projects / exim.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
A minor code clean-up and a comment fix for the CSA patch arising
[exim.git] / src / src / string.c
CommitLineData
0d7eb84a 1/* $Cambridge: exim/src/src/string.c,v 1.4 2005/06/07 15:20:56 ph10 Exp $ */
059ec3d9
PH		 2
3/*************************************************
4* Exim - an Internet mail transport agent *
5*************************************************/
6
c988f1f4 7/* Copyright (c) University of Cambridge 1995 - 2005 */
059ec3d9
PH		 8/* See the file NOTICE for conditions of use and distribution. */
9
10/* Miscellaneous string-handling functions. Some are not required for
11utilities and tests, and are cut out by the COMPILE_UTILITY macro. */
12
13
14#include "exim.h"
15
16
17#ifndef COMPILE_UTILITY
18/*************************************************
19* Test for IP address *
20*************************************************/
21
22/* This used just to be a regular expression, but with IPv6 things are a bit
23more complicated. If the address contains a colon, it is assumed to be a v6
24address (assuming HAVE_IPV6 is set). If a mask is permitted and one is present,
25and maskptr is not NULL, its offset is placed there.
26
27Arguments:
28 s a string
29 maskptr NULL if no mask is permitted to follow
30 otherwise, points to an int where the offset of '/' is placed
31
32Returns: 0 if the string is not a textual representation of an IP address
33 4 if it is an IPv4 address
34 6 if it is an IPv6 address
35*/
36
37int
38string_is_ip_address(uschar *s, int *maskptr)
39{
40int i;
41int yield = 4;
42
43/* If an optional mask is permitted, check for it. If found, pass back the
44offset. */
45
46if (maskptr != NULL)
47 {
48 uschar *ss = s + Ustrlen(s);
49 *maskptr = 0;
50 if (s != ss && isdigit(*(--ss)))
51 {
52 while (ss > s && isdigit(ss[-1])) ss--;
53 if (ss > s && *(--ss) == '/') *maskptr = ss - s;
54 }
55 }
56
57/* A colon anywhere in the string => IPv6 address */
58
59if (Ustrchr(s, ':') != NULL)
60 {
61 BOOL had_double_colon = FALSE;
62 BOOL v4end = FALSE;
63 int count = 0;
64
65 yield = 6;
66
67 /* An IPv6 address must start with hex digit or double colon. A single
68 colon is invalid. */
69
70 if (*s == ':' && *(++s) != ':') return 0;
71
72 /* Now read up to 8 components consisting of up to 4 hex digits each. There
73 may be one and only one appearance of double colon, which implies any number
74 of binary zero bits. The number of preceding components is held in count. */
75
76 for (count = 0; count < 8; count++)
77 {
78 /* If the end of the string is reached before reading 8 components, the
79 address is valid provided a double colon has been read. This also applies
80 if we hit the / that introduces a mask or the % that introduces the
81 interface specifier (scope id) of a link-local address. */
82
83 if (*s == 0 || *s == '%' || *s == '/') return had_double_colon? yield : 0;
84
85 /* If a component starts with an additional colon, we have hit a double
86 colon. This is permitted to appear once only, and counts as at least
87 one component. The final component may be of this form. */
88
89 if (*s == ':')
90 {
91 if (had_double_colon) return 0;
92 had_double_colon = TRUE;
93 s++;
94 continue;
95 }
96
97 /* If the remainder of the string contains a dot but no colons, we
98 can expect a trailing IPv4 address. This is valid if either there has
99 been no double-colon and this is the 7th component (with the IPv4 address
100 being the 7th & 8th components), OR if there has been a double-colon
101 and fewer than 6 components. */
102
103 if (Ustrchr(s, ':') == NULL && Ustrchr(s, '.') != NULL)
104 {
105 if ((!had_double_colon && count != 6) ||
106 (had_double_colon && count > 6)) return 0;
107 v4end = TRUE;
108 yield = 6;
109 break;
110 }
111
112 /* Check for at least one and not more than 4 hex digits for this
113 component. */
114
115 if (!isxdigit(*s++)) return 0;
116 if (isxdigit(*s) && isxdigit(*(++s)) && isxdigit(*(++s))) s++;
117
118 /* If the component is terminated by colon and there is more to
119 follow, skip over the colon. If there is no more to follow the address is
120 invalid. */
121
122 if (*s == ':' && *(++s) == 0) return 0;
123 }
124
125 /* If about to handle a trailing IPv4 address, drop through. Otherwise
126 all is well if we are at the end of the string or at the mask or at a percent
127 sign, which introduces the interface specifier (scope id) of a link local
128 address. */
129
130 if (!v4end) return (*s == 0 || *s == '%' || *s == '/')? yield : 0;
131 }
132
133/* Test for IPv4 address, which may be the tail-end of an IPv6 address. */
134
135for (i = 0; i < 4; i++)
136 {
137 if (i != 0 && *s++ != '.') return 0;
138 if (!isdigit(*s++)) return 0;
139 if (isdigit(*s) && isdigit(*(++s))) s++;
140 }
141
142return (*s == 0 || *s == '/')? yield : 0;
143}
144#endif /* COMPILE_UTILITY */
145
146
147/*************************************************
148* Format message size *
149*************************************************/
150
151/* Convert a message size in bytes to printing form, rounding
152according to the magnitude of the number. A value of zero causes
153a string of spaces to be returned.
154
155Arguments:
156 size the message size in bytes
157 buffer where to put the answer
158
159Returns: pointer to the buffer
160 a string of exactly 5 characters is normally returned
161*/
162
163uschar *
164string_format_size(int size, uschar *buffer)
165{
166if (size == 0) Ustrcpy(CS buffer, " ");
167else if (size < 1024) sprintf(CS buffer, "%5d", size);
168else if (size < 10*1024)
169 sprintf(CS buffer, "%4.1fK", (double)size / 1024.0);
170else if (size < 1024*1024)
171 sprintf(CS buffer, "%4dK", (size + 512)/1024);
172else if (size < 10*1024*1024)
173 sprintf(CS buffer, "%4.1fM", (double)size / (1024.0 * 1024.0));
174else
175 sprintf(CS buffer, "%4dM", (size + 512 * 1024)/(1024*1024));
176return buffer;
177}
178
179
180
181#ifndef COMPILE_UTILITY
182/*************************************************
183* Convert a number to base 62 format *
184*************************************************/
185
186/* Convert a long integer into an ASCII base 62 string. For Cygwin the value of
187BASE_62 is actually 36. Always return exactly 6 characters plus zero, in a
188static area.
189
190Argument: a long integer
191Returns: pointer to base 62 string
192*/
193
194uschar *
195string_base62(unsigned long int value)
196{
197static uschar yield[7];
198uschar *p = yield + sizeof(yield) - 1;
199*p = 0;
200while (p > yield)
201 {
202 *(--p) = base62_chars[value % BASE_62];
203 value /= BASE_62;
204 }
205return yield;
206}
207#endif /* COMPILE_UTILITY */
208
209
210
211#ifndef COMPILE_UTILITY
212/*************************************************
213* Interpret escape sequence *
214*************************************************/
215
216/* This function is called from several places where escape sequences are to be
217interpreted in strings.
218
219Arguments:
220 pp points a pointer to the initiating "\" in the string;
221 the pointer gets updated to point to the final character
222Returns: the value of the character escape
223*/
224
225int
226string_interpret_escape(uschar **pp)
227{
228int ch;
229uschar *p = *pp;
230ch = *(++p);
231if (isdigit(ch) && ch != '8' && ch != '9')
232 {
233 ch -= '0';
234 if (isdigit(p[1]) && p[1] != '8' && p[1] != '9')
235 {
236 ch = ch * 8 + *(++p) - '0';
237 if (isdigit(p[1]) && p[1] != '8' && p[1] != '9')
238 ch = ch * 8 + *(++p) - '0';
239 }
240 }
241else switch(ch)
242 {
243 case 'n': ch = '\n'; break;
244 case 'r': ch = '\r'; break;
245 case 't': ch = '\t'; break;
246 case 'x':
247 ch = 0;
248 if (isxdigit(p[1]))
249 {
250 ch = ch * 16 +
251 Ustrchr(hex_digits, tolower(*(++p))) - hex_digits;
252 if (isxdigit(p[1])) ch = ch * 16 +
253 Ustrchr(hex_digits, tolower(*(++p))) - hex_digits;
254 }
255 break;
256 }
257*pp = p;
258return ch;
259}
260#endif /* COMPILE_UTILITY */
261
262
263
264#ifndef COMPILE_UTILITY
265/*************************************************
266* Ensure string is printable *
267*************************************************/
268
269/* This function is called for critical strings. It checks for any
270non-printing characters, and if any are found, it makes a new copy
271of the string with suitable escape sequences. It is most often called by the
272macro string_printing(), which sets allow_tab TRUE.
273
274Arguments:
275 s the input string
276 allow_tab TRUE to allow tab as a printing character
277
278Returns: string with non-printers encoded as printing sequences
279*/
280
281uschar *
282string_printing2(uschar *s, BOOL allow_tab)
283{
284int nonprintcount = 0;
285int length = 0;
286uschar *t = s;
287uschar *ss, *tt;
288
289while (*t != 0)
290 {
291 int c = *t++;
292 if (!mac_isprint(c) || (!allow_tab && c == '\t')) nonprintcount++;
293 length++;
294 }
295
296if (nonprintcount == 0) return s;
297
298/* Get a new block of store guaranteed big enough to hold the
299expanded string. */
300
301ss = store_get(length + nonprintcount * 4 + 1);
302
303/* Copy everying, escaping non printers. */
304
305t = s;
306tt = ss;
307
308while (*t != 0)
309 {
310 int c = *t;
311 if (mac_isprint(c) && (allow_tab || c != '\t')) *tt++ = *t++; else
312 {
313 *tt++ = '\\';
314 switch (*t)
315 {
316 case '\n': *tt++ = 'n'; break;
317 case '\r': *tt++ = 'r'; break;
318 case '\b': *tt++ = 'b'; break;
319 case '\v': *tt++ = 'v'; break;
320 case '\f': *tt++ = 'f'; break;
321 case '\t': *tt++ = 't'; break;
322 default: sprintf(CS tt, "%03o", *t); tt += 3; break;
323 }
324 t++;
325 }
326 }
327*tt = 0;
328return ss;
329}
330#endif /* COMPILE_UTILITY */
331
332
333
334
335/*************************************************
336* Copy and save string *
337*************************************************/
338
339/* This function assumes that memcpy() is faster than strcpy().
340
341Argument: string to copy
342Returns: copy of string in new store
343*/
344
345uschar *
346string_copy(uschar *s)
347{
348int len = Ustrlen(s) + 1;
349uschar *ss = store_get(len);
350memcpy(ss, s, len);
351return ss;
352}
353
354
355
356/*************************************************
357* Copy and save string in malloc'd store *
358*************************************************/
359
360/* This function assumes that memcpy() is faster than strcpy().
361
362Argument: string to copy
363Returns: copy of string in new store
364*/
365
366uschar *
367string_copy_malloc(uschar *s)
368{
369int len = Ustrlen(s) + 1;
370uschar *ss = store_malloc(len);
371memcpy(ss, s, len);
372return ss;
373}
374
375
376
377/*************************************************
378* Copy, lowercase and save string *
379*************************************************/
380
381/*
382Argument: string to copy
383Returns: copy of string in new store, with letters lowercased
384*/
385
386uschar *
387string_copylc(uschar *s)
388{
389uschar *ss = store_get(Ustrlen(s) + 1);
390uschar *p = ss;
391while (*s != 0) *p++ = tolower(*s++);
392*p = 0;
393return ss;
394}
395
396
397
398/*************************************************
399* Copy and save string, given length *
400*************************************************/
401
402/* It is assumed the data contains no zeros. A zero is added
403onto the end.
404
405Arguments:
406 s string to copy
407 n number of characters
408
409Returns: copy of string in new store
410*/
411
412uschar *
413string_copyn(uschar *s, int n)
414{
415uschar *ss = store_get(n + 1);
416Ustrncpy(ss, s, n);
417ss[n] = 0;
418return ss;
419}
420
421
422/*************************************************
423* Copy, lowercase, and save string, given length *
424*************************************************/
425
426/* It is assumed the data contains no zeros. A zero is added
427onto the end.
428
429Arguments:
430 s string to copy
431 n number of characters
432
433Returns: copy of string in new store, with letters lowercased
434*/
435
436uschar *
437string_copynlc(uschar *s, int n)
438{
439uschar *ss = store_get(n + 1);
440uschar *p = ss;
441while (n-- > 0) *p++ = tolower(*s++);
442*p = 0;
443return ss;
444}
445
446
447
448/*************************************************
449* Copy returned DNS domain name, de-escaping *
450*************************************************/
451
452/* If a domain name contains top-bit characters, some resolvers return
453the fully qualified name with those characters turned into escapes. The
454convention is a backslash followed by _decimal_ digits. We convert these
455back into the original binary values. This will be relevant when
456allow_utf8_domains is set true and UTF-8 characters are used in domain
457names. Backslash can also be used to escape other characters, though we
458shouldn't come across them in domain names.
459
460Argument: the domain name string
461Returns: copy of string in new store, de-escaped
462*/
463
464uschar *
465string_copy_dnsdomain(uschar *s)
466{
467uschar *yield;
468uschar *ss = yield = store_get(Ustrlen(s) + 1);
469
470while (*s != 0)
471 {
472 if (*s != '\\')
473 {
474 *ss++ = *s++;
475 }
476 else if (isdigit(s[1]))
477 {
478 *ss++ = (s[1] - '0')*100 + (s[2] - '0')*10 + s[3] - '0';
479 s += 4;
480 }
481 else if (*(++s) != 0)
482 {
483 *ss++ = *s++;
484 }
485 }
486
487*ss = 0;
488return yield;
489}
490
491
492#ifndef COMPILE_UTILITY
493/*************************************************
494* Copy space-terminated or quoted string *
495*************************************************/
496
497/* This function copies from a string until its end, or until whitespace is
498encountered, unless the string begins with a double quote, in which case the
499terminating quote is sought, and escaping within the string is done. The length
500of a de-quoted string can be no longer than the original, since escaping always
501turns n characters into 1 character.
502
503Argument: pointer to the pointer to the first character, which gets updated
504Returns: the new string
505*/
506
507uschar *
508string_dequote(uschar **sptr)
509{
510uschar *s = *sptr;
511uschar *t, *yield;
512
513/* First find the end of the string */
514
515if (*s != '\"')
516 {
517 while (*s != 0 && !isspace(*s)) s++;
518 }
519else
520 {
521 s++;
522 while (*s != 0 && *s != '\"')
523 {
524 if (*s == '\\') (void)string_interpret_escape(&s);
525 s++;
526 }
527 if (*s != 0) s++;
528 }
529
530/* Get enough store to copy into */
531
532t = yield = store_get(s - *sptr + 1);
533s = *sptr;
534
535/* Do the copy */
536
537if (*s != '\"')
538 {
539 while (*s != 0 && !isspace(*s)) *t++ = *s++;
540 }
541else
542 {
543 s++;
544 while (*s != 0 && *s != '\"')
545 {
546 if (*s == '\\') *t++ = string_interpret_escape(&s);
547 else *t++ = *s;
548 s++;
549 }
550 if (*s != 0) s++;
551 }
552
553/* Update the pointer and return the terminated copy */
554
555*sptr = s;
556*t = 0;
557return yield;
558}
559#endif /* COMPILE_UTILITY */
560
561
562
563/*************************************************
564* Format a string and save it *
565*************************************************/
566
567/* The formatting is done by string_format, which checks the length of
568everything.
569
570Arguments:
571 format a printf() format - deliberately char * rather than uschar *
572 because it will most usually be a literal string
573 ... arguments for format
574
575Returns: pointer to fresh piece of store containing sprintf'ed string
576*/
577
578uschar *
579string_sprintf(char *format, ...)
580{
581va_list ap;
582uschar buffer[STRING_SPRINTF_BUFFER_SIZE];
583va_start(ap, format);
584if (!string_vformat(buffer, sizeof(buffer), format, ap))
585 log_write(0, LOG_MAIN|LOG_PANIC_DIE,
586 "string_sprintf expansion was longer than %d", sizeof(buffer));
587va_end(ap);
588return string_copy(buffer);
589}
590
591
592
593/*************************************************
594* Case-independent strncmp() function *
595*************************************************/
596
597/*
598Arguments:
599 s first string
600 t second string
601 n number of characters to compare
602
603Returns: < 0, = 0, or > 0, according to the comparison
604*/
605
606int
607strncmpic(uschar *s, uschar *t, int n)
608{
609while (n--)
610 {
611 int c = tolower(*s++) - tolower(*t++);
612 if (c) return c;
613 }
614return 0;
615}
616
617
618/*************************************************
619* Case-independent strcmp() function *
620*************************************************/
621
622/*
623Arguments:
624 s first string
625 t second string
626
627Returns: < 0, = 0, or > 0, according to the comparison
628*/
629
630int
631strcmpic(uschar *s, uschar *t)
632{
633while (*s != 0)
634 {
635 int c = tolower(*s++) - tolower(*t++);
636 if (c != 0) return c;
637 }
638return *t;
639}
640
641
642/*************************************************
643* Case-independent strstr() function *
644*************************************************/
645
646/* The third argument specifies whether whitespace is required
647to follow the matched string.
648
649Arguments:
650 s string to search
651 t substring to search for
652 space_follows if TRUE, match only if whitespace follows
653
654Returns: pointer to substring in string, or NULL if not found
655*/
656
657uschar *
658strstric(uschar *s, uschar *t, BOOL space_follows)
659{
660uschar *p = t;
661uschar *yield = NULL;
662int cl = tolower(*p);
663int cu = toupper(*p);
664
665while (*s)
666 {
667 if (*s == cl || *s == cu)
668 {
669 if (yield == NULL) yield = s;
670 if (*(++p) == 0)
671 {
672 if (!space_follows || s[1] == ' ' || s[1] == '\n' ) return yield;
673 yield = NULL;
674 p = t;
675 }
676 cl = tolower(*p);
677 cu = toupper(*p);
678 s++;
679 }
680 else if (yield != NULL)
681 {
682 yield = NULL;
683 p = t;
684 cl = tolower(*p);
685 cu = toupper(*p);
686 }
687 else s++;
688 }
689return NULL;
690}
691
692
693
694#ifndef COMPILE_UTILITY
695/*************************************************
696* Get next string from separated list *
697*************************************************/
698
699/* Leading and trailing space is removed from each item. The separator in the
700list is controlled by the int pointed to by the separator argument as follows:
701
702 If its value is > 0 it is used as the delimiter.
703 (If its value is actually > UCHAR_MAX there is only one item in the list.
704 This is used for some cases when called via functions that sometimes
705 plough through lists, and sometimes are given single items.)
706 If its value is <= 0, the string is inspected for a leading <x, where
707 x is an ispunct() value. If found, it is used as the delimiter. If not
708 found: (a) if separator == 0, ':' is used
709 (b) if separator <0, then -separator is used
710 In all cases the value of the separator that is used is written back to
711 the int so that it is used on subsequent calls as we progress through
712 the list.
713
714The separator can always be represented in the string by doubling.
715
716Arguments:
717 listptr points to a pointer to the current start of the list; the
718 pointer gets updated to point after the end of the next item
719 separator a pointer to the separator character in an int (see above)
720 buffer where to put a copy of the next string in the list; or
721 NULL if the next string is returned in new memory
722 buflen when buffer is not NULL, the size of buffer; otherwise ignored
723
724Returns: pointer to buffer, containing the next substring,
725 or NULL if no more substrings
726*/
727
728uschar *
729string_nextinlist(uschar **listptr, int *separator, uschar *buffer, int buflen)
730{
731register int p = 0;
732register int sep = *separator;
733register uschar *s = *listptr;
734
735if (s == NULL) return NULL;
736while (isspace(*s)) s++;
737
738if (sep <= 0)
739 {
740 if (*s == '<' && ispunct(s[1]))
741 {
742 sep = s[1];
743 s += 2;
744 while (isspace(*s)) s++;
745 }
746 else
747 {
748 sep = (sep == 0)? ':' : -sep;
749 }
750 *separator = sep;
751 }
752
753if (*s == 0) return NULL;
754
755/* Handle the case when a buffer is provided. */
756
757if (buffer != NULL)
758 {
759 for (; *s != 0; s++)
760 {
761 if (*s == sep && *(++s) != sep) break;
762 if (p < buflen - 1) buffer[p++] = *s;
763 }
764 while (p > 0 && isspace(buffer[p-1])) p--;
765 buffer[p] = 0;
766 }
767
768/* Handle the case when a buffer is not provided. */
769
770else
771 {
772 /* We know that *s != 0 at this point. However, it might be pointing to a
773 separator, which could indicate an empty string, or could be doubled to
774 indicate a separator character as data at the start of a string. */
775
776 if (*s == sep)
777 {
778 s++;
779 if (*s != sep) buffer = string_copy(US"");
780 }
781
782 if (buffer == NULL)
783 {
784 int size = 0;
785 int ptr = 0;
786 uschar *ss;
787 for (;;)
788 {
789 for (ss = s + 1; *ss != 0 && *ss != sep; ss++);
790 buffer = string_cat(buffer, &size, &ptr, s, ss-s);
791 s = ss;
792 if (*s == 0 || *(++s) != sep) break;
793 }
794 while (ptr > 0 && isspace(buffer[ptr-1])) ptr--;
795 buffer[ptr] = 0;
796 }
797 }
798
799/* Update the current pointer and return the new string */
800
801*listptr = s;
802return buffer;
803}
804#endif /* COMPILE_UTILITY */
805
806
807
808#ifndef COMPILE_UTILITY
809/*************************************************
810* Add chars to string *
811*************************************************/
812
813/* This function is used when building up strings of unknown length. Room is
814always left for a terminating zero to be added to the string that is being
815built. This function does not require the string that is being added to be NUL
816terminated, because the number of characters to add is given explicitly. It is
817sometimes called to extract parts of other strings.
818
819Arguments:
820 string points to the start of the string that is being built, or NULL
821 if this is a new string that has no contents yet
822 size points to a variable that holds the current capacity of the memory
823 block (updated if changed)
824 ptr points to a variable that holds the offset at which to add
825 characters, updated to the new offset
826 s points to characters to add
827 count count of characters to add; must not exceed the length of s, if s
828 is a C string
829
830If string is given as NULL, *size and *ptr should both be zero.
831
832Returns: pointer to the start of the string, changed if copied for expansion.
833 Note that a NUL is not added, though space is left for one. This is
834 because string_cat() is often called multiple times to build up a
835 string - there's no point adding the NUL till the end.
836*/
837
838uschar *
839string_cat(uschar *string, int *size, int *ptr, const uschar *s, int count)
840{
841int p = *ptr;
842
843if (p + count >= *size)
844 {
845 int oldsize = *size;
846
847 /* Mostly, string_cat() is used to build small strings of a few hundred
848 characters at most. There are times, however, when the strings are very much
849 longer (for example, a lookup that returns a vast number of alias addresses).
850 To try to keep things reasonable, we use increments whose size depends on the
851 existing length of the string. */
852
853 int inc = (oldsize < 4096)? 100 : 1024;
854 while (*size <= p + count) *size += inc;
855
856 /* New string */
857
858 if (string == NULL) string = store_get(*size);
859
860 /* Try to extend an existing allocation. If the result of calling
861 store_extend() is false, either there isn't room in the current memory block,
862 or this string is not the top item on the dynamic store stack. We then have
863 to get a new chunk of store and copy the old string. When building large
864 strings, it is helpful to call store_release() on the old string, to release
865 memory blocks that have become empty. (The block will be freed if the string
866 is at its start.) However, we can do this only if we know that the old string
867 was the last item on the dynamic memory stack. This is the case if it matches
868 store_last_get. */
869
870 else if (!store_extend(string, oldsize, *size))
871 {
872 BOOL release_ok = store_last_get[store_pool] == string;
873 uschar *newstring = store_get(*size);
874 memcpy(newstring, string, p);
875 if (release_ok) store_release(string);
876 string = newstring;
877 }
878 }
879
880/* Because we always specify the exact number of characters to copy, we can
881use memcpy(), which is likely to be more efficient than strncopy() because the
882latter has to check for zero bytes. */
883
884memcpy(string + p, s, count);
885*ptr = p + count;
886return string;
887}
888#endif /* COMPILE_UTILITY */
889
890
891
892#ifndef COMPILE_UTILITY
893/*************************************************
894* Append strings to another string *
895*************************************************/
896
897/* This function can be used to build a string from many other strings.
898It calls string_cat() to do the dirty work.
899
900Arguments:
901 string points to the start of the string that is being built, or NULL
902 if this is a new string that has no contents yet
903 size points to a variable that holds the current capacity of the memory
904 block (updated if changed)
905 ptr points to a variable that holds the offset at which to add
906 characters, updated to the new offset
907 count the number of strings to append
908 ... "count" uschar* arguments, which must be valid zero-terminated
909 C strings
910
911Returns: pointer to the start of the string, changed if copied for expansion.
912 The string is not zero-terminated - see string_cat() above.
913*/
914
915uschar *
916string_append(uschar *string, int *size, int *ptr, int count, ...)
917{
918va_list ap;
919int i;
920
921va_start(ap, count);
922for (i = 0; i < count; i++)
923 {
924 uschar *t = va_arg(ap, uschar *);
925 string = string_cat(string, size, ptr, t, Ustrlen(t));
926 }
927va_end(ap);
928
929return string;
930}
931#endif
932
933
934
935/*************************************************
936* Format a string with length checks *
937*************************************************/
938
939/* This function is used to format a string with checking of the length of the
940output for all conversions. It protects Exim from absent-mindedness when
941calling functions like debug_printf and string_sprintf, and elsewhere. There
942are two different entry points to what is actually the same function, depending
943on whether the variable length list of data arguments are given explicitly or
944as a va_list item.
945
946The formats are the usual printf() ones, with some omissions (never used) and
0d7eb84a
PH		 947two additions for strings: %S forces lower case, and %#s or %#S prints nothing
948for a NULL string. Without the # "NULL" is printed (useful in debugging). There
949is also the addition of %D, which inserts the date in the form used for
059ec3d9
PH		 950datestamped log files.
951
952Arguments:
953 buffer a buffer in which to put the formatted string
954 buflen the length of the buffer
955 format the format string - deliberately char * and not uschar *
956 ... or ap variable list of supplementary arguments
957
958Returns: TRUE if the result fitted in the buffer
959*/
960
961BOOL
962string_format(uschar *buffer, int buflen, char *format, ...)
963{
964BOOL yield;
965va_list ap;
966va_start(ap, format);
967yield = string_vformat(buffer, buflen, format, ap);
968va_end(ap);
969return yield;
970}
971
972
973BOOL
974string_vformat(uschar *buffer, int buflen, char *format, va_list ap)
975{
976BOOL yield = TRUE;
977int width, precision;
978char *fp = format; /* Deliberately not unsigned */
979uschar *p = buffer;
980uschar *last = buffer + buflen - 1;
981
982string_datestamp_offset = -1; /* Datestamp not inserted */
983
984/* Scan the format and handle the insertions */
985
986while (*fp != 0)
987 {
988 int *nptr;
989 int slen;
990 char *null = "NULL"; /* ) These variables */
991 char *item_start, *s; /* ) are deliberately */
992 char newformat[16]; /* ) not unsigned */
993
994 /* Non-% characters just get copied verbatim */
995
996 if (*fp != '%')
997 {
998 if (p >= last) { yield = FALSE; break; }
999 *p++ = (uschar)*fp++;
1000 continue;
1001 }
1002
1003 /* Deal with % characters. Pick off the width and precision, for checking
1004 strings, skipping over the flag and modifier characters. */
1005
1006 item_start = fp;
1007 width = precision = -1;
1008
1009 if (strchr("-+ #0", *(++fp)) != NULL)
1010 {
1011 if (*fp == '#') null = "";
1012 fp++;
1013 }
1014
1015 if (isdigit((uschar)*fp))
1016 {
1017 width = *fp++ - '0';
1018 while (isdigit((uschar)*fp)) width = width * 10 + *fp++ - '0';
1019 }
1020 else if (*fp == '*')
1021 {
1022 width = va_arg(ap, int);
1023 fp++;
1024 }
1025
1026 if (*fp == '.')
1027 {
1028 if (*(++fp) == '*')
1029 {
1030 precision = va_arg(ap, int);
1031 fp++;
1032 }
1033 else
1034 {
1035 precision = 0;
1036 while (isdigit((uschar)*fp))
1037 precision = precision*10 + *fp++ - '0';
1038 }
1039 }
1040
1041 if (strchr("hlL", *fp) != NULL) fp++;
1042
1043 /* Handle each specific format type. */
1044
1045 switch (*fp++)
1046 {
1047 case 'n':
1048 nptr = va_arg(ap, int *);
1049 *nptr = p - buffer;
1050 break;
1051
1052 case 'd':
1053 case 'o':
1054 case 'u':
1055 case 'x':
1056 case 'X':
1057 if (p >= last - 12) { yield = FALSE; goto END_FORMAT; }
1058 strncpy(newformat, item_start, fp - item_start);
1059 newformat[fp - item_start] = 0;
1060 sprintf(CS p, newformat, va_arg(ap, int));
1061 while (*p) p++;
1062 break;
1063
1064 case 'p':
1065 if (p >= last - 24) { yield = FALSE; goto END_FORMAT; }
1066 strncpy(newformat, item_start, fp - item_start);
1067 newformat[fp - item_start] = 0;
1068 sprintf(CS p, newformat, va_arg(ap, void *));
1069 while (*p) p++;
1070 break;
1071
1072 /* %f format is inherently insecure if the numbers that it may be
870f6ba8
TF		 1073 handed are unknown (e.g. 1e300). However, in Exim, %f is used for
1074 printing load averages, and these are actually stored as integers
1075 (load average * 1000) so the size of the numbers is constrained.
1076 It is also used for formatting sending rates, where the simplicity
1077 of the format prevents overflow. */
059ec3d9
PH		 1078
1079 case 'f':
1080 case 'e':
1081 case 'E':
1082 case 'g':
1083 case 'G':
1084 if (precision < 0) precision = 6;
1085 if (p >= last - precision - 8) { yield = FALSE; goto END_FORMAT; }
1086 strncpy(newformat, item_start, fp - item_start);
1087 newformat[fp-item_start] = 0;
1088 sprintf(CS p, newformat, va_arg(ap, double));
1089 while (*p) p++;
1090 break;
1091
1092 /* String types */
1093
1094 case '%':
1095 if (p >= last) { yield = FALSE; goto END_FORMAT; }
1096 *p++ = '%';
1097 break;
1098
1099 case 'c':
1100 if (p >= last) { yield = FALSE; goto END_FORMAT; }
1101 *p++ = va_arg(ap, int);
1102 break;
1103
1104 case 'D': /* Insert datestamp for log file names */
1105 s = CS tod_stamp(tod_log_datestamp);
1106 string_datestamp_offset = p - buffer; /* Passed back via global */
1107 goto INSERT_STRING;
1108
1109 case 's':
1110 case 'S': /* Forces *lower* case */
1111 s = va_arg(ap, char *);
1112
1113 INSERT_STRING: /* Come to from %D above */
1114 if (s == NULL) s = null;
1115 slen = Ustrlen(s);
1116
1117 /* If the width is specified, check that there is a precision
1118 set; if not, set it to the width to prevent overruns of long
1119 strings. */
1120
1121 if (width >= 0)
1122 {
1123 if (precision < 0) precision = width;
1124 }
1125
1126 /* If a width is not specified and the precision is specified, set
1127 the width to the precision, or the string length if shorted. */
1128
1129 else if (precision >= 0)
1130 {
1131 width = (precision < slen)? precision : slen;
1132 }
1133
1134 /* If neither are specified, set them both to the string length. */
1135
1136 else width = precision = slen;
1137
1138 /* Check string space, and add the string to the buffer if ok. If
1139 not OK, add part of the string (debugging uses this to show as
1140 much as possible). */
1141
1142 if (p >= last - width)
1143 {
1144 yield = FALSE;
1145 width = precision = last - p - 1;
1146 }
1147 sprintf(CS p, "%*.*s", width, precision, s);
1148 if (fp[-1] == 'S')
1149 while (*p) { *p = tolower(*p); p++; }
1150 else
1151 while (*p) p++;
1152 if (!yield) goto END_FORMAT;
1153 break;
1154
1155 /* Some things are never used in Exim; also catches junk. */
1156
1157 default:
1158 strncpy(newformat, item_start, fp - item_start);
1159 newformat[fp-item_start] = 0;
1160 log_write(0, LOG_MAIN|LOG_PANIC_DIE, "string_format: unsupported type "
1161 "in \"%s\" in \"%s\"", newformat, format);
1162 break;
1163 }
1164 }
1165
1166/* Ensure string is complete; return TRUE if got to the end of the format */
1167
1168END_FORMAT:
1169
1170*p = 0;
1171return yield;
1172}
1173
1174
1175
1176#ifndef COMPILE_UTILITY
1177/*************************************************
1178* Generate an "open failed" message *
1179*************************************************/
1180
1181/* This function creates a message after failure to open a file. It includes a
1182string supplied as data, adds the strerror() text, and if the failure was
1183"Permission denied", reads and includes the euid and egid.
1184
1185Arguments:
1186 eno the value of errno after the failure
1187 format a text format string - deliberately not uschar *
1188 ... arguments for the format string
1189
1190Returns: a message, in dynamic store
1191*/
1192
1193uschar *
1194string_open_failed(int eno, char *format, ...)
1195{
1196va_list ap;
1197uschar buffer[1024];
1198
1199Ustrcpy(buffer, "failed to open ");
1200va_start(ap, format);
1201
1202/* Use the checked formatting routine to ensure that the buffer
1203does not overflow. It should not, since this is called only for internally
1204specified messages. If it does, the message just gets truncated, and there
1205doesn't seem much we can do about that. */
1206
1207(void)string_vformat(buffer+15, sizeof(buffer) - 15, format, ap);
1208
1209return (eno == EACCES)?
1210 string_sprintf("%s: %s (euid=%ld egid=%ld)", buffer, strerror(eno),
1211 (long int)geteuid(), (long int)getegid()) :
1212 string_sprintf("%s: %s", buffer, strerror(eno));
1213}
1214#endif /* COMPILE_UTILITY */
1215
1216
1217
1218#ifndef COMPILE_UTILITY
1219/*************************************************
1220* Generate local prt for logging *
1221*************************************************/
1222
1223/* This function is a subroutine for use in string_log_address() below.
1224
1225Arguments:
1226 addr the address being logged
1227 yield the current dynamic buffer pointer
1228 sizeptr points to current size
1229 ptrptr points to current insert pointer
1230
1231Returns: the new value of the buffer pointer
1232*/
1233
1234static uschar *
1235string_get_localpart(address_item *addr, uschar *yield, int *sizeptr,
1236 int *ptrptr)
1237{
1238if (testflag(addr, af_include_affixes) && addr->prefix != NULL)
1239 yield = string_cat(yield, sizeptr, ptrptr, addr->prefix,
1240 Ustrlen(addr->prefix));
1241yield = string_cat(yield, sizeptr, ptrptr, addr->local_part,
1242 Ustrlen(addr->local_part));
1243if (testflag(addr, af_include_affixes) && addr->suffix != NULL)
1244 yield = string_cat(yield, sizeptr, ptrptr, addr->suffix,
1245 Ustrlen(addr->suffix));
1246return yield;
1247}
1248
1249
1250/*************************************************
1251* Generate log address list *
1252*************************************************/
1253
1254/* This function generates a list consisting of an address and its parents, for
1255use in logging lines. For saved onetime aliased addresses, the onetime parent
1256field is used. If the address was delivered by a transport with rcpt_include_
1257affixes set, the af_include_affixes bit will be set in the address. In that
1258case, we include the affixes here too.
1259
1260Arguments:
1261 addr bottom (ultimate) address
1262 all_parents if TRUE, include all parents
1263 success TRUE for successful delivery
1264
1265Returns: a string in dynamic store
1266*/
1267
1268uschar *
1269string_log_address(address_item *addr, BOOL all_parents, BOOL success)
1270{
1271int size = 64;
1272int ptr = 0;
1273BOOL add_topaddr = TRUE;
1274uschar *yield = store_get(size);
1275address_item *topaddr;
1276
1277/* Find the ultimate parent */
1278
1279for (topaddr = addr; topaddr->parent != NULL; topaddr = topaddr->parent);
1280
1281/* We start with just the local part for pipe, file, and reply deliveries, and
1282for successful local deliveries from routers that have the log_as_local flag
1283set. File deliveries from filters can be specified as non-absolute paths in
1284cases where the transport is goin to complete the path. If there is an error
1285before this happens (expansion failure) the local part will not be updated, and
1286so won't necessarily look like a path. Add extra text for this case. */
1287
1288if (testflag(addr, af_pfr) ||
1289 (success &&
1290 addr->router != NULL && addr->router->log_as_local &&
1291 addr->transport != NULL && addr->transport->info->local))
1292 {
1293 if (testflag(addr, af_file) && addr->local_part[0] != '/')
1294 yield = string_cat(yield, &size, &ptr, CUS"save ", 5);
1295 yield = string_get_localpart(addr, yield, &size, &ptr);
1296 }
1297
1298/* Other deliveries start with the full address. It we have split it into local
1299part and domain, use those fields. Some early failures can happen before the
1300splitting is done; in those cases use the original field. */
1301
1302else
1303 {
1304 if (addr->local_part != NULL)
1305 {
1306 yield = string_get_localpart(addr, yield, &size, &ptr);
1307 yield = string_cat(yield, &size, &ptr, US"@", 1);
1308 yield = string_cat(yield, &size, &ptr, addr->domain,
1309 Ustrlen(addr->domain) );
1310 }
1311 else
1312 {
1313 yield = string_cat(yield, &size, &ptr, addr->address, Ustrlen(addr->address));
1314 }
1315 yield[ptr] = 0;
1316
1317 /* If the address we are going to print is the same as the top address,
1318 and all parents are not being included, don't add on the top address. First
1319 of all, do a caseless comparison; if this succeeds, do a caseful comparison
1320 on the local parts. */
1321
1322 if (strcmpic(yield, topaddr->address) == 0 &&
1323 Ustrncmp(yield, topaddr->address, Ustrchr(yield, '@') - yield) == 0 &&
1324 addr->onetime_parent == NULL &&
1325 (!all_parents || addr->parent == NULL || addr->parent == topaddr))
1326 add_topaddr = FALSE;
1327 }
1328
1329/* If all parents are requested, or this is a local pipe/file/reply, and
1330there is at least one intermediate parent, show it in brackets, and continue
1331with all of them if all are wanted. */
1332
1333if ((all_parents || testflag(addr, af_pfr)) &&
1334 addr->parent != NULL &&
1335 addr->parent != topaddr)
1336 {
1337 uschar *s = US" (";
1338 address_item *addr2;
1339 for (addr2 = addr->parent; addr2 != topaddr; addr2 = addr2->parent)
1340 {
1341 yield = string_cat(yield, &size, &ptr, s, 2);
1342 yield = string_cat(yield, &size, &ptr, addr2->address, Ustrlen(addr2->address));
1343 if (!all_parents) break;
1344 s = US", ";
1345 }
1346 yield = string_cat(yield, &size, &ptr, US")", 1);
1347 }
1348
1349/* Add the top address if it is required */
1350
1351if (add_topaddr)
1352 {
1353 yield = string_cat(yield, &size, &ptr, US" <", 2);
1354
1355 if (addr->onetime_parent == NULL)
1356 yield = string_cat(yield, &size, &ptr, topaddr->address,
1357 Ustrlen(topaddr->address));
1358 else
1359 yield = string_cat(yield, &size, &ptr, addr->onetime_parent,
1360 Ustrlen(addr->onetime_parent));
1361
1362 yield = string_cat(yield, &size, &ptr, US">", 1);
1363 }
1364
1365yield[ptr] = 0; /* string_cat() leaves space */
1366return yield;
1367}
1368#endif /* COMPILE_UTILITY */
1369
1370
1371
1372
1373
1374/*************************************************
1375**************************************************
1376* Stand-alone test program *
1377**************************************************
1378*************************************************/
1379
1380#ifdef STAND_ALONE
1381int main(void)
1382{
1383uschar buffer[256];
1384
1385printf("Testing is_ip_address\n");
1386
1387while (fgets(CS buffer, sizeof(buffer), stdin) != NULL)
1388 {
1389 int offset;
1390 buffer[Ustrlen(buffer) - 1] = 0;
1391 printf("%d\n", string_is_ip_address(buffer, NULL));
1392 printf("%d %d %s\n", string_is_ip_address(buffer, &offset), offset, buffer);
1393 }
1394
1395printf("Testing string_nextinlist\n");
1396
1397while (fgets(CS buffer, sizeof(buffer), stdin) != NULL)
1398 {
1399 uschar *list = buffer;
1400 uschar *lp1, *lp2;
1401 uschar item[256];
1402 int sep1 = 0;
1403 int sep2 = 0;
1404
1405 if (*list == '<')
1406 {
1407 sep1 = sep2 = list[1];
1408 list += 2;
1409 }
1410
1411 lp1 = lp2 = list;
1412 for (;;)
1413 {
1414 uschar *item1 = string_nextinlist(&lp1, &sep1, item, sizeof(item));
1415 uschar *item2 = string_nextinlist(&lp2, &sep2, NULL, 0);
1416
1417 if (item1 == NULL && item2 == NULL) break;
1418 if (item == NULL || item2 == NULL || Ustrcmp(item1, item2) != 0)
1419 {
1420 printf("***ERROR\nitem1=\"%s\"\nitem2=\"%s\"\n",
1421 (item1 == NULL)? "NULL" : CS item1,
1422 (item2 == NULL)? "NULL" : CS item2);
1423 break;
1424 }
1425 else printf(" \"%s\"\n", CS item1);
1426 }
1427 }
1428
1429/* This is a horrible lash-up, but it serves its purpose. */
1430
1431printf("Testing string_format\n");
1432
1433while (fgets(CS buffer, sizeof(buffer), stdin) != NULL)
1434 {
1435 void *args[3];
1436 double dargs[3];
1437 int dflag = 0;
1438 int n = 0;
1439 int count;
1440 int countset = 0;
1441 uschar format[256];
1442 uschar outbuf[256];
1443 uschar *s;
1444 buffer[Ustrlen(buffer) - 1] = 0;
1445
1446 s = Ustrchr(buffer, ',');
1447 if (s == NULL) s = buffer + Ustrlen(buffer);
1448
1449 Ustrncpy(format, buffer, s - buffer);
1450 format[s-buffer] = 0;
1451
1452 if (*s == ',') s++;
1453
1454 while (*s != 0)
1455 {
1456 uschar *ss = s;
1457 s = Ustrchr(ss, ',');
1458 if (s == NULL) s = ss + Ustrlen(ss);
1459
1460 if (isdigit(*ss))
1461 {
1462 Ustrncpy(outbuf, ss, s-ss);
1463 if (Ustrchr(outbuf, '.') != NULL)
1464 {
1465 dflag = 1;
1466 dargs[n++] = Ustrtod(outbuf, NULL);
1467 }
1468 else
1469 {
1470 args[n++] = (void *)Uatoi(outbuf);
1471 }
1472 }
1473
1474 else if (Ustrcmp(ss, "*") == 0)
1475 {
1476 args[n++] = (void *)(&count);
1477 countset = 1;
1478 }
1479
1480 else
1481 {
1482 uschar *sss = malloc(s - ss + 1);
1483 Ustrncpy(sss, ss, s-ss);
1484 args[n++] = sss;
1485 }
1486
1487 if (*s == ',') s++;
1488 }
1489
1490 if (!dflag) printf("%s\n", string_format(outbuf, sizeof(outbuf), CS format,
1491 args[0], args[1], args[2])? "True" : "False");
1492
1493 else printf("%s\n", string_format(outbuf, sizeof(outbuf), CS format,
1494 dargs[0], dargs[1], dargs[2])? "True" : "False");
1495
1496 printf("%s\n", CS outbuf);
1497 if (countset) printf("count=%d\n", count);
1498 }
1499
1500return 0;
1501}
1502#endif
1503
1504/* End of string.c */
Unnamed repository; edit this file 'description' to name the repository.