1 const char miscutil_rcs[] = "$Id: miscutil.c,v 1.50 2007/06/10 14:59:59 fabiankeil Exp $";
2 /*********************************************************************
4 * File : $Source: /cvsroot/ijbswa/current/miscutil.c,v $
6 * Purpose : zalloc, hash_string, safe_strerror, strcmpic,
7 * strncmpic, chomp, and MinGW32 strdup
9 * These are each too small to deserve their own file
10 * but don't really fit in any other file.
12 * Copyright : Written by and Copyright (C) 2001-2007
13 * the SourceForge Privoxy team. http://www.privoxy.org/
15 * Based on the Internet Junkbuster originally written
16 * by and Copyright (C) 1997 Anonymous Coders and
17 * Junkbusters Corporation. http://www.junkbusters.com
19 * The timegm replacement function was taken from GnuPG,
20 * Copyright (C) 2004 Free Software Foundation, Inc.
22 * The snprintf replacement function is written by
23 * Mark Martinec who also holds the copyright. It can be
24 * used under the terms of the GPL or the terms of the
25 * "Frontier Artistic License".
27 * This program is free software; you can redistribute it
28 * and/or modify it under the terms of the GNU General
29 * Public License as published by the Free Software
30 * Foundation; either version 2 of the License, or (at
31 * your option) any later version.
33 * This program is distributed in the hope that it will
34 * be useful, but WITHOUT ANY WARRANTY; without even the
35 * implied warranty of MERCHANTABILITY or FITNESS FOR A
36 * PARTICULAR PURPOSE. See the GNU General Public
37 * License for more details.
39 * The GNU General Public License should be included with
40 * this file. If not, you can view it at
41 * http://www.gnu.org/copyleft/gpl.html
42 * or write to the Free Software Foundation, Inc., 59
43 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
46 * $Log: miscutil.c,v $
47 * Revision 1.50 2007/06/10 14:59:59 fabiankeil
48 * Change replacement timegm() to better match our style, plug a small
49 * but guaranteed memory leak and fix "time zone breathing" on mingw32.
51 * Revision 1.49 2007/05/11 11:48:15 fabiankeil
52 * - Delete strsav() which was replaced
53 * by string_append() years ago.
54 * - Add a strlcat() look-alike.
55 * - Use strlcat() and strlcpy() in those parts
56 * of the code that are run on unixes.
58 * Revision 1.48 2007/04/09 17:48:51 fabiankeil
59 * Check for HAVE_SNPRINTF instead of __OS2__
60 * before including the portable snprintf() code.
62 * Revision 1.47 2007/03/17 11:52:15 fabiankeil
63 * - Use snprintf instead of sprintf.
64 * - Mention copyright for the replacement
65 * functions in the copyright header.
67 * Revision 1.46 2007/01/18 15:03:20 fabiankeil
68 * Don't include replacement timegm() if
69 * putenv() or tzset() isn't available.
71 * Revision 1.45 2006/12/26 17:31:41 fabiankeil
72 * Mutex protect rand() if POSIX threading
73 * is used, warn the user if that's not possible
74 * and stop using it on _WIN32 where it could
77 * Revision 1.44 2006/11/07 12:46:43 fabiankeil
78 * Silence compiler warning on NetBSD 3.1.
80 * Revision 1.43 2006/09/23 13:26:38 roro
81 * Replace TABs by spaces in source code.
83 * Revision 1.42 2006/09/09 14:01:45 fabiankeil
84 * Integrated Oliver Yeoh's domain pattern fix
85 * to make sure *x matches xx. Closes Patch 1217393
88 * Revision 1.41 2006/08/18 16:03:17 david__schmidt
89 * Tweak for OS/2 build happiness.
91 * Revision 1.40 2006/08/17 17:15:10 fabiankeil
92 * - Back to timegm() using GnuPG's replacement if necessary.
93 * Using mktime() and localtime() could add a on hour offset if
94 * the randomize factor was big enough to lead to a summer/wintertime
97 * - Removed now-useless Privoxy 3.0.3 compatibility glue.
99 * - Moved randomization code into pick_from_range().
101 * - Changed parse_header_time definition.
102 * time_t isn't guaranteed to be signed and
103 * if it isn't, -1 isn't available as error code.
104 * Changed some variable types in client_if_modified_since()
105 * because of the same reason.
107 * Revision 1.39 2006/07/18 14:48:46 david__schmidt
108 * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
109 * with what was really the latest development (the v_3_0_branch branch)
111 * Revision 1.37.2.4 2003/12/01 14:45:14 oes
112 * Fixed two more problems with wildcarding in simplematch()
114 * Revision 1.37.2.3 2003/11/20 11:39:24 oes
115 * Bugfix: The "?" wildcard for domain names had never been implemented. Ooops\!
117 * Revision 1.37.2.2 2002/11/12 14:28:18 oes
118 * Proper backtracking in simplematch; fixes bug #632888
120 * Revision 1.37.2.1 2002/09/25 12:58:51 oes
121 * Made strcmpic and strncmpic safe against NULL arguments
122 * (which are now treated as empty strings).
124 * Revision 1.37 2002/04/26 18:29:43 jongfoster
125 * Fixing this Visual C++ warning:
126 * miscutil.c(710) : warning C4090: '=' : different 'const' qualifiers
128 * Revision 1.36 2002/04/26 12:55:38 oes
129 * New function string_toupper
131 * Revision 1.35 2002/03/26 22:29:55 swa
132 * we have a new homepage!
134 * Revision 1.34 2002/03/24 13:25:43 swa
135 * name change related issues
137 * Revision 1.33 2002/03/07 03:46:53 oes
138 * Fixed compiler warnings etc
140 * Revision 1.32 2002/03/06 23:02:57 jongfoster
143 * Revision 1.31 2002/03/05 04:52:42 oes
144 * Deleted non-errlog debugging code
146 * Revision 1.30 2002/03/04 18:27:42 oes
147 * - Deleted deletePidFile
148 * - Made write_pid_file use the --pidfile option value
149 * (or no PID file, if the option was absent)
150 * - Played styleguide police
152 * Revision 1.29 2002/03/04 02:08:02 david__schmidt
153 * Enable web editing of actions file on OS/2 (it had been broken all this time!)
155 * Revision 1.28 2002/03/03 09:18:03 joergs
156 * Made jumbjuster work on AmigaOS again.
158 * Revision 1.27 2002/01/21 00:52:32 jongfoster
159 * Adding string_join()
161 * Revision 1.26 2001/12/30 14:07:32 steudten
162 * - Add signal handling (unix)
163 * - Add SIGHUP handler (unix)
164 * - Add creation of pidfile (unix)
165 * - Add action 'top' in rc file (RH)
166 * - Add entry 'SIGNALS' to manpage
167 * - Add exit message to logfile (unix)
169 * Revision 1.25 2001/11/13 00:16:38 jongfoster
170 * Replacing references to malloc.h with the standard stdlib.h
171 * (See ANSI or K&R 2nd Ed)
173 * Revision 1.24 2001/11/05 21:41:43 steudten
174 * Add changes to be a real daemon just for unix os.
175 * (change cwd to /, detach from controlling tty, set
176 * process group and session leader to the own process.
178 * Add some fatal-error log message for failed malloc().
179 * Add '-d' if compiled with 'configure --with-debug' to
180 * enable debug output.
182 * Revision 1.23 2001/10/29 03:48:10 david__schmidt
183 * OS/2 native needed a snprintf() routine. Added one to miscutil, brackedted
184 * by and __OS2__ ifdef.
186 * Revision 1.22 2001/10/26 17:39:38 oes
187 * Moved ijb_isspace and ijb_tolower to project.h
189 * Revision 1.21 2001/10/23 21:27:50 jongfoster
190 * Standardising error codes in string_append
191 * make_path() no longer adds '\\' if the dir already ends in '\\' (this
192 * is just copying a UNIX-specific fix to the Windows-specific part)
194 * Revision 1.20 2001/10/22 15:33:56 david__schmidt
195 * Special-cased OS/2 out of the Netscape-abort-on-404-in-js problem in
196 * filters.c. Added a FIXME in front of the offending code. I'll gladly
197 * put in a better/more robust fix for all parties if one is presented...
198 * It seems that just returning 200 instead of 404 would pretty much fix
199 * it for everyone, but I don't know all the history of the problem.
201 * Revision 1.19 2001/10/14 22:02:57 jongfoster
202 * New function string_append() which is like strsav(), but running
203 * out of memory isn't automatically FATAL.
205 * Revision 1.18 2001/09/20 13:33:43 steudten
207 * change long to int as return value in hash_string(). Remember the wraparound
208 * for int = long = sizeof(4) - thats maybe not what we want.
210 * Revision 1.17 2001/09/13 20:51:29 jongfoster
211 * Fixing potential problems with characters >=128 in simplematch()
212 * This was also a compiler warning.
214 * Revision 1.16 2001/09/10 10:56:59 oes
215 * Silenced compiler warnings
217 * Revision 1.15 2001/07/13 14:02:24 oes
218 * Removed vim-settings
220 * Revision 1.14 2001/06/29 21:45:41 oes
221 * Indentation, CRLF->LF, Tab-> Space
223 * Revision 1.13 2001/06/29 13:32:14 oes
224 * Removed logentry from cancelled commit
226 * Revision 1.12 2001/06/09 10:55:28 jongfoster
227 * Changing BUFSIZ ==> BUFFER_SIZE
229 * Revision 1.11 2001/06/07 23:09:19 jongfoster
230 * Cosmetic indentation changes.
232 * Revision 1.10 2001/06/07 14:51:38 joergs
233 * make_path() no longer adds '/' if the dir already ends in '/'.
235 * Revision 1.9 2001/06/07 14:43:17 swa
236 * slight mistake in make_path, unix path style is /.
238 * Revision 1.8 2001/06/05 22:32:01 jongfoster
239 * New function make_path() to splice directory and file names together.
241 * Revision 1.7 2001/06/03 19:12:30 oes
242 * introduced bindup()
244 * Revision 1.6 2001/06/01 18:14:49 jongfoster
245 * Changing the calls to strerr() to check HAVE_STRERR (which is defined
246 * in config.h if appropriate) rather than the NO_STRERR macro.
248 * Revision 1.5 2001/06/01 10:31:51 oes
249 * Added character class matching to trivimatch; renamed to simplematch
251 * Revision 1.4 2001/05/31 17:32:31 oes
253 * - Enhanced domain part globbing with infix and prefix asterisk
254 * matching and optional unanchored operation
256 * Revision 1.3 2001/05/29 23:10:09 oes
259 * - Introduced chomp()
260 * - Moved strsav() from showargs to miscutil
262 * Revision 1.2 2001/05/29 09:50:24 jongfoster
263 * Unified blocklist/imagelist/permissionslist.
264 * File format is still under discussion, but the internal changes
267 * Also modified interceptor behaviour:
268 * - We now intercept all URLs beginning with one of the following
269 * prefixes (and *only* these prefixes):
271 * * http://ijbswa.sf.net/config/
272 * * http://ijbswa.sourceforge.net/config/
273 * - New interceptors "home page" - go to http://i.j.b/ to see it.
274 * - Internal changes so that intercepted and fast redirect pages
275 * are not replaced with an image.
276 * - Interceptors now have the option to send a binary page direct
277 * to the client. (i.e. ijb-send-banner uses this)
278 * - Implemented show-url-info interceptor. (Which is why I needed
279 * the above interceptors changes - a typical URL is
280 * "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
281 * The previous mechanism would not have intercepted that, and
282 * if it had been intercepted then it then it would have replaced
285 * Revision 1.1.1.1 2001/05/15 13:59:00 oes
286 * Initial import of version 2.9.3 source tree
289 *********************************************************************/
295 #include <sys/types.h>
297 #if !defined(_WIN32) && !defined(__OS2__)
299 #endif /* #if !defined(_WIN32) && !defined(__OS2__) */
304 #if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
306 #endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
309 #include "miscutil.h"
313 const char miscutil_h_rcs[] = MISCUTIL_H_VERSION;
315 /*********************************************************************
319 * Description : Malloc some memory and set it to '\0'.
320 * The way calloc() ought to be -acjc
323 * 1 : size = Size of memory chunk to return.
325 * Returns : Pointer to newly malloc'd memory chunk.
327 *********************************************************************/
328 void *zalloc(size_t size)
332 if ((ret = (void *)malloc(size)) != NULL)
334 memset(ret, 0, size);
343 /*********************************************************************
345 * Function : write_pid_file
347 * Description : Writes a pid file with the pid of the main process
353 *********************************************************************/
354 void write_pid_file(void)
359 * If no --pidfile option was given,
360 * we can live without one.
362 if (pidfile == NULL) return;
364 if ((fp = fopen(pidfile, "w")) == NULL)
366 log_error(LOG_LEVEL_INFO, "can't open pidfile '%s': %E", pidfile);
370 fprintf(fp, "%u\n", (unsigned int) getpid());
376 #endif /* def unix */
379 /*********************************************************************
381 * Function : hash_string
383 * Description : Take a string and compute a (hopefuly) unique numeric
384 * integer value. This has several uses, but being able
385 * to "switch" a string the one of my favorites.
388 * 1 : s : string to be hashed.
390 * Returns : an unsigned long variable with the hashed value.
392 *********************************************************************/
393 unsigned int hash_string( const char* s )
399 h = 5 * h + (unsigned int)*s;
408 /*********************************************************************
412 * Description : For some reason (which is beyond me), gcc and WIN32
413 * don't like strdup. When a "free" is executed on a
414 * strdup'd ptr, it can at times freez up! So I just
415 * replaced it and problem was solved.
418 * 1 : s = string to duplicate
420 * Returns : Pointer to newly malloc'ed copy of the string.
422 *********************************************************************/
423 char *strdup( const char *s )
425 char * result = (char *)malloc( strlen(s)+1 );
435 #endif /* def __MINGW32__ */
439 /*********************************************************************
441 * Function : safe_strerror
443 * Description : Variant of the library routine strerror() which will
444 * work on systems without the library routine, and
445 * which should never return NULL.
448 * 1 : err = the `errno' of the last operation.
450 * Returns : An "English" string of the last `errno'. Allocated
451 * with strdup(), so caller frees. May be NULL if the
452 * system is out of memory.
454 *********************************************************************/
455 char *safe_strerror(int err)
458 char buf[BUFFER_SIZE];
463 #endif /* HAVE_STRERROR */
467 snprintf(buf, sizeof(buf), "(errno = %d)", err);
476 /*********************************************************************
478 * Function : strcmpic
480 * Description : Case insensitive string comparison
483 * 1 : s1 = string 1 to compare
484 * 2 : s2 = string 2 to compare
486 * Returns : 0 if s1==s2, Negative if s1<s2, Positive if s1>s2
488 *********************************************************************/
489 int strcmpic(const char *s1, const char *s2)
496 if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
502 return(ijb_tolower(*s1) - ijb_tolower(*s2));
507 /*********************************************************************
509 * Function : strncmpic
511 * Description : Case insensitive string comparison (upto n characters)
514 * 1 : s1 = string 1 to compare
515 * 2 : s2 = string 2 to compare
516 * 3 : n = maximum characters to compare
518 * Returns : 0 if s1==s2, Negative if s1<s2, Positive if s1>s2
520 *********************************************************************/
521 int strncmpic(const char *s1, const char *s2, size_t n)
523 if (n <= 0) return(0);
529 if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
538 return(ijb_tolower(*s1) - ijb_tolower(*s2));
543 /*********************************************************************
547 * Description : In-situ-eliminate all leading and trailing whitespace
551 * 1 : s : string to be chomped.
553 * Returns : chomped string
555 *********************************************************************/
556 char *chomp(char *string)
561 * strip trailing whitespace
563 p = string + strlen(string);
564 while (p > string && ijb_isspace(*(p-1)))
571 * find end of leading whitespace
574 while (*q && ijb_isspace(*q))
580 * if there was any, move the rest forwards
595 /*********************************************************************
597 * Function : string_append
599 * Description : Reallocate target_string and append text to it.
600 * This makes it easier to append to malloc'd strings.
601 * This is similar to the (removed) strsav(), but
602 * running out of memory isn't catastrophic.
606 * The following style provides sufficient error
607 * checking for this routine, with minimal clutter
608 * in the source code. It is recommended if you
609 * have many calls to this function:
611 * char * s = strdup(...); // don't check for error
612 * string_append(&s, ...); // don't check for error
613 * string_append(&s, ...); // don't check for error
614 * string_append(&s, ...); // don't check for error
615 * if (NULL == s) { ... handle error ... }
619 * char * s = strdup(...); // don't check for error
620 * string_append(&s, ...); // don't check for error
621 * string_append(&s, ...); // don't check for error
622 * if (string_append(&s, ...)) {... handle error ...}
625 * 1 : target_string = Pointer to old text that is to be
626 * extended. *target_string will be free()d by this
627 * routine. target_string must be non-NULL.
628 * If *target_string is NULL, this routine will
629 * do nothing and return with an error - this allows
630 * you to make many calls to this routine and only
631 * check for errors after the last one.
632 * 2 : text_to_append = Text to be appended to old.
635 * Returns : JB_ERR_OK on success, and sets *target_string
636 * to newly malloc'ed appended string. Caller
637 * must free(*target_string).
638 * JB_ERR_MEMORY on out-of-memory. (And free()s
639 * *target_string and sets it to NULL).
640 * JB_ERR_MEMORY if *target_string is NULL.
642 *********************************************************************/
643 jb_err string_append(char **target_string, const char *text_to_append)
649 assert(target_string);
650 assert(text_to_append);
652 if (*target_string == NULL)
654 return JB_ERR_MEMORY;
657 if (*text_to_append == '\0')
662 old_len = strlen(*target_string);
664 new_size = strlen(text_to_append) + old_len + 1;
666 if (NULL == (new_string = realloc(*target_string, new_size)))
668 free(*target_string);
670 *target_string = NULL;
671 return JB_ERR_MEMORY;
674 strlcpy(new_string + old_len, text_to_append, new_size - old_len);
676 *target_string = new_string;
681 /*********************************************************************
683 * Function : string_join
685 * Description : Join two strings together. Frees BOTH the original
686 * strings. If either or both input strings are NULL,
687 * fails as if it had run out of memory.
689 * For comparison, string_append requires that the
690 * second string is non-NULL, and doesn't free it.
692 * Rationale: Too often, we want to do
693 * string_append(s, html_encode(s2)). That assert()s
694 * if s2 is NULL or if html_encode() runs out of memory.
695 * It also leaks memory. Proper checking is cumbersome.
696 * The solution: string_join(s, html_encode(s2)) is safe,
697 * and will free the memory allocated by html_encode().
700 * 1 : target_string = Pointer to old text that is to be
701 * extended. *target_string will be free()d by this
702 * routine. target_string must be non-NULL.
703 * 2 : text_to_append = Text to be appended to old.
705 * Returns : JB_ERR_OK on success, and sets *target_string
706 * to newly malloc'ed appended string. Caller
707 * must free(*target_string).
708 * JB_ERR_MEMORY on out-of-memory, or if
709 * *target_string or text_to_append is NULL. (In
710 * this case, frees *target_string and text_to_append,
711 * sets *target_string to NULL).
713 *********************************************************************/
714 jb_err string_join(char **target_string, char *text_to_append)
718 assert(target_string);
720 if (text_to_append == NULL)
722 freez(*target_string);
723 return JB_ERR_MEMORY;
726 err = string_append(target_string, text_to_append);
728 free(text_to_append);
734 /*********************************************************************
736 * Function : string_toupper
738 * Description : Produce a copy of string with all convertible
739 * characters converted to uppercase.
742 * 1 : string = string to convert
744 * Returns : Uppercase copy of string if possible,
745 * NULL on out-of-memory or if string was NULL.
747 *********************************************************************/
748 char *string_toupper(const char *string)
753 if (!string || ((result = (char *) zalloc(strlen(string) + 1)) == NULL))
763 *p++ = toupper((int) *q++);
771 /*********************************************************************
773 * Function : simplematch
775 * Description : String matching, with a (greedy) '*' wildcard that
776 * stands for zero or more arbitrary characters and
777 * character classes in [], which take both enumerations
781 * 1 : pattern = pattern for matching
782 * 2 : text = text to be matched
784 * Returns : 0 if match, else nonzero
786 *********************************************************************/
787 int simplematch(char *pattern, char *text)
789 unsigned char *pat = (unsigned char *) pattern;
790 unsigned char *txt = (unsigned char *) text;
791 unsigned char *fallback = pat;
794 unsigned char lastchar = 'a';
796 unsigned char charmap[32];
801 /* EOF pattern but !EOF text? */
814 /* '*' in the pattern? */
818 /* The pattern ends afterwards? Speed up the return. */
824 /* Else, set wildcard mode and remember position after '*' */
829 /* Character range specification? */
832 memset(charmap, '\0', sizeof(charmap));
834 while (*++pat != ']')
840 else if (*pat == '-')
842 if ((*++pat == ']') || *pat == '\0')
846 for(i = lastchar; i <= *pat; i++)
848 charmap[i / 8] |= (1 << (i % 8));
853 charmap[*pat / 8] |= (1 << (*pat % 8));
857 } /* -END- if Character range specification */
861 * Char match, or char range match?
865 || ((*pat == ']') && (charmap[*txt / 8] & (1 << (*txt % 8)))) )
875 * No match && no wildcard: No luck
879 else if (pat != fallback)
882 * Increment text pointer if in char range matching
889 * Wildcard mode && nonmatch beyond fallback: Rewind pattern
893 * Restart matching from current text pointer
900 /* Cut off extra '*'s */
901 if(*pat == '*') pat++;
903 /* If this is the pattern's end, fine! */
909 /*********************************************************************
913 * Description : Duplicate the first n characters of a string that may
914 * contain '\0' characters.
917 * 1 : string = string to be duplicated
918 * 2 : len = number of bytes to duplicate
920 * Returns : pointer to copy, or NULL if failiure
922 *********************************************************************/
923 char *bindup(const char *string, size_t len)
927 if (NULL == (duplicate = (char *)malloc(len)))
933 memcpy(duplicate, string, len);
941 /*********************************************************************
943 * Function : make_path
945 * Description : Takes a directory name and a file name, returns
946 * the complete path. Handles windows/unix differences.
947 * If the file name is already an absolute path, or if
948 * the directory name is NULL or empty, it returns
952 * 1 : dir: Name of directory or NULL for none.
953 * 2 : file: Name of file. Should not be NULL or empty.
955 * Returns : "dir/file" (Or on windows, "dir\file").
956 * It allocates the string on the heap. Caller frees.
957 * Returns NULL in error (i.e. NULL file or out of
960 *********************************************************************/
961 char * make_path(const char * dir, const char * file)
972 strncpy(path,dir+2,512);
976 strncpy(path,dir+1,512);
981 strncpy(path,dir,512);
989 if(AddPart(path,file,512))
997 #else /* ndef AMIGA */
999 if ((file == NULL) || (*file == '\0'))
1001 return NULL; /* Error */
1004 if ((dir == NULL) || (*dir == '\0') /* No directory specified */
1005 #if defined(_WIN32) || defined(__OS2__)
1006 || (*file == '\\') || (file[1] == ':') /* Absolute path (DOS) */
1007 #else /* ifndef _WIN32 || __OS2__ */
1008 || (*file == '/') /* Absolute path (U*ix) */
1009 #endif /* ifndef _WIN32 || __OS2__ */
1012 return strdup(file);
1017 size_t path_size = strlen(dir) + strlen(file) + 2; /* +2 for trailing (back)slash and \0 */
1020 if ( *dir != '/' && basedir && *basedir )
1023 * Relative path, so start with the base directory.
1025 path_size += strlen(basedir) + 1; /* +1 for the slash */
1026 path = malloc(path_size);
1027 if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
1028 strlcpy(path, basedir, path_size);
1029 strlcat(path, "/", path_size);
1030 strlcat(path, dir, path_size);
1033 #endif /* defined unix */
1035 path = malloc(path_size);
1036 if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
1037 strlcpy(path, dir, path_size);
1040 #if defined(_WIN32) || defined(__OS2__)
1041 if(path[strlen(path)-1] != '\\')
1043 strlcat(path, "\\", path_size);
1045 #else /* ifndef _WIN32 || __OS2__ */
1046 if(path[strlen(path)-1] != '/')
1048 strlcat(path, "/", path_size);
1050 #endif /* ifndef _WIN32 || __OS2__ */
1051 strlcat(path, file, path_size);
1055 #endif /* ndef AMIGA */
1059 /*********************************************************************
1061 * Function : pick_from_range
1063 * Description : Pick a positive number out of a given range.
1064 * Should only be used if randomness would be nice,
1065 * but isn't really necessary.
1068 * 1 : range: Highest possible number to pick.
1070 * Returns : Picked number.
1072 *********************************************************************/
1073 long int pick_from_range(long int range)
1077 number = random() % range + 1;
1078 #elif defined(FEATURE_PTHREAD)
1079 pthread_mutex_lock(&rand_mutex);
1080 number = rand() % (long int)(range + 1);
1081 pthread_mutex_unlock(&rand_mutex);
1085 * On Windows and mingw32 srand() has to be called in every
1086 * rand()-using thread, but can cause crashes if it's not
1089 * Currently we don't have mutexes for mingw32, and for
1090 * our purpose this cludge is probably preferable to crashes.
1092 log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Using weak \'randomization\' factor.");
1093 number = (range + GetCurrentThreadId() % range) / 2;
1096 * XXX: Which platforms reach this and are there
1097 * better options than just using rand() and hoping
1100 log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Header time randomization might cause "
1101 "crashes, predictable results or even combine these fine options.");
1102 number = rand() % (long int)(range + 1);
1103 #endif /* def _WIN32 */
1105 #endif /* (def HAVE_RANDOM) */
1111 #ifndef HAVE_STRLCAT
1112 /*********************************************************************
1114 * Function : privoxy_strlcat
1116 * Description : strlcat(3) look-alike for those without decent libc.
1119 * 1 : destination: C string.
1120 * 2 : source: String to copy.
1121 * 3 : size: Size of destination buffer.
1123 * Returns : The length of the string that strlcat tried to create.
1125 *********************************************************************/
1126 size_t privoxy_strlcat(char *destination, const char *source, const size_t size)
1128 const size_t old_length = strlen(destination);
1129 return old_length + strlcpy(destination + old_length, source, size - old_length);
1131 #endif /* ndef HAVE_STRLCAT */
1134 #if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
1135 /*********************************************************************
1139 * Description : libc replacement function for the inverse of gmtime().
1140 * Copyright (C) 2004 Free Software Foundation, Inc.
1142 * Code originally copied from GnuPG, modifications done
1143 * for Privoxy: style changed, #ifdefs for _WIN32 added
1144 * to have it work on mingw32.
1146 * XXX: It's very unlikely to happen, but if the malloc()
1147 * call fails the time zone will be permanently set to UTC.
1150 * 1 : tm: Broken-down time struct.
1152 * Returns : tm converted into time_t seconds.
1154 *********************************************************************/
1155 time_t timegm(struct tm *tm)
1160 zone = getenv("TZ");
1163 answer = mktime(tm);
1168 old_zone = malloc(3 + strlen(zone) + 1);
1171 strcpy(old_zone, "TZ=");
1172 strcat(old_zone, zone);
1176 #endif /* def _WIN32 */
1181 #ifdef HAVE_UNSETENV
1183 #elif defined(_WIN32)
1193 #endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
1196 #ifndef HAVE_SNPRINTF
1198 * What follows is a portable snprintf routine, written by Mark Martinec.
1199 * See: http://www.ijs.si/software/snprintf/
1202 - a portable implementation of snprintf,
1203 including vsnprintf.c, asnprintf, vasnprintf, asprintf, vasprintf
1205 snprintf is a routine to convert numeric and string arguments to
1206 formatted strings. It is similar to sprintf(3) provided in a system's
1207 C library, yet it requires an additional argument - the buffer size -
1208 and it guarantees never to store anything beyond the given buffer,
1209 regardless of the format or arguments to be formatted. Some newer
1210 operating systems do provide snprintf in their C library, but many do
1211 not or do provide an inadequate (slow or idiosyncratic) version, which
1212 calls for a portable implementation of this routine.
1216 Mark Martinec <mark.martinec@ijs.si>, April 1999, June 2000
1217 Copyright © 1999, Mark Martinec
1221 #define PORTABLE_SNPRINTF_VERSION_MAJOR 2
1222 #define PORTABLE_SNPRINTF_VERSION_MINOR 2
1224 #if defined(NEED_ASPRINTF) || defined(NEED_ASNPRINTF) || defined(NEED_VASPRINTF) || defined(NEED_VASNPRINTF)
1225 # if defined(NEED_SNPRINTF_ONLY)
1226 # undef NEED_SNPRINTF_ONLY
1228 # if !defined(PREFER_PORTABLE_SNPRINTF)
1229 # define PREFER_PORTABLE_SNPRINTF
1233 #if defined(SOLARIS_BUG_COMPATIBLE) && !defined(SOLARIS_COMPATIBLE)
1234 #define SOLARIS_COMPATIBLE
1237 #if defined(HPUX_BUG_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
1238 #define HPUX_COMPATIBLE
1241 #if defined(DIGITAL_UNIX_BUG_COMPATIBLE) && !defined(DIGITAL_UNIX_COMPATIBLE)
1242 #define DIGITAL_UNIX_COMPATIBLE
1245 #if defined(PERL_BUG_COMPATIBLE) && !defined(PERL_COMPATIBLE)
1246 #define PERL_COMPATIBLE
1249 #if defined(LINUX_BUG_COMPATIBLE) && !defined(LINUX_COMPATIBLE)
1250 #define LINUX_COMPATIBLE
1253 #include <sys/types.h>
1264 #define isdigit(c) ((c) >= '0' && (c) <= '9')
1266 /* For copying strings longer or equal to 'breakeven_point'
1267 * it is more efficient to call memcpy() than to do it inline.
1268 * The value depends mostly on the processor architecture,
1269 * but also on the compiler and its optimization capabilities.
1270 * The value is not critical, some small value greater than zero
1271 * will be just fine if you don't care to squeeze every drop
1272 * of performance out of the code.
1274 * Small values favor memcpy, large values favor inline code.
1276 #if defined(__alpha__) || defined(__alpha)
1277 # define breakeven_point 2 /* AXP (DEC Alpha) - gcc or cc or egcs */
1279 #if defined(__i386__) || defined(__i386)
1280 # define breakeven_point 12 /* Intel Pentium/Linux - gcc 2.96 */
1283 # define breakeven_point 10 /* HP-PA - gcc */
1285 #if defined(__sparc__) || defined(__sparc)
1286 # define breakeven_point 33 /* Sun Sparc 5 - gcc 2.8.1 */
1289 /* some other values of possible interest: */
1290 /* #define breakeven_point 8 */ /* VAX 4000 - vaxc */
1291 /* #define breakeven_point 19 */ /* VAX 4000 - gcc 2.7.0 */
1293 #ifndef breakeven_point
1294 # define breakeven_point 6 /* some reasonable one-size-fits-all value */
1297 #define fast_memcpy(d,s,n) \
1298 { register size_t nn = (size_t)(n); \
1299 if (nn >= breakeven_point) memcpy((d), (s), nn); \
1300 else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
1301 register char *dd; register const char *ss; \
1302 for (ss=(s), dd=(d); nn>0; nn--) *dd++ = *ss++; } }
1304 #define fast_memset(d,c,n) \
1305 { register size_t nn = (size_t)(n); \
1306 if (nn >= breakeven_point) memset((d), (int)(c), nn); \
1307 else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
1308 register char *dd; register const int cc=(int)(c); \
1309 for (dd=(d); nn>0; nn--) *dd++ = cc; } }
1313 #if defined(NEED_ASPRINTF)
1314 int asprintf (char **ptr, const char *fmt, /*args*/ ...);
1316 #if defined(NEED_VASPRINTF)
1317 int vasprintf (char **ptr, const char *fmt, va_list ap);
1319 #if defined(NEED_ASNPRINTF)
1320 int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...);
1322 #if defined(NEED_VASNPRINTF)
1323 int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap);
1326 #if defined(HAVE_SNPRINTF)
1327 /* declare our portable snprintf routine under name portable_snprintf */
1328 /* declare our portable vsnprintf routine under name portable_vsnprintf */
1330 /* declare our portable routines under names snprintf and vsnprintf */
1331 #define portable_snprintf snprintf
1332 #if !defined(NEED_SNPRINTF_ONLY)
1333 #define portable_vsnprintf vsnprintf
1337 #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
1338 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...);
1339 #if !defined(NEED_SNPRINTF_ONLY)
1340 int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap);
1346 static char credits[] = "\n\
1347 @(#)snprintf.c, v2.2: Mark Martinec, <mark.martinec@ijs.si>\n\
1348 @(#)snprintf.c, v2.2: Copyright 1999, Mark Martinec. Frontier Artistic License applies.\n\
1349 @(#)snprintf.c, v2.2: http://www.ijs.si/software/snprintf/\n";
1351 #if defined(NEED_ASPRINTF)
1352 int asprintf(char **ptr, const char *fmt, /*args*/ ...) {
1358 va_start(ap, fmt); /* measure the required size */
1359 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
1361 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1362 *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
1363 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1367 str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1369 assert(str_l2 == str_l);
1375 #if defined(NEED_VASPRINTF)
1376 int vasprintf(char **ptr, const char *fmt, va_list ap) {
1382 va_copy(ap2, ap); /* don't consume the original ap, we'll need it again */
1383 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
1386 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1387 *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
1388 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1390 int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1391 assert(str_l2 == str_l);
1397 #if defined(NEED_ASNPRINTF)
1398 int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...) {
1403 va_start(ap, fmt); /* measure the required size */
1404 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
1406 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1407 if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1; /* truncate */
1408 /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
1409 if (str_m == 0) { /* not interested in resulting string, just return size */
1411 *ptr = (char *) malloc(str_m);
1412 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1416 str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1418 assert(str_l2 == str_l);
1425 #if defined(NEED_VASNPRINTF)
1426 int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap) {
1431 va_copy(ap2, ap); /* don't consume the original ap, we'll need it again */
1432 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
1435 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1436 if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1; /* truncate */
1437 /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
1438 if (str_m == 0) { /* not interested in resulting string, just return size */
1440 *ptr = (char *) malloc(str_m);
1441 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1443 int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1444 assert(str_l2 == str_l);
1452 * If the system does have snprintf and the portable routine is not
1453 * specifically required, this module produces no code for snprintf/vsnprintf.
1455 #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
1457 #if !defined(NEED_SNPRINTF_ONLY)
1458 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
1463 str_l = portable_vsnprintf(str, str_m, fmt, ap);
1469 #if defined(NEED_SNPRINTF_ONLY)
1470 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
1472 int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap) {
1475 #if defined(NEED_SNPRINTF_ONLY)
1479 const char *p = fmt;
1481 /* In contrast with POSIX, the ISO C99 now says
1482 * that str can be NULL and str_m can be 0.
1483 * This is more useful than the old: if (str_m < 1) return -1; */
1485 #if defined(NEED_SNPRINTF_ONLY)
1491 /* if (str_l < str_m) str[str_l++] = *p++; -- this would be sufficient */
1492 /* but the following code achieves better performance for cases
1493 * where format string is long and contains few conversions */
1494 const char *q = strchr(p+1,'%');
1495 size_t n = !q ? strlen(p) : (q-p);
1496 if (str_l < str_m) {
1497 size_t avail = str_m-str_l;
1498 fast_memcpy(str+str_l, p, (n>avail?avail:n));
1502 const char *starting_p;
1503 size_t min_field_width = 0, precision = 0;
1504 int zero_padding = 0, precision_specified = 0, justify_left = 0;
1505 int alternate_form = 0, force_sign = 0;
1506 int space_for_positive = 1; /* If both the ' ' and '+' flags appear,
1507 the ' ' flag should be ignored. */
1508 char length_modifier = '\0'; /* allowed values: \0, h, l, L */
1509 char tmp[32];/* temporary buffer for simple numeric->string conversion */
1511 const char *str_arg; /* string address in case of string argument */
1512 size_t str_arg_l; /* natural field width of arg without padding
1514 unsigned char uchar_arg;
1515 /* unsigned char argument value - only defined for c conversion.
1516 N.B. standard explicitly states the char argument for
1517 the c conversion is unsigned */
1519 size_t number_of_zeros_to_pad = 0;
1520 /* number of zeros to be inserted for numeric conversions
1521 as required by the precision or minimal field width */
1523 size_t zero_padding_insertion_ind = 0;
1524 /* index into tmp where zero padding is to be inserted */
1526 char fmt_spec = '\0';
1527 /* current conversion specifier character */
1529 str_arg = credits;/* just to make compiler happy (defined but not used)*/
1531 starting_p = p; p++; /* skip '%' */
1533 while (*p == '0' || *p == '-' || *p == '+' ||
1534 *p == ' ' || *p == '#' || *p == '\'') {
1536 case '0': zero_padding = 1; break;
1537 case '-': justify_left = 1; break;
1538 case '+': force_sign = 1; space_for_positive = 0; break;
1539 case ' ': force_sign = 1;
1540 /* If both the ' ' and '+' flags appear, the ' ' flag should be ignored */
1541 #ifdef PERL_COMPATIBLE
1542 /* ... but in Perl the last of ' ' and '+' applies */
1543 space_for_positive = 1;
1546 case '#': alternate_form = 1; break;
1551 /* If the '0' and '-' flags both appear, the '0' flag should be ignored. */
1553 /* parse field width */
1556 p++; j = va_arg(ap, int);
1557 if (j >= 0) min_field_width = j;
1558 else { min_field_width = -j; justify_left = 1; }
1559 } else if (isdigit((int)(*p))) {
1560 /* size_t could be wider than unsigned int;
1561 make sure we treat argument like common implementations do */
1562 unsigned int uj = *p++ - '0';
1563 while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
1564 min_field_width = uj;
1566 /* parse precision */
1568 p++; precision_specified = 1;
1570 int j = va_arg(ap, int);
1572 if (j >= 0) precision = j;
1574 precision_specified = 0; precision = 0;
1576 * Solaris 2.6 man page claims that in this case the precision
1577 * should be set to 0. Digital Unix 4.0, HPUX 10 and BSD man page
1578 * claim that this case should be treated as unspecified precision,
1579 * which is what we do here.
1582 } else if (isdigit((int)(*p))) {
1583 /* size_t could be wider than unsigned int;
1584 make sure we treat argument like common implementations do */
1585 unsigned int uj = *p++ - '0';
1586 while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
1590 /* parse 'h', 'l' and 'll' length modifiers */
1591 if (*p == 'h' || *p == 'l') {
1592 length_modifier = *p; p++;
1593 if (length_modifier == 'l' && *p == 'l') { /* double l = long long */
1594 #ifdef SNPRINTF_LONGLONG_SUPPORT
1595 length_modifier = '2'; /* double l encoded as '2' */
1597 length_modifier = 'l'; /* treat it as a single 'l' */
1603 /* common synonyms: */
1605 case 'i': fmt_spec = 'd'; break;
1606 case 'D': fmt_spec = 'd'; length_modifier = 'l'; break;
1607 case 'U': fmt_spec = 'u'; length_modifier = 'l'; break;
1608 case 'O': fmt_spec = 'o'; length_modifier = 'l'; break;
1611 /* get parameter value, do initial processing */
1613 case '%': /* % behaves similar to 's' regarding flags and field widths */
1614 case 'c': /* c behaves similar to 's' regarding flags and field widths */
1616 length_modifier = '\0'; /* wint_t and wchar_t not supported */
1617 /* the result of zero padding flag with non-numeric conversion specifier*/
1618 /* is undefined. Solaris and HPUX 10 does zero padding in this case, */
1619 /* Digital Unix and Linux does not. */
1620 #if !defined(SOLARIS_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
1621 zero_padding = 0; /* turn zero padding off for string conversions */
1628 int j = va_arg(ap, int);
1629 uchar_arg = (unsigned char) j; /* standard demands unsigned char */
1630 str_arg = (const char *) &uchar_arg;
1634 str_arg = va_arg(ap, const char *);
1635 if (!str_arg) str_arg_l = 0;
1636 /* make sure not to address string beyond the specified precision !!! */
1637 else if (!precision_specified) str_arg_l = strlen(str_arg);
1638 /* truncate string if necessary as requested by precision */
1639 else if (precision == 0) str_arg_l = 0;
1641 /* memchr on HP does not like n > 2^31 !!! */
1642 const char *q = memchr(str_arg, '\0',
1643 precision <= 0x7fffffff ? precision : 0x7fffffff);
1644 str_arg_l = !q ? precision : (q-str_arg);
1650 case 'd': case 'u': case 'o': case 'x': case 'X': case 'p': {
1651 /* NOTE: the u, o, x, X and p conversion specifiers imply
1652 the value is unsigned; d implies a signed value */
1655 /* 0 if numeric argument is zero (or if pointer is NULL for 'p'),
1656 +1 if greater than zero (or nonzero for unsigned arguments),
1657 -1 if negative (unsigned argument is never negative) */
1659 int int_arg = 0; unsigned int uint_arg = 0;
1660 /* only defined for length modifier h, or for no length modifiers */
1662 long int long_arg = 0; unsigned long int ulong_arg = 0;
1663 /* only defined for length modifier l */
1665 void *ptr_arg = NULL;
1666 /* pointer argument value -only defined for p conversion */
1668 #ifdef SNPRINTF_LONGLONG_SUPPORT
1669 long long int long_long_arg = 0;
1670 unsigned long long int ulong_long_arg = 0;
1671 /* only defined for length modifier ll */
1673 if (fmt_spec == 'p') {
1674 /* HPUX 10: An l, h, ll or L before any other conversion character
1675 * (other than d, i, u, o, x, or X) is ignored.
1677 * not specified, but seems to behave as HPUX does.
1678 * Solaris: If an h, l, or L appears before any other conversion
1679 * specifier (other than d, i, u, o, x, or X), the behavior
1680 * is undefined. (Actually %hp converts only 16-bits of address
1681 * and %llp treats address as 64-bit data which is incompatible
1682 * with (void *) argument on a 32-bit system).
1684 #ifdef SOLARIS_COMPATIBLE
1685 # ifdef SOLARIS_BUG_COMPATIBLE
1686 /* keep length modifiers even if it represents 'll' */
1688 if (length_modifier == '2') length_modifier = '\0';
1691 length_modifier = '\0';
1693 ptr_arg = va_arg(ap, void *);
1694 if (ptr_arg != NULL) arg_sign = 1;
1695 } else if (fmt_spec == 'd') { /* signed */
1696 switch (length_modifier) {
1699 /* It is non-portable to specify a second argument of char or short
1700 * to va_arg, because arguments seen by the called function
1701 * are not char or short. C converts char and short arguments
1702 * to int before passing them to a function.
1704 int_arg = va_arg(ap, int);
1705 if (int_arg > 0) arg_sign = 1;
1706 else if (int_arg < 0) arg_sign = -1;
1709 long_arg = va_arg(ap, long int);
1710 if (long_arg > 0) arg_sign = 1;
1711 else if (long_arg < 0) arg_sign = -1;
1713 #ifdef SNPRINTF_LONGLONG_SUPPORT
1715 long_long_arg = va_arg(ap, long long int);
1716 if (long_long_arg > 0) arg_sign = 1;
1717 else if (long_long_arg < 0) arg_sign = -1;
1721 } else { /* unsigned */
1722 switch (length_modifier) {
1725 uint_arg = va_arg(ap, unsigned int);
1726 if (uint_arg) arg_sign = 1;
1729 ulong_arg = va_arg(ap, unsigned long int);
1730 if (ulong_arg) arg_sign = 1;
1732 #ifdef SNPRINTF_LONGLONG_SUPPORT
1734 ulong_long_arg = va_arg(ap, unsigned long long int);
1735 if (ulong_long_arg) arg_sign = 1;
1740 str_arg = tmp; str_arg_l = 0;
1742 * For d, i, u, o, x, and X conversions, if precision is specified,
1743 * the '0' flag should be ignored. This is so with Solaris 2.6,
1744 * Digital UNIX 4.0, HPUX 10, Linux, FreeBSD, NetBSD; but not with Perl.
1746 #ifndef PERL_COMPATIBLE
1747 if (precision_specified) zero_padding = 0;
1749 if (fmt_spec == 'd') {
1750 if (force_sign && arg_sign >= 0)
1751 tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
1752 /* leave negative numbers for sprintf to handle,
1753 to avoid handling tricky cases like (short int)(-32768) */
1754 #ifdef LINUX_COMPATIBLE
1755 } else if (fmt_spec == 'p' && force_sign && arg_sign > 0) {
1756 tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
1758 } else if (alternate_form) {
1759 if (arg_sign != 0 && (fmt_spec == 'x' || fmt_spec == 'X') )
1760 { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = fmt_spec; }
1761 /* alternate form should have no effect for p conversion, but ... */
1762 #ifdef HPUX_COMPATIBLE
1763 else if (fmt_spec == 'p'
1764 /* HPUX 10: for an alternate form of p conversion,
1765 * a nonzero result is prefixed by 0x. */
1766 #ifndef HPUX_BUG_COMPATIBLE
1767 /* Actually it uses 0x prefix even for a zero value. */
1770 ) { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = 'x'; }
1773 zero_padding_insertion_ind = str_arg_l;
1774 if (!precision_specified) precision = 1; /* default precision is 1 */
1775 if (precision == 0 && arg_sign == 0
1776 #if defined(HPUX_BUG_COMPATIBLE) || defined(LINUX_COMPATIBLE)
1778 /* HPUX 10 man page claims: With conversion character p the result of
1779 * converting a zero value with a precision of zero is a null string.
1780 * Actually HP returns all zeroes, and Linux returns "(nil)". */
1783 /* converted to null string */
1784 /* When zero value is formatted with an explicit precision 0,
1785 the resulting formatted string is empty (d, i, u, o, x, X, p). */
1787 char f[5]; int f_l = 0;
1788 f[f_l++] = '%'; /* construct a simple format string for sprintf */
1789 if (!length_modifier) { }
1790 else if (length_modifier=='2') { f[f_l++] = 'l'; f[f_l++] = 'l'; }
1791 else f[f_l++] = length_modifier;
1792 f[f_l++] = fmt_spec; f[f_l++] = '\0';
1793 if (fmt_spec == 'p') str_arg_l += sprintf(tmp+str_arg_l, f, ptr_arg);
1794 else if (fmt_spec == 'd') { /* signed */
1795 switch (length_modifier) {
1797 case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, int_arg); break;
1798 case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, long_arg); break;
1799 #ifdef SNPRINTF_LONGLONG_SUPPORT
1800 case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,long_long_arg); break;
1803 } else { /* unsigned */
1804 switch (length_modifier) {
1806 case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, uint_arg); break;
1807 case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, ulong_arg); break;
1808 #ifdef SNPRINTF_LONGLONG_SUPPORT
1809 case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,ulong_long_arg);break;
1813 /* include the optional minus sign and possible "0x"
1814 in the region before the zero padding insertion point */
1815 if (zero_padding_insertion_ind < str_arg_l &&
1816 tmp[zero_padding_insertion_ind] == '-') {
1817 zero_padding_insertion_ind++;
1819 if (zero_padding_insertion_ind+1 < str_arg_l &&
1820 tmp[zero_padding_insertion_ind] == '0' &&
1821 (tmp[zero_padding_insertion_ind+1] == 'x' ||
1822 tmp[zero_padding_insertion_ind+1] == 'X') ) {
1823 zero_padding_insertion_ind += 2;
1826 { size_t num_of_digits = str_arg_l - zero_padding_insertion_ind;
1827 if (alternate_form && fmt_spec == 'o'
1828 #ifdef HPUX_COMPATIBLE /* ("%#.o",0) -> "" */
1831 #ifdef DIGITAL_UNIX_BUG_COMPATIBLE /* ("%#o",0) -> "00" */
1833 /* unless zero is already the first character */
1834 && !(zero_padding_insertion_ind < str_arg_l
1835 && tmp[zero_padding_insertion_ind] == '0')
1837 ) { /* assure leading zero for alternate-form octal numbers */
1838 if (!precision_specified || precision < num_of_digits+1) {
1839 /* precision is increased to force the first character to be zero,
1840 except if a zero value is formatted with an explicit precision
1842 precision = num_of_digits+1; precision_specified = 1;
1845 /* zero padding to specified precision? */
1846 if (num_of_digits < precision)
1847 number_of_zeros_to_pad = precision - num_of_digits;
1849 /* zero padding to specified minimal field width? */
1850 if (!justify_left && zero_padding) {
1851 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1852 if (n > 0) number_of_zeros_to_pad += n;
1856 default: /* unrecognized conversion specifier, keep format string as-is*/
1857 zero_padding = 0; /* turn zero padding off for non-numeric convers. */
1858 #ifndef DIGITAL_UNIX_COMPATIBLE
1859 justify_left = 1; min_field_width = 0; /* reset flags */
1861 #if defined(PERL_COMPATIBLE) || defined(LINUX_COMPATIBLE)
1862 /* keep the entire format string unchanged */
1863 str_arg = starting_p; str_arg_l = p - starting_p;
1864 /* well, not exactly so for Linux, which does something inbetween,
1865 * and I don't feel an urge to imitate it: "%+++++hy" -> "%+y" */
1867 /* discard the unrecognized conversion, just keep *
1868 * the unrecognized conversion character */
1869 str_arg = p; str_arg_l = 0;
1871 if (*p) str_arg_l++; /* include invalid conversion specifier unchanged
1872 if not at end-of-string */
1875 if (*p) p++; /* step over the just processed conversion specifier */
1876 /* insert padding to the left as requested by min_field_width;
1877 this does not include the zero padding in case of numerical conversions*/
1878 if (!justify_left) { /* left padding with blank or zero */
1879 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1881 if (str_l < str_m) {
1882 size_t avail = str_m-str_l;
1883 fast_memset(str+str_l, (zero_padding?'0':' '), (n>avail?avail:n));
1888 /* zero padding as requested by the precision or by the minimal field width
1889 * for numeric conversions required? */
1890 if (number_of_zeros_to_pad <= 0) {
1891 /* will not copy first part of numeric right now, *
1892 * force it to be copied later in its entirety */
1893 zero_padding_insertion_ind = 0;
1895 /* insert first part of numerics (sign or '0x') before zero padding */
1896 int n = zero_padding_insertion_ind;
1898 if (str_l < str_m) {
1899 size_t avail = str_m-str_l;
1900 fast_memcpy(str+str_l, str_arg, (n>avail?avail:n));
1904 /* insert zero padding as requested by the precision or min field width */
1905 n = number_of_zeros_to_pad;
1907 if (str_l < str_m) {
1908 size_t avail = str_m-str_l;
1909 fast_memset(str+str_l, '0', (n>avail?avail:n));
1914 /* insert formatted string
1915 * (or as-is conversion specifier for unknown conversions) */
1916 { int n = str_arg_l - zero_padding_insertion_ind;
1918 if (str_l < str_m) {
1919 size_t avail = str_m-str_l;
1920 fast_memcpy(str+str_l, str_arg+zero_padding_insertion_ind,
1926 /* insert right padding */
1927 if (justify_left) { /* right blank padding to the field width */
1928 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1930 if (str_l < str_m) {
1931 size_t avail = str_m-str_l;
1932 fast_memset(str+str_l, ' ', (n>avail?avail:n));
1939 #if defined(NEED_SNPRINTF_ONLY)
1942 if (str_m > 0) { /* make sure the string is null-terminated
1943 even at the expense of overwriting the last character
1944 (shouldn't happen, but just in case) */
1945 str[str_l <= str_m-1 ? str_l : str_m-1] = '\0';
1947 /* Return the number of characters formatted (excluding trailing null
1948 * character), that is, the number of characters that would have been
1949 * written to the buffer if it were large enough.
1951 * The value of str_l should be returned, but str_l is of unsigned type
1952 * size_t, and snprintf is int, possibly leading to an undetected
1953 * integer overflow, resulting in a negative return value, which is illegal.
1954 * Both XSH5 and ISO C99 (at least the draft) are silent on this issue.
1955 * Should errno be set to EOVERFLOW and EOF returned in this case???
1960 #endif /* ndef HAVE_SNPRINTF */