xref: /freebsd/sys/kern/subr_sbuf.c (revision 53120fbb68952b7d620c2c0e1cf05c5017fc1b27)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2000-2008 Poul-Henning Kamp
5  * Copyright (c) 2000-2008 Dag-Erling Smørgrav
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer
13  *    in this position and unchanged.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28  * SUCH DAMAGE.
29  */
30 
31 #include <sys/param.h>
32 
33 #ifdef _KERNEL
34 #include <sys/ctype.h>
35 #include <sys/errno.h>
36 #include <sys/kernel.h>
37 #include <sys/limits.h>
38 #include <sys/malloc.h>
39 #include <sys/systm.h>
40 #include <sys/uio.h>
41 #include <machine/stdarg.h>
42 #else /* _KERNEL */
43 #include <ctype.h>
44 #include <errno.h>
45 #include <limits.h>
46 #include <stdarg.h>
47 #include <stdio.h>
48 #include <stdlib.h>
49 #include <string.h>
50 #endif /* _KERNEL */
51 
52 #include <sys/sbuf.h>
53 
54 #ifdef _KERNEL
55 static MALLOC_DEFINE(M_SBUF, "sbuf", "string buffers");
56 #define	SBMALLOC(size, flags)	malloc(size, M_SBUF, (flags) | M_ZERO)
57 #define	SBFREE(buf)		free(buf, M_SBUF)
58 #else /* _KERNEL */
59 #define	KASSERT(e, m)
60 #define	SBMALLOC(size, flags)	calloc(1, size)
61 #define	SBFREE(buf)		free(buf)
62 #endif /* _KERNEL */
63 
64 /*
65  * Predicates
66  */
67 #define	SBUF_ISDYNAMIC(s)	((s)->s_flags & SBUF_DYNAMIC)
68 #define	SBUF_ISDYNSTRUCT(s)	((s)->s_flags & SBUF_DYNSTRUCT)
69 #define	SBUF_ISFINISHED(s)	((s)->s_flags & SBUF_FINISHED)
70 #define	SBUF_ISDRAINATEOL(s)	((s)->s_flags & SBUF_DRAINATEOL)
71 #define	SBUF_HASROOM(s)		((s)->s_len < (s)->s_size - 1)
72 #define	SBUF_FREESPACE(s)	((s)->s_size - ((s)->s_len + 1))
73 #define	SBUF_CANEXTEND(s)	((s)->s_flags & SBUF_AUTOEXTEND)
74 #define	SBUF_ISSECTION(s)	((s)->s_flags & SBUF_INSECTION)
75 #define	SBUF_NULINCLUDED(s)	((s)->s_flags & SBUF_INCLUDENUL)
76 #define	SBUF_ISDRAINTOEOR(s)	((s)->s_flags & SBUF_DRAINTOEOR)
77 #define	SBUF_DODRAINTOEOR(s)	(SBUF_ISSECTION(s) && SBUF_ISDRAINTOEOR(s))
78 #define	SBUF_MALLOCFLAG(s)	\
79 	(((s)->s_flags & SBUF_NOWAIT) ? M_NOWAIT : M_WAITOK)
80 
81 /*
82  * Set / clear flags
83  */
84 #define	SBUF_SETFLAG(s, f)	do { (s)->s_flags |= (f); } while (0)
85 #define	SBUF_CLEARFLAG(s, f)	do { (s)->s_flags &= ~(f); } while (0)
86 
87 #define	SBUF_MINSIZE		 2		/* Min is 1 byte + nulterm. */
88 #define	SBUF_MINEXTENDSIZE	16		/* Should be power of 2. */
89 
90 #ifdef PAGE_SIZE
91 #define	SBUF_MAXEXTENDSIZE	PAGE_SIZE
92 #define	SBUF_MAXEXTENDINCR	PAGE_SIZE
93 #else
94 #define	SBUF_MAXEXTENDSIZE	4096
95 #define	SBUF_MAXEXTENDINCR	4096
96 #endif
97 
98 /*
99  * Debugging support
100  */
101 #if defined(_KERNEL) && defined(INVARIANTS)
102 
103 static void
104 _assert_sbuf_integrity(const char *fun, struct sbuf *s)
105 {
106 
107 	KASSERT(s != NULL,
108 	    ("%s called with a NULL sbuf pointer", fun));
109 	KASSERT(s->s_buf != NULL,
110 	    ("%s called with uninitialized or corrupt sbuf", fun));
111 	if (SBUF_ISFINISHED(s) && SBUF_NULINCLUDED(s)) {
112 		KASSERT(s->s_len <= s->s_size,
113 		    ("wrote past end of sbuf (%jd >= %jd)",
114 		    (intmax_t)s->s_len, (intmax_t)s->s_size));
115 	} else {
116 		KASSERT(s->s_len < s->s_size,
117 		    ("wrote past end of sbuf (%jd >= %jd)",
118 		    (intmax_t)s->s_len, (intmax_t)s->s_size));
119 	}
120 }
121 
122 static void
123 _assert_sbuf_state(const char *fun, struct sbuf *s, int state)
124 {
125 
126 	KASSERT((s->s_flags & SBUF_FINISHED) == state,
127 	    ("%s called with %sfinished or corrupt sbuf", fun,
128 	    (state ? "un" : "")));
129 }
130 
131 #define	assert_sbuf_integrity(s) _assert_sbuf_integrity(__func__, (s))
132 #define	assert_sbuf_state(s, i)	 _assert_sbuf_state(__func__, (s), (i))
133 
134 #else /* _KERNEL && INVARIANTS */
135 
136 #define	assert_sbuf_integrity(s) do { } while (0)
137 #define	assert_sbuf_state(s, i)	 do { } while (0)
138 
139 #endif /* _KERNEL && INVARIANTS */
140 
141 #ifdef CTASSERT
142 CTASSERT(powerof2(SBUF_MAXEXTENDSIZE));
143 CTASSERT(powerof2(SBUF_MAXEXTENDINCR));
144 #endif
145 
146 static int
147 sbuf_extendsize(int size)
148 {
149 	int newsize;
150 
151 	if (size < (int)SBUF_MAXEXTENDSIZE) {
152 		newsize = SBUF_MINEXTENDSIZE;
153 		while (newsize < size)
154 			newsize *= 2;
155 	} else {
156 		newsize = roundup2(size, SBUF_MAXEXTENDINCR);
157 	}
158 	KASSERT(newsize >= size, ("%s: %d < %d\n", __func__, newsize, size));
159 	return (newsize);
160 }
161 
162 /*
163  * Extend an sbuf.
164  */
165 static int
166 sbuf_extend(struct sbuf *s, int addlen)
167 {
168 	char *newbuf;
169 	int newsize;
170 
171 	if (!SBUF_CANEXTEND(s))
172 		return (-1);
173 	newsize = sbuf_extendsize(s->s_size + addlen);
174 	newbuf = SBMALLOC(newsize, SBUF_MALLOCFLAG(s));
175 	if (newbuf == NULL)
176 		return (-1);
177 	memcpy(newbuf, s->s_buf, s->s_size);
178 	if (SBUF_ISDYNAMIC(s))
179 		SBFREE(s->s_buf);
180 	else
181 		SBUF_SETFLAG(s, SBUF_DYNAMIC);
182 	s->s_buf = newbuf;
183 	s->s_size = newsize;
184 	return (0);
185 }
186 
187 /*
188  * Initialize an sbuf.
189  * If buf is non-NULL, it points to a static or already-allocated string
190  * big enough to hold at least length characters.
191  */
192 struct sbuf *
193 sbuf_new(struct sbuf *s, char *buf, int length, int flags)
194 {
195 
196 	KASSERT(length >= 0,
197 	    ("attempt to create an sbuf of negative length (%d)", length));
198 	KASSERT((flags & ~SBUF_USRFLAGMSK) == 0,
199 	    ("%s called with invalid flags", __func__));
200 	KASSERT((flags & SBUF_AUTOEXTEND) || length >= SBUF_MINSIZE,
201 	    ("sbuf buffer %d smaller than minimum %d bytes", length,
202 	    SBUF_MINSIZE));
203 
204 	flags &= SBUF_USRFLAGMSK;
205 
206 	/*
207 	 * Allocate 'DYNSTRUCT' sbuf from the heap, if NULL 's' was provided.
208 	 */
209 	if (s == NULL) {
210 		s = SBMALLOC(sizeof(*s),
211 		    (flags & SBUF_NOWAIT) ?  M_NOWAIT : M_WAITOK);
212 		if (s == NULL)
213 			goto out;
214 		SBUF_SETFLAG(s, SBUF_DYNSTRUCT);
215 	} else {
216 		/*
217 		 * DYNSTRUCT SBMALLOC sbufs are allocated with M_ZERO, but
218 		 * user-provided sbuf objects must be initialized.
219 		 */
220 		memset(s, 0, sizeof(*s));
221 	}
222 
223 	s->s_flags |= flags;
224 	s->s_size = length;
225 	s->s_buf = buf;
226 	/*
227 	 * Never-written sbufs do not need \n termination.
228 	 */
229 	SBUF_SETFLAG(s, SBUF_DRAINATEOL);
230 
231 	/*
232 	 * Allocate DYNAMIC, i.e., heap data buffer backing the sbuf, if no
233 	 * buffer was provided.
234 	 */
235 	if (s->s_buf == NULL) {
236 		if (SBUF_CANEXTEND(s))
237 			s->s_size = sbuf_extendsize(s->s_size);
238 		s->s_buf = SBMALLOC(s->s_size, SBUF_MALLOCFLAG(s));
239 		if (s->s_buf == NULL)
240 			goto out;
241 		SBUF_SETFLAG(s, SBUF_DYNAMIC);
242 	}
243 
244 out:
245 	if (s != NULL && s->s_buf == NULL) {
246 		if (SBUF_ISDYNSTRUCT(s))
247 			SBFREE(s);
248 		s = NULL;
249 	}
250 	return (s);
251 }
252 
253 #ifdef _KERNEL
254 /*
255  * Create an sbuf with uio data
256  */
257 struct sbuf *
258 sbuf_uionew(struct sbuf *s, struct uio *uio, int *error)
259 {
260 
261 	KASSERT(uio != NULL,
262 	    ("%s called with NULL uio pointer", __func__));
263 	KASSERT(error != NULL,
264 	    ("%s called with NULL error pointer", __func__));
265 
266 	if (uio->uio_resid >= INT_MAX || uio->uio_resid < SBUF_MINSIZE - 1) {
267 		*error = EINVAL;
268 		return (NULL);
269 	}
270 	s = sbuf_new(s, NULL, uio->uio_resid + 1, 0);
271 	if (s == NULL) {
272 		*error = ENOMEM;
273 		return (NULL);
274 	}
275 	*error = uiomove(s->s_buf, uio->uio_resid, uio);
276 	if (*error != 0) {
277 		sbuf_delete(s);
278 		return (NULL);
279 	}
280 	s->s_len = s->s_size - 1;
281 	if (SBUF_ISSECTION(s))
282 		s->s_sect_len = s->s_size - 1;
283 	*error = 0;
284 	return (s);
285 }
286 #endif
287 
288 int
289 sbuf_get_flags(struct sbuf *s)
290 {
291 
292 	return (s->s_flags & SBUF_USRFLAGMSK);
293 }
294 
295 void
296 sbuf_clear_flags(struct sbuf *s, int flags)
297 {
298 
299 	s->s_flags &= ~(flags & SBUF_USRFLAGMSK);
300 }
301 
302 void
303 sbuf_set_flags(struct sbuf *s, int flags)
304 {
305 
306 	s->s_flags |= (flags & SBUF_USRFLAGMSK);
307 }
308 
309 /*
310  * Clear an sbuf and reset its position.
311  */
312 void
313 sbuf_clear(struct sbuf *s)
314 {
315 
316 	assert_sbuf_integrity(s);
317 	/* don't care if it's finished or not */
318 	KASSERT(s->s_drain_func == NULL,
319 	    ("%s makes no sense on sbuf %p with drain", __func__, s));
320 
321 	SBUF_CLEARFLAG(s, SBUF_FINISHED);
322 	s->s_error = 0;
323 	s->s_len = 0;
324 	s->s_rec_off = 0;
325 	s->s_sect_len = 0;
326 }
327 
328 /*
329  * Set the sbuf's end position to an arbitrary value.
330  * Effectively truncates the sbuf at the new position.
331  */
332 int
333 sbuf_setpos(struct sbuf *s, ssize_t pos)
334 {
335 
336 	assert_sbuf_integrity(s);
337 	assert_sbuf_state(s, 0);
338 
339 	KASSERT(pos >= 0,
340 	    ("attempt to seek to a negative position (%jd)", (intmax_t)pos));
341 	KASSERT(pos < s->s_size,
342 	    ("attempt to seek past end of sbuf (%jd >= %jd)",
343 	    (intmax_t)pos, (intmax_t)s->s_size));
344 	KASSERT(!SBUF_ISSECTION(s),
345 	    ("attempt to seek when in a section"));
346 
347 	if (pos < 0 || pos > s->s_len)
348 		return (-1);
349 	s->s_len = pos;
350 	return (0);
351 }
352 
353 /*
354  * Drain into a counter.  Counts amount of data without producing output.
355  * Useful for cases like sysctl, where user may first request only size.
356  * This allows to avoid pointless allocation/freeing of large buffers.
357  */
358 int
359 sbuf_count_drain(void *arg, const char *data __unused, int len)
360 {
361 	size_t *sizep;
362 
363 	sizep = (size_t *)arg;
364 	*sizep += len;
365 	return (len);
366 }
367 
368 /*
369  * Set up a drain function and argument on an sbuf to flush data to
370  * when the sbuf buffer overflows.
371  */
372 void
373 sbuf_set_drain(struct sbuf *s, sbuf_drain_func *func, void *ctx)
374 {
375 
376 	assert_sbuf_state(s, 0);
377 	assert_sbuf_integrity(s);
378 	KASSERT(func == s->s_drain_func || s->s_len == 0,
379 	    ("Cannot change drain to %p on non-empty sbuf %p", func, s));
380 	s->s_drain_func = func;
381 	s->s_drain_arg = ctx;
382 }
383 
384 /*
385  * Call the drain and process the return.
386  */
387 int
388 sbuf_drain(struct sbuf *s)
389 {
390 	int len;
391 
392 	/*
393 	 * Immediately return when no work to do,
394 	 * or an error has already been accumulated.
395 	 */
396 	if ((s->s_len == 0) || (s->s_error != 0))
397 		return(s->s_error);
398 
399 	if (SBUF_DODRAINTOEOR(s) && s->s_rec_off == 0)
400 		return (s->s_error = EDEADLK);
401 	len = s->s_drain_func(s->s_drain_arg, s->s_buf,
402 	    SBUF_DODRAINTOEOR(s) ? s->s_rec_off : s->s_len);
403 	if (len <= 0) {
404 		s->s_error = len ? -len : EDEADLK;
405 		return (s->s_error);
406 	}
407 	KASSERT(len > 0 && len <= s->s_len,
408 	    ("Bad drain amount %d for sbuf %p", len, s));
409 	s->s_len -= len;
410 	s->s_rec_off -= len;
411 	/*
412 	 * Fast path for the expected case where all the data was
413 	 * drained.
414 	 */
415 	if (s->s_len == 0) {
416 		/*
417 		 * When the s_buf is entirely drained, we need to remember if
418 		 * the last character was a '\n' or not for
419 		 * sbuf_nl_terminate().
420 		 */
421 		if (s->s_buf[len - 1] == '\n')
422 			SBUF_SETFLAG(s, SBUF_DRAINATEOL);
423 		else
424 			SBUF_CLEARFLAG(s, SBUF_DRAINATEOL);
425 		return (0);
426 	}
427 	/*
428 	 * Move the remaining characters to the beginning of the
429 	 * string.
430 	 */
431 	memmove(s->s_buf, s->s_buf + len, s->s_len);
432 	return (0);
433 }
434 
435 /*
436  * Append bytes to an sbuf.  This is the core function for appending
437  * to an sbuf and is the main place that deals with extending the
438  * buffer and marking overflow.
439  */
440 static void
441 sbuf_put_bytes(struct sbuf *s, const char *buf, size_t len)
442 {
443 	size_t n;
444 
445 	assert_sbuf_integrity(s);
446 	assert_sbuf_state(s, 0);
447 
448 	if (s->s_error != 0)
449 		return;
450 	while (len > 0) {
451 		if (SBUF_FREESPACE(s) <= 0) {
452 			/*
453 			 * If there is a drain, use it, otherwise extend the
454 			 * buffer.
455 			 */
456 			if (s->s_drain_func != NULL)
457 				(void)sbuf_drain(s);
458 			else if (sbuf_extend(s, len > INT_MAX ? INT_MAX : len)
459 			    < 0)
460 				s->s_error = ENOMEM;
461 			if (s->s_error != 0)
462 				return;
463 		}
464 		n = SBUF_FREESPACE(s);
465 		if (len < n)
466 			n = len;
467 		memcpy(&s->s_buf[s->s_len], buf, n);
468 		s->s_len += n;
469 		if (SBUF_ISSECTION(s))
470 			s->s_sect_len += n;
471 		len -= n;
472 		buf += n;
473 	}
474 }
475 
476 static void
477 sbuf_put_byte(struct sbuf *s, char c)
478 {
479 
480 	assert_sbuf_integrity(s);
481 	assert_sbuf_state(s, 0);
482 
483 	if (__predict_false(s->s_error != 0))
484 		return;
485 	if (__predict_false(SBUF_FREESPACE(s) <= 0)) {
486 		/*
487 		 * If there is a drain, use it, otherwise extend the
488 		 * buffer.
489 		 */
490 		if (s->s_drain_func != NULL)
491 			(void)sbuf_drain(s);
492 		else if (sbuf_extend(s, 1) < 0)
493 			s->s_error = ENOMEM;
494 		if (s->s_error != 0)
495 			return;
496 	}
497 	s->s_buf[s->s_len++] = c;
498 	if (SBUF_ISSECTION(s))
499 		s->s_sect_len++;
500 }
501 
502 /*
503  * Append a byte string to an sbuf.
504  */
505 int
506 sbuf_bcat(struct sbuf *s, const void *buf, size_t len)
507 {
508 
509 	sbuf_put_bytes(s, buf, len);
510 	if (s->s_error != 0)
511 		return (-1);
512 	return (0);
513 }
514 
515 #ifdef _KERNEL
516 /*
517  * Copy a byte string from userland into an sbuf.
518  */
519 int
520 sbuf_bcopyin(struct sbuf *s, const void *uaddr, size_t len)
521 {
522 
523 	assert_sbuf_integrity(s);
524 	assert_sbuf_state(s, 0);
525 	KASSERT(s->s_drain_func == NULL,
526 	    ("Nonsensical copyin to sbuf %p with a drain", s));
527 
528 	if (s->s_error != 0)
529 		return (-1);
530 	if (len == 0)
531 		return (0);
532 	if (len > SBUF_FREESPACE(s)) {
533 		sbuf_extend(s, len - SBUF_FREESPACE(s));
534 		if (SBUF_FREESPACE(s) < len)
535 			len = SBUF_FREESPACE(s);
536 	}
537 	if (copyin(uaddr, s->s_buf + s->s_len, len) != 0)
538 		return (-1);
539 	s->s_len += len;
540 
541 	return (0);
542 }
543 #endif
544 
545 /*
546  * Copy a byte string into an sbuf.
547  */
548 int
549 sbuf_bcpy(struct sbuf *s, const void *buf, size_t len)
550 {
551 
552 	assert_sbuf_integrity(s);
553 	assert_sbuf_state(s, 0);
554 
555 	sbuf_clear(s);
556 	return (sbuf_bcat(s, buf, len));
557 }
558 
559 /*
560  * Append a string to an sbuf.
561  */
562 int
563 sbuf_cat(struct sbuf *s, const char *str)
564 {
565 	size_t n;
566 
567 	n = strlen(str);
568 	sbuf_put_bytes(s, str, n);
569 	if (s->s_error != 0)
570 		return (-1);
571 	return (0);
572 }
573 
574 #ifdef _KERNEL
575 /*
576  * Append a string from userland to an sbuf.
577  */
578 int
579 sbuf_copyin(struct sbuf *s, const void *uaddr, size_t len)
580 {
581 	size_t done;
582 
583 	assert_sbuf_integrity(s);
584 	assert_sbuf_state(s, 0);
585 	KASSERT(s->s_drain_func == NULL,
586 	    ("Nonsensical copyin to sbuf %p with a drain", s));
587 
588 	if (s->s_error != 0)
589 		return (-1);
590 
591 	if (len == 0)
592 		len = SBUF_FREESPACE(s);	/* XXX return 0? */
593 	if (len > SBUF_FREESPACE(s)) {
594 		sbuf_extend(s, len);
595 		if (SBUF_FREESPACE(s) < len)
596 			len = SBUF_FREESPACE(s);
597 	}
598 	switch (copyinstr(uaddr, s->s_buf + s->s_len, len + 1, &done)) {
599 	case ENAMETOOLONG:
600 		s->s_error = ENOMEM;
601 		/* fall through */
602 	case 0:
603 		s->s_len += done - 1;
604 		if (SBUF_ISSECTION(s))
605 			s->s_sect_len += done - 1;
606 		break;
607 	default:
608 		return (-1);	/* XXX */
609 	}
610 
611 	return (done);
612 }
613 #endif
614 
615 /*
616  * Copy a string into an sbuf.
617  */
618 int
619 sbuf_cpy(struct sbuf *s, const char *str)
620 {
621 
622 	assert_sbuf_integrity(s);
623 	assert_sbuf_state(s, 0);
624 
625 	sbuf_clear(s);
626 	return (sbuf_cat(s, str));
627 }
628 
629 /*
630  * Format the given argument list and append the resulting string to an sbuf.
631  */
632 #ifdef _KERNEL
633 
634 /*
635  * Append a non-NUL character to an sbuf.  This prototype signature is
636  * suitable for use with kvprintf(9).
637  */
638 static void
639 sbuf_putc_func(int c, void *arg)
640 {
641 
642 	if (__predict_true(c != '\0'))
643 		sbuf_put_byte(arg, c);
644 }
645 
646 int
647 sbuf_vprintf(struct sbuf *s, const char *fmt, va_list ap)
648 {
649 
650 	assert_sbuf_integrity(s);
651 	assert_sbuf_state(s, 0);
652 
653 	KASSERT(fmt != NULL,
654 	    ("%s called with a NULL format string", __func__));
655 
656 	(void)kvprintf(fmt, sbuf_putc_func, s, 10, ap);
657 	if (s->s_error != 0)
658 		return (-1);
659 	return (0);
660 }
661 #else /* !_KERNEL */
662 int
663 sbuf_vprintf(struct sbuf *s, const char *fmt, va_list ap)
664 {
665 	va_list ap_copy;
666 	int error, len;
667 
668 	assert_sbuf_integrity(s);
669 	assert_sbuf_state(s, 0);
670 
671 	KASSERT(fmt != NULL,
672 	    ("%s called with a NULL format string", __func__));
673 
674 	if (s->s_error != 0)
675 		return (-1);
676 
677 	/*
678 	 * For the moment, there is no way to get vsnprintf(3) to hand
679 	 * back a character at a time, to push everything into
680 	 * sbuf_putc_func() as was done for the kernel.
681 	 *
682 	 * In userspace, while drains are useful, there's generally
683 	 * not a problem attempting to malloc(3) on out of space.  So
684 	 * expand a userland sbuf if there is not enough room for the
685 	 * data produced by sbuf_[v]printf(3).
686 	 */
687 
688 	error = 0;
689 	do {
690 		va_copy(ap_copy, ap);
691 		len = vsnprintf(&s->s_buf[s->s_len], SBUF_FREESPACE(s) + 1,
692 		    fmt, ap_copy);
693 		if (len < 0) {
694 			s->s_error = errno;
695 			return (-1);
696 		}
697 		va_end(ap_copy);
698 
699 		if (SBUF_FREESPACE(s) >= len)
700 			break;
701 		/* Cannot print with the current available space. */
702 		if (s->s_drain_func != NULL && s->s_len > 0)
703 			error = sbuf_drain(s); /* sbuf_drain() sets s_error. */
704 		else if (sbuf_extend(s, len - SBUF_FREESPACE(s)) != 0)
705 			s->s_error = error = ENOMEM;
706 	} while (error == 0);
707 
708 	/*
709 	 * s->s_len is the length of the string, without the terminating nul.
710 	 * When updating s->s_len, we must subtract 1 from the length that
711 	 * we passed into vsnprintf() because that length includes the
712 	 * terminating nul.
713 	 *
714 	 * vsnprintf() returns the amount that would have been copied,
715 	 * given sufficient space, so don't over-increment s_len.
716 	 */
717 	if (SBUF_FREESPACE(s) < len)
718 		len = SBUF_FREESPACE(s);
719 	s->s_len += len;
720 	if (SBUF_ISSECTION(s))
721 		s->s_sect_len += len;
722 
723 	KASSERT(s->s_len < s->s_size,
724 	    ("wrote past end of sbuf (%d >= %d)", s->s_len, s->s_size));
725 
726 	if (s->s_error != 0)
727 		return (-1);
728 	return (0);
729 }
730 #endif /* _KERNEL */
731 
732 /*
733  * Format the given arguments and append the resulting string to an sbuf.
734  */
735 int
736 sbuf_printf(struct sbuf *s, const char *fmt, ...)
737 {
738 	va_list ap;
739 	int result;
740 
741 	va_start(ap, fmt);
742 	result = sbuf_vprintf(s, fmt, ap);
743 	va_end(ap);
744 	return (result);
745 }
746 
747 /*
748  * Append a character to an sbuf.
749  */
750 int
751 sbuf_putc(struct sbuf *s, int c)
752 {
753 
754 	sbuf_put_byte(s, c);
755 	if (s->s_error != 0)
756 		return (-1);
757 	return (0);
758 }
759 
760 /*
761  * Append a trailing newline to a non-empty sbuf, if one is not already
762  * present.  Handles sbufs with drain functions correctly.
763  */
764 int
765 sbuf_nl_terminate(struct sbuf *s)
766 {
767 
768 	assert_sbuf_integrity(s);
769 	assert_sbuf_state(s, 0);
770 
771 	/*
772 	 * If the s_buf isn't empty, the last byte is simply s_buf[s_len - 1].
773 	 *
774 	 * If the s_buf is empty because a drain function drained it, we
775 	 * remember if the last byte was a \n with the SBUF_DRAINATEOL flag in
776 	 * sbuf_drain().
777 	 *
778 	 * In either case, we only append a \n if the previous character was
779 	 * something else.
780 	 */
781 	if (s->s_len == 0) {
782 		if (!SBUF_ISDRAINATEOL(s))
783 			sbuf_put_byte(s, '\n');
784 	} else if (s->s_buf[s->s_len - 1] != '\n')
785 		sbuf_put_byte(s, '\n');
786 
787 	if (s->s_error != 0)
788 		return (-1);
789 	return (0);
790 }
791 
792 /*
793  * Trim whitespace characters from end of an sbuf.
794  */
795 int
796 sbuf_trim(struct sbuf *s)
797 {
798 
799 	assert_sbuf_integrity(s);
800 	assert_sbuf_state(s, 0);
801 	KASSERT(s->s_drain_func == NULL,
802 	    ("%s makes no sense on sbuf %p with drain", __func__, s));
803 
804 	if (s->s_error != 0)
805 		return (-1);
806 
807 	while (s->s_len > 0 && isspace(s->s_buf[s->s_len-1])) {
808 		--s->s_len;
809 		if (SBUF_ISSECTION(s))
810 			s->s_sect_len--;
811 	}
812 
813 	return (0);
814 }
815 
816 /*
817  * Check if an sbuf has an error.
818  */
819 int
820 sbuf_error(const struct sbuf *s)
821 {
822 
823 	return (s->s_error);
824 }
825 
826 /*
827  * Finish off an sbuf.
828  */
829 int
830 sbuf_finish(struct sbuf *s)
831 {
832 
833 	assert_sbuf_integrity(s);
834 	assert_sbuf_state(s, 0);
835 
836 	s->s_buf[s->s_len] = '\0';
837 	if (SBUF_NULINCLUDED(s))
838 		s->s_len++;
839 	if (s->s_drain_func != NULL) {
840 		while (s->s_len > 0 && s->s_error == 0)
841 			s->s_error = sbuf_drain(s);
842 	}
843 	SBUF_SETFLAG(s, SBUF_FINISHED);
844 #ifdef _KERNEL
845 	return (s->s_error);
846 #else
847 	if (s->s_error != 0) {
848 		errno = s->s_error;
849 		return (-1);
850 	}
851 	return (0);
852 #endif
853 }
854 
855 /*
856  * Return a pointer to the sbuf data.
857  */
858 char *
859 sbuf_data(struct sbuf *s)
860 {
861 
862 	assert_sbuf_integrity(s);
863 	assert_sbuf_state(s, SBUF_FINISHED);
864 	KASSERT(s->s_drain_func == NULL,
865 	    ("%s makes no sense on sbuf %p with drain", __func__, s));
866 
867 	return (s->s_buf);
868 }
869 
870 /*
871  * Return the length of the sbuf data.
872  */
873 ssize_t
874 sbuf_len(struct sbuf *s)
875 {
876 
877 	assert_sbuf_integrity(s);
878 	/* don't care if it's finished or not */
879 	KASSERT(s->s_drain_func == NULL,
880 	    ("%s makes no sense on sbuf %p with drain", __func__, s));
881 
882 	if (s->s_error != 0)
883 		return (-1);
884 
885 	/* If finished, nulterm is already in len, else add one. */
886 	if (SBUF_NULINCLUDED(s) && !SBUF_ISFINISHED(s))
887 		return (s->s_len + 1);
888 	return (s->s_len);
889 }
890 
891 /*
892  * Clear an sbuf, free its buffer if necessary.
893  */
894 void
895 sbuf_delete(struct sbuf *s)
896 {
897 	int isdyn;
898 
899 	assert_sbuf_integrity(s);
900 	/* don't care if it's finished or not */
901 
902 	if (SBUF_ISDYNAMIC(s))
903 		SBFREE(s->s_buf);
904 	isdyn = SBUF_ISDYNSTRUCT(s);
905 	memset(s, 0, sizeof(*s));
906 	if (isdyn)
907 		SBFREE(s);
908 }
909 
910 /*
911  * Check if an sbuf has been finished.
912  */
913 int
914 sbuf_done(const struct sbuf *s)
915 {
916 
917 	return (SBUF_ISFINISHED(s));
918 }
919 
920 /*
921  * Start a section.
922  */
923 void
924 sbuf_start_section(struct sbuf *s, ssize_t *old_lenp)
925 {
926 
927 	assert_sbuf_integrity(s);
928 	assert_sbuf_state(s, 0);
929 
930 	if (!SBUF_ISSECTION(s)) {
931 		KASSERT(s->s_sect_len == 0,
932 		    ("s_sect_len != 0 when starting a section"));
933 		if (old_lenp != NULL)
934 			*old_lenp = -1;
935 		s->s_rec_off = s->s_len;
936 		SBUF_SETFLAG(s, SBUF_INSECTION);
937 	} else {
938 		KASSERT(old_lenp != NULL,
939 		    ("s_sect_len should be saved when starting a subsection"));
940 		*old_lenp = s->s_sect_len;
941 		s->s_sect_len = 0;
942 	}
943 }
944 
945 /*
946  * End the section padding to the specified length with the specified
947  * character.
948  */
949 ssize_t
950 sbuf_end_section(struct sbuf *s, ssize_t old_len, size_t pad, int c)
951 {
952 	ssize_t len;
953 
954 	assert_sbuf_integrity(s);
955 	assert_sbuf_state(s, 0);
956 	KASSERT(SBUF_ISSECTION(s),
957 	    ("attempt to end a section when not in a section"));
958 
959 	if (pad > 1) {
960 		len = roundup(s->s_sect_len, pad) - s->s_sect_len;
961 		for (; s->s_error == 0 && len > 0; len--)
962 			sbuf_put_byte(s, c);
963 	}
964 	len = s->s_sect_len;
965 	if (old_len == -1) {
966 		s->s_rec_off = s->s_sect_len = 0;
967 		SBUF_CLEARFLAG(s, SBUF_INSECTION);
968 	} else {
969 		s->s_sect_len += old_len;
970 	}
971 	if (s->s_error != 0)
972 		return (-1);
973 	return (len);
974 }
975