Size of destination buffer. + * + * Returns : The length of the string that privoxy_strlcat() tried to create. + * + *********************************************************************/ +size_t privoxy_strlcat(char *destination, const char *source, const size_t size) +{ + const size_t old_length = strlen(destination); + return old_length + strlcpy(destination + old_length, source, size - old_length); +} +#endif /* ndef HAVE_STRLCAT */ + + +#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) /********************************************************************* * * Function : timegm * - * Description : libc replacement function for the inverse of gmtime() + * Description : libc replacement function for the inverse of gmtime(). * Copyright (C) 2004 Free Software Foundation, Inc. - * Code copied from GnuPG with minor style changes. + * + * Code originally copied from GnuPG, modifications done + * for Privoxy: style changed, #ifdefs for _WIN32 added + * to have it work on mingw32. + * + * XXX: It's very unlikely to happen, but if the malloc() + * call fails the time zone will be permanently set to UTC. * * Parameters : * 1 : tm: Broken-down time struct. @@ -1119,47 +1197,51 @@ long int pick_from_range(long int range) * Returns : tm converted into time_t seconds. * *********************************************************************/ - time_t timegm(struct tm *tm) { time_t answer; char *zone; - zone=getenv("TZ"); + zone = getenv("TZ"); putenv("TZ=UTC"); tzset(); - answer=mktime(tm); - if(zone) + answer = mktime(tm); + if (zone) { char *old_zone; - old_zone=malloc(3+strlen(zone)+1); - if(old_zone) + old_zone = malloc(3 + strlen(zone) + 1); + if (old_zone) { - strcpy(old_zone,"TZ="); - strcat(old_zone,zone); + strcpy(old_zone, "TZ="); + strcat(old_zone, zone); putenv(old_zone); +#ifdef _WIN32 + free(old_zone); +#endif /* def _WIN32 */ } } else { #ifdef HAVE_UNSETENV unsetenv("TZ"); +#elif defined(_WIN32) + putenv("TZ="); #else putenv("TZ"); #endif } tzset(); + return answer; } -#endif /* (ifndef HAVE_TIMEGM) */ +#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */ +#ifndef HAVE_SNPRINTF /* * What follows is a portable snprintf routine, written by Mark Martinec. * See: http://www.ijs.si/software/snprintf/ - * Anyone who needs it can add a define for themselves... so far, only - * OS/2 (native) lacks snprintf. snprintf.c - a portable implementation of snprintf, @@ -1181,8 +1263,6 @@ Author */ -#ifdef __OS2__ - #define PORTABLE_SNPRINTF_VERSION_MAJOR 2 #define PORTABLE_SNPRINTF_VERSION_MINOR 2 @@ -1922,7 +2002,7 @@ int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap) { return (int) str_l; } #endif -#endif /* __OS2__ */ +#endif /* ndef HAVE_SNPRINTF */ /* Local Variables: tab-width: 3