mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
814881f0e5
The motivation for this change was to avoid having to convert to/from ucs2 strings for so many operations. Doing that was slow, used many static buffers, and was also incorrect as it didn't cope properly with unicode codepoints above 65536 (which could not be represented correctly as smb_ucs2_t chars) The two core functions that allowed this change are next_codepoint() and push_codepoint(). These functions allow you to correctly walk a arbitrary multi-byte string a character at a time without converting the whole string to ucs2. While doing this cleanup I also fixed several ucs2 string handling bugs. See the commit for details. The following code (which counts the number of occuraces of 'c' in a string) shows how to use the new interface: size_t count_chars(const char *s, char c) { size_t count = 0; while (*s) { size_t size; codepoint_t c2 = next_codepoint(s, &size); if (c2 == c) count++; s += size; } return count; }
70 lines
2.2 KiB
C
70 lines
2.2 KiB
C
/*
|
|
Unix SMB/CIFS implementation.
|
|
Safe string handling routines.
|
|
Copyright (C) Andrew Tridgell 1994-1998
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
*/
|
|
|
|
#ifndef _SAFE_STRING_H
|
|
#define _SAFE_STRING_H
|
|
|
|
#ifndef _SPLINT_ /* http://www.splint.org */
|
|
/* Some macros to ensure people don't use buffer overflow vulnerable string
|
|
functions. */
|
|
|
|
#ifdef bcopy
|
|
#undef bcopy
|
|
#endif /* bcopy */
|
|
#define bcopy(src,dest,size) __ERROR__XX__NEVER_USE_BCOPY___;
|
|
|
|
#ifdef strcpy
|
|
#undef strcpy
|
|
#endif /* strcpy */
|
|
#define strcpy(dest,src) __ERROR__XX__NEVER_USE_STRCPY___;
|
|
|
|
#ifdef strcat
|
|
#undef strcat
|
|
#endif /* strcat */
|
|
#define strcat(dest,src) __ERROR__XX__NEVER_USE_STRCAT___;
|
|
|
|
#ifdef sprintf
|
|
#undef sprintf
|
|
#endif /* sprintf */
|
|
#define sprintf __ERROR__XX__NEVER_USE_SPRINTF__;
|
|
|
|
#endif /* !_SPLINT_ */
|
|
|
|
#define pstrcpy(d,s) safe_strcpy((d), (s),sizeof(pstring)-1)
|
|
#define pstrcat(d,s) safe_strcat((d), (s),sizeof(pstring)-1)
|
|
#define fstrcpy(d,s) safe_strcpy((d),(s),sizeof(fstring)-1)
|
|
#define fstrcat(d,s) safe_strcat((d),(s),sizeof(fstring)-1)
|
|
|
|
/* replace some string functions with multi-byte
|
|
versions */
|
|
#define strlower(s) strlower_m(s)
|
|
#define strupper(s) strupper_m(s)
|
|
|
|
/* the addition of the DEVELOPER checks in safe_strcpy means we must
|
|
* update a lot of code. To make this a little easier here are some
|
|
* functions that provide the lengths with less pain */
|
|
#define pstrcpy_base(dest, src, pstring_base) \
|
|
safe_strcpy(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1)
|
|
|
|
#define push_pstring_base(dest, src, pstring_base) \
|
|
push_ascii(dest, src, sizeof(pstring)-PTR_DIFF(dest,pstring_base)-1, STR_TERMINATE)
|
|
|
|
#endif
|