Bugfix: Lua cjson integer overflow issues (CVE-2022-24834) (#94)2.1.0.13

* Fix integer overflows due to using wrong integer size. * Add assertions / panic when overflow still happens. Co-authored-by: Oran Agra <oran@redislabs.com> Co-authored-by: Yossi Gottlieb <yossigo@gmail.com>
author: lijunlong <lijunlong@openresty.com> 2023-07-20 23:47:32 +0800
committer: GitHub <noreply@github.com> 2023-07-20 23:47:32 +0800
commit: 2bfad8f5eeb821357d2ada29506e864ff7ec947e (patch)
tree: 0916a75dbb2b24cee1e558e94d0a4e36fabdcf10
parent: 881accc8fadca5ec02aa34d364df2a1aa25cd2f9 (diff)
download: lua-cjson-2bfad8f5eeb821357d2ada29506e864ff7ec947e.tar.gz
lua-cjson-2bfad8f5eeb821357d2ada29506e864ff7ec947e.tar.bz2
lua-cjson-2bfad8f5eeb821357d2ada29506e864ff7ec947e.zip
4 files changed, 55 insertions, 112 deletions
diff --git a/.travis.yml b/.travis.yml
index 091ff98..469d5dd 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -27,7 +27,7 @@ env:
    - JOBS=3
    - LUAROCKS_VER=2.4.2
  matrix:
-      #- LUA=1 LUA_DIR=/usr LUA_INCLUDE_DIR=$LUA_DIR/include/lua5.1
+      #- LUA=1 LUA_DIR=/usr LUA_INCLUDE_DIR=$LUA_DIR/include/lua5.1 
      - LUAJIT=1 LUA_DIR=/usr/local LUA_INCLUDE_DIR=$LUA_DIR/include/luajit-2.1 LUA_SUFFIX=--lua-suffix=jit
 install:
diff --git a/lua_cjson.c b/lua_cjson.c
index 42672de..363466c 100644
--- a/lua_cjson.c
+++ b/lua_cjson.c
@@ -40,6 +40,7 @@
 #include <stdint.h>
 #include <string.h>
 #include <math.h>
+#include <stdint.h>
 #include <limits.h>
 #include <lua.h>
 #include <lauxlib.h>
@@ -179,13 +180,13 @@ typedef struct {
 typedef struct {
    json_token_type_t type;
-    int index;
+    size_t index;
    union {
        const char *string;
        double number;
        int boolean;
    } value;
-    int string_len;
+    size_t string_len;
 } json_token_t;
 static const char *char2escape[256] = {
@@ -557,6 +558,8 @@ static void json_append_string(lua_State *l, strbuf_t *json, int lindex)
     * This buffer is reused constantly for small strings
     * If there are any excess pages, they won't be hit anyway.
     * This gains ~5% speedup. */
+    if (len > SIZE_MAX / 6 - 3)
+        abort(); /* Overflow check */
    strbuf_ensure_empty_length(json, len * 6 + 2);
    strbuf_append_char_unsafe(json, '\"');
@@ -848,7 +851,7 @@ static int json_encode(lua_State *l)
    strbuf_t local_encode_buf;
    strbuf_t *encode_buf;
    char *json;
-    int len;
+    size_t len;
    luaL_argcheck(l, lua_gettop(l) == 1, 1, "expected 1 argument");
diff --git a/strbuf.c b/strbuf.c
index ed13367..2dc30be 100644
--- a/strbuf.c
+++ b/strbuf.c
@@ -26,6 +26,7 @@
 #include <stdlib.h>
 #include <stdarg.h>
 #include <string.h>
+#include <stdint.h>
 #include "strbuf.h"
@@ -38,22 +39,22 @@ static void die(const char *fmt, ...)
    va_end(arg);
    fprintf(stderr, "\n");
-    exit(-1);
+    abort();
 }
-void strbuf_init(strbuf_t *s, int len)
+void strbuf_init(strbuf_t *s, size_t len)
 {
-    int size;
+    size_t size;
-    if (len <= 0)
+    if (!len)
        size = STRBUF_DEFAULT_SIZE;
    else
-        size = len + 1;         /* \0 terminator */
+        size = len + 1;
+    if (size < len)
+        die("Overflow, len: %zu", len);
    s->buf = NULL;
    s->size = size;
    s->length = 0;
-    s->increment = STRBUF_DEFAULT_INCREMENT;
    s->dynamic = 0;
    s->reallocs = 0;
    s->debug = 0;
@@ -65,7 +66,7 @@ void strbuf_init(strbuf_t *s, int len)
    strbuf_ensure_null(s);
 }
-strbuf_t *strbuf_new(int len)
+strbuf_t *strbuf_new(size_t len)
 {
    strbuf_t *s;
@@ -81,20 +82,10 @@ strbuf_t *strbuf_new(int len)
    return s;
 }
-void strbuf_set_increment(strbuf_t *s, int increment)
-{
-    /* Increment > 0:  Linear buffer growth rate
-     * Increment < -1: Exponential buffer growth rate */
-    if (increment == 0 || increment == -1)
-        die("BUG: Invalid string increment");
-    s->increment = increment;
-}
 static inline void debug_stats(strbuf_t *s)
 {
    if (s->debug) {
-        fprintf(stderr, "strbuf(%lx) reallocs: %d, length: %d, size: %d\n",
+        fprintf(stderr, "strbuf(%lx) reallocs: %d, length: %zd, size: %zd\n",
                (long)s, s->reallocs, s->length, s->size);
    }
 }
@@ -113,7 +104,7 @@ void strbuf_free(strbuf_t *s)
        free(s);
 }
-char *strbuf_free_to_string(strbuf_t *s, int *len)
+char *strbuf_free_to_string(strbuf_t *s, size_t *len)
 {
    char *buf;
@@ -131,57 +122,63 @@ char *strbuf_free_to_string(strbuf_t *s, int *len)
    return buf;
 }
-static int calculate_new_size(strbuf_t *s, int len)
+static size_t calculate_new_size(strbuf_t *s, size_t len)
 {
-    int reqsize, newsize;
+    size_t reqsize, newsize;
    if (len <= 0)
        die("BUG: Invalid strbuf length requested");
    /* Ensure there is room for optional NULL termination */
    reqsize = len + 1;
+    if (reqsize < len)
+        die("Overflow, len: %zu", len);
    /* If the user has requested to shrink the buffer, do it exactly */
    if (s->size > reqsize)
        return reqsize;
    newsize = s->size;
-    if (s->increment < 0) {
+    if (reqsize >= SIZE_MAX / 2) {
+        newsize = reqsize;
+    } else {
        /* Exponential sizing */
        while (newsize < reqsize)
-            newsize *= -s->increment;
+            newsize *= 2;
-    } else if (s->increment != 0)  {
-        /* Linear sizing */
-        newsize = ((newsize + s->increment - 1) / s->increment) * s->increment;
    }
+    if (newsize < reqsize)
+        die("BUG: strbuf length would overflow, len: %zu", len);
    return newsize;
 }
 /* Ensure strbuf can handle a string length bytes long (ignoring NULL
 * optional termination). */
-void strbuf_resize(strbuf_t *s, int len)
+void strbuf_resize(strbuf_t *s, size_t len)
 {
-    int newsize;
+    size_t newsize;
    newsize = calculate_new_size(s, len);
    if (s->debug > 1) {
-        fprintf(stderr, "strbuf(%lx) resize: %d => %d\n",
+        fprintf(stderr, "strbuf(%lx) resize: %zd => %zd\n",
                (long)s, s->size, newsize);
    }
    s->size = newsize;
    s->buf = realloc(s->buf, s->size);
    if (!s->buf)
-        die("Out of memory");
+        die("Out of memory, len: %zu", len);
    s->reallocs++;
 }
 void strbuf_append_string(strbuf_t *s, const char *str)
 {
-    int space, i;
+    int i;
+    size_t space;
    space = strbuf_empty_length(s);
@@ -197,55 +194,6 @@ void strbuf_append_string(strbuf_t *s, const char *str)
    }
 }
-/* strbuf_append_fmt() should only be used when an upper bound
- * is known for the output string. */
-void strbuf_append_fmt(strbuf_t *s, int len, const char *fmt, ...)
-{
-    va_list arg;
-    int fmt_len;
-    strbuf_ensure_empty_length(s, len);
-    va_start(arg, fmt);
-    fmt_len = vsnprintf(s->buf + s->length, len, fmt, arg);
-    va_end(arg);
-    if (fmt_len < 0)
-        die("BUG: Unable to convert number");  /* This should never happen.. */
-    s->length += fmt_len;
-}
-/* strbuf_append_fmt_retry() can be used when the there is no known
- * upper bound for the output string. */
-void strbuf_append_fmt_retry(strbuf_t *s, const char *fmt, ...)
-{
-    va_list arg;
-    int fmt_len, try;
-    int empty_len;
-    /* If the first attempt to append fails, resize the buffer appropriately
-     * and try again */
-    for (try = 0; ; try++) {
-        va_start(arg, fmt);
-        /* Append the new formatted string */
-        /* fmt_len is the length of the string required, excluding the
-         * trailing NULL */
-        empty_len = strbuf_empty_length(s);
-        /* Add 1 since there is also space to store the terminating NULL. */
-        fmt_len = vsnprintf(s->buf + s->length, empty_len + 1, fmt, arg);
-        va_end(arg);
-        if (fmt_len <= empty_len)
-            break;  /* SUCCESS */
-        if (try > 0)
-            die("BUG: length of formatted string changed");
-        strbuf_resize(s, s->length + fmt_len);
-    }
-    s->length += fmt_len;
-}
 /* vi:ai et sw=4 ts=4:
 */
diff --git a/strbuf.h b/strbuf.h
index a98ee22..d77e0f4 100644
--- a/strbuf.h
+++ b/strbuf.h
@@ -32,15 +32,13 @@
 /* Size: Total bytes allocated to *buf
 * Length: String length, excluding optional NULL terminator.
- * Increment: Allocation increments when resizing the string buffer.
 * Dynamic: True if created via strbuf_new()
 */
 typedef struct {
    char *buf;
-    int size;
+    size_t size;
-    int length;
+    size_t length;
-    int increment;
    int dynamic;
    int reallocs;
    int debug;
@@ -49,33 +47,27 @@ typedef struct {
 #ifndef STRBUF_DEFAULT_SIZE
 #define STRBUF_DEFAULT_SIZE 1023
 #endif
-#ifndef STRBUF_DEFAULT_INCREMENT
-#define STRBUF_DEFAULT_INCREMENT -2
-#endif
 /* Initialise */
-extern strbuf_t *strbuf_new(int len);
+extern strbuf_t *strbuf_new(size_t len);
-extern void strbuf_init(strbuf_t *s, int len);
+extern void strbuf_init(strbuf_t *s, size_t len);
-extern void strbuf_set_increment(strbuf_t *s, int increment);
 /* Release */
 extern void strbuf_free(strbuf_t *s);
-extern char *strbuf_free_to_string(strbuf_t *s, int *len);
+extern char *strbuf_free_to_string(strbuf_t *s, size_t *len);
 /* Management */
-extern void strbuf_resize(strbuf_t *s, int len);
+extern void strbuf_resize(strbuf_t *s, size_t len);
-static int strbuf_empty_length(strbuf_t *s);
+static size_t strbuf_empty_length(strbuf_t *s);
-static int strbuf_length(strbuf_t *s);
+static size_t strbuf_length(strbuf_t *s);
-static char *strbuf_string(strbuf_t *s, int *len);
+static char *strbuf_string(strbuf_t *s, size_t *len);
-static void strbuf_ensure_empty_length(strbuf_t *s, int len);
+static void strbuf_ensure_empty_length(strbuf_t *s, size_t len);
 static char *strbuf_empty_ptr(strbuf_t *s);
-static void strbuf_extend_length(strbuf_t *s, int len);
+static void strbuf_extend_length(strbuf_t *s, size_t len);
 static void strbuf_set_length(strbuf_t *s, int len);
 /* Update */
-extern void strbuf_append_fmt(strbuf_t *s, int len, const char *fmt, ...);
+static void strbuf_append_mem(strbuf_t *s, const char *c, size_t len);
-extern void strbuf_append_fmt_retry(strbuf_t *s, const char *format, ...);
-static void strbuf_append_mem(strbuf_t *s, const char *c, int len);
 extern void strbuf_append_string(strbuf_t *s, const char *str);
 static void strbuf_append_char(strbuf_t *s, const char c);
 static void strbuf_ensure_null(strbuf_t *s);
@@ -93,12 +85,12 @@ static inline int strbuf_allocated(strbuf_t *s)
 /* Return bytes remaining in the string buffer
 * Ensure there is space for a NULL terminator. */
-static inline int strbuf_empty_length(strbuf_t *s)
+static inline size_t strbuf_empty_length(strbuf_t *s)
 {
    return s->size - s->length - 1;
 }
-static inline void strbuf_ensure_empty_length(strbuf_t *s, int len)
+static inline void strbuf_ensure_empty_length(strbuf_t *s, size_t len)
 {
    if (len > strbuf_empty_length(s))
        strbuf_resize(s, s->length + len);
@@ -114,12 +106,12 @@ static inline void strbuf_set_length(strbuf_t *s, int len)
    s->length = len;
 }
-static inline void strbuf_extend_length(strbuf_t *s, int len)
+static inline void strbuf_extend_length(strbuf_t *s, size_t len)
 {
    s->length += len;
 }
-static inline int strbuf_length(strbuf_t *s)
+static inline size_t strbuf_length(strbuf_t *s)
 {
    return s->length;
 }
@@ -135,14 +127,14 @@ static inline void strbuf_append_char_unsafe(strbuf_t *s, const char c)
    s->buf[s->length++] = c;
 }
-static inline void strbuf_append_mem(strbuf_t *s, const char *c, int len)
+static inline void strbuf_append_mem(strbuf_t *s, const char *c, size_t len)
 {
    strbuf_ensure_empty_length(s, len);
    memcpy(s->buf + s->length, c, len);
    s->length += len;
 }
-static inline void strbuf_append_mem_unsafe(strbuf_t *s, const char *c, int len)
+static inline void strbuf_append_mem_unsafe(strbuf_t *s, const char *c, size_t len)
 {
    memcpy(s->buf + s->length, c, len);
    s->length += len;
@@ -153,7 +145,7 @@ static inline void strbuf_ensure_null(strbuf_t *s)
    s->buf[s->length] = 0;
 }
-static inline char *strbuf_string(strbuf_t *s, int *len)
+static inline char *strbuf_string(strbuf_t *s, size_t *len)
 {
    if (len)
        *len = s->length;
author	lijunlong <lijunlong@openresty.com>	2023-07-20 23:47:32 +0800
committer	GitHub <noreply@github.com>	2023-07-20 23:47:32 +0800
commit	2bfad8f5eeb821357d2ada29506e864ff7ec947e (patch)
tree	0916a75dbb2b24cee1e558e94d0a4e36fabdcf10
parent	881accc8fadca5ec02aa34d364df2a1aa25cd2f9 (diff)
download	lua-cjson-2bfad8f5eeb821357d2ada29506e864ff7ec947e.tar.gz lua-cjson-2bfad8f5eeb821357d2ada29506e864ff7ec947e.tar.bz2 lua-cjson-2bfad8f5eeb821357d2ada29506e864ff7ec947e.zip

diff --git a/.travis.yml b/.travis.yml index 091ff98..469d5dd 100644 --- a/.travis.yml +++ b/.travis.yml
@@ -27,7 +27,7 @@ env:
27	- JOBS=3	27	- JOBS=3
28	- LUAROCKS_VER=2.4.2	28	- LUAROCKS_VER=2.4.2
29	matrix:	29	matrix:
30	#- LUA=1 LUA_DIR=/usr LUA_INCLUDE_DIR=$LUA_DIR/include/lua5.1	30	#- LUA=1 LUA_DIR=/usr LUA_INCLUDE_DIR=$LUA_DIR/include/lua5.1
31	- LUAJIT=1 LUA_DIR=/usr/local LUA_INCLUDE_DIR=$LUA_DIR/include/luajit-2.1 LUA_SUFFIX=--lua-suffix=jit	31	- LUAJIT=1 LUA_DIR=/usr/local LUA_INCLUDE_DIR=$LUA_DIR/include/luajit-2.1 LUA_SUFFIX=--lua-suffix=jit
32		32
33	install:	33	install:


diff --git a/lua_cjson.c b/lua_cjson.c index 42672de..363466c 100644 --- a/lua_cjson.c +++ b/lua_cjson.c
@@ -40,6 +40,7 @@
40	#include <stdint.h>	40	#include <stdint.h>
41	#include <string.h>	41	#include <string.h>
42	#include <math.h>	42	#include <math.h>
		43	#include <stdint.h>
43	#include <limits.h>	44	#include <limits.h>
44	#include <lua.h>	45	#include <lua.h>
45	#include <lauxlib.h>	46	#include <lauxlib.h>
@@ -179,13 +180,13 @@ typedef struct {
179		180
180	typedef struct {	181	typedef struct {
181	json_token_type_t type;	182	json_token_type_t type;
182	int index;	183	size_t index;
183	union {	184	union {
184	const char *string;	185	const char *string;
185	double number;	186	double number;
186	int boolean;	187	int boolean;
187	} value;	188	} value;
188	int string_len;	189	size_t string_len;
189	} json_token_t;	190	} json_token_t;
190		191
191	static const char *char2escape[256] = {	192	static const char *char2escape[256] = {
@@ -557,6 +558,8 @@ static void json_append_string(lua_State l, strbuf_t json, int lindex)
557	* This buffer is reused constantly for small strings	558	* This buffer is reused constantly for small strings
558	* If there are any excess pages, they won't be hit anyway.	559	* If there are any excess pages, they won't be hit anyway.
559	* This gains ~5% speedup. */	560	* This gains ~5% speedup. */
		561	if (len > SIZE_MAX / 6 - 3)
		562	abort(); /* Overflow check */
560	strbuf_ensure_empty_length(json, len * 6 + 2);	563	strbuf_ensure_empty_length(json, len * 6 + 2);
561		564
562	strbuf_append_char_unsafe(json, '\"');	565	strbuf_append_char_unsafe(json, '\"');
@@ -848,7 +851,7 @@ static int json_encode(lua_State *l)
848	strbuf_t local_encode_buf;	851	strbuf_t local_encode_buf;
849	strbuf_t *encode_buf;	852	strbuf_t *encode_buf;
850	char *json;	853	char *json;
851	int len;	854	size_t len;
852		855
853	luaL_argcheck(l, lua_gettop(l) == 1, 1, "expected 1 argument");	856	luaL_argcheck(l, lua_gettop(l) == 1, 1, "expected 1 argument");
854		857


diff --git a/strbuf.c b/strbuf.c index ed13367..2dc30be 100644 --- a/strbuf.c +++ b/strbuf.c
@@ -26,6 +26,7 @@
26	#include <stdlib.h>	26	#include <stdlib.h>
27	#include <stdarg.h>	27	#include <stdarg.h>
28	#include <string.h>	28	#include <string.h>
		29	#include <stdint.h>
29		30
30	#include "strbuf.h"	31	#include "strbuf.h"
31		32
@@ -38,22 +39,22 @@ static void die(const char *fmt, ...)
38	va_end(arg);	39	va_end(arg);
39	fprintf(stderr, "\n");	40	fprintf(stderr, "\n");
40		41
41	exit(-1);	42	abort();
42	}	43	}
43		44
44	void strbuf_init(strbuf_t *s, int len)	45	void strbuf_init(strbuf_t *s, size_t len)
45	{	46	{
46	int size;	47	size_t size;
47		48
48	if (len <= 0)	49	if (!len)
49	size = STRBUF_DEFAULT_SIZE;	50	size = STRBUF_DEFAULT_SIZE;
50	else	51	else
51	size = len + 1; /* \0 terminator */	52	size = len + 1;
52		53	if (size < len)
		54	die("Overflow, len: %zu", len);
53	s->buf = NULL;	55	s->buf = NULL;
54	s->size = size;	56	s->size = size;
55	s->length = 0;	57	s->length = 0;
56	s->increment = STRBUF_DEFAULT_INCREMENT;
57	s->dynamic = 0;	58	s->dynamic = 0;
58	s->reallocs = 0;	59	s->reallocs = 0;
59	s->debug = 0;	60	s->debug = 0;
@@ -65,7 +66,7 @@ void strbuf_init(strbuf_t *s, int len)
65	strbuf_ensure_null(s);	66	strbuf_ensure_null(s);
66	}	67	}
67		68
68	strbuf_t *strbuf_new(int len)	69	strbuf_t *strbuf_new(size_t len)
69	{	70	{
70	strbuf_t *s;	71	strbuf_t *s;
71		72
@@ -81,20 +82,10 @@ strbuf_t *strbuf_new(int len)
81	return s;	82	return s;
82	}	83	}
83		84
84	void strbuf_set_increment(strbuf_t *s, int increment)
85	{
86	/* Increment > 0: Linear buffer growth rate
87	* Increment < -1: Exponential buffer growth rate */
88	if (increment == 0 \|\| increment == -1)
89	die("BUG: Invalid string increment");
90
91	s->increment = increment;
92	}
93
94	static inline void debug_stats(strbuf_t *s)	85	static inline void debug_stats(strbuf_t *s)
95	{	86	{
96	if (s->debug) {	87	if (s->debug) {
97	fprintf(stderr, "strbuf(%lx) reallocs: %d, length: %d, size: %d\n",	88	fprintf(stderr, "strbuf(%lx) reallocs: %d, length: %zd, size: %zd\n",
98	(long)s, s->reallocs, s->length, s->size);	89	(long)s, s->reallocs, s->length, s->size);
99	}	90	}
100	}	91	}
@@ -113,7 +104,7 @@ void strbuf_free(strbuf_t *s)
113	free(s);	104	free(s);
114	}	105	}
115		106
116	char strbuf_free_to_string(strbuf_t s, int *len)	107	char strbuf_free_to_string(strbuf_t s, size_t *len)
117	{	108	{
118	char *buf;	109	char *buf;
119		110
@@ -131,57 +122,63 @@ char strbuf_free_to_string(strbuf_t s, int *len)
131	return buf;	122	return buf;
132	}	123	}
133		124
134	static int calculate_new_size(strbuf_t *s, int len)	125	static size_t calculate_new_size(strbuf_t *s, size_t len)
135	{	126	{
136	int reqsize, newsize;	127	size_t reqsize, newsize;
137		128
138	if (len <= 0)	129	if (len <= 0)
139	die("BUG: Invalid strbuf length requested");	130	die("BUG: Invalid strbuf length requested");
140		131
141	/* Ensure there is room for optional NULL termination */	132	/* Ensure there is room for optional NULL termination */
142	reqsize = len + 1;	133	reqsize = len + 1;
		134	if (reqsize < len)
		135	die("Overflow, len: %zu", len);
143		136
144	/* If the user has requested to shrink the buffer, do it exactly */	137	/* If the user has requested to shrink the buffer, do it exactly */
145	if (s->size > reqsize)	138	if (s->size > reqsize)
146	return reqsize;	139	return reqsize;
147		140
148	newsize = s->size;	141	newsize = s->size;
149	if (s->increment < 0) {	142	if (reqsize >= SIZE_MAX / 2) {
		143	newsize = reqsize;
		144	} else {
150	/* Exponential sizing */	145	/* Exponential sizing */
151	while (newsize < reqsize)	146	while (newsize < reqsize)
152	newsize *= -s->increment;	147	newsize *= 2;
153	} else if (s->increment != 0) {
154	/* Linear sizing */
155	newsize = ((newsize + s->increment - 1) / s->increment) * s->increment;
156	}	148	}
157		149
		150	if (newsize < reqsize)
		151	die("BUG: strbuf length would overflow, len: %zu", len);
		152
		153
158	return newsize;	154	return newsize;
159	}	155	}
160		156
161		157
162	/* Ensure strbuf can handle a string length bytes long (ignoring NULL	158	/* Ensure strbuf can handle a string length bytes long (ignoring NULL
163	* optional termination). */	159	* optional termination). */
164	void strbuf_resize(strbuf_t *s, int len)	160	void strbuf_resize(strbuf_t *s, size_t len)
165	{	161	{
166	int newsize;	162	size_t newsize;
167		163
168	newsize = calculate_new_size(s, len);	164	newsize = calculate_new_size(s, len);
169		165
170	if (s->debug > 1) {	166	if (s->debug > 1) {
171	fprintf(stderr, "strbuf(%lx) resize: %d => %d\n",	167	fprintf(stderr, "strbuf(%lx) resize: %zd => %zd\n",
172	(long)s, s->size, newsize);	168	(long)s, s->size, newsize);
173	}	169	}
174		170
175	s->size = newsize;	171	s->size = newsize;
176	s->buf = realloc(s->buf, s->size);	172	s->buf = realloc(s->buf, s->size);
177	if (!s->buf)	173	if (!s->buf)
178	die("Out of memory");	174	die("Out of memory, len: %zu", len);
179	s->reallocs++;	175	s->reallocs++;
180	}	176	}
181		177
182	void strbuf_append_string(strbuf_t s, const char str)	178	void strbuf_append_string(strbuf_t s, const char str)
183	{	179	{
184	int space, i;	180	int i;
		181	size_t space;
185		182
186	space = strbuf_empty_length(s);	183	space = strbuf_empty_length(s);
187		184
@@ -197,55 +194,6 @@ void strbuf_append_string(strbuf_t s, const char str)
197	}	194	}
198	}	195	}
199		196
200	/* strbuf_append_fmt() should only be used when an upper bound
201	* is known for the output string. */
202	void strbuf_append_fmt(strbuf_t s, int len, const char fmt, ...)
203	{
204	va_list arg;
205	int fmt_len;
206
207	strbuf_ensure_empty_length(s, len);
208
209	va_start(arg, fmt);
210	fmt_len = vsnprintf(s->buf + s->length, len, fmt, arg);
211	va_end(arg);
212
213	if (fmt_len < 0)
214	die("BUG: Unable to convert number"); /* This should never happen.. */
215
216	s->length += fmt_len;
217	}
218
219	/* strbuf_append_fmt_retry() can be used when the there is no known
220	* upper bound for the output string. */
221	void strbuf_append_fmt_retry(strbuf_t s, const char fmt, ...)
222	{
223	va_list arg;
224	int fmt_len, try;
225	int empty_len;
226
227	/* If the first attempt to append fails, resize the buffer appropriately
228	* and try again */
229	for (try = 0; ; try++) {
230	va_start(arg, fmt);
231	/* Append the new formatted string */
232	/* fmt_len is the length of the string required, excluding the
233	* trailing NULL */
234	empty_len = strbuf_empty_length(s);
235	/* Add 1 since there is also space to store the terminating NULL. */
236	fmt_len = vsnprintf(s->buf + s->length, empty_len + 1, fmt, arg);
237	va_end(arg);
238
239	if (fmt_len <= empty_len)
240	break; /* SUCCESS */
241	if (try > 0)
242	die("BUG: length of formatted string changed");
243
244	strbuf_resize(s, s->length + fmt_len);
245	}
246
247	s->length += fmt_len;
248	}
249		197
250	/* vi:ai et sw=4 ts=4:	198	/* vi:ai et sw=4 ts=4:
251	*/	199	*/


diff --git a/strbuf.h b/strbuf.h index a98ee22..d77e0f4 100644 --- a/strbuf.h +++ b/strbuf.h
@@ -32,15 +32,13 @@
32		32
33	/* Size: Total bytes allocated to *buf	33	/* Size: Total bytes allocated to *buf
34	* Length: String length, excluding optional NULL terminator.	34	* Length: String length, excluding optional NULL terminator.
35	* Increment: Allocation increments when resizing the string buffer.
36	* Dynamic: True if created via strbuf_new()	35	* Dynamic: True if created via strbuf_new()
37	*/	36	*/
38		37
39	typedef struct {	38	typedef struct {
40	char *buf;	39	char *buf;
41	int size;	40	size_t size;
42	int length;	41	size_t length;
43	int increment;
44	int dynamic;	42	int dynamic;
45	int reallocs;	43	int reallocs;
46	int debug;	44	int debug;
@@ -49,33 +47,27 @@ typedef struct {
49	#ifndef STRBUF_DEFAULT_SIZE	47	#ifndef STRBUF_DEFAULT_SIZE
50	#define STRBUF_DEFAULT_SIZE 1023	48	#define STRBUF_DEFAULT_SIZE 1023
51	#endif	49	#endif
52	#ifndef STRBUF_DEFAULT_INCREMENT
53	#define STRBUF_DEFAULT_INCREMENT -2
54	#endif
55		50
56	/* Initialise */	51	/* Initialise */
57	extern strbuf_t *strbuf_new(int len);	52	extern strbuf_t *strbuf_new(size_t len);
58	extern void strbuf_init(strbuf_t *s, int len);	53	extern void strbuf_init(strbuf_t *s, size_t len);
59	extern void strbuf_set_increment(strbuf_t *s, int increment);
60		54
61	/* Release */	55	/* Release */
62	extern void strbuf_free(strbuf_t *s);	56	extern void strbuf_free(strbuf_t *s);
63	extern char strbuf_free_to_string(strbuf_t s, int *len);	57	extern char strbuf_free_to_string(strbuf_t s, size_t *len);
64		58
65	/* Management */	59	/* Management */
66	extern void strbuf_resize(strbuf_t *s, int len);	60	extern void strbuf_resize(strbuf_t *s, size_t len);
67	static int strbuf_empty_length(strbuf_t *s);	61	static size_t strbuf_empty_length(strbuf_t *s);
68	static int strbuf_length(strbuf_t *s);	62	static size_t strbuf_length(strbuf_t *s);
69	static char strbuf_string(strbuf_t s, int *len);	63	static char strbuf_string(strbuf_t s, size_t *len);
70	static void strbuf_ensure_empty_length(strbuf_t *s, int len);	64	static void strbuf_ensure_empty_length(strbuf_t *s, size_t len);
71	static char strbuf_empty_ptr(strbuf_t s);	65	static char strbuf_empty_ptr(strbuf_t s);
72	static void strbuf_extend_length(strbuf_t *s, int len);	66	static void strbuf_extend_length(strbuf_t *s, size_t len);
73	static void strbuf_set_length(strbuf_t *s, int len);	67	static void strbuf_set_length(strbuf_t *s, int len);
74		68
75	/* Update */	69	/* Update */
76	extern void strbuf_append_fmt(strbuf_t s, int len, const char fmt, ...);	70	static void strbuf_append_mem(strbuf_t s, const char c, size_t len);
77	extern void strbuf_append_fmt_retry(strbuf_t s, const char format, ...);
78	static void strbuf_append_mem(strbuf_t s, const char c, int len);
79	extern void strbuf_append_string(strbuf_t s, const char str);	71	extern void strbuf_append_string(strbuf_t s, const char str);
80	static void strbuf_append_char(strbuf_t *s, const char c);	72	static void strbuf_append_char(strbuf_t *s, const char c);
81	static void strbuf_ensure_null(strbuf_t *s);	73	static void strbuf_ensure_null(strbuf_t *s);
@@ -93,12 +85,12 @@ static inline int strbuf_allocated(strbuf_t *s)
93		85
94	/* Return bytes remaining in the string buffer	86	/* Return bytes remaining in the string buffer
95	* Ensure there is space for a NULL terminator. */	87	* Ensure there is space for a NULL terminator. */
96	static inline int strbuf_empty_length(strbuf_t *s)	88	static inline size_t strbuf_empty_length(strbuf_t *s)
97	{	89	{
98	return s->size - s->length - 1;	90	return s->size - s->length - 1;
99	}	91	}
100		92
101	static inline void strbuf_ensure_empty_length(strbuf_t *s, int len)	93	static inline void strbuf_ensure_empty_length(strbuf_t *s, size_t len)
102	{	94	{
103	if (len > strbuf_empty_length(s))	95	if (len > strbuf_empty_length(s))
104	strbuf_resize(s, s->length + len);	96	strbuf_resize(s, s->length + len);
@@ -114,12 +106,12 @@ static inline void strbuf_set_length(strbuf_t *s, int len)
114	s->length = len;	106	s->length = len;
115	}	107	}
116		108
117	static inline void strbuf_extend_length(strbuf_t *s, int len)	109	static inline void strbuf_extend_length(strbuf_t *s, size_t len)
118	{	110	{
119	s->length += len;	111	s->length += len;
120	}	112	}
121		113
122	static inline int strbuf_length(strbuf_t *s)	114	static inline size_t strbuf_length(strbuf_t *s)
123	{	115	{
124	return s->length;	116	return s->length;
125	}	117	}
@@ -135,14 +127,14 @@ static inline void strbuf_append_char_unsafe(strbuf_t *s, const char c)
135	s->buf[s->length++] = c;	127	s->buf[s->length++] = c;
136	}	128	}
137		129
138	static inline void strbuf_append_mem(strbuf_t s, const char c, int len)	130	static inline void strbuf_append_mem(strbuf_t s, const char c, size_t len)
139	{	131	{
140	strbuf_ensure_empty_length(s, len);	132	strbuf_ensure_empty_length(s, len);
141	memcpy(s->buf + s->length, c, len);	133	memcpy(s->buf + s->length, c, len);
142	s->length += len;	134	s->length += len;
143	}	135	}
144		136
145	static inline void strbuf_append_mem_unsafe(strbuf_t s, const char c, int len)	137	static inline void strbuf_append_mem_unsafe(strbuf_t s, const char c, size_t len)
146	{	138	{
147	memcpy(s->buf + s->length, c, len);	139	memcpy(s->buf + s->length, c, len);
148	s->length += len;	140	s->length += len;
@@ -153,7 +145,7 @@ static inline void strbuf_ensure_null(strbuf_t *s)
153	s->buf[s->length] = 0;	145	s->buf[s->length] = 0;
154	}	146	}
155		147
156	static inline char strbuf_string(strbuf_t s, int *len)	148	static inline char strbuf_string(strbuf_t s, size_t *len)
157	{	149	{
158	if (len)	150	if (len)
159	*len = s->length;	151	*len = s->length;