1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1990, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Chris Torek. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 /* 36 * This is the code responsible for handling positional arguments 37 * (%m$ and %m$.n$) for vfprintf() and vfwprintf(). 38 */ 39 40 #include "namespace.h" 41 #include <sys/types.h> 42 43 #include <limits.h> 44 #include <stdarg.h> 45 #include <stddef.h> 46 #include <stdint.h> 47 #include <stdio.h> 48 #include <stdlib.h> 49 #include <string.h> 50 #include <wchar.h> 51 52 #include "un-namespace.h" 53 #include "printflocal.h" 54 55 #ifdef NL_ARGMAX 56 #define MAX_POSARG NL_ARGMAX 57 #else 58 #define MAX_POSARG 65536 59 #endif 60 61 /* 62 * Type ids for argument type table. 63 */ 64 enum typeid { 65 T_UNUSED, TP_SHORT, T_INT, T_U_INT, TP_INT, 66 T_LONG, T_U_LONG, TP_LONG, T_LLONG, T_U_LLONG, TP_LLONG, 67 T_PTRDIFFT, TP_PTRDIFFT, T_SSIZET, T_SIZET, TP_SSIZET, 68 T_INTMAXT, T_UINTMAXT, TP_INTMAXT, TP_VOID, TP_CHAR, TP_SCHAR, 69 T_DOUBLE, T_LONG_DOUBLE, T_WINT, TP_WCHAR 70 }; 71 72 /* An expandable array of types. */ 73 struct typetable { 74 enum typeid *table; /* table of types */ 75 enum typeid stattable[STATIC_ARG_TBL_SIZE]; 76 u_int tablesize; /* current size of type table */ 77 u_int tablemax; /* largest used index in table */ 78 u_int nextarg; /* 1-based argument index */ 79 }; 80 81 static int __grow_type_table(struct typetable *); 82 static void build_arg_table (struct typetable *, va_list, union arg **); 83 84 /* 85 * Initialize a struct typetable. 86 */ 87 static inline void 88 inittypes(struct typetable *types) 89 { 90 u_int n; 91 92 types->table = types->stattable; 93 types->tablesize = STATIC_ARG_TBL_SIZE; 94 types->tablemax = 0; 95 types->nextarg = 1; 96 for (n = 0; n < STATIC_ARG_TBL_SIZE; n++) 97 types->table[n] = T_UNUSED; 98 } 99 100 /* 101 * struct typetable destructor. 102 */ 103 static inline void 104 freetypes(struct typetable *types) 105 { 106 107 if (types->table != types->stattable) 108 free (types->table); 109 } 110 111 /* 112 * Ensure that there is space to add a new argument type to the type table. 113 * Expand the table if necessary. Returns 0 on success. 114 */ 115 static inline int 116 _ensurespace(struct typetable *types) 117 { 118 119 if (types->nextarg >= types->tablesize) { 120 if (__grow_type_table(types)) 121 return (-1); 122 } 123 if (types->nextarg > types->tablemax) 124 types->tablemax = types->nextarg; 125 return (0); 126 } 127 128 /* 129 * Add an argument type to the table, expanding if necessary. 130 * Returns 0 on success. 131 */ 132 static inline int 133 addtype(struct typetable *types, enum typeid type) 134 { 135 136 if (_ensurespace(types)) 137 return (-1); 138 types->table[types->nextarg++] = type; 139 return (0); 140 } 141 142 static inline int 143 addsarg(struct typetable *types, int flags) 144 { 145 146 if (_ensurespace(types)) 147 return (-1); 148 if (flags & INTMAXT) 149 types->table[types->nextarg++] = T_INTMAXT; 150 else if (flags & SIZET) 151 types->table[types->nextarg++] = T_SSIZET; 152 else if (flags & PTRDIFFT) 153 types->table[types->nextarg++] = T_PTRDIFFT; 154 else if (flags & LLONGINT) 155 types->table[types->nextarg++] = T_LLONG; 156 else if (flags & LONGINT) 157 types->table[types->nextarg++] = T_LONG; 158 else 159 types->table[types->nextarg++] = T_INT; 160 return (0); 161 } 162 163 static inline int 164 adduarg(struct typetable *types, int flags) 165 { 166 167 if (_ensurespace(types)) 168 return (-1); 169 if (flags & INTMAXT) 170 types->table[types->nextarg++] = T_UINTMAXT; 171 else if (flags & SIZET) 172 types->table[types->nextarg++] = T_SIZET; 173 else if (flags & PTRDIFFT) 174 types->table[types->nextarg++] = T_SIZET; 175 else if (flags & LLONGINT) 176 types->table[types->nextarg++] = T_U_LLONG; 177 else if (flags & LONGINT) 178 types->table[types->nextarg++] = T_U_LONG; 179 else 180 types->table[types->nextarg++] = T_U_INT; 181 return (0); 182 } 183 184 /* 185 * Add * arguments to the type array. 186 */ 187 static inline int 188 addaster(struct typetable *types, char **fmtp) 189 { 190 char *cp; 191 u_int n2; 192 193 n2 = 0; 194 cp = *fmtp; 195 while (is_digit(*cp)) { 196 n2 = 10 * n2 + to_digit(*cp); 197 cp++; 198 } 199 if (*cp == '$') { 200 u_int hold = types->nextarg; 201 types->nextarg = n2; 202 if (addtype(types, T_INT)) 203 return (-1); 204 types->nextarg = hold; 205 *fmtp = ++cp; 206 } else { 207 if (addtype(types, T_INT)) 208 return (-1); 209 } 210 return (0); 211 } 212 213 static inline int 214 addwaster(struct typetable *types, wchar_t **fmtp) 215 { 216 wchar_t *cp; 217 u_int n2; 218 219 n2 = 0; 220 cp = *fmtp; 221 while (is_digit(*cp)) { 222 n2 = 10 * n2 + to_digit(*cp); 223 cp++; 224 } 225 if (*cp == '$') { 226 u_int hold = types->nextarg; 227 types->nextarg = n2; 228 if (addtype(types, T_INT)) 229 return (-1); 230 types->nextarg = hold; 231 *fmtp = ++cp; 232 } else { 233 if (addtype(types, T_INT)) 234 return (-1); 235 } 236 return (0); 237 } 238 239 /* 240 * Find all arguments when a positional parameter is encountered. Returns a 241 * table, indexed by argument number, of pointers to each arguments. The 242 * initial argument table should be an array of STATIC_ARG_TBL_SIZE entries. 243 * It will be replaces with a malloc-ed one if it overflows. 244 * Returns 0 on success. On failure, returns nonzero and sets errno. 245 */ 246 int 247 __find_arguments (const char *fmt0, va_list ap, union arg **argtable) 248 { 249 char *fmt; /* format string */ 250 int ch; /* character from fmt */ 251 u_int n; /* handy integer (short term usage) */ 252 int error; 253 int flags; /* flags as above */ 254 struct typetable types; /* table of types */ 255 256 fmt = (char *)fmt0; 257 inittypes(&types); 258 error = 0; 259 260 /* 261 * Scan the format for conversions (`%' character). 262 */ 263 for (;;) { 264 while ((ch = *fmt) != '\0' && ch != '%') 265 fmt++; 266 if (ch == '\0') 267 goto done; 268 fmt++; /* skip over '%' */ 269 270 flags = 0; 271 272 rflag: ch = *fmt++; 273 reswitch: switch (ch) { 274 case ' ': 275 case '#': 276 goto rflag; 277 case '*': 278 if ((error = addaster(&types, &fmt))) 279 goto error; 280 goto rflag; 281 case '-': 282 case '+': 283 case '\'': 284 goto rflag; 285 case '.': 286 if ((ch = *fmt++) == '*') { 287 if ((error = addaster(&types, &fmt))) 288 goto error; 289 goto rflag; 290 } 291 while (is_digit(ch)) { 292 ch = *fmt++; 293 } 294 goto reswitch; 295 case '0': 296 goto rflag; 297 case '1': case '2': case '3': case '4': 298 case '5': case '6': case '7': case '8': case '9': 299 n = 0; 300 do { 301 n = 10 * n + to_digit(ch); 302 /* Detect overflow */ 303 if (n > MAX_POSARG) { 304 error = -1; 305 goto error; 306 } 307 ch = *fmt++; 308 } while (is_digit(ch)); 309 if (ch == '$') { 310 types.nextarg = n; 311 goto rflag; 312 } 313 goto reswitch; 314 #ifndef NO_FLOATING_POINT 315 case 'L': 316 flags |= LONGDBL; 317 goto rflag; 318 #endif 319 case 'h': 320 if (flags & SHORTINT) { 321 flags &= ~SHORTINT; 322 flags |= CHARINT; 323 } else 324 flags |= SHORTINT; 325 goto rflag; 326 case 'j': 327 flags |= INTMAXT; 328 goto rflag; 329 case 'l': 330 if (flags & LONGINT) { 331 flags &= ~LONGINT; 332 flags |= LLONGINT; 333 } else 334 flags |= LONGINT; 335 goto rflag; 336 case 'q': 337 flags |= LLONGINT; /* not necessarily */ 338 goto rflag; 339 case 't': 340 flags |= PTRDIFFT; 341 goto rflag; 342 case 'z': 343 flags |= SIZET; 344 goto rflag; 345 case 'C': 346 flags |= LONGINT; 347 /*FALLTHROUGH*/ 348 case 'c': 349 error = addtype(&types, 350 (flags & LONGINT) ? T_WINT : T_INT); 351 if (error) 352 goto error; 353 break; 354 case 'D': 355 flags |= LONGINT; 356 /*FALLTHROUGH*/ 357 case 'd': 358 case 'i': 359 if ((error = addsarg(&types, flags))) 360 goto error; 361 break; 362 #ifndef NO_FLOATING_POINT 363 case 'a': 364 case 'A': 365 case 'e': 366 case 'E': 367 case 'f': 368 case 'g': 369 case 'G': 370 error = addtype(&types, 371 (flags & LONGDBL) ? T_LONG_DOUBLE : T_DOUBLE); 372 if (error) 373 goto error; 374 break; 375 #endif /* !NO_FLOATING_POINT */ 376 case 'n': 377 if (flags & INTMAXT) 378 error = addtype(&types, TP_INTMAXT); 379 else if (flags & PTRDIFFT) 380 error = addtype(&types, TP_PTRDIFFT); 381 else if (flags & SIZET) 382 error = addtype(&types, TP_SSIZET); 383 else if (flags & LLONGINT) 384 error = addtype(&types, TP_LLONG); 385 else if (flags & LONGINT) 386 error = addtype(&types, TP_LONG); 387 else if (flags & SHORTINT) 388 error = addtype(&types, TP_SHORT); 389 else if (flags & CHARINT) 390 error = addtype(&types, TP_SCHAR); 391 else 392 error = addtype(&types, TP_INT); 393 if (error) 394 goto error; 395 continue; /* no output */ 396 case 'O': 397 flags |= LONGINT; 398 /*FALLTHROUGH*/ 399 case 'o': 400 if ((error = adduarg(&types, flags))) 401 goto error; 402 break; 403 case 'p': 404 if ((error = addtype(&types, TP_VOID))) 405 goto error; 406 break; 407 case 'S': 408 flags |= LONGINT; 409 /*FALLTHROUGH*/ 410 case 's': 411 error = addtype(&types, 412 (flags & LONGINT) ? TP_WCHAR : TP_CHAR); 413 if (error) 414 goto error; 415 break; 416 case 'U': 417 flags |= LONGINT; 418 /*FALLTHROUGH*/ 419 case 'u': 420 case 'X': 421 case 'x': 422 if ((error = adduarg(&types, flags))) 423 goto error; 424 break; 425 default: /* "%?" prints ?, unless ? is NUL */ 426 if (ch == '\0') 427 goto done; 428 break; 429 } 430 } 431 done: 432 build_arg_table(&types, ap, argtable); 433 error: 434 freetypes(&types); 435 return (error || *argtable == NULL); 436 } 437 438 /* wchar version of __find_arguments. */ 439 int 440 __find_warguments (const wchar_t *fmt0, va_list ap, union arg **argtable) 441 { 442 wchar_t *fmt; /* format string */ 443 wchar_t ch; /* character from fmt */ 444 u_int n; /* handy integer (short term usage) */ 445 int error; 446 int flags; /* flags as above */ 447 struct typetable types; /* table of types */ 448 449 fmt = (wchar_t *)fmt0; 450 inittypes(&types); 451 error = 0; 452 453 /* 454 * Scan the format for conversions (`%' character). 455 */ 456 for (;;) { 457 while ((ch = *fmt) != '\0' && ch != '%') 458 fmt++; 459 if (ch == '\0') 460 goto done; 461 fmt++; /* skip over '%' */ 462 463 flags = 0; 464 465 rflag: ch = *fmt++; 466 reswitch: switch (ch) { 467 case ' ': 468 case '#': 469 goto rflag; 470 case '*': 471 if ((error = addwaster(&types, &fmt))) 472 goto error; 473 goto rflag; 474 case '-': 475 case '+': 476 case '\'': 477 goto rflag; 478 case '.': 479 if ((ch = *fmt++) == '*') { 480 if ((error = addwaster(&types, &fmt))) 481 goto error; 482 goto rflag; 483 } 484 while (is_digit(ch)) { 485 ch = *fmt++; 486 } 487 goto reswitch; 488 case '0': 489 goto rflag; 490 case '1': case '2': case '3': case '4': 491 case '5': case '6': case '7': case '8': case '9': 492 n = 0; 493 do { 494 n = 10 * n + to_digit(ch); 495 /* Detect overflow */ 496 if (n > MAX_POSARG) { 497 error = -1; 498 goto error; 499 } 500 ch = *fmt++; 501 } while (is_digit(ch)); 502 if (ch == '$') { 503 types.nextarg = n; 504 goto rflag; 505 } 506 goto reswitch; 507 #ifndef NO_FLOATING_POINT 508 case 'L': 509 flags |= LONGDBL; 510 goto rflag; 511 #endif 512 case 'h': 513 if (flags & SHORTINT) { 514 flags &= ~SHORTINT; 515 flags |= CHARINT; 516 } else 517 flags |= SHORTINT; 518 goto rflag; 519 case 'j': 520 flags |= INTMAXT; 521 goto rflag; 522 case 'l': 523 if (flags & LONGINT) { 524 flags &= ~LONGINT; 525 flags |= LLONGINT; 526 } else 527 flags |= LONGINT; 528 goto rflag; 529 case 'q': 530 flags |= LLONGINT; /* not necessarily */ 531 goto rflag; 532 case 't': 533 flags |= PTRDIFFT; 534 goto rflag; 535 case 'z': 536 flags |= SIZET; 537 goto rflag; 538 case 'C': 539 flags |= LONGINT; 540 /*FALLTHROUGH*/ 541 case 'c': 542 error = addtype(&types, 543 (flags & LONGINT) ? T_WINT : T_INT); 544 if (error) 545 goto error; 546 break; 547 case 'D': 548 flags |= LONGINT; 549 /*FALLTHROUGH*/ 550 case 'd': 551 case 'i': 552 if ((error = addsarg(&types, flags))) 553 goto error; 554 break; 555 #ifndef NO_FLOATING_POINT 556 case 'a': 557 case 'A': 558 case 'e': 559 case 'E': 560 case 'f': 561 case 'g': 562 case 'G': 563 error = addtype(&types, 564 (flags & LONGDBL) ? T_LONG_DOUBLE : T_DOUBLE); 565 if (error) 566 goto error; 567 break; 568 #endif /* !NO_FLOATING_POINT */ 569 case 'n': 570 if (flags & INTMAXT) 571 error = addtype(&types, TP_INTMAXT); 572 else if (flags & PTRDIFFT) 573 error = addtype(&types, TP_PTRDIFFT); 574 else if (flags & SIZET) 575 error = addtype(&types, TP_SSIZET); 576 else if (flags & LLONGINT) 577 error = addtype(&types, TP_LLONG); 578 else if (flags & LONGINT) 579 error = addtype(&types, TP_LONG); 580 else if (flags & SHORTINT) 581 error = addtype(&types, TP_SHORT); 582 else if (flags & CHARINT) 583 error = addtype(&types, TP_SCHAR); 584 else 585 error = addtype(&types, TP_INT); 586 if (error) 587 goto error; 588 continue; /* no output */ 589 case 'O': 590 flags |= LONGINT; 591 /*FALLTHROUGH*/ 592 case 'o': 593 if ((error = adduarg(&types, flags))) 594 goto error; 595 break; 596 case 'p': 597 if ((error = addtype(&types, TP_VOID))) 598 goto error; 599 break; 600 case 'S': 601 flags |= LONGINT; 602 /*FALLTHROUGH*/ 603 case 's': 604 error = addtype(&types, 605 (flags & LONGINT) ? TP_WCHAR : TP_CHAR); 606 if (error) 607 goto error; 608 break; 609 case 'U': 610 flags |= LONGINT; 611 /*FALLTHROUGH*/ 612 case 'u': 613 case 'X': 614 case 'x': 615 if ((error = adduarg(&types, flags))) 616 goto error; 617 break; 618 default: /* "%?" prints ?, unless ? is NUL */ 619 if (ch == '\0') 620 goto done; 621 break; 622 } 623 } 624 done: 625 build_arg_table(&types, ap, argtable); 626 error: 627 freetypes(&types); 628 return (error || *argtable == NULL); 629 } 630 631 /* 632 * Increase the size of the type table. Returns 0 on success. 633 */ 634 static int 635 __grow_type_table(struct typetable *types) 636 { 637 enum typeid *const oldtable = types->table; 638 const int oldsize = types->tablesize; 639 enum typeid *newtable; 640 u_int n, newsize; 641 642 /* Detect overflow */ 643 if (types->nextarg > NL_ARGMAX) 644 return (-1); 645 646 newsize = oldsize * 2; 647 if (newsize < types->nextarg + 1) 648 newsize = types->nextarg + 1; 649 if (oldsize == STATIC_ARG_TBL_SIZE) { 650 if ((newtable = malloc(newsize * sizeof(enum typeid))) == NULL) 651 return (-1); 652 bcopy(oldtable, newtable, oldsize * sizeof(enum typeid)); 653 } else { 654 newtable = reallocarray(oldtable, newsize, sizeof(enum typeid)); 655 if (newtable == NULL) 656 return (-1); 657 } 658 for (n = oldsize; n < newsize; n++) 659 newtable[n] = T_UNUSED; 660 661 types->table = newtable; 662 types->tablesize = newsize; 663 664 return (0); 665 } 666 667 /* 668 * Build the argument table from the completed type table. 669 * On malloc failure, *argtable is set to NULL. 670 */ 671 static void 672 build_arg_table(struct typetable *types, va_list ap, union arg **argtable) 673 { 674 u_int n; 675 676 if (types->tablemax >= STATIC_ARG_TBL_SIZE) { 677 *argtable = (union arg *) 678 malloc (sizeof (union arg) * (types->tablemax + 1)); 679 if (*argtable == NULL) 680 return; 681 } 682 683 (*argtable) [0].intarg = 0; 684 for (n = 1; n <= types->tablemax; n++) { 685 switch (types->table[n]) { 686 case T_UNUSED: /* whoops! */ 687 (*argtable) [n].intarg = va_arg (ap, int); 688 break; 689 case TP_SCHAR: 690 (*argtable) [n].pschararg = va_arg (ap, signed char *); 691 break; 692 case TP_SHORT: 693 (*argtable) [n].pshortarg = va_arg (ap, short *); 694 break; 695 case T_INT: 696 (*argtable) [n].intarg = va_arg (ap, int); 697 break; 698 case T_U_INT: 699 (*argtable) [n].uintarg = va_arg (ap, unsigned int); 700 break; 701 case TP_INT: 702 (*argtable) [n].pintarg = va_arg (ap, int *); 703 break; 704 case T_LONG: 705 (*argtable) [n].longarg = va_arg (ap, long); 706 break; 707 case T_U_LONG: 708 (*argtable) [n].ulongarg = va_arg (ap, unsigned long); 709 break; 710 case TP_LONG: 711 (*argtable) [n].plongarg = va_arg (ap, long *); 712 break; 713 case T_LLONG: 714 (*argtable) [n].longlongarg = va_arg (ap, long long); 715 break; 716 case T_U_LLONG: 717 (*argtable) [n].ulonglongarg = va_arg (ap, unsigned long long); 718 break; 719 case TP_LLONG: 720 (*argtable) [n].plonglongarg = va_arg (ap, long long *); 721 break; 722 case T_PTRDIFFT: 723 (*argtable) [n].ptrdiffarg = va_arg (ap, ptrdiff_t); 724 break; 725 case TP_PTRDIFFT: 726 (*argtable) [n].pptrdiffarg = va_arg (ap, ptrdiff_t *); 727 break; 728 case T_SIZET: 729 (*argtable) [n].sizearg = va_arg (ap, size_t); 730 break; 731 case T_SSIZET: 732 (*argtable) [n].sizearg = va_arg (ap, ssize_t); 733 break; 734 case TP_SSIZET: 735 (*argtable) [n].pssizearg = va_arg (ap, ssize_t *); 736 break; 737 case T_INTMAXT: 738 (*argtable) [n].intmaxarg = va_arg (ap, intmax_t); 739 break; 740 case T_UINTMAXT: 741 (*argtable) [n].uintmaxarg = va_arg (ap, uintmax_t); 742 break; 743 case TP_INTMAXT: 744 (*argtable) [n].pintmaxarg = va_arg (ap, intmax_t *); 745 break; 746 case T_DOUBLE: 747 #ifndef NO_FLOATING_POINT 748 (*argtable) [n].doublearg = va_arg (ap, double); 749 #endif 750 break; 751 case T_LONG_DOUBLE: 752 #ifndef NO_FLOATING_POINT 753 (*argtable) [n].longdoublearg = va_arg (ap, long double); 754 #endif 755 break; 756 case TP_CHAR: 757 (*argtable) [n].pchararg = va_arg (ap, char *); 758 break; 759 case TP_VOID: 760 (*argtable) [n].pvoidarg = va_arg (ap, void *); 761 break; 762 case T_WINT: 763 (*argtable) [n].wintarg = va_arg (ap, wint_t); 764 break; 765 case TP_WCHAR: 766 (*argtable) [n].pwchararg = va_arg (ap, wchar_t *); 767 break; 768 } 769 } 770 } 771