Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src Add {__, }fmtcheck(), a function specified by Bill Sommerfeld...
details: https://anonhg.NetBSD.org/src/rev/0f0154521e94
branches: trunk
changeset: 498362:0f0154521e94
user: briggs <briggs%NetBSD.org@localhost>
date: Fri Oct 20 18:46:05 2000 +0000
description:
Add {__,}fmtcheck(), a function specified by Bill Sommerfeld to check
a user-supplied format string against a fallback format string to ensure
that they will consume arguments of the same type.
libc minor bump for new API entry point.
diffstat:
include/stdlib.h | 4 +-
lib/libc/gen/Makefile.inc | 12 +-
lib/libc/gen/fmtcheck.3 | 101 +++++++++++++++++
lib/libc/gen/fmtcheck.c | 250 +++++++++++++++++++++++++++++++++++++++++++
lib/libc/include/namespace.h | 3 +-
lib/libc/shlib_version | 4 +-
6 files changed, 364 insertions(+), 10 deletions(-)
diffs (truncated from 442 to 300 lines):
diff -r a625f1d46f7a -r 0f0154521e94 include/stdlib.h
--- a/include/stdlib.h Fri Oct 20 18:01:26 2000 +0000
+++ b/include/stdlib.h Fri Oct 20 18:46:05 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: stdlib.h,v 1.48 2000/10/03 19:53:58 sommerfeld Exp $ */
+/* $NetBSD: stdlib.h,v 1.49 2000/10/20 18:46:05 briggs Exp $ */
/*-
* Copyright (c) 1990, 1993
@@ -255,6 +255,8 @@
void setproctitle __P((const char *, ...))
__attribute__((__format__(__printf__, 1, 2)));
+__const char *fmtcheck __P((const char *, const char *))
+ __attribute__((__format_arg__(2)));
quad_t qabs __P((quad_t));
qdiv_t qdiv __P((quad_t, quad_t));
diff -r a625f1d46f7a -r 0f0154521e94 lib/libc/gen/Makefile.inc
--- a/lib/libc/gen/Makefile.inc Fri Oct 20 18:01:26 2000 +0000
+++ b/lib/libc/gen/Makefile.inc Fri Oct 20 18:46:05 2000 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.inc,v 1.104 2000/08/29 10:49:09 wennmach Exp $
+# $NetBSD: Makefile.inc,v 1.105 2000/10/20 18:46:10 briggs Exp $
# from: @(#)Makefile.inc 8.6 (Berkeley) 5/4/95
# gen sources
@@ -7,8 +7,8 @@
SRCS+= _errno.c alarm.c assert.c basename.c clock.c closedir.c \
confstr.c ctermid.c ctype_.c daemon.c devname.c dirname.c \
disklabel.c err.c errx.c __errlist14.c errlist.c errno.c execl.c \
- execle.c execlp.c execv.c execvp.c fmtmsg.c fnmatch.c fstab.c \
- ftok.c __fts13.c fts.c getbsize.c getcap.c getcwd.c \
+ execle.c execlp.c execv.c execvp.c fmtcheck.c fmtmsg.c fnmatch.c \
+ fstab.c ftok.c __fts13.c fts.c getbsize.c getcap.c getcwd.c \
getdomainname.c getgrent.c getgrouplist.c gethostname.c \
getloadavg.c getlogin.c getmntinfo.c getnetgrent.c \
getpagesize.c getpass.c getpwent.c getsubopt.c getttyent.c \
@@ -37,9 +37,9 @@
.include "${ARCHDIR}/gen/Makefile.inc"
MAN+= alarm.3 basename.3 bswap.3 clock.3 confstr.3 ctermid.3 ctype.3 \
- daemon.3 devname.3 directory.3 dirname.3 err.3 exec.3 fmtmsg.3 \
- fnmatch.3 fpgetmask.3 frexp.3 ftok.3 fts.3 getbsize.3 getcap.3 \
- getcwd.3 getdomainname.3 getdiskbyname.3 getfsent.3 \
+ daemon.3 devname.3 directory.3 dirname.3 err.3 exec.3 fmtcheck.3 \
+ fmtmsg.3 fnmatch.3 fpgetmask.3 frexp.3 ftok.3 fts.3 getbsize.3 \
+ getcap.3 getcwd.3 getdomainname.3 getdiskbyname.3 getfsent.3 \
getgrent.3 getgrouplist.3 gethostname.3 getloadavg.3 \
getmntinfo.3 getnetgrent.3 getpagesize.3 getpass.3 \
getpwent.3 getttyent.3 getusershell.3 glob.3 \
diff -r a625f1d46f7a -r 0f0154521e94 lib/libc/gen/fmtcheck.3
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lib/libc/gen/fmtcheck.3 Fri Oct 20 18:46:05 2000 +0000
@@ -0,0 +1,101 @@
+.\" $NetBSD: fmtcheck.3,v 1.1 2000/10/20 18:46:10 briggs Exp $
+.\"
+.\" Copyright (c) 2000 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This file was contributed to The NetBSD Foundation by Allen Briggs.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by the NetBSD
+.\" Foundation, Inc. and its contributors.
+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
+.\" contributors may be used to endorse or promote products derived
+.\" from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd October 17, 2000
+.Os
+.Dt FMTCHECK 3
+.Sh NAME
+.Nm fmtcheck
+.Nd sanitizes user-supplied printf(3)-style format string
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.Fd #include <stdio.h>
+.Ft const char *
+.Fn fmtcheck "const char *fmt_suspect" "const char *fmt_default"
+.Sh DESCRIPTION
+The
+.Nm
+function scans
+.Fa fmt_suspect
+and
+.Fa fmt_default
+to determine if
+.Fa fmt_suspect
+will consume the same argument types as
+.Fa fmt_default
+and to ensure that
+.Fa fmt_suspect
+is a valid format string.
+.Pp
+The
+.Xr printf 3
+family of functions can not verify the types of arguments that they are
+passed at run-time. In some cases, like
+.Xr catgets 3 ,
+it is useful or necessary to use a user-supplied format string with no
+guarantee that the format string matches the specified parameters.
+.Pp
+The
+.Nm
+function was designed to be used in these cases, as in:
+.Bd -literal -offset indent
+printf(fmtcheck(user_format, standard_format), arg1, arg2);
+.Ed
+.Pp
+In the check, field widths, fillers, precisions, etc. are ignored (unless
+the field width or precision is an asterisk
+.Ql *
+instead of a digit string). Also, any text other than the format specifiers
+is completely ignored.
+.Pp
+Note that the formats may be quite different as long as they accept the
+same parameters. For example, ".Dq %p %o %30s %#llx %-10.*e %n" is
+compatible with "This number %lu %d%% and string %s has %qd numbers
+and %.*g floats (%n)." However, "%o" is not equivalent to "%lx" because
+the first requires an integer and the second requires a long.
+.Sh RETURN VALUES
+If
+.Fa fmt_suspect
+is a valid format and consumes the same argument types as
+.Fa fmt_default ,
+then the
+.Nm
+function will return
+.Fa fmt_suspect .
+Otherwise, it will return
+.Fa fmt_default .
+.Sh SEE ALSO
+.Xr printf 3
diff -r a625f1d46f7a -r 0f0154521e94 lib/libc/gen/fmtcheck.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lib/libc/gen/fmtcheck.c Fri Oct 20 18:46:05 2000 +0000
@@ -0,0 +1,250 @@
+/* $NetBSD: fmtcheck.c,v 1.1 2000/10/20 18:46:10 briggs Exp $ */
+
+/*-
+ * Copyright (c) 2000 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code was contributed to The NetBSD Foundation by Allen Briggs.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the NetBSD
+ * Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+#if defined(LIBC_SCCS) && !defined(lint)
+__RCSID("$NetBSD: fmtcheck.c,v 1.1 2000/10/20 18:46:10 briggs Exp $");
+#endif
+
+#include "namespace.h"
+
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+
+#ifdef __weak_alias
+__weak_alias(fmtcheck,__fmtcheck)
+#endif
+
+enum __e_fmtcheck_types {
+ FMTCHECK_START,
+ FMTCHECK_SHORT,
+ FMTCHECK_INT,
+ FMTCHECK_LONG,
+ FMTCHECK_QUAD,
+ FMTCHECK_SHORTPOINTER,
+ FMTCHECK_INTPOINTER,
+ FMTCHECK_LONGPOINTER,
+ FMTCHECK_QUADPOINTER,
+ FMTCHECK_DOUBLE,
+ FMTCHECK_LONGDOUBLE,
+ FMTCHECK_STRING,
+ FMTCHECK_WIDTH,
+ FMTCHECK_PRECISION,
+ FMTCHECK_DONE,
+ FMTCHECK_UNKNOWN
+};
+typedef enum __e_fmtcheck_types EFT;
+
+#define RETURN(pf,f,r) do { \
+ *(pf) = (f); \
+ return r; \
+ } /*NOTREACHED*/ /*CONSTCOND*/ while (0)
+
+static EFT
+get_next_format_from_precision(const char **pf)
+{
+ int sh, lg, quad, longdouble;
+ const char *f;
+
+ sh = lg = quad = longdouble = 0;
+
+ f = *pf;
+ switch (*f) {
+ case 'h':
+ f++;
+ sh = 1;
+ break;
+ case 'l':
+ f++;
+ if (!*f) RETURN(pf,f,FMTCHECK_UNKNOWN);
+ if (*f == 'l') {
+ f++;
+ quad = 1;
+ } else {
+ lg = 1;
+ }
+ break;
+ case 'q':
+ f++;
+ quad = 1;
+ break;
+ case 'L':
+ f++;
+ longdouble = 1;
+ break;
+ default:
+ break;
+ }
+ if (!*f) RETURN(pf,f,FMTCHECK_UNKNOWN);
+ if (strchr("diouxX", *f)) {
+ if (longdouble)
+ RETURN(pf,f,FMTCHECK_UNKNOWN);
+ if (lg)
+ RETURN(pf,f,FMTCHECK_LONG);
+ if (quad)
+ RETURN(pf,f,FMTCHECK_QUAD);
+ RETURN(pf,f,FMTCHECK_INT);
+ }
+ if (*f == 'n') {
+ if (longdouble)
+ RETURN(pf,f,FMTCHECK_UNKNOWN);
+ if (sh)
+ RETURN(pf,f,FMTCHECK_SHORTPOINTER);
+ if (lg)
+ RETURN(pf,f,FMTCHECK_LONGPOINTER);
+ if (quad)
+ RETURN(pf,f,FMTCHECK_QUADPOINTER);
+ RETURN(pf,f,FMTCHECK_INTPOINTER);
+ }
+ if (strchr("DOU", *f)) {
+ if (sh + lg + quad + longdouble)
+ RETURN(pf,f,FMTCHECK_UNKNOWN);
+ RETURN(pf,f,FMTCHECK_LONG);
+ }
+ if (strchr("eEfg", *f)) {
+ if (longdouble)
Home |
Main Index |
Thread Index |
Old Index