1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1990, 1993
5 * The Regents of the University of California. All rights reserved.
6 *
7 * This code is derived from software contributed to Berkeley by
8 * Chris Torek.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35 /*
36 * This is the code responsible for handling positional arguments
37 * (%m$ and %m$.n$) for vfprintf() and vfwprintf().
38 */
39
40 #include "namespace.h"
41 #include <sys/types.h>
42
43 #include <limits.h>
44 #include <stdarg.h>
45 #include <stddef.h>
46 #include <stdint.h>
47 #include <stdio.h>
48 #include <stdlib.h>
49 #include <string.h>
50 #include <wchar.h>
51
52 #include "un-namespace.h"
53 #include "printflocal.h"
54
55 #ifdef NL_ARGMAX
56 #define MAX_POSARG NL_ARGMAX
57 #else
58 #define MAX_POSARG 65536
59 #endif
60
61 /*
62 * Type ids for argument type table.
63 */
64 enum typeid {
65 T_UNUSED, TP_SHORT, T_INT, T_U_INT, TP_INT,
66 T_LONG, T_U_LONG, TP_LONG, T_LLONG, T_U_LLONG, TP_LLONG,
67 T_PTRDIFFT, TP_PTRDIFFT, T_SSIZET, T_SIZET, TP_SSIZET,
68 T_INTMAXT, T_UINTMAXT, TP_INTMAXT, TP_VOID, TP_CHAR, TP_SCHAR,
69 T_DOUBLE, T_LONG_DOUBLE, T_WINT, TP_WCHAR
70 };
71
72 /* An expandable array of types. */
73 struct typetable {
74 enum typeid *table; /* table of types */
75 enum typeid stattable[STATIC_ARG_TBL_SIZE];
76 u_int tablesize; /* current size of type table */
77 u_int tablemax; /* largest used index in table */
78 u_int nextarg; /* 1-based argument index */
79 };
80
81 static int __grow_type_table(struct typetable *);
82 static void build_arg_table (struct typetable *, va_list, union arg **);
83
84 /*
85 * Initialize a struct typetable.
86 */
87 static inline void
inittypes(struct typetable * types)88 inittypes(struct typetable *types)
89 {
90 u_int n;
91
92 types->table = types->stattable;
93 types->tablesize = STATIC_ARG_TBL_SIZE;
94 types->tablemax = 0;
95 types->nextarg = 1;
96 for (n = 0; n < STATIC_ARG_TBL_SIZE; n++)
97 types->table[n] = T_UNUSED;
98 }
99
100 /*
101 * struct typetable destructor.
102 */
103 static inline void
freetypes(struct typetable * types)104 freetypes(struct typetable *types)
105 {
106
107 if (types->table != types->stattable)
108 free (types->table);
109 }
110
111 /*
112 * Ensure that there is space to add a new argument type to the type table.
113 * Expand the table if necessary. Returns 0 on success.
114 */
115 static inline int
_ensurespace(struct typetable * types)116 _ensurespace(struct typetable *types)
117 {
118
119 if (types->nextarg >= types->tablesize) {
120 if (__grow_type_table(types))
121 return (-1);
122 }
123 if (types->nextarg > types->tablemax)
124 types->tablemax = types->nextarg;
125 return (0);
126 }
127
128 /*
129 * Add an argument type to the table, expanding if necessary.
130 * Returns 0 on success.
131 */
132 static inline int
addtype(struct typetable * types,enum typeid type)133 addtype(struct typetable *types, enum typeid type)
134 {
135
136 if (_ensurespace(types))
137 return (-1);
138 types->table[types->nextarg++] = type;
139 return (0);
140 }
141
142 static inline int
addsarg(struct typetable * types,int flags)143 addsarg(struct typetable *types, int flags)
144 {
145
146 if (_ensurespace(types))
147 return (-1);
148 if (flags & INTMAXT)
149 types->table[types->nextarg++] = T_INTMAXT;
150 else if (flags & SIZET)
151 types->table[types->nextarg++] = T_SSIZET;
152 else if (flags & PTRDIFFT)
153 types->table[types->nextarg++] = T_PTRDIFFT;
154 else if (flags & LLONGINT)
155 types->table[types->nextarg++] = T_LLONG;
156 else if (flags & LONGINT)
157 types->table[types->nextarg++] = T_LONG;
158 else
159 types->table[types->nextarg++] = T_INT;
160 return (0);
161 }
162
163 static inline int
adduarg(struct typetable * types,int flags)164 adduarg(struct typetable *types, int flags)
165 {
166
167 if (_ensurespace(types))
168 return (-1);
169 if (flags & INTMAXT)
170 types->table[types->nextarg++] = T_UINTMAXT;
171 else if (flags & SIZET)
172 types->table[types->nextarg++] = T_SIZET;
173 else if (flags & PTRDIFFT)
174 types->table[types->nextarg++] = T_SIZET;
175 else if (flags & LLONGINT)
176 types->table[types->nextarg++] = T_U_LLONG;
177 else if (flags & LONGINT)
178 types->table[types->nextarg++] = T_U_LONG;
179 else
180 types->table[types->nextarg++] = T_U_INT;
181 return (0);
182 }
183
184 /*
185 * Add * arguments to the type array.
186 */
187 static inline int
addaster(struct typetable * types,char ** fmtp)188 addaster(struct typetable *types, char **fmtp)
189 {
190 char *cp;
191 u_int n2;
192
193 n2 = 0;
194 cp = *fmtp;
195 while (is_digit(*cp)) {
196 n2 = 10 * n2 + to_digit(*cp);
197 cp++;
198 }
199 if (*cp == '$') {
200 u_int hold = types->nextarg;
201 types->nextarg = n2;
202 if (addtype(types, T_INT))
203 return (-1);
204 types->nextarg = hold;
205 *fmtp = ++cp;
206 } else {
207 if (addtype(types, T_INT))
208 return (-1);
209 }
210 return (0);
211 }
212
213 static inline int
addwaster(struct typetable * types,wchar_t ** fmtp)214 addwaster(struct typetable *types, wchar_t **fmtp)
215 {
216 wchar_t *cp;
217 u_int n2;
218
219 n2 = 0;
220 cp = *fmtp;
221 while (is_digit(*cp)) {
222 n2 = 10 * n2 + to_digit(*cp);
223 cp++;
224 }
225 if (*cp == '$') {
226 u_int hold = types->nextarg;
227 types->nextarg = n2;
228 if (addtype(types, T_INT))
229 return (-1);
230 types->nextarg = hold;
231 *fmtp = ++cp;
232 } else {
233 if (addtype(types, T_INT))
234 return (-1);
235 }
236 return (0);
237 }
238
239 /*
240 * Find all arguments when a positional parameter is encountered. Returns a
241 * table, indexed by argument number, of pointers to each arguments. The
242 * initial argument table should be an array of STATIC_ARG_TBL_SIZE entries.
243 * It will be replaces with a malloc-ed one if it overflows.
244 * Returns 0 on success. On failure, returns nonzero and sets errno.
245 */
246 int
__find_arguments(const char * fmt0,va_list ap,union arg ** argtable)247 __find_arguments (const char *fmt0, va_list ap, union arg **argtable)
248 {
249 char *fmt; /* format string */
250 int ch; /* character from fmt */
251 u_int n; /* handy integer (short term usage) */
252 int error;
253 int flags; /* flags as above */
254 struct typetable types; /* table of types */
255
256 fmt = (char *)fmt0;
257 inittypes(&types);
258 error = 0;
259
260 /*
261 * Scan the format for conversions (`%' character).
262 */
263 for (;;) {
264 while ((ch = *fmt) != '\0' && ch != '%')
265 fmt++;
266 if (ch == '\0')
267 goto done;
268 fmt++; /* skip over '%' */
269
270 flags = 0;
271
272 rflag: ch = *fmt++;
273 reswitch: switch (ch) {
274 case ' ':
275 case '#':
276 goto rflag;
277 case '*':
278 if ((error = addaster(&types, &fmt)))
279 goto error;
280 goto rflag;
281 case '-':
282 case '+':
283 case '\'':
284 goto rflag;
285 case '.':
286 if ((ch = *fmt++) == '*') {
287 if ((error = addaster(&types, &fmt)))
288 goto error;
289 goto rflag;
290 }
291 while (is_digit(ch)) {
292 ch = *fmt++;
293 }
294 goto reswitch;
295 case '0':
296 goto rflag;
297 case '1': case '2': case '3': case '4':
298 case '5': case '6': case '7': case '8': case '9':
299 n = 0;
300 do {
301 n = 10 * n + to_digit(ch);
302 /* Detect overflow */
303 if (n > MAX_POSARG) {
304 error = -1;
305 goto error;
306 }
307 ch = *fmt++;
308 } while (is_digit(ch));
309 if (ch == '$') {
310 types.nextarg = n;
311 goto rflag;
312 }
313 goto reswitch;
314 #ifndef NO_FLOATING_POINT
315 case 'L':
316 flags |= LONGDBL;
317 goto rflag;
318 #endif
319 case 'h':
320 if (flags & SHORTINT) {
321 flags &= ~SHORTINT;
322 flags |= CHARINT;
323 } else
324 flags |= SHORTINT;
325 goto rflag;
326 case 'j':
327 flags |= INTMAXT;
328 goto rflag;
329 case 'l':
330 if (flags & LONGINT) {
331 flags &= ~LONGINT;
332 flags |= LLONGINT;
333 } else
334 flags |= LONGINT;
335 goto rflag;
336 case 'q':
337 flags |= LLONGINT; /* not necessarily */
338 goto rflag;
339 case 't':
340 flags |= PTRDIFFT;
341 goto rflag;
342 case 'z':
343 flags |= SIZET;
344 goto rflag;
345 case 'C':
346 flags |= LONGINT;
347 /*FALLTHROUGH*/
348 case 'c':
349 error = addtype(&types,
350 (flags & LONGINT) ? T_WINT : T_INT);
351 if (error)
352 goto error;
353 break;
354 case 'D':
355 flags |= LONGINT;
356 /*FALLTHROUGH*/
357 case 'd':
358 case 'i':
359 if ((error = addsarg(&types, flags)))
360 goto error;
361 break;
362 #ifndef NO_FLOATING_POINT
363 case 'a':
364 case 'A':
365 case 'e':
366 case 'E':
367 case 'f':
368 case 'g':
369 case 'G':
370 error = addtype(&types,
371 (flags & LONGDBL) ? T_LONG_DOUBLE : T_DOUBLE);
372 if (error)
373 goto error;
374 break;
375 #endif /* !NO_FLOATING_POINT */
376 case 'n':
377 if (flags & INTMAXT)
378 error = addtype(&types, TP_INTMAXT);
379 else if (flags & PTRDIFFT)
380 error = addtype(&types, TP_PTRDIFFT);
381 else if (flags & SIZET)
382 error = addtype(&types, TP_SSIZET);
383 else if (flags & LLONGINT)
384 error = addtype(&types, TP_LLONG);
385 else if (flags & LONGINT)
386 error = addtype(&types, TP_LONG);
387 else if (flags & SHORTINT)
388 error = addtype(&types, TP_SHORT);
389 else if (flags & CHARINT)
390 error = addtype(&types, TP_SCHAR);
391 else
392 error = addtype(&types, TP_INT);
393 if (error)
394 goto error;
395 continue; /* no output */
396 case 'O':
397 flags |= LONGINT;
398 /*FALLTHROUGH*/
399 case 'o':
400 if ((error = adduarg(&types, flags)))
401 goto error;
402 break;
403 case 'p':
404 if ((error = addtype(&types, TP_VOID)))
405 goto error;
406 break;
407 case 'S':
408 flags |= LONGINT;
409 /*FALLTHROUGH*/
410 case 's':
411 error = addtype(&types,
412 (flags & LONGINT) ? TP_WCHAR : TP_CHAR);
413 if (error)
414 goto error;
415 break;
416 case 'U':
417 flags |= LONGINT;
418 /*FALLTHROUGH*/
419 case 'u':
420 case 'X':
421 case 'x':
422 if ((error = adduarg(&types, flags)))
423 goto error;
424 break;
425 default: /* "%?" prints ?, unless ? is NUL */
426 if (ch == '\0')
427 goto done;
428 break;
429 }
430 }
431 done:
432 build_arg_table(&types, ap, argtable);
433 error:
434 freetypes(&types);
435 return (error || *argtable == NULL);
436 }
437
438 /* wchar version of __find_arguments. */
439 int
__find_warguments(const wchar_t * fmt0,va_list ap,union arg ** argtable)440 __find_warguments (const wchar_t *fmt0, va_list ap, union arg **argtable)
441 {
442 wchar_t *fmt; /* format string */
443 wchar_t ch; /* character from fmt */
444 u_int n; /* handy integer (short term usage) */
445 int error;
446 int flags; /* flags as above */
447 struct typetable types; /* table of types */
448
449 fmt = (wchar_t *)fmt0;
450 inittypes(&types);
451 error = 0;
452
453 /*
454 * Scan the format for conversions (`%' character).
455 */
456 for (;;) {
457 while ((ch = *fmt) != '\0' && ch != '%')
458 fmt++;
459 if (ch == '\0')
460 goto done;
461 fmt++; /* skip over '%' */
462
463 flags = 0;
464
465 rflag: ch = *fmt++;
466 reswitch: switch (ch) {
467 case ' ':
468 case '#':
469 goto rflag;
470 case '*':
471 if ((error = addwaster(&types, &fmt)))
472 goto error;
473 goto rflag;
474 case '-':
475 case '+':
476 case '\'':
477 goto rflag;
478 case '.':
479 if ((ch = *fmt++) == '*') {
480 if ((error = addwaster(&types, &fmt)))
481 goto error;
482 goto rflag;
483 }
484 while (is_digit(ch)) {
485 ch = *fmt++;
486 }
487 goto reswitch;
488 case '0':
489 goto rflag;
490 case '1': case '2': case '3': case '4':
491 case '5': case '6': case '7': case '8': case '9':
492 n = 0;
493 do {
494 n = 10 * n + to_digit(ch);
495 /* Detect overflow */
496 if (n > MAX_POSARG) {
497 error = -1;
498 goto error;
499 }
500 ch = *fmt++;
501 } while (is_digit(ch));
502 if (ch == '$') {
503 types.nextarg = n;
504 goto rflag;
505 }
506 goto reswitch;
507 #ifndef NO_FLOATING_POINT
508 case 'L':
509 flags |= LONGDBL;
510 goto rflag;
511 #endif
512 case 'h':
513 if (flags & SHORTINT) {
514 flags &= ~SHORTINT;
515 flags |= CHARINT;
516 } else
517 flags |= SHORTINT;
518 goto rflag;
519 case 'j':
520 flags |= INTMAXT;
521 goto rflag;
522 case 'l':
523 if (flags & LONGINT) {
524 flags &= ~LONGINT;
525 flags |= LLONGINT;
526 } else
527 flags |= LONGINT;
528 goto rflag;
529 case 'q':
530 flags |= LLONGINT; /* not necessarily */
531 goto rflag;
532 case 't':
533 flags |= PTRDIFFT;
534 goto rflag;
535 case 'z':
536 flags |= SIZET;
537 goto rflag;
538 case 'C':
539 flags |= LONGINT;
540 /*FALLTHROUGH*/
541 case 'c':
542 error = addtype(&types,
543 (flags & LONGINT) ? T_WINT : T_INT);
544 if (error)
545 goto error;
546 break;
547 case 'D':
548 flags |= LONGINT;
549 /*FALLTHROUGH*/
550 case 'd':
551 case 'i':
552 if ((error = addsarg(&types, flags)))
553 goto error;
554 break;
555 #ifndef NO_FLOATING_POINT
556 case 'a':
557 case 'A':
558 case 'e':
559 case 'E':
560 case 'f':
561 case 'g':
562 case 'G':
563 error = addtype(&types,
564 (flags & LONGDBL) ? T_LONG_DOUBLE : T_DOUBLE);
565 if (error)
566 goto error;
567 break;
568 #endif /* !NO_FLOATING_POINT */
569 case 'n':
570 if (flags & INTMAXT)
571 error = addtype(&types, TP_INTMAXT);
572 else if (flags & PTRDIFFT)
573 error = addtype(&types, TP_PTRDIFFT);
574 else if (flags & SIZET)
575 error = addtype(&types, TP_SSIZET);
576 else if (flags & LLONGINT)
577 error = addtype(&types, TP_LLONG);
578 else if (flags & LONGINT)
579 error = addtype(&types, TP_LONG);
580 else if (flags & SHORTINT)
581 error = addtype(&types, TP_SHORT);
582 else if (flags & CHARINT)
583 error = addtype(&types, TP_SCHAR);
584 else
585 error = addtype(&types, TP_INT);
586 if (error)
587 goto error;
588 continue; /* no output */
589 case 'O':
590 flags |= LONGINT;
591 /*FALLTHROUGH*/
592 case 'o':
593 if ((error = adduarg(&types, flags)))
594 goto error;
595 break;
596 case 'p':
597 if ((error = addtype(&types, TP_VOID)))
598 goto error;
599 break;
600 case 'S':
601 flags |= LONGINT;
602 /*FALLTHROUGH*/
603 case 's':
604 error = addtype(&types,
605 (flags & LONGINT) ? TP_WCHAR : TP_CHAR);
606 if (error)
607 goto error;
608 break;
609 case 'U':
610 flags |= LONGINT;
611 /*FALLTHROUGH*/
612 case 'u':
613 case 'X':
614 case 'x':
615 if ((error = adduarg(&types, flags)))
616 goto error;
617 break;
618 default: /* "%?" prints ?, unless ? is NUL */
619 if (ch == '\0')
620 goto done;
621 break;
622 }
623 }
624 done:
625 build_arg_table(&types, ap, argtable);
626 error:
627 freetypes(&types);
628 return (error || *argtable == NULL);
629 }
630
631 /*
632 * Increase the size of the type table. Returns 0 on success.
633 */
634 static int
__grow_type_table(struct typetable * types)635 __grow_type_table(struct typetable *types)
636 {
637 enum typeid *const oldtable = types->table;
638 const int oldsize = types->tablesize;
639 enum typeid *newtable;
640 u_int n, newsize;
641
642 /* Detect overflow */
643 if (types->nextarg > NL_ARGMAX)
644 return (-1);
645
646 newsize = oldsize * 2;
647 if (newsize < types->nextarg + 1)
648 newsize = types->nextarg + 1;
649 if (oldsize == STATIC_ARG_TBL_SIZE) {
650 if ((newtable = malloc(newsize * sizeof(enum typeid))) == NULL)
651 return (-1);
652 bcopy(oldtable, newtable, oldsize * sizeof(enum typeid));
653 } else {
654 newtable = reallocarray(oldtable, newsize, sizeof(enum typeid));
655 if (newtable == NULL)
656 return (-1);
657 }
658 for (n = oldsize; n < newsize; n++)
659 newtable[n] = T_UNUSED;
660
661 types->table = newtable;
662 types->tablesize = newsize;
663
664 return (0);
665 }
666
667 /*
668 * Build the argument table from the completed type table.
669 * On malloc failure, *argtable is set to NULL.
670 */
671 static void
build_arg_table(struct typetable * types,va_list ap,union arg ** argtable)672 build_arg_table(struct typetable *types, va_list ap, union arg **argtable)
673 {
674 u_int n;
675
676 if (types->tablemax >= STATIC_ARG_TBL_SIZE) {
677 *argtable = (union arg *)
678 malloc (sizeof (union arg) * (types->tablemax + 1));
679 if (*argtable == NULL)
680 return;
681 }
682
683 (*argtable) [0].intarg = 0;
684 for (n = 1; n <= types->tablemax; n++) {
685 switch (types->table[n]) {
686 case T_UNUSED: /* whoops! */
687 (*argtable) [n].intarg = va_arg (ap, int);
688 break;
689 case TP_SCHAR:
690 (*argtable) [n].pschararg = va_arg (ap, signed char *);
691 break;
692 case TP_SHORT:
693 (*argtable) [n].pshortarg = va_arg (ap, short *);
694 break;
695 case T_INT:
696 (*argtable) [n].intarg = va_arg (ap, int);
697 break;
698 case T_U_INT:
699 (*argtable) [n].uintarg = va_arg (ap, unsigned int);
700 break;
701 case TP_INT:
702 (*argtable) [n].pintarg = va_arg (ap, int *);
703 break;
704 case T_LONG:
705 (*argtable) [n].longarg = va_arg (ap, long);
706 break;
707 case T_U_LONG:
708 (*argtable) [n].ulongarg = va_arg (ap, unsigned long);
709 break;
710 case TP_LONG:
711 (*argtable) [n].plongarg = va_arg (ap, long *);
712 break;
713 case T_LLONG:
714 (*argtable) [n].longlongarg = va_arg (ap, long long);
715 break;
716 case T_U_LLONG:
717 (*argtable) [n].ulonglongarg = va_arg (ap, unsigned long long);
718 break;
719 case TP_LLONG:
720 (*argtable) [n].plonglongarg = va_arg (ap, long long *);
721 break;
722 case T_PTRDIFFT:
723 (*argtable) [n].ptrdiffarg = va_arg (ap, ptrdiff_t);
724 break;
725 case TP_PTRDIFFT:
726 (*argtable) [n].pptrdiffarg = va_arg (ap, ptrdiff_t *);
727 break;
728 case T_SIZET:
729 (*argtable) [n].sizearg = va_arg (ap, size_t);
730 break;
731 case T_SSIZET:
732 (*argtable) [n].sizearg = va_arg (ap, ssize_t);
733 break;
734 case TP_SSIZET:
735 (*argtable) [n].pssizearg = va_arg (ap, ssize_t *);
736 break;
737 case T_INTMAXT:
738 (*argtable) [n].intmaxarg = va_arg (ap, intmax_t);
739 break;
740 case T_UINTMAXT:
741 (*argtable) [n].uintmaxarg = va_arg (ap, uintmax_t);
742 break;
743 case TP_INTMAXT:
744 (*argtable) [n].pintmaxarg = va_arg (ap, intmax_t *);
745 break;
746 case T_DOUBLE:
747 #ifndef NO_FLOATING_POINT
748 (*argtable) [n].doublearg = va_arg (ap, double);
749 #endif
750 break;
751 case T_LONG_DOUBLE:
752 #ifndef NO_FLOATING_POINT
753 (*argtable) [n].longdoublearg = va_arg (ap, long double);
754 #endif
755 break;
756 case TP_CHAR:
757 (*argtable) [n].pchararg = va_arg (ap, char *);
758 break;
759 case TP_VOID:
760 (*argtable) [n].pvoidarg = va_arg (ap, void *);
761 break;
762 case T_WINT:
763 (*argtable) [n].wintarg = va_arg (ap, wint_t);
764 break;
765 case TP_WCHAR:
766 (*argtable) [n].pwchararg = va_arg (ap, wchar_t *);
767 break;
768 }
769 }
770 }
771