fix osmo_escape_str_c() and osmo_quote_str_c()

The osmo_escape_str_c() and osmo_quote_str_c() functions return truncated results when characters need escaping. For example: osmo_quote_str_c(NULL, "foo"); --> "foo" osmo_quote_str_c(NULL, "foo\n"); --> "foo\n osmo_quote_str_c(NULL, "foo\tbar\t\n"); --> "foo\tbar\t Implement these _c variants using OSMO_NAME_C_IMPL() to always allocate sufficient memory. However, current osmo_escape_str_buf2() and osmo_quote_str_buf2() fail to return the required buffer size (even though that information is readily avaiable), so these don't qualify for accurate use of OSMO_NAME_C_IMPL(). Hence, move the implementations of osmo_escape_str and osmo_quote_str to an internal static function that returns the characters needed, so that all dynamically allocating implementations can return un-truncated results. Of course, external callers would also benefit from escape/quote API that accurately returns the amount of characters needed, but I am not changing public API in this patch, on purpose, ... yet. Change-Id: I16c08eced41bf1b7acf6e95f658068ace99ca4c8
author: Neels Hofmeyr <neels@hofmeyr.de> 2019-11-20 21:57:32 +0100
committer: laforge <laforge@osmocom.org> 2019-11-23 07:58:47 +0000
commit: c36e2e4924eaf573e6a02573259699771dbeab2d (patch)
tree: 8f7b9fa110293fd4523eda33526ca07d5ebc157c
parent: 823073aa911bbc218804774e6bfe9ad80310596c (diff)
1 files changed, 48 insertions, 30 deletions
diff --git a/src/utils.c b/src/utils.c
index 6fc2ee61..904f6e45 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -668,13 +668,15 @@ int osmo_print_n(char *buf, size_t bufsize, const char *str, size_t n)
 }
 
 /*! Return the string with all non-printable characters escaped.
+ * This internal function is the implementation for all osmo_escape_str* and osmo_quote_str* API versions.
+ * It provides a return value of characters-needed, to allow producing un-truncated strings in all cases.
  * \param[out] buf  string buffer to write escaped characters to.
  * \param[in] bufsize  sizeof(buf).
  * \param[in] str  A string that may contain any characters.
  * \param[in] in_len  Pass -1 to print until nul char, or >= 0 to force a length (also past nul chars).
- * \return The output buffer (buf).
+ * \return Number of characters that would be written if bufsize were large enough excluding '\0' (like snprintf()).
  */
-char *osmo_escape_str_buf2(char *buf, size_t bufsize, const char *str, int in_len)
+static size_t _osmo_escape_str_buf(char *buf, size_t bufsize, const char *str, int in_len)
 {
 	struct osmo_strbuf sb = { .buf = buf, .len = bufsize };
 	int in_pos = 0;
@@ -729,6 +731,19 @@ char *osmo_escape_str_buf2(char *buf, size_t bufsize, const char *str, int in_le
 	}
 
 done:
+	return sb.chars_needed;
+}
+
+/*! Return the string with all non-printable characters escaped.
+ * \param[out] buf  string buffer to write escaped characters to.
+ * \param[in] bufsize  sizeof(buf).
+ * \param[in] str  A string that may contain any characters.
+ * \param[in] in_len  Pass -1 to print until nul char, or >= 0 to force a length (also past nul chars).
+ * \return The output buffer (buf).
+ */
+char *osmo_escape_str_buf2(char *buf, size_t bufsize, const char *str, int in_len)
+{
+	_osmo_escape_str_buf(buf, bufsize, str, in_len);
 	return buf;
 }
 
@@ -750,31 +765,45 @@ const char *osmo_escape_str(const char *str, int in_len)
  */
 char *osmo_escape_str_c(const void *ctx, const char *str, int in_len)
 {
-	char *buf = talloc_size(ctx, in_len+1);
-	if (!buf)
-		return NULL;
-	return osmo_escape_str_buf2(buf, in_len+1, str, in_len);
+	/* The string will be at least as long as in_len, but some characters might need escaping.
+	 * These extra bytes should catch most usual escaping situations, avoiding a second run in OSMO_NAME_C_IMPL. */
+	OSMO_NAME_C_IMPL(ctx, in_len + 16, "ERROR", _osmo_escape_str_buf, str, in_len);
 }
 
-/*! Like osmo_escape_str_buf2(), but returns double-quotes around a string, or "NULL" for a NULL string.
- * This allows passing any char* value and get its C representation as string.
- * The function signature is suitable for OSMO_STRBUF_APPEND_NOLEN().
+/*! Return a quoted and escaped representation of the string.
+ * This internal function is the implementation for all osmo_quote_str* API versions.
+ * It provides a return value of characters-needed, to allow producing un-truncated strings in all cases.
  * \param[out] buf  string buffer to write escaped characters to.
  * \param[in] bufsize  sizeof(buf).
  * \param[in] str  A string that may contain any characters.
- * \param[in] in_len  Pass -1 to print until nul char, or >= 0 to force a length.
- * \return The output buffer (buf).
+ * \param[in] in_len  Pass -1 to print until nul char, or >= 0 to force a length (also past nul chars).
+ * \return Number of characters that would be written if bufsize were large enough excluding '\0' (like snprintf()).
  */
-char *osmo_quote_str_buf2(char *buf, size_t bufsize, const char *str, int in_len)
+static size_t _osmo_quote_str_buf(char *buf, size_t bufsize, const char *str, int in_len)
 {
 	struct osmo_strbuf sb = { .buf = buf, .len = bufsize };
 	if (!str)
 		OSMO_STRBUF_PRINTF(sb, "NULL");
 	else {
 		OSMO_STRBUF_PRINTF(sb, "\"");
-		OSMO_STRBUF_APPEND_NOLEN(sb, osmo_escape_str_buf2, str, in_len);
+		OSMO_STRBUF_APPEND(sb, _osmo_escape_str_buf, str, in_len);
 		OSMO_STRBUF_PRINTF(sb, "\"");
 	}
+	return sb.chars_needed;
+}
+
+/*! Like osmo_escape_str_buf2(), but returns double-quotes around a string, or "NULL" for a NULL string.
+ * This allows passing any char* value and get its C representation as string.
+ * The function signature is suitable for OSMO_STRBUF_APPEND_NOLEN().
+ * \param[out] buf  string buffer to write escaped characters to.
+ * \param[in] bufsize  sizeof(buf).
+ * \param[in] str  A string that may contain any characters.
+ * \param[in] in_len  Pass -1 to print until nul char, or >= 0 to force a length.
+ * \return The output buffer (buf).
+ */
+char *osmo_quote_str_buf2(char *buf, size_t bufsize, const char *str, int in_len)
+{
+	_osmo_quote_str_buf(buf, bufsize, str, in_len);
 	return buf;
 }
 
@@ -792,7 +821,7 @@ const char *osmo_quote_str_buf(const char *str, int in_len, char *buf, size_t bu
 		return "NULL";
 	if (!buf || !bufsize)
 		return "(error)";
-	osmo_quote_str_buf2(buf, bufsize, str, in_len);
+	_osmo_quote_str_buf(buf, bufsize, str, in_len);
 	return buf;
 }
 
@@ -804,7 +833,8 @@ const char *osmo_quote_str_buf(const char *str, int in_len, char *buf, size_t bu
  */
 const char *osmo_quote_str(const char *str, int in_len)
 {
-	return osmo_quote_str_buf(str, in_len, namebuf, sizeof(namebuf));
+	_osmo_quote_str_buf(namebuf, sizeof(namebuf), str, in_len);
+	return namebuf;
 }
 
 /*! Like osmo_quote_str_buf() but returns the result in a dynamically-allocated buffer.
@@ -814,21 +844,9 @@ const char *osmo_quote_str(const char *str, int in_len)
  */
 char *osmo_quote_str_c(const void *ctx, const char *str, int in_len)
 {
-	size_t len = in_len == -1 ? strlen(str) : in_len;
-	char *buf;
-
-	/* account for two quote characters + terminating NUL */
-	len += 3;
-
-	/* some minimum length for things like "NULL" or "(error)" */
-	if (len < 32)
-		len = 32;
-
-	buf = talloc_size(ctx, len);
-	if (!buf)
-		return NULL;
-
-	return osmo_quote_str_buf2(buf, len, str, in_len);
+	/* The string will be at least as long as in_len, but some characters might need escaping.
+	 * These extra bytes should catch most usual escaping situations, avoiding a second run in OSMO_NAME_C_IMPL. */
+	OSMO_NAME_C_IMPL(ctx, in_len + 16, "ERROR", _osmo_quote_str_buf, str, in_len);
 }
 
 /*! perform an integer square root operation on unsigned 32bit integer.
author	Neels Hofmeyr <neels@hofmeyr.de>	2019-11-20 21:57:32 +0100
committer	laforge <laforge@osmocom.org>	2019-11-23 07:58:47 +0000
commit	c36e2e4924eaf573e6a02573259699771dbeab2d (patch)
tree	8f7b9fa110293fd4523eda33526ca07d5ebc157c
parent	823073aa911bbc218804774e6bfe9ad80310596c (diff)