1.\"- 2.\" Copyright (c) 2000 Poul-Henning Kamp and Dag-Erling Coïdan Smørgrav 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd March 14, 2015 29.Dt SBUF 9 30.Os 31.Sh NAME 32.Nm sbuf , 33.Nm sbuf_new , 34.Nm sbuf_new_auto , 35.Nm sbuf_new_for_sysctl , 36.Nm sbuf_clear , 37.Nm sbuf_get_flags , 38.Nm sbuf_set_flags , 39.Nm sbuf_clear_flags , 40.Nm sbuf_setpos , 41.Nm sbuf_bcat , 42.Nm sbuf_bcopyin , 43.Nm sbuf_bcpy , 44.Nm sbuf_cat , 45.Nm sbuf_copyin , 46.Nm sbuf_cpy , 47.Nm sbuf_printf , 48.Nm sbuf_vprintf , 49.Nm sbuf_putc , 50.Nm sbuf_set_drain , 51.Nm sbuf_trim , 52.Nm sbuf_error , 53.Nm sbuf_finish , 54.Nm sbuf_data , 55.Nm sbuf_len , 56.Nm sbuf_done , 57.Nm sbuf_delete , 58.Nm sbuf_start_section , 59.Nm sbuf_end_section , 60.Nm sbuf_hexdump 61.Nd safe string composition 62.Sh SYNOPSIS 63.In sys/types.h 64.In sys/sbuf.h 65.Ft typedef\ int ( sbuf_drain_func ) ( void\ *arg, const\ char\ *data, int\ len ) ; 66.Pp 67.Ft struct sbuf * 68.Fn sbuf_new "struct sbuf *s" "char *buf" "int length" "int flags" 69.Ft struct sbuf * 70.Fn sbuf_new_auto 71.Ft void 72.Fn sbuf_clear "struct sbuf *s" 73.Ft int 74.Fn sbuf_get_flags "struct sbuf *s" 75.Ft void 76.Fn sbuf_set_flags "struct sbuf *s" "int flags" 77.Ft void 78.Fn sbuf_clear_flags "struct sbuf *s" "int flags" 79.Ft int 80.Fn sbuf_setpos "struct sbuf *s" "int pos" 81.Ft int 82.Fn sbuf_bcat "struct sbuf *s" "const void *buf" "size_t len" 83.Ft int 84.Fn sbuf_bcopyin "struct sbuf *s" "const void *uaddr" "size_t len" 85.Ft int 86.Fn sbuf_bcpy "struct sbuf *s" "const void *buf" "size_t len" 87.Ft int 88.Fn sbuf_cat "struct sbuf *s" "const char *str" 89.Ft int 90.Fn sbuf_copyin "struct sbuf *s" "const void *uaddr" "size_t len" 91.Ft int 92.Fn sbuf_cpy "struct sbuf *s" "const char *str" 93.Ft int 94.Fn sbuf_printf "struct sbuf *s" "const char *fmt" "..." 95.Ft int 96.Fn sbuf_vprintf "struct sbuf *s" "const char *fmt" "va_list ap" 97.Ft int 98.Fn sbuf_putc "struct sbuf *s" "int c" 99.Ft void 100.Fn sbuf_set_drain "struct sbuf *s" "sbuf_drain_func *func" "void *arg" 101.Ft int 102.Fn sbuf_trim "struct sbuf *s" 103.Ft int 104.Fn sbuf_error "struct sbuf *s" 105.Ft int 106.Fn sbuf_finish "struct sbuf *s" 107.Ft char * 108.Fn sbuf_data "struct sbuf *s" 109.Ft ssize_t 110.Fn sbuf_len "struct sbuf *s" 111.Ft int 112.Fn sbuf_done "struct sbuf *s" 113.Ft void 114.Fn sbuf_delete "struct sbuf *s" 115.Ft void 116.Fn sbuf_start_section "struct sbuf *s" "ssize_t *old_lenp" 117.Ft ssize_t 118.Fn sbuf_end_section "struct sbuf *s" "ssize_t old_len" "size_t pad" "int c" 119.Ft void 120.Fo sbuf_hexdump 121.Fa "struct sbuf *sb" 122.Fa "void *ptr" 123.Fa "int length" 124.Fa "const char *hdr" 125.Fa "int flags" 126.Fc 127.In sys/sysctl.h 128.Ft struct sbuf * 129.Fn sbuf_new_for_sysctl "struct sbuf *s" "char *buf" "int length" "struct sysctl_req *req" 130.Sh DESCRIPTION 131The 132.Nm 133family of functions allows one to safely allocate, compose and 134release strings in kernel or user space. 135.Pp 136Instead of arrays of characters, these functions operate on structures 137called 138.Fa sbufs , 139defined in 140.In sys/sbuf.h . 141.Pp 142Any errors encountered during the allocation or composition of the 143string will be latched in the data structure, 144making a single error test at the end of the composition 145sufficient to determine success or failure of the entire process. 146.Pp 147The 148.Fn sbuf_new 149function initializes the 150.Fa sbuf 151pointed to by its first argument. 152If that pointer is 153.Dv NULL , 154.Fn sbuf_new 155allocates a 156.Vt struct sbuf 157using 158.Xr malloc 9 . 159The 160.Fa buf 161argument is a pointer to a buffer in which to store the actual string; 162if it is 163.Dv NULL , 164.Fn sbuf_new 165will allocate one using 166.Xr malloc 9 . 167The 168.Fa length 169is the initial size of the storage buffer. 170The fourth argument, 171.Fa flags , 172may be comprised of the following flags: 173.Bl -tag -width ".Dv SBUF_AUTOEXTEND" 174.It Dv SBUF_FIXEDLEN 175The storage buffer is fixed at its initial size. 176Attempting to extend the sbuf beyond this size results in an overflow condition. 177.It Dv SBUF_AUTOEXTEND 178This indicates that the storage buffer may be extended as necessary, so long 179as resources allow, to hold additional data. 180.It Dv SBUF_INCLUDENUL 181This causes the final nulterm byte to be counted in the length of the data. 182.El 183.Pp 184Note that if 185.Fa buf 186is not 187.Dv NULL , 188it must point to an array of at least 189.Fa length 190characters. 191The result of accessing that array directly while it is in use by the 192sbuf is undefined. 193.Pp 194The 195.Fn sbuf_new_auto 196function is a shortcut for creating a completely dynamic 197.Nm . 198It is the equivalent of calling 199.Fn sbuf_new 200with values 201.Dv NULL , 202.Dv NULL , 203.Dv 0 , 204and 205.Dv SBUF_AUTOEXTEND . 206.Pp 207The 208.Fn sbuf_new_for_sysctl 209function will set up an sbuf with a drain function to use 210.Fn SYSCTL_OUT 211when the internal buffer fills. 212Note that if the various functions which append to an sbuf are used while 213a non-sleepable lock is held, the user buffer should be wired using 214.Fn sysctl_wire_old_buffer . 215.Pp 216The 217.Fn sbuf_delete 218function clears the 219.Fa sbuf 220and frees any memory allocated for it. 221There must be a call to 222.Fn sbuf_delete 223for every call to 224.Fn sbuf_new . 225Any attempt to access the sbuf after it has been deleted will fail. 226.Pp 227The 228.Fn sbuf_clear 229function invalidates the contents of the 230.Fa sbuf 231and resets its position to zero. 232.Pp 233The 234.Fn sbuf_get_flags 235function returns the current user flags. 236The 237.Fn sbuf_set_flags 238and 239.Fn sbuf_get_flags 240functions set or clear one or more user flags, respectively. 241The user flags are described under the 242.Fn sbuf_new 243function. 244.Pp 245The 246.Fn sbuf_setpos 247function sets the 248.Fa sbuf Ns 's 249end position to 250.Fa pos , 251which is a value between zero and one less than the size of the 252storage buffer. 253This effectively truncates the sbuf at the new position. 254.Pp 255The 256.Fn sbuf_bcat 257function appends the first 258.Fa len 259bytes from the buffer 260.Fa buf 261to the 262.Fa sbuf . 263.Pp 264The 265.Fn sbuf_bcopyin 266function copies 267.Fa len 268bytes from the specified userland address into the 269.Fa sbuf . 270.Pp 271The 272.Fn sbuf_bcpy 273function replaces the contents of the 274.Fa sbuf 275with the first 276.Fa len 277bytes from the buffer 278.Fa buf . 279.Pp 280The 281.Fn sbuf_cat 282function appends the NUL-terminated string 283.Fa str 284to the 285.Fa sbuf 286at the current position. 287.Pp 288The 289.Fn sbuf_set_drain 290function sets a drain function 291.Fa func 292for the 293.Fa sbuf , 294and records a pointer 295.Fa arg 296to be passed to the drain on callback. 297The drain function cannot be changed while 298.Fa sbuf_len 299is non-zero. 300.Pp 301The registered drain function 302.Vt sbuf_drain_func 303will be called with the argument 304.Fa arg 305provided to 306.Fn sbuf_set_drain , 307a pointer 308.Fa data 309to a byte string that is the contents of the sbuf, and the length 310.Fa len 311of the data. 312If the drain function exists, it will be called when the sbuf internal 313buffer is full, or on behalf of 314.Fn sbuf_finish . 315The drain function may drain some or all of the data, but must drain 316at least 1 byte. 317The return value from the drain function, if positive, indicates how 318many bytes were drained. 319If negative, the return value indicates the negative error code which 320will be returned from this or a later call to 321.Fn sbuf_finish . 322The returned drained length cannot be zero. 323To do unbuffered draining, initialize the sbuf with a two-byte buffer. 324The drain will be called for every byte added to the sbuf. 325The 326.Fn sbuf_bcopyin , 327.Fn sbuf_copyin , 328.Fn sbuf_trim , 329and 330.Fn sbuf_data 331functions cannot be used on an sbuf with a drain. 332.Pp 333The 334.Fn sbuf_copyin 335function copies a NUL-terminated string from the specified userland 336address into the 337.Fa sbuf . 338If the 339.Fa len 340argument is non-zero, no more than 341.Fa len 342characters (not counting the terminating NUL) are copied; otherwise 343the entire string, or as much of it as can fit in the 344.Fa sbuf , 345is copied. 346.Pp 347The 348.Fn sbuf_cpy 349function replaces the contents of the 350.Fa sbuf 351with those of the NUL-terminated string 352.Fa str . 353This is equivalent to calling 354.Fn sbuf_cat 355with a fresh 356.Fa sbuf 357or one which position has been reset to zero with 358.Fn sbuf_clear 359or 360.Fn sbuf_setpos . 361.Pp 362The 363.Fn sbuf_printf 364function formats its arguments according to the format string pointed 365to by 366.Fa fmt 367and appends the resulting string to the 368.Fa sbuf 369at the current position. 370.Pp 371The 372.Fn sbuf_vprintf 373function behaves the same as 374.Fn sbuf_printf 375except that the arguments are obtained from the variable-length argument list 376.Fa ap . 377.Pp 378The 379.Fn sbuf_putc 380function appends the character 381.Fa c 382to the 383.Fa sbuf 384at the current position. 385.Pp 386The 387.Fn sbuf_trim 388function removes trailing whitespace from the 389.Fa sbuf . 390.Pp 391The 392.Fn sbuf_error 393function returns any error value that the 394.Fa sbuf 395may have accumulated, either from the drain function, or ENOMEM if the 396.Fa sbuf 397overflowed. 398This function is generally not needed and instead the error code from 399.Fn sbuf_finish 400is the preferred way to discover whether an sbuf had an error. 401.Pp 402The 403.Fn sbuf_finish 404function will call the attached drain function if one exists until all 405the data in the 406.Fa sbuf 407is flushed. 408If there is no attached drain, 409.Fn sbuf_finish 410NUL-terminates the 411.Fa sbuf . 412In either case it marks the 413.Fa sbuf 414as finished, which means that it may no longer be modified using 415.Fn sbuf_setpos , 416.Fn sbuf_cat , 417.Fn sbuf_cpy , 418.Fn sbuf_printf 419or 420.Fn sbuf_putc , 421until 422.Fn sbuf_clear 423is used to reset the sbuf. 424.Pp 425The 426.Fn sbuf_data 427function returns the actual string; 428.Fn sbuf_data 429only works on a finished 430.Fa sbuf . 431The 432.Fn sbuf_len 433function returns the length of the string. 434For an 435.Fa sbuf 436with an attached drain, 437.Fn sbuf_len 438returns the length of the un-drained data. 439.Fn sbuf_done 440returns non-zero if the 441.Fa sbuf 442is finished. 443.Pp 444The 445.Fn sbuf_start_section 446and 447.Fn sbuf_end_section 448functions may be used for automatic section alignment. 449The arguments 450.Fa pad 451and 452.Fa c 453specify the padding size and a character used for padding. 454The arguments 455.Fa old_lenp 456and 457.Fa old_len 458are to save and restore the current section length when nested sections 459are used. 460For the top level section 461.Dv NULL 462and \-1 can be specified for 463.Fa old_lenp 464and 465.Fa old_len 466respectively. 467.Pp 468The 469.Fn sbuf_hexdump 470function prints an array of bytes to the supplied sbuf, along with an ASCII 471representation of the bytes if possible. 472See the 473.Xr hexdump 3 474man page for more details on the interface. 475.Sh NOTES 476If an operation caused an 477.Fa sbuf 478to overflow, most subsequent operations on it will fail until the 479.Fa sbuf 480is finished using 481.Fn sbuf_finish 482or reset using 483.Fn sbuf_clear , 484or its position is reset to a value between 0 and one less than the 485size of its storage buffer using 486.Fn sbuf_setpos , 487or it is reinitialized to a sufficiently short string using 488.Fn sbuf_cpy . 489.Pp 490Drains in user-space will not always function as indicated. 491While the drain function will be called immediately on overflow from 492the 493.Fa sbuf_putc , 494.Fa sbuf_bcat , 495.Fa sbuf_cat 496functions, 497.Fa sbuf_printf 498and 499.Fa sbuf_vprintf 500currently have no way to determine whether there will be an overflow 501until after it occurs, and cannot do a partial expansion of the format 502string. 503Thus when using libsbuf the buffer may be extended to allow completion 504of a single printf call, even though a drain is attached. 505.Sh RETURN VALUES 506The 507.Fn sbuf_new 508function returns 509.Dv NULL 510if it failed to allocate a storage buffer, and a pointer to the new 511.Fa sbuf 512otherwise. 513.Pp 514The 515.Fn sbuf_setpos 516function returns \-1 if 517.Fa pos 518was invalid, and zero otherwise. 519.Pp 520The 521.Fn sbuf_cat , 522.Fn sbuf_cpy , 523.Fn sbuf_printf , 524.Fn sbuf_putc , 525and 526.Fn sbuf_trim 527functions 528all return \-1 if the buffer overflowed, and zero otherwise. 529.Pp 530The 531.Fn sbuf_error 532function returns a non-zero value if the buffer has an overflow or 533drain error, and zero otherwise. 534.Pp 535The 536.Fn sbuf_len 537function returns \-1 if the buffer overflowed. 538.Pp 539The 540.Fn sbuf_copyin 541function 542returns \-1 if copying string from userland failed, and number of bytes 543copied otherwise. 544.Pp 545The 546.Fn sbuf_end_section 547function returns the section length or \-1 if the buffer has an error. 548.Pp 549The 550.Fn sbuf_finish 9 551function (the kernel version) returns ENOMEM if the sbuf overflowed before 552being finished, 553or returns the error code from the drain if one is attached. 554.Pp 555The 556.Fn sbuf_finish 3 557function (the userland version) 558will return zero for success and \-1 and set errno on error. 559.Sh EXAMPLES 560.Bd -literal -compact 561#include <sys/sbuf.h> 562 563struct sbuf *sb; 564 565sb = sbuf_new_auto(); 566sbuf_cat(sb, "Customers found:\en"); 567TAILQ_FOREACH(foo, &foolist, list) { 568 sbuf_printf(sb, " %4d %s\en", foo->index, foo->name); 569 sbuf_printf(sb, " Address: %s\en", foo->address); 570 sbuf_printf(sb, " Zip: %s\en", foo->zipcode); 571} 572if (sbuf_finish(sb) != 0) /* Check for any and all errors */ 573 err(1, "Could not generate message"); 574transmit_msg(sbuf_data(sb), sbuf_len(sb)); 575sbuf_delete(sb); 576.Ed 577.Sh SEE ALSO 578.Xr hexdump 3 , 579.Xr printf 3 , 580.Xr strcat 3 , 581.Xr strcpy 3 , 582.Xr copyin 9 , 583.Xr copyinstr 9 , 584.Xr printf 9 585.Sh HISTORY 586The 587.Nm 588family of functions first appeared in 589.Fx 4.4 . 590.Sh AUTHORS 591.An -nosplit 592The 593.Nm 594family of functions was designed by 595.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org 596and implemented by 597.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org . 598Additional improvements were suggested by 599.An Justin T. Gibbs Aq Mt gibbs@FreeBSD.org . 600Auto-extend support added by 601.An Kelly Yancey Aq Mt kbyanc@FreeBSD.org . 602Drain functionality added by 603.An Matthew Fleming Aq Mt mdf@FreeBSD.org . 604.Pp 605This manual page was written by 606.An Dag-Erling Sm\(/orgrav Aq Mt des@FreeBSD.org . 607