1 /*- 2 * Copyright (c) 1992, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Casey Leedom of Lawrence Livermore National Laboratory. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * $FreeBSD$ 37 */ 38 39 #if defined(LIBC_SCCS) && !defined(lint) 40 static char sccsid[] = "@(#)getcap.c 8.3 (Berkeley) 3/25/94"; 41 #endif /* LIBC_SCCS and not lint */ 42 43 #include <sys/types.h> 44 45 #include <ctype.h> 46 #include <db.h> 47 #include <errno.h> 48 #include <fcntl.h> 49 #include <limits.h> 50 #include <stdio.h> 51 #include <stdlib.h> 52 #include <string.h> 53 #include <unistd.h> 54 55 #define BFRAG 1024 56 #define BSIZE 1024 57 #define ESC ('[' & 037) /* ASCII ESC */ 58 #define MAX_RECURSION 32 /* maximum getent recursion */ 59 #define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ 60 61 #define RECOK (char)0 62 #define TCERR (char)1 63 #define SHADOW (char)2 64 65 static size_t topreclen; /* toprec length */ 66 static char *toprec; /* Additional record specified by cgetset() */ 67 static int gottoprec; /* Flag indicating retrieval of toprecord */ 68 69 static int cdbget __P((DB *, char **, char *)); 70 static int getent __P((char **, u_int *, char **, int, char *, int, char *)); 71 static int nfcmp __P((char *, char *)); 72 73 /* 74 * Cgetset() allows the addition of a user specified buffer to be added 75 * to the database array, in effect "pushing" the buffer on top of the 76 * virtual database. 0 is returned on success, -1 on failure. 77 */ 78 int 79 cgetset(ent) 80 char *ent; 81 { 82 if (ent == NULL) { 83 if (toprec) 84 free(toprec); 85 toprec = NULL; 86 topreclen = 0; 87 return (0); 88 } 89 topreclen = strlen(ent); 90 if ((toprec = malloc (topreclen + 1)) == NULL) { 91 errno = ENOMEM; 92 return (-1); 93 } 94 gottoprec = 0; 95 (void)strcpy(toprec, ent); 96 return (0); 97 } 98 99 /* 100 * Cgetcap searches the capability record buf for the capability cap with 101 * type `type'. A pointer to the value of cap is returned on success, NULL 102 * if the requested capability couldn't be found. 103 * 104 * Specifying a type of ':' means that nothing should follow cap (:cap:). 105 * In this case a pointer to the terminating ':' or NUL will be returned if 106 * cap is found. 107 * 108 * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) 109 * return NULL. 110 */ 111 char * 112 cgetcap(buf, cap, type) 113 char *buf, *cap; 114 int type; 115 { 116 register char *bp, *cp; 117 118 bp = buf; 119 for (;;) { 120 /* 121 * Skip past the current capability field - it's either the 122 * name field if this is the first time through the loop, or 123 * the remainder of a field whose name failed to match cap. 124 */ 125 for (;;) 126 if (*bp == '\0') 127 return (NULL); 128 else 129 if (*bp++ == ':') 130 break; 131 132 /* 133 * Try to match (cap, type) in buf. 134 */ 135 for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) 136 continue; 137 if (*cp != '\0') 138 continue; 139 if (*bp == '@') 140 return (NULL); 141 if (type == ':') { 142 if (*bp != '\0' && *bp != ':') 143 continue; 144 return(bp); 145 } 146 if (*bp != type) 147 continue; 148 bp++; 149 return (*bp == '@' ? NULL : bp); 150 } 151 /* NOTREACHED */ 152 } 153 154 /* 155 * Cgetent extracts the capability record name from the NULL terminated file 156 * array db_array and returns a pointer to a malloc'd copy of it in buf. 157 * Buf must be retained through all subsequent calls to cgetcap, cgetnum, 158 * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, 159 * -1 if the requested record couldn't be found, -2 if a system error was 160 * encountered (couldn't open/read a file, etc.), and -3 if a potential 161 * reference loop is detected. 162 */ 163 int 164 cgetent(buf, db_array, name) 165 char **buf, **db_array, *name; 166 { 167 u_int dummy; 168 169 return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); 170 } 171 172 /* 173 * Getent implements the functions of cgetent. If fd is non-negative, 174 * *db_array has already been opened and fd is the open file descriptor. We 175 * do this to save time and avoid using up file descriptors for tc= 176 * recursions. 177 * 178 * Getent returns the same success/failure codes as cgetent. On success, a 179 * pointer to a malloc'ed capability record with all tc= capabilities fully 180 * expanded and its length (not including trailing ASCII NUL) are left in 181 * *cap and *len. 182 * 183 * Basic algorithm: 184 * + Allocate memory incrementally as needed in chunks of size BFRAG 185 * for capability buffer. 186 * + Recurse for each tc=name and interpolate result. Stop when all 187 * names interpolated, a name can't be found, or depth exceeds 188 * MAX_RECURSION. 189 */ 190 static int 191 getent(cap, len, db_array, fd, name, depth, nfield) 192 char **cap, **db_array, *name, *nfield; 193 u_int *len; 194 int fd, depth; 195 { 196 DB *capdbp; 197 register char *r_end, *rp, **db_p; 198 int myfd, eof, foundit, retval, clen; 199 char *record, *cbuf; 200 int tc_not_resolved; 201 char pbuf[_POSIX_PATH_MAX]; 202 203 /* 204 * Return with ``loop detected'' error if we've recursed more than 205 * MAX_RECURSION times. 206 */ 207 if (depth > MAX_RECURSION) 208 return (-3); 209 210 /* 211 * Check if we have a top record from cgetset(). 212 */ 213 if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { 214 if ((record = malloc (topreclen + BFRAG)) == NULL) { 215 errno = ENOMEM; 216 return (-2); 217 } 218 (void)strcpy(record, toprec); 219 myfd = 0; 220 db_p = db_array; 221 rp = record + topreclen + 1; 222 r_end = rp + BFRAG; 223 goto tc_exp; 224 } 225 /* 226 * Allocate first chunk of memory. 227 */ 228 if ((record = malloc(BFRAG)) == NULL) { 229 errno = ENOMEM; 230 return (-2); 231 } 232 r_end = record + BFRAG; 233 foundit = 0; 234 /* 235 * Loop through database array until finding the record. 236 */ 237 238 for (db_p = db_array; *db_p != NULL; db_p++) { 239 eof = 0; 240 241 /* 242 * Open database if not already open. 243 */ 244 245 if (fd >= 0) { 246 (void)lseek(fd, (off_t)0, SEEK_SET); 247 myfd = 0; 248 } else { 249 (void)snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); 250 if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) 251 != NULL) { 252 free(record); 253 retval = cdbget(capdbp, &record, name); 254 if (retval < 0) { 255 /* no record available */ 256 (void)capdbp->close(capdbp); 257 return (retval); 258 } 259 /* save the data; close frees it */ 260 clen = strlen(record); 261 cbuf = malloc(clen + 1); 262 memcpy(cbuf, record, clen + 1); 263 if (capdbp->close(capdbp) < 0) { 264 free(cbuf); 265 return (-2); 266 } 267 *len = clen; 268 *cap = cbuf; 269 return (retval); 270 } else { 271 fd = _open(*db_p, O_RDONLY, 0); 272 if (fd < 0) 273 continue; 274 myfd = 1; 275 } 276 } 277 /* 278 * Find the requested capability record ... 279 */ 280 { 281 char buf[BUFSIZ]; 282 register char *b_end, *bp; 283 register int c; 284 285 /* 286 * Loop invariants: 287 * There is always room for one more character in record. 288 * R_end always points just past end of record. 289 * Rp always points just past last character in record. 290 * B_end always points just past last character in buf. 291 * Bp always points at next character in buf. 292 */ 293 b_end = buf; 294 bp = buf; 295 for (;;) { 296 297 /* 298 * Read in a line implementing (\, newline) 299 * line continuation. 300 */ 301 rp = record; 302 for (;;) { 303 if (bp >= b_end) { 304 int n; 305 306 n = _read(fd, buf, sizeof(buf)); 307 if (n <= 0) { 308 if (myfd) 309 (void)_close(fd); 310 if (n < 0) { 311 free(record); 312 return (-2); 313 } else { 314 fd = -1; 315 eof = 1; 316 break; 317 } 318 } 319 b_end = buf+n; 320 bp = buf; 321 } 322 323 c = *bp++; 324 if (c == '\n') { 325 if (rp > record && *(rp-1) == '\\') { 326 rp--; 327 continue; 328 } else 329 break; 330 } 331 *rp++ = c; 332 333 /* 334 * Enforce loop invariant: if no room 335 * left in record buffer, try to get 336 * some more. 337 */ 338 if (rp >= r_end) { 339 u_int pos; 340 size_t newsize; 341 342 pos = rp - record; 343 newsize = r_end - record + BFRAG; 344 record = reallocf(record, newsize); 345 if (record == NULL) { 346 errno = ENOMEM; 347 if (myfd) 348 (void)_close(fd); 349 return (-2); 350 } 351 r_end = record + newsize; 352 rp = record + pos; 353 } 354 } 355 /* loop invariant let's us do this */ 356 *rp++ = '\0'; 357 358 /* 359 * If encountered eof check next file. 360 */ 361 if (eof) 362 break; 363 364 /* 365 * Toss blank lines and comments. 366 */ 367 if (*record == '\0' || *record == '#') 368 continue; 369 370 /* 371 * See if this is the record we want ... 372 */ 373 if (cgetmatch(record, name) == 0) { 374 if (nfield == NULL || !nfcmp(nfield, record)) { 375 foundit = 1; 376 break; /* found it! */ 377 } 378 } 379 } 380 } 381 if (foundit) 382 break; 383 } 384 385 if (!foundit) 386 return (-1); 387 388 /* 389 * Got the capability record, but now we have to expand all tc=name 390 * references in it ... 391 */ 392 tc_exp: { 393 register char *newicap, *s; 394 register int newilen; 395 u_int ilen; 396 int diff, iret, tclen; 397 char *icap, *scan, *tc, *tcstart, *tcend; 398 399 /* 400 * Loop invariants: 401 * There is room for one more character in record. 402 * R_end points just past end of record. 403 * Rp points just past last character in record. 404 * Scan points at remainder of record that needs to be 405 * scanned for tc=name constructs. 406 */ 407 scan = record; 408 tc_not_resolved = 0; 409 for (;;) { 410 if ((tc = cgetcap(scan, "tc", '=')) == NULL) 411 break; 412 413 /* 414 * Find end of tc=name and stomp on the trailing `:' 415 * (if present) so we can use it to call ourselves. 416 */ 417 s = tc; 418 for (;;) 419 if (*s == '\0') 420 break; 421 else 422 if (*s++ == ':') { 423 *(s - 1) = '\0'; 424 break; 425 } 426 tcstart = tc - 3; 427 tclen = s - tcstart; 428 tcend = s; 429 430 iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, 431 NULL); 432 newicap = icap; /* Put into a register. */ 433 newilen = ilen; 434 if (iret != 0) { 435 /* an error */ 436 if (iret < -1) { 437 if (myfd) 438 (void)_close(fd); 439 free(record); 440 return (iret); 441 } 442 if (iret == 1) 443 tc_not_resolved = 1; 444 /* couldn't resolve tc */ 445 if (iret == -1) { 446 *(s - 1) = ':'; 447 scan = s - 1; 448 tc_not_resolved = 1; 449 continue; 450 451 } 452 } 453 /* not interested in name field of tc'ed record */ 454 s = newicap; 455 for (;;) 456 if (*s == '\0') 457 break; 458 else 459 if (*s++ == ':') 460 break; 461 newilen -= s - newicap; 462 newicap = s; 463 464 /* make sure interpolated record is `:'-terminated */ 465 s += newilen; 466 if (*(s-1) != ':') { 467 *s = ':'; /* overwrite NUL with : */ 468 newilen++; 469 } 470 471 /* 472 * Make sure there's enough room to insert the 473 * new record. 474 */ 475 diff = newilen - tclen; 476 if (diff >= r_end - rp) { 477 u_int pos, tcpos, tcposend; 478 size_t newsize; 479 480 pos = rp - record; 481 newsize = r_end - record + diff + BFRAG; 482 tcpos = tcstart - record; 483 tcposend = tcend - record; 484 record = reallocf(record, newsize); 485 if (record == NULL) { 486 errno = ENOMEM; 487 if (myfd) 488 (void)_close(fd); 489 free(icap); 490 return (-2); 491 } 492 r_end = record + newsize; 493 rp = record + pos; 494 tcstart = record + tcpos; 495 tcend = record + tcposend; 496 } 497 498 /* 499 * Insert tc'ed record into our record. 500 */ 501 s = tcstart + newilen; 502 bcopy(tcend, s, rp - tcend); 503 bcopy(newicap, tcstart, newilen); 504 rp += diff; 505 free(icap); 506 507 /* 508 * Start scan on `:' so next cgetcap works properly 509 * (cgetcap always skips first field). 510 */ 511 scan = s-1; 512 } 513 514 } 515 /* 516 * Close file (if we opened it), give back any extra memory, and 517 * return capability, length and success. 518 */ 519 if (myfd) 520 (void)_close(fd); 521 *len = rp - record - 1; /* don't count NUL */ 522 if (r_end > rp) 523 if ((record = 524 reallocf(record, (size_t)(rp - record))) == NULL) { 525 errno = ENOMEM; 526 return (-2); 527 } 528 529 *cap = record; 530 if (tc_not_resolved) 531 return (1); 532 return (0); 533 } 534 535 static int 536 cdbget(capdbp, bp, name) 537 DB *capdbp; 538 char **bp, *name; 539 { 540 DBT key, data; 541 542 key.data = name; 543 key.size = strlen(name); 544 545 for (;;) { 546 /* Get the reference. */ 547 switch(capdbp->get(capdbp, &key, &data, 0)) { 548 case -1: 549 return (-2); 550 case 1: 551 return (-1); 552 } 553 554 /* If not an index to another record, leave. */ 555 if (((char *)data.data)[0] != SHADOW) 556 break; 557 558 key.data = (char *)data.data + 1; 559 key.size = data.size - 1; 560 } 561 562 *bp = (char *)data.data + 1; 563 return (((char *)(data.data))[0] == TCERR ? 1 : 0); 564 } 565 566 /* 567 * Cgetmatch will return 0 if name is one of the names of the capability 568 * record buf, -1 if not. 569 */ 570 int 571 cgetmatch(buf, name) 572 char *buf, *name; 573 { 574 register char *np, *bp; 575 576 /* 577 * Start search at beginning of record. 578 */ 579 bp = buf; 580 for (;;) { 581 /* 582 * Try to match a record name. 583 */ 584 np = name; 585 for (;;) 586 if (*np == '\0') 587 if (*bp == '|' || *bp == ':' || *bp == '\0') 588 return (0); 589 else 590 break; 591 else 592 if (*bp++ != *np++) 593 break; 594 595 /* 596 * Match failed, skip to next name in record. 597 */ 598 bp--; /* a '|' or ':' may have stopped the match */ 599 for (;;) 600 if (*bp == '\0' || *bp == ':') 601 return (-1); /* match failed totally */ 602 else 603 if (*bp++ == '|') 604 break; /* found next name */ 605 } 606 } 607 608 609 610 611 612 int 613 cgetfirst(buf, db_array) 614 char **buf, **db_array; 615 { 616 (void)cgetclose(); 617 return (cgetnext(buf, db_array)); 618 } 619 620 static FILE *pfp; 621 static int slash; 622 static char **dbp; 623 624 int 625 cgetclose() 626 { 627 if (pfp != NULL) { 628 (void)fclose(pfp); 629 pfp = NULL; 630 } 631 dbp = NULL; 632 gottoprec = 0; 633 slash = 0; 634 return(0); 635 } 636 637 /* 638 * Cgetnext() gets either the first or next entry in the logical database 639 * specified by db_array. It returns 0 upon completion of the database, 1 640 * upon returning an entry with more remaining, and -1 if an error occurs. 641 */ 642 int 643 cgetnext(bp, db_array) 644 register char **bp; 645 char **db_array; 646 { 647 size_t len; 648 int status, i, done; 649 char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; 650 u_int dummy; 651 652 if (dbp == NULL) 653 dbp = db_array; 654 655 if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { 656 (void)cgetclose(); 657 return (-1); 658 } 659 for(;;) { 660 if (toprec && !gottoprec) { 661 gottoprec = 1; 662 line = toprec; 663 } else { 664 line = fgetln(pfp, &len); 665 if (line == NULL && pfp) { 666 (void)fclose(pfp); 667 if (ferror(pfp)) { 668 (void)cgetclose(); 669 return (-1); 670 } else { 671 if (*++dbp == NULL) { 672 (void)cgetclose(); 673 return (0); 674 } else if ((pfp = 675 fopen(*dbp, "r")) == NULL) { 676 (void)cgetclose(); 677 return (-1); 678 } else 679 continue; 680 } 681 } else 682 line[len - 1] = '\0'; 683 if (len == 1) { 684 slash = 0; 685 continue; 686 } 687 if (isspace((unsigned char)*line) || 688 *line == ':' || *line == '#' || slash) { 689 if (line[len - 2] == '\\') 690 slash = 1; 691 else 692 slash = 0; 693 continue; 694 } 695 if (line[len - 2] == '\\') 696 slash = 1; 697 else 698 slash = 0; 699 } 700 701 702 /* 703 * Line points to a name line. 704 */ 705 i = 0; 706 done = 0; 707 np = nbuf; 708 for (;;) { 709 for (cp = line; *cp != '\0'; cp++) { 710 if (*cp == ':') { 711 *np++ = ':'; 712 done = 1; 713 break; 714 } 715 if (*cp == '\\') 716 break; 717 *np++ = *cp; 718 } 719 if (done) { 720 *np = '\0'; 721 break; 722 } else { /* name field extends beyond the line */ 723 line = fgetln(pfp, &len); 724 if (line == NULL && pfp) { 725 (void)fclose(pfp); 726 if (ferror(pfp)) { 727 (void)cgetclose(); 728 return (-1); 729 } 730 } else 731 line[len - 1] = '\0'; 732 } 733 } 734 rp = buf; 735 for(cp = nbuf; *cp != '\0'; cp++) 736 if (*cp == '|' || *cp == ':') 737 break; 738 else 739 *rp++ = *cp; 740 741 *rp = '\0'; 742 /* 743 * XXX 744 * Last argument of getent here should be nbuf if we want true 745 * sequential access in the case of duplicates. 746 * With NULL, getent will return the first entry found 747 * rather than the duplicate entry record. This is a 748 * matter of semantics that should be resolved. 749 */ 750 status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); 751 if (status == -2 || status == -3) 752 (void)cgetclose(); 753 754 return (status + 1); 755 } 756 /* NOTREACHED */ 757 } 758 759 /* 760 * Cgetstr retrieves the value of the string capability cap from the 761 * capability record pointed to by buf. A pointer to a decoded, NUL 762 * terminated, malloc'd copy of the string is returned in the char * 763 * pointed to by str. The length of the string not including the trailing 764 * NUL is returned on success, -1 if the requested string capability 765 * couldn't be found, -2 if a system error was encountered (storage 766 * allocation failure). 767 */ 768 int 769 cgetstr(buf, cap, str) 770 char *buf, *cap; 771 char **str; 772 { 773 register u_int m_room; 774 register char *bp, *mp; 775 int len; 776 char *mem; 777 778 /* 779 * Find string capability cap 780 */ 781 bp = cgetcap(buf, cap, '='); 782 if (bp == NULL) 783 return (-1); 784 785 /* 786 * Conversion / storage allocation loop ... Allocate memory in 787 * chunks SFRAG in size. 788 */ 789 if ((mem = malloc(SFRAG)) == NULL) { 790 errno = ENOMEM; 791 return (-2); /* couldn't even allocate the first fragment */ 792 } 793 m_room = SFRAG; 794 mp = mem; 795 796 while (*bp != ':' && *bp != '\0') { 797 /* 798 * Loop invariants: 799 * There is always room for one more character in mem. 800 * Mp always points just past last character in mem. 801 * Bp always points at next character in buf. 802 */ 803 if (*bp == '^') { 804 bp++; 805 if (*bp == ':' || *bp == '\0') 806 break; /* drop unfinished escape */ 807 if (*bp == '?') { 808 *mp++ = '\177'; 809 bp++; 810 } else 811 *mp++ = *bp++ & 037; 812 } else if (*bp == '\\') { 813 bp++; 814 if (*bp == ':' || *bp == '\0') 815 break; /* drop unfinished escape */ 816 if ('0' <= *bp && *bp <= '7') { 817 register int n, i; 818 819 n = 0; 820 i = 3; /* maximum of three octal digits */ 821 do { 822 n = n * 8 + (*bp++ - '0'); 823 } while (--i && '0' <= *bp && *bp <= '7'); 824 *mp++ = n; 825 } 826 else switch (*bp++) { 827 case 'b': case 'B': 828 *mp++ = '\b'; 829 break; 830 case 't': case 'T': 831 *mp++ = '\t'; 832 break; 833 case 'n': case 'N': 834 *mp++ = '\n'; 835 break; 836 case 'f': case 'F': 837 *mp++ = '\f'; 838 break; 839 case 'r': case 'R': 840 *mp++ = '\r'; 841 break; 842 case 'e': case 'E': 843 *mp++ = ESC; 844 break; 845 case 'c': case 'C': 846 *mp++ = ':'; 847 break; 848 default: 849 /* 850 * Catches '\', '^', and 851 * everything else. 852 */ 853 *mp++ = *(bp-1); 854 break; 855 } 856 } else 857 *mp++ = *bp++; 858 m_room--; 859 860 /* 861 * Enforce loop invariant: if no room left in current 862 * buffer, try to get some more. 863 */ 864 if (m_room == 0) { 865 size_t size = mp - mem; 866 867 if ((mem = reallocf(mem, size + SFRAG)) == NULL) 868 return (-2); 869 m_room = SFRAG; 870 mp = mem + size; 871 } 872 } 873 *mp++ = '\0'; /* loop invariant let's us do this */ 874 m_room--; 875 len = mp - mem - 1; 876 877 /* 878 * Give back any extra memory and return value and success. 879 */ 880 if (m_room != 0) 881 if ((mem = reallocf(mem, (size_t)(mp - mem))) == NULL) 882 return (-2); 883 *str = mem; 884 return (len); 885 } 886 887 /* 888 * Cgetustr retrieves the value of the string capability cap from the 889 * capability record pointed to by buf. The difference between cgetustr() 890 * and cgetstr() is that cgetustr does not decode escapes but rather treats 891 * all characters literally. A pointer to a NUL terminated malloc'd 892 * copy of the string is returned in the char pointed to by str. The 893 * length of the string not including the trailing NUL is returned on success, 894 * -1 if the requested string capability couldn't be found, -2 if a system 895 * error was encountered (storage allocation failure). 896 */ 897 int 898 cgetustr(buf, cap, str) 899 char *buf, *cap, **str; 900 { 901 register u_int m_room; 902 register char *bp, *mp; 903 int len; 904 char *mem; 905 906 /* 907 * Find string capability cap 908 */ 909 if ((bp = cgetcap(buf, cap, '=')) == NULL) 910 return (-1); 911 912 /* 913 * Conversion / storage allocation loop ... Allocate memory in 914 * chunks SFRAG in size. 915 */ 916 if ((mem = malloc(SFRAG)) == NULL) { 917 errno = ENOMEM; 918 return (-2); /* couldn't even allocate the first fragment */ 919 } 920 m_room = SFRAG; 921 mp = mem; 922 923 while (*bp != ':' && *bp != '\0') { 924 /* 925 * Loop invariants: 926 * There is always room for one more character in mem. 927 * Mp always points just past last character in mem. 928 * Bp always points at next character in buf. 929 */ 930 *mp++ = *bp++; 931 m_room--; 932 933 /* 934 * Enforce loop invariant: if no room left in current 935 * buffer, try to get some more. 936 */ 937 if (m_room == 0) { 938 size_t size = mp - mem; 939 940 if ((mem = reallocf(mem, size + SFRAG)) == NULL) 941 return (-2); 942 m_room = SFRAG; 943 mp = mem + size; 944 } 945 } 946 *mp++ = '\0'; /* loop invariant let's us do this */ 947 m_room--; 948 len = mp - mem - 1; 949 950 /* 951 * Give back any extra memory and return value and success. 952 */ 953 if (m_room != 0) 954 if ((mem = reallocf(mem, (size_t)(mp - mem))) == NULL) 955 return (-2); 956 *str = mem; 957 return (len); 958 } 959 960 /* 961 * Cgetnum retrieves the value of the numeric capability cap from the 962 * capability record pointed to by buf. The numeric value is returned in 963 * the long pointed to by num. 0 is returned on success, -1 if the requested 964 * numeric capability couldn't be found. 965 */ 966 int 967 cgetnum(buf, cap, num) 968 char *buf, *cap; 969 long *num; 970 { 971 register long n; 972 register int base, digit; 973 register char *bp; 974 975 /* 976 * Find numeric capability cap 977 */ 978 bp = cgetcap(buf, cap, '#'); 979 if (bp == NULL) 980 return (-1); 981 982 /* 983 * Look at value and determine numeric base: 984 * 0x... or 0X... hexadecimal, 985 * else 0... octal, 986 * else decimal. 987 */ 988 if (*bp == '0') { 989 bp++; 990 if (*bp == 'x' || *bp == 'X') { 991 bp++; 992 base = 16; 993 } else 994 base = 8; 995 } else 996 base = 10; 997 998 /* 999 * Conversion loop ... 1000 */ 1001 n = 0; 1002 for (;;) { 1003 if ('0' <= *bp && *bp <= '9') 1004 digit = *bp - '0'; 1005 else if ('a' <= *bp && *bp <= 'f') 1006 digit = 10 + *bp - 'a'; 1007 else if ('A' <= *bp && *bp <= 'F') 1008 digit = 10 + *bp - 'A'; 1009 else 1010 break; 1011 1012 if (digit >= base) 1013 break; 1014 1015 n = n * base + digit; 1016 bp++; 1017 } 1018 1019 /* 1020 * Return value and success. 1021 */ 1022 *num = n; 1023 return (0); 1024 } 1025 1026 1027 /* 1028 * Compare name field of record. 1029 */ 1030 static int 1031 nfcmp(nf, rec) 1032 char *nf, *rec; 1033 { 1034 char *cp, tmp; 1035 int ret; 1036 1037 for (cp = rec; *cp != ':'; cp++) 1038 ; 1039 1040 tmp = *(cp + 1); 1041 *(cp + 1) = '\0'; 1042 ret = strcmp(nf, rec); 1043 *(cp + 1) = tmp; 1044 1045 return (ret); 1046 } 1047