Bug Summary

File:build-scan/../src/basic/string-util.c
Warning:line 443, column 24
Use of zero-allocated memory

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name string-util.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -menable-no-infs -menable-no-nans -menable-unsafe-fp-math -fno-signed-zeros -mreassociate -freciprocal-math -fdenormal-fp-math=preserve-sign,preserve-sign -ffp-contract=fast -fno-rounding-math -ffast-math -ffinite-math-only -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib64/clang/12.0.0 -include config.h -I src/basic/libbasic.a.p -I src/basic -I ../src/basic -I src/shared -I ../src/shared -I src/systemd -I ../src/systemd -I src/journal -I ../src/journal -I src/journal-remote -I ../src/journal-remote -I src/nspawn -I ../src/nspawn -I src/resolve -I ../src/resolve -I src/timesync -I ../src/timesync -I ../src/time-wait-sync -I src/login -I ../src/login -I src/udev -I ../src/udev -I src/libudev -I ../src/libudev -I src/core -I ../src/core -I ../src/libsystemd/sd-bus -I ../src/libsystemd/sd-device -I ../src/libsystemd/sd-hwdb -I ../src/libsystemd/sd-id128 -I ../src/libsystemd/sd-netlink -I ../src/libsystemd/sd-network -I src/libsystemd-network -I ../src/libsystemd-network -I . -I .. -I /usr/include/blkid -I /usr/include/libmount -D _FILE_OFFSET_BITS=64 -internal-isystem /usr/local/include -internal-isystem /usr/lib64/clang/12.0.0/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -Wwrite-strings -Wno-unused-parameter -Wno-missing-field-initializers -Wno-unused-result -Wno-format-signedness -Wno-error=nonnull -std=gnu99 -fconst-strings -fdebug-compilation-dir /home/mrc0mmand/repos/@redhat-plumbers/systemd-rhel8/build-scan -ferror-limit 19 -fvisibility default -stack-protector 2 -fgnuc-version=4.2.1 -fcolor-diagnostics -analyzer-output=html -faddrsig -o /tmp/scan-build-2021-07-16-221226-1465241-1 -x c ../src/basic/string-util.c

../src/basic/string-util.c

1/* SPDX-License-Identifier: LGPL-2.1+ */
2
3#include <errno(*__errno_location ()).h>
4#include <stdarg.h>
5#include <stdint.h>
6#include <stdio.h>
7#include <stdio_ext.h>
8#include <stdlib.h>
9#include <string.h>
10
11#include "alloc-util.h"
12#include "escape.h"
13#include "gunicode.h"
14#include "locale-util.h"
15#include "macro.h"
16#include "string-util.h"
17#include "terminal-util.h"
18#include "utf8.h"
19#include "util.h"
20#include "fileio.h"
21
22int strcmp_ptr(const char *a, const char *b) {
23
24 /* Like strcmp(), but tries to make sense of NULL pointers */
25 if (a && b)
26 return strcmp(a, b);
27
28 if (!a && b)
29 return -1;
30
31 if (a && !b)
32 return 1;
33
34 return 0;
35}
36
37char* endswith(const char *s, const char *postfix) {
38 size_t sl, pl;
39
40 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 40, __PRETTY_FUNCTION__
); } while (0);
41 assert(postfix)do { if ((__builtin_expect(!!(!(postfix)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("postfix"), "../src/basic/string-util.c"
, 41, __PRETTY_FUNCTION__); } while (0);
42
43 sl = strlen(s);
44 pl = strlen(postfix);
45
46 if (pl == 0)
47 return (char*) s + sl;
48
49 if (sl < pl)
50 return NULL((void*)0);
51
52 if (memcmp(s + sl - pl, postfix, pl) != 0)
53 return NULL((void*)0);
54
55 return (char*) s + sl - pl;
56}
57
58char* endswith_no_case(const char *s, const char *postfix) {
59 size_t sl, pl;
60
61 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 61, __PRETTY_FUNCTION__
); } while (0);
62 assert(postfix)do { if ((__builtin_expect(!!(!(postfix)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("postfix"), "../src/basic/string-util.c"
, 62, __PRETTY_FUNCTION__); } while (0);
63
64 sl = strlen(s);
65 pl = strlen(postfix);
66
67 if (pl == 0)
68 return (char*) s + sl;
69
70 if (sl < pl)
71 return NULL((void*)0);
72
73 if (strcasecmp(s + sl - pl, postfix) != 0)
74 return NULL((void*)0);
75
76 return (char*) s + sl - pl;
77}
78
79char* first_word(const char *s, const char *word) {
80 size_t sl, wl;
81 const char *p;
82
83 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 83, __PRETTY_FUNCTION__
); } while (0);
84 assert(word)do { if ((__builtin_expect(!!(!(word)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("word"), "../src/basic/string-util.c", 84
, __PRETTY_FUNCTION__); } while (0);
85
86 /* Checks if the string starts with the specified word, either
87 * followed by NUL or by whitespace. Returns a pointer to the
88 * NUL or the first character after the whitespace. */
89
90 sl = strlen(s);
91 wl = strlen(word);
92
93 if (sl < wl)
94 return NULL((void*)0);
95
96 if (wl == 0)
97 return (char*) s;
98
99 if (memcmp(s, word, wl) != 0)
100 return NULL((void*)0);
101
102 p = s + wl;
103 if (*p == 0)
104 return (char*) p;
105
106 if (!strchr(WHITESPACE" \t\n\r", *p))
107 return NULL((void*)0);
108
109 p += strspn(p, WHITESPACE" \t\n\r");
110 return (char*) p;
111}
112
113static size_t strcspn_escaped(const char *s, const char *reject) {
114 bool_Bool escaped = false0;
115 int n;
116
117 for (n=0; s[n]; n++) {
118 if (escaped)
119 escaped = false0;
120 else if (s[n] == '\\')
121 escaped = true1;
122 else if (strchr(reject, s[n]))
123 break;
124 }
125
126 /* if s ends in \, return index of previous char */
127 return n - escaped;
128}
129
130/* Split a string into words. */
131const char* split(const char **state, size_t *l, const char *separator, bool_Bool quoted) {
132 const char *current;
133
134 current = *state;
135
136 if (!*current) {
137 assert(**state == '\0')do { if ((__builtin_expect(!!(!(**state == '\0')),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("**state == '\\0'"), "../src/basic/string-util.c"
, 137, __PRETTY_FUNCTION__); } while (0);
138 return NULL((void*)0);
139 }
140
141 current += strspn(current, separator);
142 if (!*current) {
143 *state = current;
144 return NULL((void*)0);
145 }
146
147 if (quoted && strchr("\'\"", *current)) {
148 char quotechars[2] = {*current, '\0'};
149
150 *l = strcspn_escaped(current + 1, quotechars);
151 if (current[*l + 1] == '\0' || current[*l + 1] != quotechars[0] ||
152 (current[*l + 2] && !strchr(separator, current[*l + 2]))) {
153 /* right quote missing or garbage at the end */
154 *state = current;
155 return NULL((void*)0);
156 }
157 *state = current++ + *l + 2;
158 } else if (quoted) {
159 *l = strcspn_escaped(current, separator);
160 if (current[*l] && !strchr(separator, current[*l])) {
161 /* unfinished escape */
162 *state = current;
163 return NULL((void*)0);
164 }
165 *state = current + *l;
166 } else {
167 *l = strcspn(current, separator);
168 *state = current + *l;
169 }
170
171 return current;
172}
173
174char *strnappend(const char *s, const char *suffix, size_t b) {
175 size_t a;
176 char *r;
177
178 if (!s && !suffix)
179 return strdup("");
180
181 if (!s)
182 return strndup(suffix, b);
183
184 if (!suffix)
185 return strdup(s);
186
187 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 187,
__PRETTY_FUNCTION__); } while (0);
188 assert(suffix)do { if ((__builtin_expect(!!(!(suffix)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("suffix"), "../src/basic/string-util.c",
188, __PRETTY_FUNCTION__); } while (0);
189
190 a = strlen(s);
191 if (b > ((size_t) -1) - a)
192 return NULL((void*)0);
193
194 r = new(char, a+b+1)((char*) malloc_multiply(sizeof(char), (a+b+1)));
195 if (!r)
196 return NULL((void*)0);
197
198 memcpy(r, s, a);
199 memcpy(r+a, suffix, b);
200 r[a+b] = 0;
201
202 return r;
203}
204
205char *strappend(const char *s, const char *suffix) {
206 return strnappend(s, suffix, strlen_ptr(suffix));
207}
208
209char *strjoin_real(const char *x, ...) {
210 va_list ap;
211 size_t l;
212 char *r, *p;
213
214 va_start(ap, x)__builtin_va_start(ap, x);
215
216 if (x) {
217 l = strlen(x);
218
219 for (;;) {
220 const char *t;
221 size_t n;
222
223 t = va_arg(ap, const char *)__builtin_va_arg(ap, const char *);
224 if (!t)
225 break;
226
227 n = strlen(t);
228 if (n > ((size_t) -1) - l) {
229 va_end(ap)__builtin_va_end(ap);
230 return NULL((void*)0);
231 }
232
233 l += n;
234 }
235 } else
236 l = 0;
237
238 va_end(ap)__builtin_va_end(ap);
239
240 r = new(char, l+1)((char*) malloc_multiply(sizeof(char), (l+1)));
241 if (!r)
242 return NULL((void*)0);
243
244 if (x) {
245 p = stpcpy(r, x);
246
247 va_start(ap, x)__builtin_va_start(ap, x);
248
249 for (;;) {
250 const char *t;
251
252 t = va_arg(ap, const char *)__builtin_va_arg(ap, const char *);
253 if (!t)
254 break;
255
256 p = stpcpy(p, t);
257 }
258
259 va_end(ap)__builtin_va_end(ap);
260 } else
261 r[0] = 0;
262
263 return r;
264}
265
266char *strstrip(char *s) {
267 if (!s)
268 return NULL((void*)0);
269
270 /* Drops trailing whitespace. Modifies the string in place. Returns pointer to first non-space character */
271
272 return delete_trailing_chars(skip_leading_chars(s, WHITESPACE" \t\n\r"), WHITESPACE" \t\n\r");
273}
274
275char *delete_chars(char *s, const char *bad) {
276 char *f, *t;
277
278 /* Drops all specified bad characters, regardless where in the string */
279
280 if (!s)
281 return NULL((void*)0);
282
283 if (!bad)
284 bad = WHITESPACE" \t\n\r";
285
286 for (f = s, t = s; *f; f++) {
287 if (strchr(bad, *f))
288 continue;
289
290 *(t++) = *f;
291 }
292
293 *t = 0;
294
295 return s;
296}
297
298char *delete_trailing_chars(char *s, const char *bad) {
299 char *p, *c = s;
300
301 /* Drops all specified bad characters, at the end of the string */
302
303 if (!s)
304 return NULL((void*)0);
305
306 if (!bad)
307 bad = WHITESPACE" \t\n\r";
308
309 for (p = s; *p; p++)
310 if (!strchr(bad, *p))
311 c = p + 1;
312
313 *c = 0;
314
315 return s;
316}
317
318char *truncate_nl(char *s) {
319 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 319,
__PRETTY_FUNCTION__); } while (0);
320
321 s[strcspn(s, NEWLINE"\n\r")] = 0;
322 return s;
323}
324
325char ascii_tolower(char x) {
326
327 if (x >= 'A' && x <= 'Z')
328 return x - 'A' + 'a';
329
330 return x;
331}
332
333char ascii_toupper(char x) {
334
335 if (x >= 'a' && x <= 'z')
336 return x - 'a' + 'A';
337
338 return x;
339}
340
341char *ascii_strlower(char *t) {
342 char *p;
343
344 assert(t)do { if ((__builtin_expect(!!(!(t)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("t"), "../src/basic/string-util.c", 344,
__PRETTY_FUNCTION__); } while (0);
345
346 for (p = t; *p; p++)
347 *p = ascii_tolower(*p);
348
349 return t;
350}
351
352char *ascii_strupper(char *t) {
353 char *p;
354
355 assert(t)do { if ((__builtin_expect(!!(!(t)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("t"), "../src/basic/string-util.c", 355,
__PRETTY_FUNCTION__); } while (0);
356
357 for (p = t; *p; p++)
358 *p = ascii_toupper(*p);
359
360 return t;
361}
362
363char *ascii_strlower_n(char *t, size_t n) {
364 size_t i;
365
366 if (n <= 0)
367 return t;
368
369 for (i = 0; i < n; i++)
370 t[i] = ascii_tolower(t[i]);
371
372 return t;
373}
374
375int ascii_strcasecmp_n(const char *a, const char *b, size_t n) {
376
377 for (; n > 0; a++, b++, n--) {
378 int x, y;
379
380 x = (int) (uint8_t) ascii_tolower(*a);
381 y = (int) (uint8_t) ascii_tolower(*b);
382
383 if (x != y)
384 return x - y;
385 }
386
387 return 0;
388}
389
390int ascii_strcasecmp_nn(const char *a, size_t n, const char *b, size_t m) {
391 int r;
392
393 r = ascii_strcasecmp_n(a, b, MIN(n, m)__extension__ ({ const typeof((n)) __unique_prefix_A4 = ((n))
; const typeof((m)) __unique_prefix_B5 = ((m)); __unique_prefix_A4
< __unique_prefix_B5 ? __unique_prefix_A4 : __unique_prefix_B5
; }));
394 if (r != 0)
395 return r;
396
397 if (n < m)
398 return -1;
399 else if (n > m)
400 return 1;
401 else
402 return 0;
403}
404
405bool_Bool chars_intersect(const char *a, const char *b) {
406 const char *p;
407
408 /* Returns true if any of the chars in a are in b. */
409 for (p = a; *p; p++)
410 if (strchr(b, *p))
411 return true1;
412
413 return false0;
414}
415
416bool_Bool string_has_cc(const char *p, const char *ok) {
417 const char *t;
418
419 assert(p)do { if ((__builtin_expect(!!(!(p)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("p"), "../src/basic/string-util.c", 419,
__PRETTY_FUNCTION__); } while (0);
420
421 /*
422 * Check if a string contains control characters. If 'ok' is
423 * non-NULL it may be a string containing additional CCs to be
424 * considered OK.
425 */
426
427 for (t = p; *t; t++) {
428 if (ok && strchr(ok, *t))
429 continue;
430
431 if (*t > 0 && *t < ' ')
432 return true1;
433
434 if (*t == 127)
435 return true1;
436 }
437
438 return false0;
439}
440
441static int write_ellipsis(char *buf, bool_Bool unicode) {
442 if (unicode
45.1
'unicode' is true
45.1
'unicode' is true
 || is_locale_utf8()) {
443 buf[0] = 0xe2; /* tri-dot ellipsis: … */
46
Use of zero-allocated memory
444 buf[1] = 0x80;
445 buf[2] = 0xa6;
446 } else {
447 buf[0] = '.';
448 buf[1] = '.';
449 buf[2] = '.';
450 }
451
452 return 3;
453}
454
455static char *ascii_ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
456 size_t x, need_space, suffix_len;
457 char *t;
458
459 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 459,
__PRETTY_FUNCTION__); } while (0);
460 assert(percent <= 100)do { if ((__builtin_expect(!!(!(percent <= 100)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("percent <= 100"), "../src/basic/string-util.c"
, 460, __PRETTY_FUNCTION__); } while (0);
461 assert(new_length != (size_t) -1)do { if ((__builtin_expect(!!(!(new_length != (size_t) -1)),0
))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("new_length != (size_t) -1"
), "../src/basic/string-util.c", 461, __PRETTY_FUNCTION__); }
while (0);
462
463 if (old_length <= new_length)
464 return strndup(s, old_length);
465
466 /* Special case short ellipsations */
467 switch (new_length) {
468
469 case 0:
470 return strdup("");
471
472 case 1:
473 if (is_locale_utf8())
474 return strdup("…");
475 else
476 return strdup(".");
477
478 case 2:
479 if (!is_locale_utf8())
480 return strdup("..");
481
482 break;
483
484 default:
485 break;
486 }
487
488 /* Calculate how much space the ellipsis will take up. If we are in UTF-8 mode we only need space for one
489 * character ("…"), otherwise for three characters ("..."). Note that in both cases we need 3 bytes of storage,
490 * either for the UTF-8 encoded character or for three ASCII characters. */
491 need_space = is_locale_utf8() ? 1 : 3;
492
493 t = new(char, new_length+3)((char*) malloc_multiply(sizeof(char), (new_length+3)));
494 if (!t)
495 return NULL((void*)0);
496
497 assert(new_length >= need_space)do { if ((__builtin_expect(!!(!(new_length >= need_space))
,0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("new_length >= need_space"
), "../src/basic/string-util.c", 497, __PRETTY_FUNCTION__); }
while (0);
498
499 x = ((new_length - need_space) * percent + 50) / 100;
500 assert(x <= new_length - need_space)do { if ((__builtin_expect(!!(!(x <= new_length - need_space
)),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("x <= new_length - need_space"
), "../src/basic/string-util.c", 500, __PRETTY_FUNCTION__); }
while (0);
501
502 memcpy(t, s, x);
503 write_ellipsis(t + x, false0);
504 suffix_len = new_length - x - need_space;
505 memcpy(t + x + 3, s + old_length - suffix_len, suffix_len);
506 *(t + x + 3 + suffix_len) = '\0';
507
508 return t;
509}
510
511char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigned percent) {
512 size_t x, k, len, len2;
513 const char *i, *j;
514 char *e;
515 int r;
516
517 /* Note that 'old_length' refers to bytes in the string, while 'new_length' refers to character cells taken up
518 * on screen. This distinction doesn't matter for ASCII strings, but it does matter for non-ASCII UTF-8
519 * strings.
520 *
521 * Ellipsation is done in a locale-dependent way:
522 * 1. If the string passed in is fully ASCII and the current locale is not UTF-8, three dots are used ("...")
523 * 2. Otherwise, a unicode ellipsis is used ("…")
524 *
525 * In other words: you'll get a unicode ellipsis as soon as either the string contains non-ASCII characters or
526 * the current locale is UTF-8.
527 */
528
529 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 529,
__PRETTY_FUNCTION__); } while (0);
1
Assuming 's' is non-null
2
Taking false branch
3
Loop condition is false. Exiting loop
530 assert(percent <= 100)do { if ((__builtin_expect(!!(!(percent <= 100)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("percent <= 100"), "../src/basic/string-util.c"
, 530, __PRETTY_FUNCTION__); } while (0);
4
Assuming 'percent' is <= 100
5
Taking false branch
6
Loop condition is false. Exiting loop
531
532 if (new_length == (size_t) -1)
7
Assuming the condition is false
8
Taking false branch
533 return strndup(s, old_length);
534
535 if (new_length == 0)
9
Assuming 'new_length' is not equal to 0
10
Taking false branch
536 return strdup("");
537
538 /* If no multibyte characters use ascii_ellipsize_mem for speed */
539 if (ascii_is_valid_n(s, old_length))
11
Assuming the condition is false
12
Taking false branch
540 return ascii_ellipsize_mem(s, old_length, new_length, percent);
541
542 x = ((new_length - 1) * percent) / 100;
543 assert(x <= new_length - 1)do { if ((__builtin_expect(!!(!(x <= new_length - 1)),0)))
log_assert_failed_realm(LOG_REALM_SYSTEMD, ("x <= new_length - 1"
), "../src/basic/string-util.c", 543, __PRETTY_FUNCTION__); }
while (0);
13
Assuming the condition is true
14
Taking false branch
15
Loop condition is false. Exiting loop
544
545 k = 0;
546 for (i = s; i < s + old_length; i = utf8_next_char(i)(char *)((i) + utf8_skip_data[*(const unsigned char *)(i)])) {
16
Loop condition is false. Execution continues on line 561
547 char32_t c;
548 int w;
549
550 r = utf8_encoded_to_unichar(i, &c);
551 if (r < 0)
552 return NULL((void*)0);
553
554 w = unichar_iswide(c) ? 2 : 1;
555 if (k + w <= x)
556 k += w;
557 else
558 break;
559 }
560
561 for (j = s + old_length; j > i; ) {
17
Loop condition is true. Entering loop body
23
Assuming 'j' is > 'i'
24
Loop condition is true. Entering loop body
562 char32_t c;
563 int w;
564 const char *jj;
565
566 jj = utf8_prev_char(j);
567 r = utf8_encoded_to_unichar(jj, &c);
568 if (r < 0)
18
Assuming 'r' is >= 0
19
Taking false branch
25
Assuming 'r' is >= 0
26
Taking false branch
569 return NULL((void*)0);
570
571 w = unichar_iswide(c) ? 2 : 1;
20
Assuming the condition is false
21
'?' condition is false
27
Assuming the condition is false
28
'?' condition is false
572 if (k + w <= new_length) {
22
Taking true branch
29
Assuming the condition is false
30
Taking false branch
573 k += w;
574 j = jj;
575 } else
576 break;
31
 Execution continues on line 578
577 }
578 assert(i <= j)do { if ((__builtin_expect(!!(!(i <= j)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("i <= j"), "../src/basic/string-util.c"
, 578, __PRETTY_FUNCTION__); } while (0);
32
Assuming 'i' is <= 'j'
33
Taking false branch
34
Loop condition is false. Exiting loop
579
580 /* we don't actually need to ellipsize */
581 if (i
34.1
'i' is not equal to 'j'
34.1
'i' is not equal to 'j'
 == j)
35
Taking false branch
582 return memdup_suffix0(s, old_length);
583
584 /* make space for ellipsis, if possible */
585 if (j < s + old_length)
36
Assuming the condition is false
37
Taking false branch
586 j = utf8_next_char(j)(char *)((j) + utf8_skip_data[*(const unsigned char *)(j)]);
587 else if (i
37.1
'i' is <= 's'
37.1
'i' is <= 's'
 > s)
38
Taking false branch
588 i = utf8_prev_char(i);
589
590 len = i - s;
591 len2 = s + old_length - j;
592 e = new(char, len + 3 + len2 + 1)((char*) malloc_multiply(sizeof(char), (len + 3 + len2 + 1)));
39
Calling 'malloc_multiply'
42
Returned allocated memory
593 if (!e)
43
Assuming 'e' is non-null
44
Taking false branch
594 return NULL((void*)0);
595
596 /*
597 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
598 old_length, new_length, x, len, len2, k);
599 */
600
601 memcpy(e, s, len);
602 write_ellipsis(e + len, true1);
45
Calling 'write_ellipsis'
603 memcpy(e + len + 3, j, len2);
604 *(e + len + 3 + len2) = '\0';
605
606 return e;
607}
608
609char *cellescape(char *buf, size_t len, const char *s) {
610 /* Escape and ellipsize s into buffer buf of size len. Only non-control ASCII
611 * characters are copied as they are, everything else is escaped. The result
612 * is different then if escaping and ellipsization was performed in two
613 * separate steps, because each sequence is either stored in full or skipped.
614 *
615 * This function should be used for logging about strings which expected to
616 * be plain ASCII in a safe way.
617 *
618 * An ellipsis will be used if s is too long. It was always placed at the
619 * very end.
620 */
621
622 size_t i = 0, last_char_width[4] = {}, k = 0, j;
623
624 assert(len > 0)do { if ((__builtin_expect(!!(!(len > 0)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("len > 0"), "../src/basic/string-util.c"
, 624, __PRETTY_FUNCTION__); } while (0); /* at least a terminating NUL */
625
626 for (;;) {
627 char four[4];
628 int w;
629
630 if (*s == 0) /* terminating NUL detected? then we are done! */
631 goto done;
632
633 w = cescape_char(*s, four);
634 if (i + w + 1 > len) /* This character doesn't fit into the buffer anymore? In that case let's
635 * ellipsize at the previous location */
636 break;
637
638 /* OK, there was space, let's add this escaped character to the buffer */
639 memcpy(buf + i, four, w);
640 i += w;
641
642 /* And remember its width in the ring buffer */
643 last_char_width[k] = w;
644 k = (k + 1) % 4;
645
646 s++;
647 }
648
649 /* Ellipsation is necessary. This means we might need to truncate the string again to make space for 4
650 * characters ideally, but the buffer is shorter than that in the first place take what we can get */
651 for (j = 0; j < ELEMENTSOF(last_char_width)__extension__ (__builtin_choose_expr( !__builtin_types_compatible_p
(typeof(last_char_width), typeof(&*(last_char_width))), sizeof
(last_char_width)/sizeof((last_char_width)[0]), ((void)0))); j++) {
652
653 if (i + 4 <= len) /* nice, we reached our space goal */
654 break;
655
656 k = k == 0 ? 3 : k - 1;
657 if (last_char_width[k] == 0) /* bummer, we reached the beginning of the strings */
658 break;
659
660 assert(i >= last_char_width[k])do { if ((__builtin_expect(!!(!(i >= last_char_width[k])),
0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("i >= last_char_width[k]"
), "../src/basic/string-util.c", 660, __PRETTY_FUNCTION__); }
while (0);
661 i -= last_char_width[k];
662 }
663
664 if (i + 4 <= len) /* yay, enough space */
665 i += write_ellipsis(buf + i, false0);
666 else if (i + 3 <= len) { /* only space for ".." */
667 buf[i++] = '.';
668 buf[i++] = '.';
669 } else if (i + 2 <= len) /* only space for a single "." */
670 buf[i++] = '.';
671 else
672 assert(i + 1 <= len)do { if ((__builtin_expect(!!(!(i + 1 <= len)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("i + 1 <= len"), "../src/basic/string-util.c"
, 672, __PRETTY_FUNCTION__); } while (0);
673
674 done:
675 buf[i] = '\0';
676 return buf;
677}
678
679bool_Bool nulstr_contains(const char *nulstr, const char *needle) {
680 const char *i;
681
682 if (!nulstr)
683 return false0;
684
685 NULSTR_FOREACH(i, nulstr)for ((i) = (nulstr); (i) && *(i); (i) = strchr((i), 0
)+1)
686 if (streq(i, needle)(strcmp((i),(needle)) == 0))
687 return true1;
688
689 return false0;
690}
691
692char* strshorten(char *s, size_t l) {
693 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 693,
__PRETTY_FUNCTION__); } while (0);
694
695 if (strnlen(s, l+1) > l)
696 s[l] = 0;
697
698 return s;
699}
700
701char *strreplace(const char *text, const char *old_string, const char *new_string) {
702 size_t l, old_len, new_len, allocated = 0;
703 char *t, *ret = NULL((void*)0);
704 const char *f;
705
706 assert(old_string)do { if ((__builtin_expect(!!(!(old_string)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("old_string"), "../src/basic/string-util.c"
, 706, __PRETTY_FUNCTION__); } while (0);
707 assert(new_string)do { if ((__builtin_expect(!!(!(new_string)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("new_string"), "../src/basic/string-util.c"
, 707, __PRETTY_FUNCTION__); } while (0);
708
709 if (!text)
710 return NULL((void*)0);
711
712 old_len = strlen(old_string);
713 new_len = strlen(new_string);
714
715 l = strlen(text);
716 if (!GREEDY_REALLOC(ret, allocated, l+1)greedy_realloc((void**) &(ret), &(allocated), (l+1), sizeof
((ret)[0])))
717 return NULL((void*)0);
718
719 f = text;
720 t = ret;
721 while (*f) {
722 size_t d, nl;
723
724 if (!startswith(f, old_string)) {
725 *(t++) = *(f++);
726 continue;
727 }
728
729 d = t - ret;
730 nl = l - old_len + new_len;
731
732 if (!GREEDY_REALLOC(ret, allocated, nl + 1)greedy_realloc((void**) &(ret), &(allocated), (nl + 1
), sizeof((ret)[0])))
733 return mfree(ret);
734
735 l = nl;
736 t = ret + d;
737
738 t = stpcpy(t, new_string);
739 f += old_len;
740 }
741
742 *t = 0;
743 return ret;
744}
745
746static void advance_offsets(ssize_t diff, size_t offsets[2], size_t shift[2], size_t size) {
747 if (!offsets)
748 return;
749
750 if ((size_t) diff < offsets[0])
751 shift[0] += size;
752 if ((size_t) diff < offsets[1])
753 shift[1] += size;
754}
755
756char *strip_tab_ansi(char **ibuf, size_t *_isz, size_t highlight[2]) {
757 const char *i, *begin = NULL((void*)0);
758 enum {
759 STATE_OTHER,
760 STATE_ESCAPE,
761 STATE_CSI,
762 STATE_CSO,
763 } state = STATE_OTHER;
764 char *obuf = NULL((void*)0);
765 size_t osz = 0, isz, shift[2] = {};
766 FILE *f;
767
768 assert(ibuf)do { if ((__builtin_expect(!!(!(ibuf)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("ibuf"), "../src/basic/string-util.c", 768
, __PRETTY_FUNCTION__); } while (0);
769 assert(*ibuf)do { if ((__builtin_expect(!!(!(*ibuf)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("*ibuf"), "../src/basic/string-util.c", 769
, __PRETTY_FUNCTION__); } while (0);
770
771 /* This does three things:
772 *
773 * 1. Replaces TABs by 8 spaces
774 * 2. Strips ANSI color sequences (a subset of CSI), i.e. ESC '[' … 'm' sequences
775 * 3. Strips ANSI operating system sequences (CSO), i.e. ESC ']' … BEL sequences
776 *
777 * Everything else will be left as it is. In particular other ANSI sequences are left as they are, as are any
778 * other special characters. Truncated ANSI sequences are left-as is too. This call is supposed to suppress the
779 * most basic formatting noise, but nothing else.
780 *
781 * Why care for CSO sequences? Well, to undo what terminal_urlify() and friends generate. */
782
783 isz = _isz ? *_isz : strlen(*ibuf);
784
785 f = open_memstream(&obuf, &osz);
786 if (!f)
787 return NULL((void*)0);
788
789 /* Note we turn off internal locking on f for performance reasons. It's safe to do so since we created f here
790 * and it doesn't leave our scope. */
791
792 (void) __fsetlocking(f, FSETLOCKING_BYCALLERFSETLOCKING_BYCALLER);
793
794 for (i = *ibuf; i < *ibuf + isz + 1; i++) {
795
796 switch (state) {
797
798 case STATE_OTHER:
799 if (i >= *ibuf + isz) /* EOT */
800 break;
801 else if (*i == '\x1B')
802 state = STATE_ESCAPE;
803 else if (*i == '\t') {
804 fputs(" ", f);
805 advance_offsets(i - *ibuf, highlight, shift, 7);
806 } else
807 fputc(*i, f);
808
809 break;
810
811 case STATE_ESCAPE:
812 if (i >= *ibuf + isz) { /* EOT */
813 fputc('\x1B', f);
814 advance_offsets(i - *ibuf, highlight, shift, 1);
815 break;
816 } else if (*i == '[') { /* ANSI CSI */
817 state = STATE_CSI;
818 begin = i + 1;
819 } else if (*i == ']') { /* ANSI CSO */
820 state = STATE_CSO;
821 begin = i + 1;
822 } else {
823 fputc('\x1B', f);
824 fputc(*i, f);
825 advance_offsets(i - *ibuf, highlight, shift, 1);
826 state = STATE_OTHER;
827 }
828
829 break;
830
831 case STATE_CSI:
832
833 if (i >= *ibuf + isz || /* EOT … */
834 !strchr("01234567890;m", *i)) { /* … or invalid chars in sequence */
835 fputc('\x1B', f);
836 fputc('[', f);
837 advance_offsets(i - *ibuf, highlight, shift, 2);
838 state = STATE_OTHER;
839 i = begin-1;
840 } else if (*i == 'm')
841 state = STATE_OTHER;
842
843 break;
844
845 case STATE_CSO:
846
847 if (i >= *ibuf + isz || /* EOT … */
848 (*i != '\a' && (uint8_t) *i < 32U) || (uint8_t) *i > 126U) { /* … or invalid chars in sequence */
849 fputc('\x1B', f);
850 fputc(']', f);
851 advance_offsets(i - *ibuf, highlight, shift, 2);
852 state = STATE_OTHER;
853 i = begin-1;
854 } else if (*i == '\a')
855 state = STATE_OTHER;
856
857 break;
858 }
859 }
860
861 if (fflush_and_check(f) < 0) {
862 fclose(f);
863 return mfree(obuf);
864 }
865
866 fclose(f);
867
868 free(*ibuf);
869 *ibuf = obuf;
870
871 if (_isz)
872 *_isz = osz;
873
874 if (highlight) {
875 highlight[0] += shift[0];
876 highlight[1] += shift[1];
877 }
878
879 return obuf;
880}
881
882char *strextend_with_separator(char **x, const char *separator, ...) {
883 bool_Bool need_separator;
884 size_t f, l, l_separator;
885 char *r, *p;
886 va_list ap;
887
888 assert(x)do { if ((__builtin_expect(!!(!(x)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("x"), "../src/basic/string-util.c", 888,
__PRETTY_FUNCTION__); } while (0);
889
890 l = f = strlen_ptr(*x);
891
892 need_separator = !isempty(*x);
893 l_separator = strlen_ptr(separator);
894
895 va_start(ap, separator)__builtin_va_start(ap, separator);
896 for (;;) {
897 const char *t;
898 size_t n;
899
900 t = va_arg(ap, const char *)__builtin_va_arg(ap, const char *);
901 if (!t)
902 break;
903
904 n = strlen(t);
905
906 if (need_separator)
907 n += l_separator;
908
909 if (n > ((size_t) -1) - l) {
910 va_end(ap)__builtin_va_end(ap);
911 return NULL((void*)0);
912 }
913
914 l += n;
915 need_separator = true1;
916 }
917 va_end(ap)__builtin_va_end(ap);
918
919 need_separator = !isempty(*x);
920
921 r = realloc(*x, l+1);
922 if (!r)
923 return NULL((void*)0);
924
925 p = r + f;
926
927 va_start(ap, separator)__builtin_va_start(ap, separator);
928 for (;;) {
929 const char *t;
930
931 t = va_arg(ap, const char *)__builtin_va_arg(ap, const char *);
932 if (!t)
933 break;
934
935 if (need_separator && separator)
936 p = stpcpy(p, separator);
937
938 p = stpcpy(p, t);
939
940 need_separator = true1;
941 }
942 va_end(ap)__builtin_va_end(ap);
943
944 assert(p == r + l)do { if ((__builtin_expect(!!(!(p == r + l)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("p == r + l"), "../src/basic/string-util.c"
, 944, __PRETTY_FUNCTION__); } while (0);
945
946 *p = 0;
947 *x = r;
948
949 return r + l;
950}
951
952char *strrep(const char *s, unsigned n) {
953 size_t l;
954 char *r, *p;
955 unsigned i;
956
957 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 957,
__PRETTY_FUNCTION__); } while (0);
958
959 l = strlen(s);
960 p = r = malloc(l * n + 1);
961 if (!r)
962 return NULL((void*)0);
963
964 for (i = 0; i < n; i++)
965 p = stpcpy(p, s);
966
967 *p = 0;
968 return r;
969}
970
971int split_pair(const char *s, const char *sep, char **l, char **r) {
972 char *x, *a, *b;
973
974 assert(s)do { if ((__builtin_expect(!!(!(s)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s"), "../src/basic/string-util.c", 974,
__PRETTY_FUNCTION__); } while (0);
975 assert(sep)do { if ((__builtin_expect(!!(!(sep)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("sep"), "../src/basic/string-util.c", 975
, __PRETTY_FUNCTION__); } while (0);
976 assert(l)do { if ((__builtin_expect(!!(!(l)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("l"), "../src/basic/string-util.c", 976,
__PRETTY_FUNCTION__); } while (0);
977 assert(r)do { if ((__builtin_expect(!!(!(r)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("r"), "../src/basic/string-util.c", 977,
__PRETTY_FUNCTION__); } while (0);
978
979 if (isempty(sep))
980 return -EINVAL22;
981
982 x = strstr(s, sep);
983 if (!x)
984 return -EINVAL22;
985
986 a = strndup(s, x - s);
987 if (!a)
988 return -ENOMEM12;
989
990 b = strdup(x + strlen(sep));
991 if (!b) {
992 free(a);
993 return -ENOMEM12;
994 }
995
996 *l = a;
997 *r = b;
998
999 return 0;
1000}
1001
1002int free_and_strdup(char **p, const char *s) {
1003 char *t;
1004
1005 assert(p)do { if ((__builtin_expect(!!(!(p)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("p"), "../src/basic/string-util.c", 1005
, __PRETTY_FUNCTION__); } while (0);
1006
1007 /* Replaces a string pointer with a strdup()ed new string,
1008 * possibly freeing the old one. */
1009
1010 if (streq_ptr(*p, s))
1011 return 0;
1012
1013 if (s) {
1014 t = strdup(s);
1015 if (!t)
1016 return -ENOMEM12;
1017 } else
1018 t = NULL((void*)0);
1019
1020 free(*p);
1021 *p = t;
1022
1023 return 1;
1024}
1025
1026int free_and_strndup(char **p, const char *s, size_t l) {
1027 char *t;
1028
1029 assert(p)do { if ((__builtin_expect(!!(!(p)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("p"), "../src/basic/string-util.c", 1029
, __PRETTY_FUNCTION__); } while (0);
1030 assert(s || l == 0)do { if ((__builtin_expect(!!(!(s || l == 0)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("s || l == 0"), "../src/basic/string-util.c"
, 1030, __PRETTY_FUNCTION__); } while (0);
1031
1032 /* Replaces a string pointer with a strndup()ed new string,
1033 * freeing the old one. */
1034
1035 if (!*p && !s)
1036 return 0;
1037
1038 if (*p && s && strneq(*p, s, l)(strncmp((*p), (s), (l)) == 0) && (l > strlen(*p) || (*p)[l] == '\0'))
1039 return 0;
1040
1041 if (s) {
1042 t = strndup(s, l);
1043 if (!t)
1044 return -ENOMEM12;
1045 } else
1046 t = NULL((void*)0);
1047
1048 free_and_replace(*p, t)({ free(*p); (*p) = (t); (t) = ((void*)0); 0; });
1049 return 1;
1050}
1051
1052#if !HAVE_EXPLICIT_BZERO1
1053/*
1054 * Pointer to memset is volatile so that compiler must de-reference
1055 * the pointer and can't assume that it points to any function in
1056 * particular (such as memset, which it then might further "optimize")
1057 * This approach is inspired by openssl's crypto/mem_clr.c.
1058 */
1059typedef void *(*memset_t)(void *,int,size_t);
1060
1061static volatile memset_t memset_func = memset;
1062
1063void explicit_bzero(void *p, size_t l) {
1064 memset_func(p, '\0', l);
1065}
1066#endif
1067
1068char* string_erase(char *x) {
1069 if (!x)
1070 return NULL((void*)0);
1071
1072 /* A delicious drop of snake-oil! To be called on memory where
1073 * we stored passphrases or so, after we used them. */
1074 explicit_bzero(x, strlen(x));
1075 return x;
1076}
1077
1078char *string_free_erase(char *s) {
1079 return mfree(string_erase(s));
1080}
1081
1082bool_Bool string_is_safe(const char *p) {
1083 const char *t;
1084
1085 if (!p)
1086 return false0;
1087
1088 for (t = p; *t; t++) {
1089 if (*t > 0 && *t < ' ') /* no control characters */
1090 return false0;
1091
1092 if (strchr(QUOTES"\"\'" "\\\x7f", *t))
1093 return false0;
1094 }
1095
1096 return true1;
1097}

../src/basic/alloc-util.h

1/* SPDX-License-Identifier: LGPL-2.1+ */
2#pragma once
3
4#include <alloca.h>
5#include <stddef.h>
6#include <stdlib.h>
7#include <string.h>
8
9#include "macro.h"
10
11#define new(t, n)((t*) malloc_multiply(sizeof(t), (n))) ((t*) malloc_multiply(sizeof(t), (n)))
12
13#define new0(t, n)((t*) calloc((n), sizeof(t))) ((t*) calloc((n), sizeof(t)))
14
15#define newa(t, n)({ do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 15, __PRETTY_FUNCTION__); } while
(0); (t*) __builtin_alloca (sizeof(t)*(n)); }) \
16 ({ \
17 assert(!size_multiply_overflow(sizeof(t), n))do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 17, __PRETTY_FUNCTION__); } while
(0); \
18 (t*) alloca(sizeof(t)*(n))__builtin_alloca (sizeof(t)*(n)); \
19 })
20
21#define newa0(t, n)({ do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 21, __PRETTY_FUNCTION__); } while
(0); (t*) ({ char *_new_; size_t _len_ = sizeof(t)*(n); _new_
= __builtin_alloca (_len_); (void *) memset(_new_, 0, _len_)
; }); }) \
22 ({ \
23 assert(!size_multiply_overflow(sizeof(t), n))do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 23, __PRETTY_FUNCTION__); } while
(0); \
24 (t*) alloca0(sizeof(t)*(n))({ char *_new_; size_t _len_ = sizeof(t)*(n); _new_ = __builtin_alloca
(_len_); (void *) memset(_new_, 0, _len_); }); \
25 })
26
27#define newdup(t, p, n)((t*) memdup_multiply(p, sizeof(t), (n))) ((t*) memdup_multiply(p, sizeof(t), (n)))
28
29#define newdup_suffix0(t, p, n)((t*) memdup_suffix0_multiply(p, sizeof(t), (n))) ((t*) memdup_suffix0_multiply(p, sizeof(t), (n)))
30
31#define malloc0(n)(calloc(1, (n))) (calloc(1, (n)))
32
33static inline void *mfree(void *memory) {
34 free(memory);
35 return NULL((void*)0);
36}
37
38#define free_and_replace(a, b)({ free(a); (a) = (b); (b) = ((void*)0); 0; }) \
39 ({ \
40 free(a); \
41 (a) = (b); \
42 (b) = NULL((void*)0); \
43 0; \
44 })
45
46void* memdup(const void *p, size_t l) _alloc_(2);
47void* memdup_suffix0(const void *p, size_t l) _alloc_(2);
48
49static inline void freep(void *p) {
50 free(*(void**) p);
51}
52
53#define _cleanup_free___attribute__((cleanup(freep))) _cleanup_(freep)__attribute__((cleanup(freep)))
54
55static inline bool_Bool size_multiply_overflow(size_t size, size_t need) {
56 return _unlikely_(need != 0 && size > (SIZE_MAX / need))(__builtin_expect(!!(need != 0 && size > ((18446744073709551615UL
) / need)),0));
57}
58
59_malloc___attribute__ ((malloc)) _alloc_(1, 2) static inline void *malloc_multiply(size_t size, size_t need) {
60 if (size_multiply_overflow(size, need))
40
Taking false branch
61 return NULL((void*)0);
62
63 return malloc(size * need);
41
Memory is allocated
64}
65
66#if !HAVE_REALLOCARRAY1
67_alloc_(2, 3) static inline void *reallocarray(void *p, size_t need, size_t size) {
68 if (size_multiply_overflow(size, need))
69 return NULL((void*)0);
70
71 return realloc(p, size * need);
72}
73#endif
74
75_alloc_(2, 3) static inline void *memdup_multiply(const void *p, size_t size, size_t need) {
76 if (size_multiply_overflow(size, need))
77 return NULL((void*)0);
78
79 return memdup(p, size * need);
80}
81
82_alloc_(2, 3) static inline void *memdup_suffix0_multiply(const void *p, size_t size, size_t need) {
83 if (size_multiply_overflow(size, need))
84 return NULL((void*)0);
85
86 return memdup_suffix0(p, size * need);
87}
88
89void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size);
90void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size);
91
92#define GREEDY_REALLOC(array, allocated, need)greedy_realloc((void**) &(array), &(allocated), (need
), sizeof((array)[0])) \
93 greedy_realloc((void**) &(array), &(allocated), (need), sizeof((array)[0]))
94
95#define GREEDY_REALLOC0(array, allocated, need)greedy_realloc0((void**) &(array), &(allocated), (need
), sizeof((array)[0])) \
96 greedy_realloc0((void**) &(array), &(allocated), (need), sizeof((array)[0]))
97
98#define alloca0(n)({ char *_new_; size_t _len_ = n; _new_ = __builtin_alloca (_len_
); (void *) memset(_new_, 0, _len_); }) \
99 ({ \
100 char *_new_; \
101 size_t _len_ = n; \
102 _new_ = alloca(_len_)__builtin_alloca (_len_); \
103 (void *) memset(_new_, 0, _len_); \
104 })
105
106/* It's not clear what alignment glibc/gcc alloca() guarantee, hence provide a guaranteed safe version */
107#define alloca_align(size, align)({ void *_ptr_; size_t _mask_ = (align) - 1; _ptr_ = __builtin_alloca
((size) + _mask_); (void*)(((uintptr_t)_ptr_ + _mask_) &
~_mask_); }) \
108 ({ \
109 void *_ptr_; \
110 size_t _mask_ = (align) - 1; \
111 _ptr_ = alloca((size) + _mask_)__builtin_alloca ((size) + _mask_); \
112 (void*)(((uintptr_t)_ptr_ + _mask_) & ~_mask_); \
113 })
114
115#define alloca0_align(size, align)({ void *_new_; size_t _size_ = (size); _new_ = ({ void *_ptr_
; size_t _mask_ = ((align)) - 1; _ptr_ = __builtin_alloca ((_size_
) + _mask_); (void*)(((uintptr_t)_ptr_ + _mask_) & ~_mask_
); }); (void*)memset(_new_, 0, _size_); }) \
116 ({ \
117 void *_new_; \
118 size_t _size_ = (size); \
119 _new_ = alloca_align(_size_, (align))({ void *_ptr_; size_t _mask_ = ((align)) - 1; _ptr_ = __builtin_alloca
((_size_) + _mask_); (void*)(((uintptr_t)_ptr_ + _mask_) &
~_mask_); }); \
120 (void*)memset(_new_, 0, _size_); \
121 })
122
123/* Takes inspiration from Rusts's Option::take() method: reads and returns a pointer, but at the same time resets it to
124 * NULL. See: https://doc.rust-lang.org/std/option/enum.Option.html#method.take */
125#define TAKE_PTR(ptr)({ typeof(ptr) _ptr_ = (ptr); (ptr) = ((void*)0); _ptr_; }) \
126 ({ \
127 typeof(ptr) _ptr_ = (ptr); \
128 (ptr) = NULL((void*)0); \
129 _ptr_; \
130 })