xref: /freebsd/share/man/man9/sbuf.9 (revision 2e3f49888ec8851bafb22011533217487764fdb0)
1.\"-
2.\" Copyright (c) 2000 Poul-Henning Kamp and Dag-Erling Smørgrav
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\"    notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\"    notice, this list of conditions and the following disclaimer in the
12.\"    documentation and/or other materials provided with the distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24.\" SUCH DAMAGE.
25.\"
26.Dd October 3, 2023
27.Dt SBUF 9
28.Os
29.Sh NAME
30.Nm sbuf ,
31.Nm sbuf_new ,
32.Nm sbuf_new_auto ,
33.Nm sbuf_new_for_sysctl ,
34.Nm sbuf_clear ,
35.Nm sbuf_get_flags ,
36.Nm sbuf_set_flags ,
37.Nm sbuf_clear_flags ,
38.Nm sbuf_setpos ,
39.Nm sbuf_bcat ,
40.Nm sbuf_bcopyin ,
41.Nm sbuf_bcpy ,
42.Nm sbuf_cat ,
43.Nm sbuf_copyin ,
44.Nm sbuf_cpy ,
45.Nm sbuf_nl_terminate ,
46.Nm sbuf_printf ,
47.Nm sbuf_vprintf ,
48.Nm sbuf_putc ,
49.Nm sbuf_set_drain ,
50.Nm sbuf_trim ,
51.Nm sbuf_error ,
52.Nm sbuf_finish ,
53.Nm sbuf_data ,
54.Nm sbuf_len ,
55.Nm sbuf_done ,
56.Nm sbuf_delete ,
57.Nm sbuf_start_section ,
58.Nm sbuf_end_section ,
59.Nm sbuf_hexdump ,
60.Nm sbuf_printf_drain ,
61.Nm sbuf_putbuf
62.Nd safe string composition
63.Sh LIBRARY
64.Lb libsbuf
65.Sh SYNOPSIS
66.In sys/types.h
67.In sys/sbuf.h
68.Ft typedef int
69.Fo (sbuf_drain_func)
70.Fa "void *arg"
71.Fa "const char *data"
72.Fa "int len"
73.Fc
74.Pp
75.Ft struct sbuf *
76.Fo sbuf_new
77.Fa "struct sbuf *s"
78.Fa "char *buf"
79.Fa "int length"
80.Fa "int flags"
81.Fc
82.Ft struct sbuf *
83.Fo sbuf_new_auto
84.Fa "void"
85.Fc
86.Ft void
87.Fo sbuf_clear
88.Fa "struct sbuf *s"
89.Fc
90.Ft int
91.Fo sbuf_get_flags
92.Fa "struct sbuf *s"
93.Fc
94.Ft void
95.Fo sbuf_set_flags
96.Fa "struct sbuf *s"
97.Fa "int flags"
98.Fc
99.Ft void
100.Fo sbuf_clear_flags
101.Fa "struct sbuf *s"
102.Fa "int flags"
103.Fc
104.Ft int
105.Fo sbuf_setpos
106.Fa "struct sbuf *s"
107.Fa "int pos"
108.Fc
109.Ft int
110.Fo sbuf_bcat
111.Fa "struct sbuf *s"
112.Fa "const void *buf"
113.Fa "size_t len"
114.Fc
115.Ft int
116.Fo sbuf_bcpy
117.Fa "struct sbuf *s"
118.Fa "const void *buf"
119.Fa "size_t len"
120.Fc
121.Ft int
122.Fo sbuf_cat
123.Fa "struct sbuf *s"
124.Fa "const char *str"
125.Fc
126.Ft int
127.Fo sbuf_cpy
128.Fa "struct sbuf *s"
129.Fa "const char *str"
130.Fc
131.Ft int
132.Fn sbuf_nl_terminate "struct sbuf *"
133.Ft int
134.Fo sbuf_printf
135.Fa "struct sbuf *s"
136.Fa "const char *fmt" "..."
137.Fc
138.Ft int
139.Fo sbuf_vprintf
140.Fa "struct sbuf *s"
141.Fa "const char *fmt"
142.Fa "va_list ap"
143.Fc
144.Ft int
145.Fo sbuf_putc
146.Fa "struct sbuf *s"
147.Fa "int c"
148.Fc
149.Ft void
150.Fo sbuf_set_drain
151.Fa "struct sbuf *s"
152.Fa "sbuf_drain_func *func"
153.Fa "void *arg"
154.Fc
155.Ft int
156.Fo sbuf_trim
157.Fa "struct sbuf *s"
158.Fc
159.Ft int
160.Fo sbuf_error
161.Fa "struct sbuf *s"
162.Fc
163.Ft int
164.Fo sbuf_finish
165.Fa "struct sbuf *s"
166.Fc
167.Ft char *
168.Fo sbuf_data
169.Fa "struct sbuf *s"
170.Fc
171.Ft ssize_t
172.Fo sbuf_len
173.Fa "struct sbuf *s"
174.Fc
175.Ft int
176.Fo sbuf_done
177.Fa "struct sbuf *s"
178.Fc
179.Ft void
180.Fo sbuf_delete
181.Fa "struct sbuf *s"
182.Fc
183.Ft void
184.Fo sbuf_start_section
185.Fa "struct sbuf *s"
186.Fa "ssize_t *old_lenp"
187.Fc
188.Ft ssize_t
189.Fo sbuf_end_section
190.Fa "struct sbuf *s"
191.Fa "ssize_t old_len"
192.Fa "size_t pad"
193.Fa "int c"
194.Fc
195.Ft void
196.Fo sbuf_hexdump
197.Fa "struct sbuf *sb"
198.Fa "void *ptr"
199.Fa "int length"
200.Fa "const char *hdr"
201.Fa "int flags"
202.Fc
203.Ft int
204.Fo sbuf_printf_drain
205.Fa "void *arg"
206.Fa "const char *data"
207.Fa "int len"
208.Fc
209.Ft void
210.Fo sbuf_putbuf
211.Fa "struct sbuf *s"
212.Fc
213.Fd #ifdef _KERNEL
214.In sys/types.h
215.In sys/sbuf.h
216.Ft int
217.Fo sbuf_bcopyin
218.Fa "struct sbuf *s"
219.Fa "const void *uaddr"
220.Fa "size_t len"
221.Fc
222.Ft int
223.Fo sbuf_copyin
224.Fa "struct sbuf *s"
225.Fa "const void *uaddr"
226.Fa "size_t len"
227.Fc
228.In sys/sysctl.h
229.Ft struct sbuf *
230.Fo sbuf_new_for_sysctl
231.Fa "struct sbuf *s"
232.Fa "char *buf"
233.Fa "int length"
234.Fa "struct sysctl_req *req"
235.Fc
236.Fd #endif	/* _KERNEL */
237.Sh DESCRIPTION
238The
239.Nm
240family of functions allows one to safely allocate, compose and
241release strings in kernel or user space.
242.Pp
243Instead of arrays of characters, these functions operate on structures
244called
245.Fa sbufs ,
246defined in
247.In sys/sbuf.h .
248.Pp
249Any errors encountered during the allocation or composition of the
250string will be latched in the data structure,
251making a single error test at the end of the composition
252sufficient to determine success or failure of the entire process.
253.Pp
254The
255.Fn sbuf_new
256function initializes the
257.Fa sbuf
258pointed to by its first argument.
259If that pointer is
260.Dv NULL ,
261.Fn sbuf_new
262allocates a
263.Vt struct sbuf
264using
265.Xr malloc 9 .
266The
267.Fa buf
268argument is a pointer to a buffer in which to store the actual string;
269if it is
270.Dv NULL ,
271.Fn sbuf_new
272will allocate one using
273.Xr malloc 9 .
274The
275.Fa length
276is the initial size of the storage buffer.
277The fourth argument,
278.Fa flags ,
279may be comprised of the following flags:
280.Bl -tag -width ".Dv SBUF_AUTOEXTEND"
281.It Dv SBUF_FIXEDLEN
282The storage buffer is fixed at its initial size.
283Attempting to extend the sbuf beyond this size results in an overflow condition.
284.It Dv SBUF_AUTOEXTEND
285This indicates that the storage buffer may be extended as necessary, so long
286as resources allow, to hold additional data.
287.It Dv SBUF_INCLUDENUL
288This causes the final nulterm byte to be counted in the length of the data.
289.It Dv SBUF_DRAINTOEOR
290Treat top-level sections started with
291.Fn sbuf_start_section
292as a record boundary marker that will be used during drain operations to avoid
293records being split.
294If a record grows sufficiently large such that it fills the
295.Fa sbuf
296and therefore cannot be drained without being split, an error of
297.Er EDEADLK
298is set.
299.It Dv SBUF_NOWAIT
300Indicates that attempts to extend the storage buffer should fail in low memory
301conditions, like
302.Xr malloc 9
303.Dv M_NOWAIT .
304.El
305.Pp
306Note that if
307.Fa buf
308is not
309.Dv NULL ,
310it must point to an array of at least
311.Fa length
312characters.
313The result of accessing that array directly while it is in use by the
314sbuf is undefined.
315.Pp
316The
317.Fn sbuf_new_auto
318function is a shortcut for creating a completely dynamic
319.Nm .
320It is the equivalent of calling
321.Fn sbuf_new
322with values
323.Dv NULL ,
324.Dv NULL ,
325.Dv 0 ,
326and
327.Dv SBUF_AUTOEXTEND .
328.Pp
329The
330.Fn sbuf_new_for_sysctl
331function will set up an sbuf with a drain function to use
332.Fn SYSCTL_OUT
333when the internal buffer fills.
334Note that if the various functions which append to an sbuf are used while
335a non-sleepable lock is held, the user buffer should be wired using
336.Fn sysctl_wire_old_buffer .
337.Pp
338The
339.Fn sbuf_delete
340function clears the
341.Fa sbuf
342and frees any memory allocated for it.
343There must be a call to
344.Fn sbuf_delete
345for every call to
346.Fn sbuf_new .
347Any attempt to access the sbuf after it has been deleted will fail.
348.Pp
349The
350.Fn sbuf_clear
351function invalidates the contents of the
352.Fa sbuf
353and resets its position to zero.
354.Pp
355The
356.Fn sbuf_get_flags
357function returns the current user flags.
358The
359.Fn sbuf_set_flags
360and
361.Fn sbuf_clear_flags
362functions set or clear one or more user flags, respectively.
363The user flags are described under the
364.Fn sbuf_new
365function.
366.Pp
367The
368.Fn sbuf_setpos
369function sets the
370.Fa sbuf Ns 's
371end position to
372.Fa pos ,
373which is a value between zero and the current position in the buffer.
374It can only truncate the sbuf to the new position.
375.Pp
376The
377.Fn sbuf_bcat
378function appends the first
379.Fa len
380bytes from the buffer
381.Fa buf
382to the
383.Fa sbuf .
384.Pp
385The
386.Fn sbuf_bcopyin
387function copies
388.Fa len
389bytes from the specified userland address into the
390.Fa sbuf .
391.Pp
392The
393.Fn sbuf_bcpy
394function replaces the contents of the
395.Fa sbuf
396with the first
397.Fa len
398bytes from the buffer
399.Fa buf .
400.Pp
401The
402.Fn sbuf_cat
403function appends the NUL-terminated string
404.Fa str
405to the
406.Fa sbuf
407at the current position.
408.Pp
409The
410.Fn sbuf_set_drain
411function sets a drain function
412.Fa func
413for the
414.Fa sbuf ,
415and records a pointer
416.Fa arg
417to be passed to the drain on callback.
418The drain function cannot be changed while
419.Fa sbuf_len
420is non-zero.
421.Pp
422The registered drain function
423.Vt sbuf_drain_func
424will be called with the argument
425.Fa arg
426provided to
427.Fn sbuf_set_drain ,
428a pointer
429.Fa data
430to a byte string that is the contents of the sbuf, and the length
431.Fa len
432of the data.
433If the drain function exists, it will be called when the sbuf internal
434buffer is full, or on behalf of
435.Fn sbuf_finish .
436The drain function may drain some or all of the data, but must drain
437at least 1 byte.
438The return value from the drain function, if positive, indicates how
439many bytes were drained.
440If negative, the return value indicates the negative error code which
441will be returned from this or a later call to
442.Fn sbuf_finish .
443If the returned drained length is 0, an error of
444.Er EDEADLK
445is set.
446To do unbuffered draining, initialize the sbuf with a two-byte buffer.
447The drain will be called for every byte added to the sbuf.
448The
449.Fn sbuf_bcopyin ,
450.Fn sbuf_bcpy ,
451.Fn sbuf_clear ,
452.Fn sbuf_copyin ,
453.Fn sbuf_cpy ,
454.Fn sbuf_trim ,
455.Fn sbuf_data ,
456and
457.Fn sbuf_len
458functions cannot be used on an sbuf with a drain.
459.Pp
460The
461.Fn sbuf_copyin
462function copies a NUL-terminated string from the specified userland
463address into the
464.Fa sbuf .
465If the
466.Fa len
467argument is non-zero, no more than
468.Fa len
469characters (not counting the terminating NUL) are copied; otherwise
470the entire string, or as much of it as can fit in the
471.Fa sbuf ,
472is copied.
473.Pp
474The
475.Fn sbuf_cpy
476function replaces the contents of the
477.Fa sbuf
478with those of the NUL-terminated string
479.Fa str .
480This is equivalent to calling
481.Fn sbuf_cat
482with a fresh
483.Fa sbuf
484or one which position has been reset to zero with
485.Fn sbuf_clear
486or
487.Fn sbuf_setpos .
488.Pp
489The
490.Fn sbuf_nl_terminate
491function appends a trailing newline character, if the current line is non-empty
492and not already terminated by a newline character.
493.Pp
494The
495.Fn sbuf_printf
496function formats its arguments according to the format string pointed
497to by
498.Fa fmt
499and appends the resulting string to the
500.Fa sbuf
501at the current position.
502.Pp
503The
504.Fn sbuf_vprintf
505function behaves the same as
506.Fn sbuf_printf
507except that the arguments are obtained from the variable-length argument list
508.Fa ap .
509.Pp
510The
511.Fn sbuf_putc
512function appends the character
513.Fa c
514to the
515.Fa sbuf
516at the current position.
517.Pp
518The
519.Fn sbuf_trim
520function removes trailing whitespace from the
521.Fa sbuf .
522.Pp
523The
524.Fn sbuf_error
525function returns any error value that the
526.Fa sbuf
527may have accumulated, either from the drain function, or
528.Er ENOMEM
529if the
530.Fa sbuf
531overflowed.
532This function is generally not needed and instead the error code from
533.Fn sbuf_finish
534is the preferred way to discover whether an sbuf had an error.
535.Pp
536The
537.Fn sbuf_finish
538function will call the attached drain function if one exists until all
539the data in the
540.Fa sbuf
541is flushed.
542If there is no attached drain,
543.Fn sbuf_finish
544NUL-terminates the
545.Fa sbuf .
546In either case it marks the
547.Fa sbuf
548as finished, which means that it may no longer be modified using
549.Fn sbuf_setpos ,
550.Fn sbuf_cat ,
551.Fn sbuf_cpy ,
552.Fn sbuf_printf
553or
554.Fn sbuf_putc ,
555until
556.Fn sbuf_clear
557is used to reset the sbuf.
558.Pp
559The
560.Fn sbuf_data
561function returns the actual string;
562.Fn sbuf_data
563only works on a finished
564.Fa sbuf .
565The
566.Fn sbuf_len
567function returns the length of the string.
568For an
569.Fa sbuf
570with an attached drain,
571.Fn sbuf_len
572returns the length of the un-drained data.
573.Fn sbuf_done
574returns non-zero if the
575.Fa sbuf
576is finished.
577.Pp
578The
579.Fn sbuf_start_section
580and
581.Fn sbuf_end_section
582functions may be used for automatic section alignment.
583The arguments
584.Fa pad
585and
586.Fa c
587specify the padding size and a character used for padding.
588The arguments
589.Fa old_lenp
590and
591.Fa old_len
592are to save and restore the current section length when nested sections
593are used.
594For the top level section
595.Dv NULL
596and \-1 can be specified for
597.Fa old_lenp
598and
599.Fa old_len
600respectively.
601.Pp
602The
603.Fn sbuf_hexdump
604function prints an array of bytes to the supplied sbuf, along with an ASCII
605representation of the bytes if possible.
606See the
607.Xr hexdump 3
608man page for more details on the interface.
609.Pp
610The
611.Fn sbuf_printf_drain
612function is a drain function that will call printf, or log to the console.
613The argument
614.Fa arg
615must be either
616.Dv NULL ,
617or a valid pointer to a
618.Vt size_t .
619If
620.Fa arg
621is not
622.Dv NULL ,
623the total bytes drained will be added to the value pointed to by
624.Fa arg .
625.Pp
626The
627.Fn sbuf_putbuf
628function printfs the sbuf to stdout if in userland, and to the console
629and log if in the kernel.
630The
631.Fa sbuf
632must be finished before calling
633.Fn sbuf_putbuf .
634It does not drain the buffer or update any pointers.
635.Sh NOTES
636If an operation caused an
637.Fa sbuf
638to overflow, most subsequent operations on it will fail until the
639.Fa sbuf
640is finished using
641.Fn sbuf_finish
642or reset using
643.Fn sbuf_clear ,
644or its position is reset to a value between 0 and one less than the
645size of its storage buffer using
646.Fn sbuf_setpos ,
647or it is reinitialized to a sufficiently short string using
648.Fn sbuf_cpy .
649.Pp
650Drains in user-space will not always function as indicated.
651While the drain function will be called immediately on overflow from
652the
653.Fa sbuf_putc ,
654.Fa sbuf_bcat ,
655.Fa sbuf_cat
656functions,
657.Fa sbuf_printf
658and
659.Fa sbuf_vprintf
660currently have no way to determine whether there will be an overflow
661until after it occurs, and cannot do a partial expansion of the format
662string.
663Thus when using libsbuf the buffer may be extended to allow completion
664of a single printf call, even though a drain is attached.
665.Sh RETURN VALUES
666The
667.Fn sbuf_new
668function returns
669.Dv NULL
670if it failed to allocate a storage buffer, and a pointer to the new
671.Fa sbuf
672otherwise.
673.Pp
674The
675.Fn sbuf_setpos
676function returns \-1 if
677.Fa pos
678was invalid, and zero otherwise.
679.Pp
680The
681.Fn sbuf_bcat ,
682.Fn sbuf_cat ,
683.Fn sbuf_cpy ,
684.Fn sbuf_printf ,
685.Fn sbuf_putc ,
686and
687.Fn sbuf_trim
688functions
689all return \-1 if the buffer overflowed, and zero otherwise.
690.Pp
691The
692.Fn sbuf_error
693function returns a non-zero value if the buffer has an overflow or
694drain error, and zero otherwise.
695.Pp
696The
697.Fn sbuf_len
698function returns \-1 if the buffer overflowed.
699.Pp
700The
701.Fn sbuf_copyin
702function
703returns \-1 if copying string from userland failed, and number of bytes
704copied otherwise.
705.Pp
706The
707.Fn sbuf_end_section
708function returns the section length or \-1 if the buffer has an error.
709.Pp
710The
711.Fn sbuf_finish 9
712function (the kernel version) returns
713.Er ENOMEM
714if the sbuf overflowed before being finished,
715or returns the error code from the drain if one is attached.
716.Pp
717The
718.Fn sbuf_finish 3
719function (the userland version)
720will return zero for success and \-1 and set errno on error.
721.Sh EXAMPLES
722.Bd -literal -compact
723#include <sys/types.h>
724#include <sys/sbuf.h>
725
726struct sbuf *sb;
727
728sb = sbuf_new_auto();
729sbuf_cat(sb, "Customers found:\en");
730TAILQ_FOREACH(foo, &foolist, list) {
731	sbuf_printf(sb, "   %4d %s\en", foo->index, foo->name);
732	sbuf_printf(sb, "      Address: %s\en", foo->address);
733	sbuf_printf(sb, "      Zip: %s\en", foo->zipcode);
734}
735if (sbuf_finish(sb) != 0) /* Check for any and all errors */
736	err(1, "Could not generate message");
737transmit_msg(sbuf_data(sb), sbuf_len(sb));
738sbuf_delete(sb);
739.Ed
740.Sh SEE ALSO
741.Xr hexdump 3 ,
742.Xr printf 3 ,
743.Xr strcat 3 ,
744.Xr strcpy 3 ,
745.Xr copyin 9 ,
746.Xr copyinstr 9 ,
747.Xr printf 9
748.Sh HISTORY
749The
750.Nm
751family of functions first appeared in
752.Fx 4.4 .
753.Sh AUTHORS
754.An -nosplit
755The
756.Nm
757family of functions was designed by
758.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org
759and implemented by
760.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org .
761Additional improvements were suggested by
762.An Justin T. Gibbs Aq Mt gibbs@FreeBSD.org .
763Auto-extend support added by
764.An Kelly Yancey Aq Mt kbyanc@FreeBSD.org .
765Drain functionality added by
766.An Matthew Fleming Aq Mt mdf@FreeBSD.org .
767.Pp
768This manual page was written by
769.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org .
770