diff options
author | João Valverde <j@v6e.pt> | 2022-11-25 19:04:09 +0000 |
---|---|---|
committer | João Valverde <j@v6e.pt> | 2022-12-03 01:54:52 +0000 |
commit | 32f88ad22cf28efc6679d13ded6df99c72c3ea8c (patch) | |
tree | 084cb4ce3d1ed016def1d99d2748150dc3a644db /wsutil/wmem/wmem_strbuf.c | |
parent | 3311b341064403b9098d0db51d2732a271ffbbeb (diff) |
wmem: Remove strbuf max size parameter
This parameter was introduced as a safeguard for bugs
that generate an unbounded string but its utility for
that purpose is doubtful and the way it is being used
creates problems with invalid truncation of UTF-8
strings.
Rename wmem_strbuf_sized_new() with a better name.
Diffstat (limited to 'wsutil/wmem/wmem_strbuf.c')
-rw-r--r-- | wsutil/wmem/wmem_strbuf.c | 50 |
1 files changed, 17 insertions, 33 deletions
diff --git a/wsutil/wmem/wmem_strbuf.c b/wsutil/wmem/wmem_strbuf.c index a4696f0924..6f4666dba6 100644 --- a/wsutil/wmem/wmem_strbuf.c +++ b/wsutil/wmem/wmem_strbuf.c @@ -26,19 +26,16 @@ #define WMEM_STRBUF_RAW_ROOM(S) ((S)->alloc_size - (S)->len) wmem_strbuf_t * -wmem_strbuf_sized_new(wmem_allocator_t *allocator, - size_t alloc_size, size_t max_size) +wmem_strbuf_new_sized(wmem_allocator_t *allocator, + size_t alloc_size) { wmem_strbuf_t *strbuf; - ASSERT((max_size == 0) || (alloc_size <= max_size)); - strbuf = wmem_new(allocator, wmem_strbuf_t); strbuf->allocator = allocator; strbuf->len = 0; strbuf->alloc_size = alloc_size ? alloc_size : DEFAULT_MINIMUM_SIZE; - strbuf->max_size = max_size; strbuf->str = (gchar *)wmem_alloc(strbuf->allocator, strbuf->alloc_size); strbuf->str[0] = '\0'; @@ -59,7 +56,7 @@ wmem_strbuf_new_len(wmem_allocator_t *allocator, const gchar *str, size_t len) alloc_size *= 2; } - strbuf = wmem_strbuf_sized_new(allocator, alloc_size, 0); + strbuf = wmem_strbuf_new_sized(allocator, alloc_size); if (str && len > 0) { ASSERT(strbuf->alloc_size >= len + 1); @@ -82,7 +79,7 @@ wmem_strbuf_dup(wmem_allocator_t *allocator, const wmem_strbuf_t *src) { wmem_strbuf_t *new; - new = wmem_strbuf_sized_new(allocator, src->alloc_size, src->max_size); + new = wmem_strbuf_new_sized(allocator, src->alloc_size); new->len = src->len; memcpy(new->str, src->str, new->len); new->str[new->len] = '\0'; @@ -112,11 +109,6 @@ wmem_strbuf_grow(wmem_strbuf_t *strbuf, const size_t to_add) new_alloc_len *= 2; } - /* max length only enforced if not 0 */ - if (strbuf->max_size && new_alloc_len > strbuf->max_size) { - new_alloc_len = strbuf->max_size; - } - if (new_alloc_len == strbuf->alloc_size) { return; } @@ -154,17 +146,13 @@ wmem_strbuf_append_len(wmem_strbuf_t *strbuf, const gchar *str, size_t append_le wmem_strbuf_grow(strbuf, append_len); - if (strbuf->max_size) { - append_len = MIN(append_len, WMEM_STRBUF_ROOM(strbuf)); - } - memcpy(&strbuf->str[strbuf->len], str, append_len); strbuf->len += append_len; strbuf->str[strbuf->len] = '\0'; } static inline -int _strbuf_vsnprintf(wmem_strbuf_t *strbuf, const char *format, va_list ap, gboolean reset) +int _strbuf_vsnprintf(wmem_strbuf_t *strbuf, const char *format, va_list ap) { int want_len; char *buffer = &strbuf->str[strbuf->len]; @@ -182,14 +170,8 @@ int _strbuf_vsnprintf(wmem_strbuf_t *strbuf, const char *format, va_list ap, gbo return 0; } - /* No space in buffer, output was truncated. */ - if (reset) { - strbuf->str[strbuf->len] = '\0'; /* Reset. */ - } - else { - strbuf->len += buffer_size - 1; /* Append. */ - ASSERT(strbuf->len == strbuf->alloc_size - 1); - } + /* Not enough space in buffer, output was truncated. */ + strbuf->str[strbuf->len] = '\0'; /* Reset. */ return want_len; /* Length (not including terminating null) that would be written if there was enough space in buffer. */ @@ -203,14 +185,16 @@ wmem_strbuf_append_vprintf(wmem_strbuf_t *strbuf, const gchar *fmt, va_list ap) va_copy(ap2, ap); /* Try to write buffer, check if output fits. */ - want_len = _strbuf_vsnprintf(strbuf, fmt, ap2, TRUE); /* Remove output if truncated. */ + want_len = _strbuf_vsnprintf(strbuf, fmt, ap2); va_end(ap2); if (want_len <= 0) return; - /* Resize buffer and try again. This could hit the 'max_size' ceiling. */ + /* Resize buffer and try again. */ wmem_strbuf_grow(strbuf, want_len); - _strbuf_vsnprintf(strbuf, fmt, ap, FALSE); /* Keep output if truncated. */ + want_len = _strbuf_vsnprintf(strbuf, fmt, ap); + /* Second time must succeed or error out. */ + ASSERT(want_len <= 0); } void @@ -228,7 +212,7 @@ wmem_strbuf_append_c(wmem_strbuf_t *strbuf, const gchar c) { wmem_strbuf_grow(strbuf, 1); - if (!strbuf->max_size || WMEM_STRBUF_ROOM(strbuf) >= 1) { + if (WMEM_STRBUF_ROOM(strbuf) >= 1) { strbuf->str[strbuf->len] = c; strbuf->len++; strbuf->str[strbuf->len] = '\0'; @@ -245,7 +229,7 @@ wmem_strbuf_append_unichar(wmem_strbuf_t *strbuf, const gunichar c) wmem_strbuf_grow(strbuf, charlen); - if (!strbuf->max_size || WMEM_STRBUF_ROOM(strbuf) >= charlen) { + if (WMEM_STRBUF_ROOM(strbuf) >= charlen) { memcpy(&strbuf->str[strbuf->len], buf, charlen); strbuf->len += charlen; strbuf->str[strbuf->len] = '\0'; @@ -272,7 +256,7 @@ wmem_strbuf_append_hex(wmem_strbuf_t *strbuf, uint8_t ch) { wmem_strbuf_grow(strbuf, HEX_CODELEN * 1); - if (!strbuf->max_size || WMEM_STRBUF_ROOM(strbuf) >= HEX_CODELEN * 1) { + if (WMEM_STRBUF_ROOM(strbuf) >= HEX_CODELEN * 1) { strbuf->str[strbuf->len++] = '\\'; strbuf->str[strbuf->len++] = 'x'; strbuf->str[strbuf->len++] = hex[(ch >> 4) & 0xF]; @@ -288,7 +272,7 @@ void append_hex_bmp(wmem_strbuf_t *strbuf, gunichar ch) { wmem_strbuf_grow(strbuf, BMP_CODELEN * 1); - if (!strbuf->max_size || WMEM_STRBUF_ROOM(strbuf) >= BMP_CODELEN * 1) { + if (WMEM_STRBUF_ROOM(strbuf) >= BMP_CODELEN * 1) { strbuf->str[strbuf->len++] = '\\'; strbuf->str[strbuf->len++] = 'u'; strbuf->str[strbuf->len++] = hex[(ch >> 12) & 0xF]; @@ -306,7 +290,7 @@ void append_hex_any(wmem_strbuf_t *strbuf, gunichar ch) { wmem_strbuf_grow(strbuf, ANY_CODELEN * 1); - if (!strbuf->max_size || WMEM_STRBUF_ROOM(strbuf) >= ANY_CODELEN * 1) { + if (WMEM_STRBUF_ROOM(strbuf) >= ANY_CODELEN * 1) { strbuf->str[strbuf->len++] = '\\'; strbuf->str[strbuf->len++] = 'U'; strbuf->str[strbuf->len++] = hex[(ch >> 28) & 0xF]; |