1 const char miscutil_rcs[] = "$Id: miscutil.c,v 1.58 2008/04/17 14:53:30 fabiankeil Exp $";
2 /*********************************************************************
4 * File : $Source: /cvsroot/ijbswa/current/miscutil.c,v $
6 * Purpose : zalloc, hash_string, safe_strerror, strcmpic,
7 * strncmpic, chomp, and MinGW32 strdup
9 * These are each too small to deserve their own file
10 * but don't really fit in any other file.
12 * Copyright : Written by and Copyright (C) 2001-2007
13 * the SourceForge Privoxy team. http://www.privoxy.org/
15 * Based on the Internet Junkbuster originally written
16 * by and Copyright (C) 1997 Anonymous Coders and
17 * Junkbusters Corporation. http://www.junkbusters.com
19 * The timegm replacement function was taken from GnuPG,
20 * Copyright (C) 2004 Free Software Foundation, Inc.
22 * The snprintf replacement function is written by
23 * Mark Martinec who also holds the copyright. It can be
24 * used under the terms of the GPL or the terms of the
25 * "Frontier Artistic License".
27 * This program is free software; you can redistribute it
28 * and/or modify it under the terms of the GNU General
29 * Public License as published by the Free Software
30 * Foundation; either version 2 of the License, or (at
31 * your option) any later version.
33 * This program is distributed in the hope that it will
34 * be useful, but WITHOUT ANY WARRANTY; without even the
35 * implied warranty of MERCHANTABILITY or FITNESS FOR A
36 * PARTICULAR PURPOSE. See the GNU General Public
37 * License for more details.
39 * The GNU General Public License should be included with
40 * this file. If not, you can view it at
41 * http://www.gnu.org/copyleft/gpl.html
42 * or write to the Free Software Foundation, Inc., 59
43 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
46 * $Log: miscutil.c,v $
47 * Revision 1.58 2008/04/17 14:53:30 fabiankeil
48 * Move simplematch() into urlmatch.c as it's only
49 * used to match (old-school) domain patterns.
51 * Revision 1.57 2008/03/24 15:29:51 fabiankeil
54 * Revision 1.56 2007/12/01 12:59:05 fabiankeil
55 * Some sanity checks for pick_from_range().
57 * Revision 1.55 2007/11/03 17:34:49 fabiankeil
58 * Log the "weak randomization factor" warning only
59 * once for mingw32 and provide some more details.
61 * Revision 1.54 2007/09/19 20:28:37 fabiankeil
62 * If privoxy_strlcpy() is called with a "buffer" size
63 * of 0, don't touch whatever destination points to.
65 * Revision 1.53 2007/09/09 18:20:20 fabiankeil
66 * Turn privoxy_strlcpy() into a function and try to work with
67 * b0rked snprintf() implementations too. Reported by icmp30.
69 * Revision 1.52 2007/08/19 12:32:34 fabiankeil
70 * Fix a conversion warning.
72 * Revision 1.51 2007/06/17 16:12:22 fabiankeil
73 * #ifdef _WIN32 the last commit. According to David Shaw,
74 * one of the gnupg developers, the changes are mingw32-specific.
76 * Revision 1.50 2007/06/10 14:59:59 fabiankeil
77 * Change replacement timegm() to better match our style, plug a small
78 * but guaranteed memory leak and fix "time zone breathing" on mingw32.
80 * Revision 1.49 2007/05/11 11:48:15 fabiankeil
81 * - Delete strsav() which was replaced
82 * by string_append() years ago.
83 * - Add a strlcat() look-alike.
84 * - Use strlcat() and strlcpy() in those parts
85 * of the code that are run on unixes.
87 * Revision 1.48 2007/04/09 17:48:51 fabiankeil
88 * Check for HAVE_SNPRINTF instead of __OS2__
89 * before including the portable snprintf() code.
91 * Revision 1.47 2007/03/17 11:52:15 fabiankeil
92 * - Use snprintf instead of sprintf.
93 * - Mention copyright for the replacement
94 * functions in the copyright header.
96 * Revision 1.46 2007/01/18 15:03:20 fabiankeil
97 * Don't include replacement timegm() if
98 * putenv() or tzset() isn't available.
100 * Revision 1.45 2006/12/26 17:31:41 fabiankeil
101 * Mutex protect rand() if POSIX threading
102 * is used, warn the user if that's not possible
103 * and stop using it on _WIN32 where it could
106 * Revision 1.44 2006/11/07 12:46:43 fabiankeil
107 * Silence compiler warning on NetBSD 3.1.
109 * Revision 1.43 2006/09/23 13:26:38 roro
110 * Replace TABs by spaces in source code.
112 * Revision 1.42 2006/09/09 14:01:45 fabiankeil
113 * Integrated Oliver Yeoh's domain pattern fix
114 * to make sure *x matches xx. Closes Patch 1217393
117 * Revision 1.41 2006/08/18 16:03:17 david__schmidt
118 * Tweak for OS/2 build happiness.
120 * Revision 1.40 2006/08/17 17:15:10 fabiankeil
121 * - Back to timegm() using GnuPG's replacement if necessary.
122 * Using mktime() and localtime() could add a on hour offset if
123 * the randomize factor was big enough to lead to a summer/wintertime
126 * - Removed now-useless Privoxy 3.0.3 compatibility glue.
128 * - Moved randomization code into pick_from_range().
130 * - Changed parse_header_time definition.
131 * time_t isn't guaranteed to be signed and
132 * if it isn't, -1 isn't available as error code.
133 * Changed some variable types in client_if_modified_since()
134 * because of the same reason.
136 * Revision 1.39 2006/07/18 14:48:46 david__schmidt
137 * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
138 * with what was really the latest development (the v_3_0_branch branch)
140 * Revision 1.37.2.4 2003/12/01 14:45:14 oes
141 * Fixed two more problems with wildcarding in simplematch()
143 * Revision 1.37.2.3 2003/11/20 11:39:24 oes
144 * Bugfix: The "?" wildcard for domain names had never been implemented. Ooops\!
146 * Revision 1.37.2.2 2002/11/12 14:28:18 oes
147 * Proper backtracking in simplematch; fixes bug #632888
149 * Revision 1.37.2.1 2002/09/25 12:58:51 oes
150 * Made strcmpic and strncmpic safe against NULL arguments
151 * (which are now treated as empty strings).
153 * Revision 1.37 2002/04/26 18:29:43 jongfoster
154 * Fixing this Visual C++ warning:
155 * miscutil.c(710) : warning C4090: '=' : different 'const' qualifiers
157 * Revision 1.36 2002/04/26 12:55:38 oes
158 * New function string_toupper
160 * Revision 1.35 2002/03/26 22:29:55 swa
161 * we have a new homepage!
163 * Revision 1.34 2002/03/24 13:25:43 swa
164 * name change related issues
166 * Revision 1.33 2002/03/07 03:46:53 oes
167 * Fixed compiler warnings etc
169 * Revision 1.32 2002/03/06 23:02:57 jongfoster
172 * Revision 1.31 2002/03/05 04:52:42 oes
173 * Deleted non-errlog debugging code
175 * Revision 1.30 2002/03/04 18:27:42 oes
176 * - Deleted deletePidFile
177 * - Made write_pid_file use the --pidfile option value
178 * (or no PID file, if the option was absent)
179 * - Played styleguide police
181 * Revision 1.29 2002/03/04 02:08:02 david__schmidt
182 * Enable web editing of actions file on OS/2 (it had been broken all this time!)
184 * Revision 1.28 2002/03/03 09:18:03 joergs
185 * Made jumbjuster work on AmigaOS again.
187 * Revision 1.27 2002/01/21 00:52:32 jongfoster
188 * Adding string_join()
190 * Revision 1.26 2001/12/30 14:07:32 steudten
191 * - Add signal handling (unix)
192 * - Add SIGHUP handler (unix)
193 * - Add creation of pidfile (unix)
194 * - Add action 'top' in rc file (RH)
195 * - Add entry 'SIGNALS' to manpage
196 * - Add exit message to logfile (unix)
198 * Revision 1.25 2001/11/13 00:16:38 jongfoster
199 * Replacing references to malloc.h with the standard stdlib.h
200 * (See ANSI or K&R 2nd Ed)
202 * Revision 1.24 2001/11/05 21:41:43 steudten
203 * Add changes to be a real daemon just for unix os.
204 * (change cwd to /, detach from controlling tty, set
205 * process group and session leader to the own process.
207 * Add some fatal-error log message for failed malloc().
208 * Add '-d' if compiled with 'configure --with-debug' to
209 * enable debug output.
211 * Revision 1.23 2001/10/29 03:48:10 david__schmidt
212 * OS/2 native needed a snprintf() routine. Added one to miscutil, brackedted
213 * by and __OS2__ ifdef.
215 * Revision 1.22 2001/10/26 17:39:38 oes
216 * Moved ijb_isspace and ijb_tolower to project.h
218 * Revision 1.21 2001/10/23 21:27:50 jongfoster
219 * Standardising error codes in string_append
220 * make_path() no longer adds '\\' if the dir already ends in '\\' (this
221 * is just copying a UNIX-specific fix to the Windows-specific part)
223 * Revision 1.20 2001/10/22 15:33:56 david__schmidt
224 * Special-cased OS/2 out of the Netscape-abort-on-404-in-js problem in
225 * filters.c. Added a FIXME in front of the offending code. I'll gladly
226 * put in a better/more robust fix for all parties if one is presented...
227 * It seems that just returning 200 instead of 404 would pretty much fix
228 * it for everyone, but I don't know all the history of the problem.
230 * Revision 1.19 2001/10/14 22:02:57 jongfoster
231 * New function string_append() which is like strsav(), but running
232 * out of memory isn't automatically FATAL.
234 * Revision 1.18 2001/09/20 13:33:43 steudten
236 * change long to int as return value in hash_string(). Remember the wraparound
237 * for int = long = sizeof(4) - thats maybe not what we want.
239 * Revision 1.17 2001/09/13 20:51:29 jongfoster
240 * Fixing potential problems with characters >=128 in simplematch()
241 * This was also a compiler warning.
243 * Revision 1.16 2001/09/10 10:56:59 oes
244 * Silenced compiler warnings
246 * Revision 1.15 2001/07/13 14:02:24 oes
247 * Removed vim-settings
249 * Revision 1.14 2001/06/29 21:45:41 oes
250 * Indentation, CRLF->LF, Tab-> Space
252 * Revision 1.13 2001/06/29 13:32:14 oes
253 * Removed logentry from cancelled commit
255 * Revision 1.12 2001/06/09 10:55:28 jongfoster
256 * Changing BUFSIZ ==> BUFFER_SIZE
258 * Revision 1.11 2001/06/07 23:09:19 jongfoster
259 * Cosmetic indentation changes.
261 * Revision 1.10 2001/06/07 14:51:38 joergs
262 * make_path() no longer adds '/' if the dir already ends in '/'.
264 * Revision 1.9 2001/06/07 14:43:17 swa
265 * slight mistake in make_path, unix path style is /.
267 * Revision 1.8 2001/06/05 22:32:01 jongfoster
268 * New function make_path() to splice directory and file names together.
270 * Revision 1.7 2001/06/03 19:12:30 oes
271 * introduced bindup()
273 * Revision 1.6 2001/06/01 18:14:49 jongfoster
274 * Changing the calls to strerr() to check HAVE_STRERR (which is defined
275 * in config.h if appropriate) rather than the NO_STRERR macro.
277 * Revision 1.5 2001/06/01 10:31:51 oes
278 * Added character class matching to trivimatch; renamed to simplematch
280 * Revision 1.4 2001/05/31 17:32:31 oes
282 * - Enhanced domain part globbing with infix and prefix asterisk
283 * matching and optional unanchored operation
285 * Revision 1.3 2001/05/29 23:10:09 oes
288 * - Introduced chomp()
289 * - Moved strsav() from showargs to miscutil
291 * Revision 1.2 2001/05/29 09:50:24 jongfoster
292 * Unified blocklist/imagelist/permissionslist.
293 * File format is still under discussion, but the internal changes
296 * Also modified interceptor behaviour:
297 * - We now intercept all URLs beginning with one of the following
298 * prefixes (and *only* these prefixes):
300 * * http://ijbswa.sf.net/config/
301 * * http://ijbswa.sourceforge.net/config/
302 * - New interceptors "home page" - go to http://i.j.b/ to see it.
303 * - Internal changes so that intercepted and fast redirect pages
304 * are not replaced with an image.
305 * - Interceptors now have the option to send a binary page direct
306 * to the client. (i.e. ijb-send-banner uses this)
307 * - Implemented show-url-info interceptor. (Which is why I needed
308 * the above interceptors changes - a typical URL is
309 * "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
310 * The previous mechanism would not have intercepted that, and
311 * if it had been intercepted then it then it would have replaced
314 * Revision 1.1.1.1 2001/05/15 13:59:00 oes
315 * Initial import of version 2.9.3 source tree
318 *********************************************************************/
324 #include <sys/types.h>
326 #if !defined(_WIN32) && !defined(__OS2__)
328 #endif /* #if !defined(_WIN32) && !defined(__OS2__) */
333 #if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
335 #endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
338 #include "miscutil.h"
342 const char miscutil_h_rcs[] = MISCUTIL_H_VERSION;
344 /*********************************************************************
348 * Description : Malloc some memory and set it to '\0'.
349 * The way calloc() ought to be -acjc
352 * 1 : size = Size of memory chunk to return.
354 * Returns : Pointer to newly malloc'd memory chunk.
356 *********************************************************************/
357 void *zalloc(size_t size)
361 if ((ret = (void *)malloc(size)) != NULL)
363 memset(ret, 0, size);
372 /*********************************************************************
374 * Function : write_pid_file
376 * Description : Writes a pid file with the pid of the main process
382 *********************************************************************/
383 void write_pid_file(void)
388 * If no --pidfile option was given,
389 * we can live without one.
391 if (pidfile == NULL) return;
393 if ((fp = fopen(pidfile, "w")) == NULL)
395 log_error(LOG_LEVEL_INFO, "can't open pidfile '%s': %E", pidfile);
399 fprintf(fp, "%u\n", (unsigned int) getpid());
405 #endif /* def unix */
408 /*********************************************************************
410 * Function : hash_string
412 * Description : Take a string and compute a (hopefuly) unique numeric
413 * integer value. This has several uses, but being able
414 * to "switch" a string the one of my favorites.
417 * 1 : s : string to be hashed.
419 * Returns : an unsigned long variable with the hashed value.
421 *********************************************************************/
422 unsigned int hash_string( const char* s )
428 h = 5 * h + (unsigned int)*s;
437 /*********************************************************************
441 * Description : For some reason (which is beyond me), gcc and WIN32
442 * don't like strdup. When a "free" is executed on a
443 * strdup'd ptr, it can at times freez up! So I just
444 * replaced it and problem was solved.
447 * 1 : s = string to duplicate
449 * Returns : Pointer to newly malloc'ed copy of the string.
451 *********************************************************************/
452 char *strdup( const char *s )
454 char * result = (char *)malloc( strlen(s)+1 );
464 #endif /* def __MINGW32__ */
468 /*********************************************************************
470 * Function : safe_strerror
472 * Description : Variant of the library routine strerror() which will
473 * work on systems without the library routine, and
474 * which should never return NULL.
477 * 1 : err = the `errno' of the last operation.
479 * Returns : An "English" string of the last `errno'. Allocated
480 * with strdup(), so caller frees. May be NULL if the
481 * system is out of memory.
483 *********************************************************************/
484 char *safe_strerror(int err)
487 char buf[BUFFER_SIZE];
492 #endif /* HAVE_STRERROR */
496 snprintf(buf, sizeof(buf), "(errno = %d)", err);
505 /*********************************************************************
507 * Function : strcmpic
509 * Description : Case insensitive string comparison
512 * 1 : s1 = string 1 to compare
513 * 2 : s2 = string 2 to compare
515 * Returns : 0 if s1==s2, Negative if s1<s2, Positive if s1>s2
517 *********************************************************************/
518 int strcmpic(const char *s1, const char *s2)
525 if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
531 return(ijb_tolower(*s1) - ijb_tolower(*s2));
536 /*********************************************************************
538 * Function : strncmpic
540 * Description : Case insensitive string comparison (upto n characters)
543 * 1 : s1 = string 1 to compare
544 * 2 : s2 = string 2 to compare
545 * 3 : n = maximum characters to compare
547 * Returns : 0 if s1==s2, Negative if s1<s2, Positive if s1>s2
549 *********************************************************************/
550 int strncmpic(const char *s1, const char *s2, size_t n)
552 if (n <= 0) return(0);
558 if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
567 return(ijb_tolower(*s1) - ijb_tolower(*s2));
572 /*********************************************************************
576 * Description : In-situ-eliminate all leading and trailing whitespace
580 * 1 : s : string to be chomped.
582 * Returns : chomped string
584 *********************************************************************/
585 char *chomp(char *string)
590 * strip trailing whitespace
592 p = string + strlen(string);
593 while (p > string && ijb_isspace(*(p-1)))
600 * find end of leading whitespace
603 while (*q && ijb_isspace(*q))
609 * if there was any, move the rest forwards
624 /*********************************************************************
626 * Function : string_append
628 * Description : Reallocate target_string and append text to it.
629 * This makes it easier to append to malloc'd strings.
630 * This is similar to the (removed) strsav(), but
631 * running out of memory isn't catastrophic.
635 * The following style provides sufficient error
636 * checking for this routine, with minimal clutter
637 * in the source code. It is recommended if you
638 * have many calls to this function:
640 * char * s = strdup(...); // don't check for error
641 * string_append(&s, ...); // don't check for error
642 * string_append(&s, ...); // don't check for error
643 * string_append(&s, ...); // don't check for error
644 * if (NULL == s) { ... handle error ... }
648 * char * s = strdup(...); // don't check for error
649 * string_append(&s, ...); // don't check for error
650 * string_append(&s, ...); // don't check for error
651 * if (string_append(&s, ...)) {... handle error ...}
654 * 1 : target_string = Pointer to old text that is to be
655 * extended. *target_string will be free()d by this
656 * routine. target_string must be non-NULL.
657 * If *target_string is NULL, this routine will
658 * do nothing and return with an error - this allows
659 * you to make many calls to this routine and only
660 * check for errors after the last one.
661 * 2 : text_to_append = Text to be appended to old.
664 * Returns : JB_ERR_OK on success, and sets *target_string
665 * to newly malloc'ed appended string. Caller
666 * must free(*target_string).
667 * JB_ERR_MEMORY on out-of-memory. (And free()s
668 * *target_string and sets it to NULL).
669 * JB_ERR_MEMORY if *target_string is NULL.
671 *********************************************************************/
672 jb_err string_append(char **target_string, const char *text_to_append)
678 assert(target_string);
679 assert(text_to_append);
681 if (*target_string == NULL)
683 return JB_ERR_MEMORY;
686 if (*text_to_append == '\0')
691 old_len = strlen(*target_string);
693 new_size = strlen(text_to_append) + old_len + 1;
695 if (NULL == (new_string = realloc(*target_string, new_size)))
697 free(*target_string);
699 *target_string = NULL;
700 return JB_ERR_MEMORY;
703 strlcpy(new_string + old_len, text_to_append, new_size - old_len);
705 *target_string = new_string;
710 /*********************************************************************
712 * Function : string_join
714 * Description : Join two strings together. Frees BOTH the original
715 * strings. If either or both input strings are NULL,
716 * fails as if it had run out of memory.
718 * For comparison, string_append requires that the
719 * second string is non-NULL, and doesn't free it.
721 * Rationale: Too often, we want to do
722 * string_append(s, html_encode(s2)). That assert()s
723 * if s2 is NULL or if html_encode() runs out of memory.
724 * It also leaks memory. Proper checking is cumbersome.
725 * The solution: string_join(s, html_encode(s2)) is safe,
726 * and will free the memory allocated by html_encode().
729 * 1 : target_string = Pointer to old text that is to be
730 * extended. *target_string will be free()d by this
731 * routine. target_string must be non-NULL.
732 * 2 : text_to_append = Text to be appended to old.
734 * Returns : JB_ERR_OK on success, and sets *target_string
735 * to newly malloc'ed appended string. Caller
736 * must free(*target_string).
737 * JB_ERR_MEMORY on out-of-memory, or if
738 * *target_string or text_to_append is NULL. (In
739 * this case, frees *target_string and text_to_append,
740 * sets *target_string to NULL).
742 *********************************************************************/
743 jb_err string_join(char **target_string, char *text_to_append)
747 assert(target_string);
749 if (text_to_append == NULL)
751 freez(*target_string);
752 return JB_ERR_MEMORY;
755 err = string_append(target_string, text_to_append);
757 free(text_to_append);
763 /*********************************************************************
765 * Function : string_toupper
767 * Description : Produce a copy of string with all convertible
768 * characters converted to uppercase.
771 * 1 : string = string to convert
773 * Returns : Uppercase copy of string if possible,
774 * NULL on out-of-memory or if string was NULL.
776 *********************************************************************/
777 char *string_toupper(const char *string)
782 if (!string || ((result = (char *) zalloc(strlen(string) + 1)) == NULL))
792 *p++ = (char)toupper((int) *q++);
800 /*********************************************************************
804 * Description : Duplicate the first n characters of a string that may
805 * contain '\0' characters.
808 * 1 : string = string to be duplicated
809 * 2 : len = number of bytes to duplicate
811 * Returns : pointer to copy, or NULL if failiure
813 *********************************************************************/
814 char *bindup(const char *string, size_t len)
818 if (NULL == (duplicate = (char *)malloc(len)))
824 memcpy(duplicate, string, len);
832 /*********************************************************************
834 * Function : make_path
836 * Description : Takes a directory name and a file name, returns
837 * the complete path. Handles windows/unix differences.
838 * If the file name is already an absolute path, or if
839 * the directory name is NULL or empty, it returns
843 * 1 : dir: Name of directory or NULL for none.
844 * 2 : file: Name of file. Should not be NULL or empty.
846 * Returns : "dir/file" (Or on windows, "dir\file").
847 * It allocates the string on the heap. Caller frees.
848 * Returns NULL in error (i.e. NULL file or out of
851 *********************************************************************/
852 char * make_path(const char * dir, const char * file)
863 strncpy(path,dir+2,512);
867 strncpy(path,dir+1,512);
872 strncpy(path,dir,512);
880 if(AddPart(path,file,512))
888 #else /* ndef AMIGA */
890 if ((file == NULL) || (*file == '\0'))
892 return NULL; /* Error */
895 if ((dir == NULL) || (*dir == '\0') /* No directory specified */
896 #if defined(_WIN32) || defined(__OS2__)
897 || (*file == '\\') || (file[1] == ':') /* Absolute path (DOS) */
898 #else /* ifndef _WIN32 || __OS2__ */
899 || (*file == '/') /* Absolute path (U*ix) */
900 #endif /* ifndef _WIN32 || __OS2__ */
908 size_t path_size = strlen(dir) + strlen(file) + 2; /* +2 for trailing (back)slash and \0 */
911 if ( *dir != '/' && basedir && *basedir )
914 * Relative path, so start with the base directory.
916 path_size += strlen(basedir) + 1; /* +1 for the slash */
917 path = malloc(path_size);
918 if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
919 strlcpy(path, basedir, path_size);
920 strlcat(path, "/", path_size);
921 strlcat(path, dir, path_size);
924 #endif /* defined unix */
926 path = malloc(path_size);
927 if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
928 strlcpy(path, dir, path_size);
931 #if defined(_WIN32) || defined(__OS2__)
932 if(path[strlen(path)-1] != '\\')
934 strlcat(path, "\\", path_size);
936 #else /* ifndef _WIN32 || __OS2__ */
937 if(path[strlen(path)-1] != '/')
939 strlcat(path, "/", path_size);
941 #endif /* ifndef _WIN32 || __OS2__ */
942 strlcat(path, file, path_size);
946 #endif /* ndef AMIGA */
950 /*********************************************************************
952 * Function : pick_from_range
954 * Description : Pick a positive number out of a given range.
955 * Should only be used if randomness would be nice,
956 * but isn't really necessary.
959 * 1 : range: Highest possible number to pick.
961 * Returns : Picked number.
963 *********************************************************************/
964 long int pick_from_range(long int range)
971 if (range <= 0) return 0;
974 number = random() % range + 1;
975 #elif defined(FEATURE_PTHREAD)
976 privoxy_mutex_lock(&rand_mutex);
977 number = rand() % (long int)(range + 1);
978 privoxy_mutex_unlock(&rand_mutex);
982 * On Windows and mingw32 srand() has to be called in every
983 * rand()-using thread, but can cause crashes if it's not
986 * Currently we don't have mutexes for mingw32, and for
987 * our purpose this cludge is probably preferable to crashes.
989 * The warning is shown once on startup from jcc.c.
991 number = (range + GetCurrentThreadId() % range) / 2;
994 * XXX: Which platforms reach this and are there
995 * better options than just using rand() and hoping
998 log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Header time randomization might cause "
999 "crashes, predictable results or even combine these fine options.");
1000 number = rand() % (long int)(range + 1);
1001 #endif /* def _WIN32 */
1003 #endif /* (def HAVE_RANDOM) */
1009 #ifdef USE_PRIVOXY_STRLCPY
1010 /*********************************************************************
1012 * Function : privoxy_strlcpy
1014 * Description : strlcpy(3) look-alike for those without decent libc.
1017 * 1 : destination: buffer to copy into.
1018 * 2 : source: String to copy.
1019 * 3 : size: Size of destination buffer.
1021 * Returns : The length of the string that privoxy_strlcpy() tried to create.
1023 *********************************************************************/
1024 size_t privoxy_strlcpy(char *destination, const char *source, const size_t size)
1028 snprintf(destination, size, "%s", source);
1030 * Platforms that lack strlcpy() also tend to have
1031 * a broken snprintf implementation that doesn't
1032 * guarantee nul termination.
1034 * XXX: the configure script should detect and reject those.
1036 destination[size-1] = '\0';
1038 return strlen(source);
1040 #endif /* def USE_PRIVOXY_STRLCPY */
1043 #ifndef HAVE_STRLCAT
1044 /*********************************************************************
1046 * Function : privoxy_strlcat
1048 * Description : strlcat(3) look-alike for those without decent libc.
1051 * 1 : destination: C string.
1052 * 2 : source: String to copy.
1053 * 3 : size: Size of destination buffer.
1055 * Returns : The length of the string that privoxy_strlcat() tried to create.
1057 *********************************************************************/
1058 size_t privoxy_strlcat(char *destination, const char *source, const size_t size)
1060 const size_t old_length = strlen(destination);
1061 return old_length + strlcpy(destination + old_length, source, size - old_length);
1063 #endif /* ndef HAVE_STRLCAT */
1066 #if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
1067 /*********************************************************************
1071 * Description : libc replacement function for the inverse of gmtime().
1072 * Copyright (C) 2004 Free Software Foundation, Inc.
1074 * Code originally copied from GnuPG, modifications done
1075 * for Privoxy: style changed, #ifdefs for _WIN32 added
1076 * to have it work on mingw32.
1078 * XXX: It's very unlikely to happen, but if the malloc()
1079 * call fails the time zone will be permanently set to UTC.
1082 * 1 : tm: Broken-down time struct.
1084 * Returns : tm converted into time_t seconds.
1086 *********************************************************************/
1087 time_t timegm(struct tm *tm)
1092 zone = getenv("TZ");
1095 answer = mktime(tm);
1100 old_zone = malloc(3 + strlen(zone) + 1);
1103 strcpy(old_zone, "TZ=");
1104 strcat(old_zone, zone);
1108 #endif /* def _WIN32 */
1113 #ifdef HAVE_UNSETENV
1115 #elif defined(_WIN32)
1125 #endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
1128 #ifndef HAVE_SNPRINTF
1130 * What follows is a portable snprintf routine, written by Mark Martinec.
1131 * See: http://www.ijs.si/software/snprintf/
1134 - a portable implementation of snprintf,
1135 including vsnprintf.c, asnprintf, vasnprintf, asprintf, vasprintf
1137 snprintf is a routine to convert numeric and string arguments to
1138 formatted strings. It is similar to sprintf(3) provided in a system's
1139 C library, yet it requires an additional argument - the buffer size -
1140 and it guarantees never to store anything beyond the given buffer,
1141 regardless of the format or arguments to be formatted. Some newer
1142 operating systems do provide snprintf in their C library, but many do
1143 not or do provide an inadequate (slow or idiosyncratic) version, which
1144 calls for a portable implementation of this routine.
1148 Mark Martinec <mark.martinec@ijs.si>, April 1999, June 2000
1149 Copyright © 1999, Mark Martinec
1153 #define PORTABLE_SNPRINTF_VERSION_MAJOR 2
1154 #define PORTABLE_SNPRINTF_VERSION_MINOR 2
1156 #if defined(NEED_ASPRINTF) || defined(NEED_ASNPRINTF) || defined(NEED_VASPRINTF) || defined(NEED_VASNPRINTF)
1157 # if defined(NEED_SNPRINTF_ONLY)
1158 # undef NEED_SNPRINTF_ONLY
1160 # if !defined(PREFER_PORTABLE_SNPRINTF)
1161 # define PREFER_PORTABLE_SNPRINTF
1165 #if defined(SOLARIS_BUG_COMPATIBLE) && !defined(SOLARIS_COMPATIBLE)
1166 #define SOLARIS_COMPATIBLE
1169 #if defined(HPUX_BUG_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
1170 #define HPUX_COMPATIBLE
1173 #if defined(DIGITAL_UNIX_BUG_COMPATIBLE) && !defined(DIGITAL_UNIX_COMPATIBLE)
1174 #define DIGITAL_UNIX_COMPATIBLE
1177 #if defined(PERL_BUG_COMPATIBLE) && !defined(PERL_COMPATIBLE)
1178 #define PERL_COMPATIBLE
1181 #if defined(LINUX_BUG_COMPATIBLE) && !defined(LINUX_COMPATIBLE)
1182 #define LINUX_COMPATIBLE
1185 #include <sys/types.h>
1196 #define isdigit(c) ((c) >= '0' && (c) <= '9')
1198 /* For copying strings longer or equal to 'breakeven_point'
1199 * it is more efficient to call memcpy() than to do it inline.
1200 * The value depends mostly on the processor architecture,
1201 * but also on the compiler and its optimization capabilities.
1202 * The value is not critical, some small value greater than zero
1203 * will be just fine if you don't care to squeeze every drop
1204 * of performance out of the code.
1206 * Small values favor memcpy, large values favor inline code.
1208 #if defined(__alpha__) || defined(__alpha)
1209 # define breakeven_point 2 /* AXP (DEC Alpha) - gcc or cc or egcs */
1211 #if defined(__i386__) || defined(__i386)
1212 # define breakeven_point 12 /* Intel Pentium/Linux - gcc 2.96 */
1215 # define breakeven_point 10 /* HP-PA - gcc */
1217 #if defined(__sparc__) || defined(__sparc)
1218 # define breakeven_point 33 /* Sun Sparc 5 - gcc 2.8.1 */
1221 /* some other values of possible interest: */
1222 /* #define breakeven_point 8 */ /* VAX 4000 - vaxc */
1223 /* #define breakeven_point 19 */ /* VAX 4000 - gcc 2.7.0 */
1225 #ifndef breakeven_point
1226 # define breakeven_point 6 /* some reasonable one-size-fits-all value */
1229 #define fast_memcpy(d,s,n) \
1230 { register size_t nn = (size_t)(n); \
1231 if (nn >= breakeven_point) memcpy((d), (s), nn); \
1232 else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
1233 register char *dd; register const char *ss; \
1234 for (ss=(s), dd=(d); nn>0; nn--) *dd++ = *ss++; } }
1236 #define fast_memset(d,c,n) \
1237 { register size_t nn = (size_t)(n); \
1238 if (nn >= breakeven_point) memset((d), (int)(c), nn); \
1239 else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
1240 register char *dd; register const int cc=(int)(c); \
1241 for (dd=(d); nn>0; nn--) *dd++ = cc; } }
1245 #if defined(NEED_ASPRINTF)
1246 int asprintf (char **ptr, const char *fmt, /*args*/ ...);
1248 #if defined(NEED_VASPRINTF)
1249 int vasprintf (char **ptr, const char *fmt, va_list ap);
1251 #if defined(NEED_ASNPRINTF)
1252 int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...);
1254 #if defined(NEED_VASNPRINTF)
1255 int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap);
1258 #if defined(HAVE_SNPRINTF)
1259 /* declare our portable snprintf routine under name portable_snprintf */
1260 /* declare our portable vsnprintf routine under name portable_vsnprintf */
1262 /* declare our portable routines under names snprintf and vsnprintf */
1263 #define portable_snprintf snprintf
1264 #if !defined(NEED_SNPRINTF_ONLY)
1265 #define portable_vsnprintf vsnprintf
1269 #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
1270 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...);
1271 #if !defined(NEED_SNPRINTF_ONLY)
1272 int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap);
1278 static char credits[] = "\n\
1279 @(#)snprintf.c, v2.2: Mark Martinec, <mark.martinec@ijs.si>\n\
1280 @(#)snprintf.c, v2.2: Copyright 1999, Mark Martinec. Frontier Artistic License applies.\n\
1281 @(#)snprintf.c, v2.2: http://www.ijs.si/software/snprintf/\n";
1283 #if defined(NEED_ASPRINTF)
1284 int asprintf(char **ptr, const char *fmt, /*args*/ ...) {
1290 va_start(ap, fmt); /* measure the required size */
1291 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
1293 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1294 *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
1295 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1299 str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1301 assert(str_l2 == str_l);
1307 #if defined(NEED_VASPRINTF)
1308 int vasprintf(char **ptr, const char *fmt, va_list ap) {
1314 va_copy(ap2, ap); /* don't consume the original ap, we'll need it again */
1315 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
1318 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1319 *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
1320 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1322 int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1323 assert(str_l2 == str_l);
1329 #if defined(NEED_ASNPRINTF)
1330 int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...) {
1335 va_start(ap, fmt); /* measure the required size */
1336 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
1338 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1339 if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1; /* truncate */
1340 /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
1341 if (str_m == 0) { /* not interested in resulting string, just return size */
1343 *ptr = (char *) malloc(str_m);
1344 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1348 str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1350 assert(str_l2 == str_l);
1357 #if defined(NEED_VASNPRINTF)
1358 int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap) {
1363 va_copy(ap2, ap); /* don't consume the original ap, we'll need it again */
1364 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
1367 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1368 if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1; /* truncate */
1369 /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
1370 if (str_m == 0) { /* not interested in resulting string, just return size */
1372 *ptr = (char *) malloc(str_m);
1373 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1375 int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1376 assert(str_l2 == str_l);
1384 * If the system does have snprintf and the portable routine is not
1385 * specifically required, this module produces no code for snprintf/vsnprintf.
1387 #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
1389 #if !defined(NEED_SNPRINTF_ONLY)
1390 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
1395 str_l = portable_vsnprintf(str, str_m, fmt, ap);
1401 #if defined(NEED_SNPRINTF_ONLY)
1402 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
1404 int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap) {
1407 #if defined(NEED_SNPRINTF_ONLY)
1411 const char *p = fmt;
1413 /* In contrast with POSIX, the ISO C99 now says
1414 * that str can be NULL and str_m can be 0.
1415 * This is more useful than the old: if (str_m < 1) return -1; */
1417 #if defined(NEED_SNPRINTF_ONLY)
1423 /* if (str_l < str_m) str[str_l++] = *p++; -- this would be sufficient */
1424 /* but the following code achieves better performance for cases
1425 * where format string is long and contains few conversions */
1426 const char *q = strchr(p+1,'%');
1427 size_t n = !q ? strlen(p) : (q-p);
1428 if (str_l < str_m) {
1429 size_t avail = str_m-str_l;
1430 fast_memcpy(str+str_l, p, (n>avail?avail:n));
1434 const char *starting_p;
1435 size_t min_field_width = 0, precision = 0;
1436 int zero_padding = 0, precision_specified = 0, justify_left = 0;
1437 int alternate_form = 0, force_sign = 0;
1438 int space_for_positive = 1; /* If both the ' ' and '+' flags appear,
1439 the ' ' flag should be ignored. */
1440 char length_modifier = '\0'; /* allowed values: \0, h, l, L */
1441 char tmp[32];/* temporary buffer for simple numeric->string conversion */
1443 const char *str_arg; /* string address in case of string argument */
1444 size_t str_arg_l; /* natural field width of arg without padding
1446 unsigned char uchar_arg;
1447 /* unsigned char argument value - only defined for c conversion.
1448 N.B. standard explicitly states the char argument for
1449 the c conversion is unsigned */
1451 size_t number_of_zeros_to_pad = 0;
1452 /* number of zeros to be inserted for numeric conversions
1453 as required by the precision or minimal field width */
1455 size_t zero_padding_insertion_ind = 0;
1456 /* index into tmp where zero padding is to be inserted */
1458 char fmt_spec = '\0';
1459 /* current conversion specifier character */
1461 str_arg = credits;/* just to make compiler happy (defined but not used)*/
1463 starting_p = p; p++; /* skip '%' */
1465 while (*p == '0' || *p == '-' || *p == '+' ||
1466 *p == ' ' || *p == '#' || *p == '\'') {
1468 case '0': zero_padding = 1; break;
1469 case '-': justify_left = 1; break;
1470 case '+': force_sign = 1; space_for_positive = 0; break;
1471 case ' ': force_sign = 1;
1472 /* If both the ' ' and '+' flags appear, the ' ' flag should be ignored */
1473 #ifdef PERL_COMPATIBLE
1474 /* ... but in Perl the last of ' ' and '+' applies */
1475 space_for_positive = 1;
1478 case '#': alternate_form = 1; break;
1483 /* If the '0' and '-' flags both appear, the '0' flag should be ignored. */
1485 /* parse field width */
1488 p++; j = va_arg(ap, int);
1489 if (j >= 0) min_field_width = j;
1490 else { min_field_width = -j; justify_left = 1; }
1491 } else if (isdigit((int)(*p))) {
1492 /* size_t could be wider than unsigned int;
1493 make sure we treat argument like common implementations do */
1494 unsigned int uj = *p++ - '0';
1495 while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
1496 min_field_width = uj;
1498 /* parse precision */
1500 p++; precision_specified = 1;
1502 int j = va_arg(ap, int);
1504 if (j >= 0) precision = j;
1506 precision_specified = 0; precision = 0;
1508 * Solaris 2.6 man page claims that in this case the precision
1509 * should be set to 0. Digital Unix 4.0, HPUX 10 and BSD man page
1510 * claim that this case should be treated as unspecified precision,
1511 * which is what we do here.
1514 } else if (isdigit((int)(*p))) {
1515 /* size_t could be wider than unsigned int;
1516 make sure we treat argument like common implementations do */
1517 unsigned int uj = *p++ - '0';
1518 while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
1522 /* parse 'h', 'l' and 'll' length modifiers */
1523 if (*p == 'h' || *p == 'l') {
1524 length_modifier = *p; p++;
1525 if (length_modifier == 'l' && *p == 'l') { /* double l = long long */
1526 #ifdef SNPRINTF_LONGLONG_SUPPORT
1527 length_modifier = '2'; /* double l encoded as '2' */
1529 length_modifier = 'l'; /* treat it as a single 'l' */
1535 /* common synonyms: */
1537 case 'i': fmt_spec = 'd'; break;
1538 case 'D': fmt_spec = 'd'; length_modifier = 'l'; break;
1539 case 'U': fmt_spec = 'u'; length_modifier = 'l'; break;
1540 case 'O': fmt_spec = 'o'; length_modifier = 'l'; break;
1543 /* get parameter value, do initial processing */
1545 case '%': /* % behaves similar to 's' regarding flags and field widths */
1546 case 'c': /* c behaves similar to 's' regarding flags and field widths */
1548 length_modifier = '\0'; /* wint_t and wchar_t not supported */
1549 /* the result of zero padding flag with non-numeric conversion specifier*/
1550 /* is undefined. Solaris and HPUX 10 does zero padding in this case, */
1551 /* Digital Unix and Linux does not. */
1552 #if !defined(SOLARIS_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
1553 zero_padding = 0; /* turn zero padding off for string conversions */
1560 int j = va_arg(ap, int);
1561 uchar_arg = (unsigned char) j; /* standard demands unsigned char */
1562 str_arg = (const char *) &uchar_arg;
1566 str_arg = va_arg(ap, const char *);
1567 if (!str_arg) str_arg_l = 0;
1568 /* make sure not to address string beyond the specified precision !!! */
1569 else if (!precision_specified) str_arg_l = strlen(str_arg);
1570 /* truncate string if necessary as requested by precision */
1571 else if (precision == 0) str_arg_l = 0;
1573 /* memchr on HP does not like n > 2^31 !!! */
1574 const char *q = memchr(str_arg, '\0',
1575 precision <= 0x7fffffff ? precision : 0x7fffffff);
1576 str_arg_l = !q ? precision : (q-str_arg);
1582 case 'd': case 'u': case 'o': case 'x': case 'X': case 'p': {
1583 /* NOTE: the u, o, x, X and p conversion specifiers imply
1584 the value is unsigned; d implies a signed value */
1587 /* 0 if numeric argument is zero (or if pointer is NULL for 'p'),
1588 +1 if greater than zero (or nonzero for unsigned arguments),
1589 -1 if negative (unsigned argument is never negative) */
1591 int int_arg = 0; unsigned int uint_arg = 0;
1592 /* only defined for length modifier h, or for no length modifiers */
1594 long int long_arg = 0; unsigned long int ulong_arg = 0;
1595 /* only defined for length modifier l */
1597 void *ptr_arg = NULL;
1598 /* pointer argument value -only defined for p conversion */
1600 #ifdef SNPRINTF_LONGLONG_SUPPORT
1601 long long int long_long_arg = 0;
1602 unsigned long long int ulong_long_arg = 0;
1603 /* only defined for length modifier ll */
1605 if (fmt_spec == 'p') {
1606 /* HPUX 10: An l, h, ll or L before any other conversion character
1607 * (other than d, i, u, o, x, or X) is ignored.
1609 * not specified, but seems to behave as HPUX does.
1610 * Solaris: If an h, l, or L appears before any other conversion
1611 * specifier (other than d, i, u, o, x, or X), the behavior
1612 * is undefined. (Actually %hp converts only 16-bits of address
1613 * and %llp treats address as 64-bit data which is incompatible
1614 * with (void *) argument on a 32-bit system).
1616 #ifdef SOLARIS_COMPATIBLE
1617 # ifdef SOLARIS_BUG_COMPATIBLE
1618 /* keep length modifiers even if it represents 'll' */
1620 if (length_modifier == '2') length_modifier = '\0';
1623 length_modifier = '\0';
1625 ptr_arg = va_arg(ap, void *);
1626 if (ptr_arg != NULL) arg_sign = 1;
1627 } else if (fmt_spec == 'd') { /* signed */
1628 switch (length_modifier) {
1631 /* It is non-portable to specify a second argument of char or short
1632 * to va_arg, because arguments seen by the called function
1633 * are not char or short. C converts char and short arguments
1634 * to int before passing them to a function.
1636 int_arg = va_arg(ap, int);
1637 if (int_arg > 0) arg_sign = 1;
1638 else if (int_arg < 0) arg_sign = -1;
1641 long_arg = va_arg(ap, long int);
1642 if (long_arg > 0) arg_sign = 1;
1643 else if (long_arg < 0) arg_sign = -1;
1645 #ifdef SNPRINTF_LONGLONG_SUPPORT
1647 long_long_arg = va_arg(ap, long long int);
1648 if (long_long_arg > 0) arg_sign = 1;
1649 else if (long_long_arg < 0) arg_sign = -1;
1653 } else { /* unsigned */
1654 switch (length_modifier) {
1657 uint_arg = va_arg(ap, unsigned int);
1658 if (uint_arg) arg_sign = 1;
1661 ulong_arg = va_arg(ap, unsigned long int);
1662 if (ulong_arg) arg_sign = 1;
1664 #ifdef SNPRINTF_LONGLONG_SUPPORT
1666 ulong_long_arg = va_arg(ap, unsigned long long int);
1667 if (ulong_long_arg) arg_sign = 1;
1672 str_arg = tmp; str_arg_l = 0;
1674 * For d, i, u, o, x, and X conversions, if precision is specified,
1675 * the '0' flag should be ignored. This is so with Solaris 2.6,
1676 * Digital UNIX 4.0, HPUX 10, Linux, FreeBSD, NetBSD; but not with Perl.
1678 #ifndef PERL_COMPATIBLE
1679 if (precision_specified) zero_padding = 0;
1681 if (fmt_spec == 'd') {
1682 if (force_sign && arg_sign >= 0)
1683 tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
1684 /* leave negative numbers for sprintf to handle,
1685 to avoid handling tricky cases like (short int)(-32768) */
1686 #ifdef LINUX_COMPATIBLE
1687 } else if (fmt_spec == 'p' && force_sign && arg_sign > 0) {
1688 tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
1690 } else if (alternate_form) {
1691 if (arg_sign != 0 && (fmt_spec == 'x' || fmt_spec == 'X') )
1692 { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = fmt_spec; }
1693 /* alternate form should have no effect for p conversion, but ... */
1694 #ifdef HPUX_COMPATIBLE
1695 else if (fmt_spec == 'p'
1696 /* HPUX 10: for an alternate form of p conversion,
1697 * a nonzero result is prefixed by 0x. */
1698 #ifndef HPUX_BUG_COMPATIBLE
1699 /* Actually it uses 0x prefix even for a zero value. */
1702 ) { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = 'x'; }
1705 zero_padding_insertion_ind = str_arg_l;
1706 if (!precision_specified) precision = 1; /* default precision is 1 */
1707 if (precision == 0 && arg_sign == 0
1708 #if defined(HPUX_BUG_COMPATIBLE) || defined(LINUX_COMPATIBLE)
1710 /* HPUX 10 man page claims: With conversion character p the result of
1711 * converting a zero value with a precision of zero is a null string.
1712 * Actually HP returns all zeroes, and Linux returns "(nil)". */
1715 /* converted to null string */
1716 /* When zero value is formatted with an explicit precision 0,
1717 the resulting formatted string is empty (d, i, u, o, x, X, p). */
1719 char f[5]; int f_l = 0;
1720 f[f_l++] = '%'; /* construct a simple format string for sprintf */
1721 if (!length_modifier) { }
1722 else if (length_modifier=='2') { f[f_l++] = 'l'; f[f_l++] = 'l'; }
1723 else f[f_l++] = length_modifier;
1724 f[f_l++] = fmt_spec; f[f_l++] = '\0';
1725 if (fmt_spec == 'p') str_arg_l += sprintf(tmp+str_arg_l, f, ptr_arg);
1726 else if (fmt_spec == 'd') { /* signed */
1727 switch (length_modifier) {
1729 case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, int_arg); break;
1730 case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, long_arg); break;
1731 #ifdef SNPRINTF_LONGLONG_SUPPORT
1732 case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,long_long_arg); break;
1735 } else { /* unsigned */
1736 switch (length_modifier) {
1738 case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, uint_arg); break;
1739 case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, ulong_arg); break;
1740 #ifdef SNPRINTF_LONGLONG_SUPPORT
1741 case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,ulong_long_arg);break;
1745 /* include the optional minus sign and possible "0x"
1746 in the region before the zero padding insertion point */
1747 if (zero_padding_insertion_ind < str_arg_l &&
1748 tmp[zero_padding_insertion_ind] == '-') {
1749 zero_padding_insertion_ind++;
1751 if (zero_padding_insertion_ind+1 < str_arg_l &&
1752 tmp[zero_padding_insertion_ind] == '0' &&
1753 (tmp[zero_padding_insertion_ind+1] == 'x' ||
1754 tmp[zero_padding_insertion_ind+1] == 'X') ) {
1755 zero_padding_insertion_ind += 2;
1758 { size_t num_of_digits = str_arg_l - zero_padding_insertion_ind;
1759 if (alternate_form && fmt_spec == 'o'
1760 #ifdef HPUX_COMPATIBLE /* ("%#.o",0) -> "" */
1763 #ifdef DIGITAL_UNIX_BUG_COMPATIBLE /* ("%#o",0) -> "00" */
1765 /* unless zero is already the first character */
1766 && !(zero_padding_insertion_ind < str_arg_l
1767 && tmp[zero_padding_insertion_ind] == '0')
1769 ) { /* assure leading zero for alternate-form octal numbers */
1770 if (!precision_specified || precision < num_of_digits+1) {
1771 /* precision is increased to force the first character to be zero,
1772 except if a zero value is formatted with an explicit precision
1774 precision = num_of_digits+1; precision_specified = 1;
1777 /* zero padding to specified precision? */
1778 if (num_of_digits < precision)
1779 number_of_zeros_to_pad = precision - num_of_digits;
1781 /* zero padding to specified minimal field width? */
1782 if (!justify_left && zero_padding) {
1783 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1784 if (n > 0) number_of_zeros_to_pad += n;
1788 default: /* unrecognized conversion specifier, keep format string as-is*/
1789 zero_padding = 0; /* turn zero padding off for non-numeric convers. */
1790 #ifndef DIGITAL_UNIX_COMPATIBLE
1791 justify_left = 1; min_field_width = 0; /* reset flags */
1793 #if defined(PERL_COMPATIBLE) || defined(LINUX_COMPATIBLE)
1794 /* keep the entire format string unchanged */
1795 str_arg = starting_p; str_arg_l = p - starting_p;
1796 /* well, not exactly so for Linux, which does something inbetween,
1797 * and I don't feel an urge to imitate it: "%+++++hy" -> "%+y" */
1799 /* discard the unrecognized conversion, just keep *
1800 * the unrecognized conversion character */
1801 str_arg = p; str_arg_l = 0;
1803 if (*p) str_arg_l++; /* include invalid conversion specifier unchanged
1804 if not at end-of-string */
1807 if (*p) p++; /* step over the just processed conversion specifier */
1808 /* insert padding to the left as requested by min_field_width;
1809 this does not include the zero padding in case of numerical conversions*/
1810 if (!justify_left) { /* left padding with blank or zero */
1811 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1813 if (str_l < str_m) {
1814 size_t avail = str_m-str_l;
1815 fast_memset(str+str_l, (zero_padding?'0':' '), (n>avail?avail:n));
1820 /* zero padding as requested by the precision or by the minimal field width
1821 * for numeric conversions required? */
1822 if (number_of_zeros_to_pad <= 0) {
1823 /* will not copy first part of numeric right now, *
1824 * force it to be copied later in its entirety */
1825 zero_padding_insertion_ind = 0;
1827 /* insert first part of numerics (sign or '0x') before zero padding */
1828 int n = zero_padding_insertion_ind;
1830 if (str_l < str_m) {
1831 size_t avail = str_m-str_l;
1832 fast_memcpy(str+str_l, str_arg, (n>avail?avail:n));
1836 /* insert zero padding as requested by the precision or min field width */
1837 n = number_of_zeros_to_pad;
1839 if (str_l < str_m) {
1840 size_t avail = str_m-str_l;
1841 fast_memset(str+str_l, '0', (n>avail?avail:n));
1846 /* insert formatted string
1847 * (or as-is conversion specifier for unknown conversions) */
1848 { int n = str_arg_l - zero_padding_insertion_ind;
1850 if (str_l < str_m) {
1851 size_t avail = str_m-str_l;
1852 fast_memcpy(str+str_l, str_arg+zero_padding_insertion_ind,
1858 /* insert right padding */
1859 if (justify_left) { /* right blank padding to the field width */
1860 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1862 if (str_l < str_m) {
1863 size_t avail = str_m-str_l;
1864 fast_memset(str+str_l, ' ', (n>avail?avail:n));
1871 #if defined(NEED_SNPRINTF_ONLY)
1874 if (str_m > 0) { /* make sure the string is null-terminated
1875 even at the expense of overwriting the last character
1876 (shouldn't happen, but just in case) */
1877 str[str_l <= str_m-1 ? str_l : str_m-1] = '\0';
1879 /* Return the number of characters formatted (excluding trailing null
1880 * character), that is, the number of characters that would have been
1881 * written to the buffer if it were large enough.
1883 * The value of str_l should be returned, but str_l is of unsigned type
1884 * size_t, and snprintf is int, possibly leading to an undetected
1885 * integer overflow, resulting in a negative return value, which is illegal.
1886 * Both XSH5 and ISO C99 (at least the draft) are silent on this issue.
1887 * Should errno be set to EOVERFLOW and EOF returned in this case???
1892 #endif /* ndef HAVE_SNPRINTF */