2017-11-18 17:09:20 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
2015-10-22 20:12:31 +02:00
|
|
|
/***
|
|
|
|
|
This file is part of systemd.
|
|
|
|
|
|
|
|
|
|
Copyright 2010 Lennart Poettering
|
|
|
|
|
|
|
|
|
|
systemd is free software; you can redistribute it and/or modify it
|
|
|
|
|
under the terms of the GNU Lesser General Public License as published by
|
|
|
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
systemd is distributed in the hope that it will be useful, but
|
|
|
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
Lesser General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU Lesser General Public License
|
|
|
|
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
***/
|
|
|
|
|
|
2015-11-30 21:43:37 +01:00
|
|
|
#include <errno.h>
|
|
|
|
|
#include <stdarg.h>
|
|
|
|
|
#include <stdbool.h>
|
|
|
|
|
#include <stddef.h>
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <syslog.h>
|
|
|
|
|
|
2015-10-27 03:01:06 +01:00
|
|
|
#include "alloc-util.h"
|
2015-10-23 18:52:53 +02:00
|
|
|
#include "escape.h"
|
2015-11-03 12:25:29 +01:00
|
|
|
#include "extract-word.h"
|
2015-11-30 21:43:37 +01:00
|
|
|
#include "log.h"
|
|
|
|
|
#include "macro.h"
|
2015-11-03 12:25:29 +01:00
|
|
|
#include "string-util.h"
|
2015-10-22 20:12:31 +02:00
|
|
|
#include "utf8.h"
|
|
|
|
|
|
|
|
|
|
int extract_first_word(const char **p, char **ret, const char *separators, ExtractFlags flags) {
|
|
|
|
|
_cleanup_free_ char *s = NULL;
|
|
|
|
|
size_t allocated = 0, sz = 0;
|
2015-11-04 05:13:11 +01:00
|
|
|
char c;
|
2015-10-22 20:12:31 +02:00
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
char quote = 0; /* 0 or ' or " */
|
|
|
|
|
bool backslash = false; /* whether we've just seen a backslash */
|
|
|
|
|
|
|
|
|
|
assert(p);
|
|
|
|
|
assert(ret);
|
|
|
|
|
|
|
|
|
|
/* Bail early if called after last value or with no input */
|
|
|
|
|
if (!*p)
|
2016-11-11 18:58:41 +01:00
|
|
|
goto finish;
|
2015-11-06 06:41:04 +01:00
|
|
|
c = **p;
|
2015-10-22 20:12:31 +02:00
|
|
|
|
2015-11-06 06:31:29 +01:00
|
|
|
if (!separators)
|
|
|
|
|
separators = WHITESPACE;
|
|
|
|
|
|
2015-10-22 20:12:31 +02:00
|
|
|
/* Parses the first word of a string, and returns it in
|
|
|
|
|
* *ret. Removes all quotes in the process. When parsing fails
|
|
|
|
|
* (because of an uneven number of quotes or similar), leaves
|
|
|
|
|
* the pointer *p at the first invalid character. */
|
|
|
|
|
|
2015-11-04 05:13:11 +01:00
|
|
|
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS)
|
|
|
|
|
if (!GREEDY_REALLOC(s, allocated, sz+1))
|
|
|
|
|
return -ENOMEM;
|
2015-10-22 20:12:31 +02:00
|
|
|
|
2016-02-23 05:32:04 +01:00
|
|
|
for (;; (*p)++, c = **p) {
|
2015-11-04 05:13:11 +01:00
|
|
|
if (c == 0)
|
|
|
|
|
goto finish_force_terminate;
|
|
|
|
|
else if (strchr(separators, c)) {
|
2015-11-06 06:41:04 +01:00
|
|
|
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS) {
|
2016-02-23 05:32:04 +01:00
|
|
|
(*p)++;
|
2015-11-04 05:13:11 +01:00
|
|
|
goto finish_force_next;
|
2015-11-06 06:41:04 +01:00
|
|
|
}
|
2015-11-04 05:13:11 +01:00
|
|
|
} else {
|
2015-10-22 20:12:31 +02:00
|
|
|
/* We found a non-blank character, so we will always
|
|
|
|
|
* want to return a string (even if it is empty),
|
|
|
|
|
* allocate it here. */
|
|
|
|
|
if (!GREEDY_REALLOC(s, allocated, sz+1))
|
|
|
|
|
return -ENOMEM;
|
2015-11-04 05:13:11 +01:00
|
|
|
break;
|
2015-10-22 20:12:31 +02:00
|
|
|
}
|
2015-11-04 05:13:11 +01:00
|
|
|
}
|
|
|
|
|
|
2016-02-23 05:32:04 +01:00
|
|
|
for (;; (*p)++, c = **p) {
|
2015-10-22 20:12:31 +02:00
|
|
|
if (backslash) {
|
|
|
|
|
if (!GREEDY_REALLOC(s, allocated, sz+7))
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
|
|
if (c == 0) {
|
|
|
|
|
if ((flags & EXTRACT_CUNESCAPE_RELAX) &&
|
|
|
|
|
(!quote || flags & EXTRACT_RELAX)) {
|
|
|
|
|
/* If we find an unquoted trailing backslash and we're in
|
|
|
|
|
* EXTRACT_CUNESCAPE_RELAX mode, keep it verbatim in the
|
|
|
|
|
* output.
|
|
|
|
|
*
|
|
|
|
|
* Unbalanced quotes will only be allowed in EXTRACT_RELAX
|
|
|
|
|
* mode, EXTRACT_CUNESCAPE_RELAX mode does not allow them.
|
|
|
|
|
*/
|
|
|
|
|
s[sz++] = '\\';
|
|
|
|
|
goto finish_force_terminate;
|
|
|
|
|
}
|
|
|
|
|
if (flags & EXTRACT_RELAX)
|
|
|
|
|
goto finish_force_terminate;
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (flags & EXTRACT_CUNESCAPE) {
|
2016-01-12 21:36:57 +01:00
|
|
|
bool eight_bit = false;
|
2015-12-13 23:26:43 +01:00
|
|
|
char32_t u;
|
2015-10-22 20:12:31 +02:00
|
|
|
|
2016-01-12 21:36:57 +01:00
|
|
|
r = cunescape_one(*p, (size_t) -1, &u, &eight_bit);
|
2015-10-22 20:12:31 +02:00
|
|
|
if (r < 0) {
|
|
|
|
|
if (flags & EXTRACT_CUNESCAPE_RELAX) {
|
|
|
|
|
s[sz++] = '\\';
|
|
|
|
|
s[sz++] = c;
|
2015-11-06 06:17:11 +01:00
|
|
|
} else
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
} else {
|
|
|
|
|
(*p) += r - 1;
|
|
|
|
|
|
2016-01-12 21:36:57 +01:00
|
|
|
if (eight_bit)
|
|
|
|
|
s[sz++] = u;
|
2015-11-06 06:17:11 +01:00
|
|
|
else
|
2016-01-12 21:36:57 +01:00
|
|
|
sz += utf8_encode_unichar(s + sz, u);
|
2015-10-22 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
s[sz++] = c;
|
|
|
|
|
|
|
|
|
|
backslash = false;
|
|
|
|
|
|
|
|
|
|
} else if (quote) { /* inside either single or double quotes */
|
2016-02-23 05:32:04 +01:00
|
|
|
for (;; (*p)++, c = **p) {
|
2015-11-06 06:51:24 +01:00
|
|
|
if (c == 0) {
|
|
|
|
|
if (flags & EXTRACT_RELAX)
|
|
|
|
|
goto finish_force_terminate;
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
} else if (c == quote) { /* found the end quote */
|
|
|
|
|
quote = 0;
|
|
|
|
|
break;
|
2015-11-11 22:53:05 +01:00
|
|
|
} else if (c == '\\' && !(flags & EXTRACT_RETAIN_ESCAPE)) {
|
2015-11-06 06:51:24 +01:00
|
|
|
backslash = true;
|
|
|
|
|
break;
|
|
|
|
|
} else {
|
|
|
|
|
if (!GREEDY_REALLOC(s, allocated, sz+2))
|
|
|
|
|
return -ENOMEM;
|
2015-10-22 20:12:31 +02:00
|
|
|
|
2015-11-06 06:51:24 +01:00
|
|
|
s[sz++] = c;
|
|
|
|
|
}
|
2015-10-22 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else {
|
2016-02-23 05:32:04 +01:00
|
|
|
for (;; (*p)++, c = **p) {
|
2015-11-06 06:51:24 +01:00
|
|
|
if (c == 0)
|
|
|
|
|
goto finish_force_terminate;
|
2017-10-04 16:01:32 +02:00
|
|
|
else if (IN_SET(c, '\'', '"') && (flags & EXTRACT_QUOTES)) {
|
2015-11-06 06:51:24 +01:00
|
|
|
quote = c;
|
|
|
|
|
break;
|
2015-11-11 22:53:05 +01:00
|
|
|
} else if (c == '\\' && !(flags & EXTRACT_RETAIN_ESCAPE)) {
|
2015-11-06 06:51:24 +01:00
|
|
|
backslash = true;
|
|
|
|
|
break;
|
|
|
|
|
} else if (strchr(separators, c)) {
|
|
|
|
|
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS) {
|
2016-02-23 05:32:04 +01:00
|
|
|
(*p)++;
|
2015-11-06 06:51:24 +01:00
|
|
|
goto finish_force_next;
|
|
|
|
|
}
|
2015-11-06 06:57:26 +01:00
|
|
|
/* Skip additional coalesced separators. */
|
2016-02-23 05:32:04 +01:00
|
|
|
for (;; (*p)++, c = **p) {
|
2015-11-06 06:57:26 +01:00
|
|
|
if (c == 0)
|
|
|
|
|
goto finish_force_terminate;
|
|
|
|
|
if (!strchr(separators, c))
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
goto finish;
|
|
|
|
|
|
2015-11-06 06:51:24 +01:00
|
|
|
} else {
|
|
|
|
|
if (!GREEDY_REALLOC(s, allocated, sz+2))
|
|
|
|
|
return -ENOMEM;
|
2015-10-22 20:12:31 +02:00
|
|
|
|
2015-11-06 06:51:24 +01:00
|
|
|
s[sz++] = c;
|
|
|
|
|
}
|
2015-10-22 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
finish_force_terminate:
|
|
|
|
|
*p = NULL;
|
|
|
|
|
finish:
|
|
|
|
|
if (!s) {
|
|
|
|
|
*p = NULL;
|
|
|
|
|
*ret = NULL;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
finish_force_next:
|
|
|
|
|
s[sz] = 0;
|
2018-03-22 16:53:26 +01:00
|
|
|
*ret = TAKE_PTR(s);
|
2015-10-22 20:12:31 +02:00
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int extract_first_word_and_warn(
|
|
|
|
|
const char **p,
|
|
|
|
|
char **ret,
|
|
|
|
|
const char *separators,
|
|
|
|
|
ExtractFlags flags,
|
|
|
|
|
const char *unit,
|
|
|
|
|
const char *filename,
|
|
|
|
|
unsigned line,
|
|
|
|
|
const char *rvalue) {
|
|
|
|
|
|
2015-10-23 18:20:54 +02:00
|
|
|
/* Try to unquote it, if it fails, warn about it and try again
|
|
|
|
|
* but this time using EXTRACT_CUNESCAPE_RELAX to keep the
|
|
|
|
|
* backslashes verbatim in invalid escape sequences. */
|
|
|
|
|
|
2015-10-22 20:12:31 +02:00
|
|
|
const char *save;
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
save = *p;
|
|
|
|
|
r = extract_first_word(p, ret, separators, flags);
|
2015-10-23 18:20:54 +02:00
|
|
|
if (r >= 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
if (r == -EINVAL && !(flags & EXTRACT_CUNESCAPE_RELAX)) {
|
2015-10-22 20:12:31 +02:00
|
|
|
|
|
|
|
|
/* Retry it with EXTRACT_CUNESCAPE_RELAX. */
|
|
|
|
|
*p = save;
|
|
|
|
|
r = extract_first_word(p, ret, separators, flags|EXTRACT_CUNESCAPE_RELAX);
|
2015-10-23 18:20:54 +02:00
|
|
|
if (r >= 0) {
|
2016-12-11 05:20:42 +01:00
|
|
|
/* It worked this time, hence it must have been an invalid escape sequence. */
|
|
|
|
|
log_syntax(unit, LOG_WARNING, filename, line, EINVAL, "Ignoring unknown escape sequences: \"%s\"", *ret);
|
2015-10-23 18:20:54 +02:00
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If it's still EINVAL; then it must be unbalanced quoting, report this. */
|
|
|
|
|
if (r == -EINVAL)
|
|
|
|
|
return log_syntax(unit, LOG_ERR, filename, line, r, "Unbalanced quoting, ignoring: \"%s\"", rvalue);
|
2015-10-22 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
|
2015-10-23 18:20:54 +02:00
|
|
|
/* Can be any error, report it */
|
|
|
|
|
return log_syntax(unit, LOG_ERR, filename, line, r, "Unable to decode word \"%s\", ignoring: %m", rvalue);
|
2015-10-22 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
|
shared/extract-word: replace enum with unsigned int to avoid undefined behaviour
../src/basic/extract-word.c:255:22: warning: passing an object that undergoes default argument promotion to 'va_start' has undefined behavior [-Wvarargs]
va_start(ap, flags);
^
../src/basic/extract-word.c:244:77: note: parameter of type 'ExtractFlags' (aka 'enum ExtractFlags') is declared here
int extract_many_words(const char **p, const char *separators, ExtractFlags flags, ...) {
^
../src/basic/extract-word.c:286:22: warning: passing an object that undergoes default argument promotion to 'va_start' has undefined behavior [-Wvarargs]
va_start(ap, flags);
^
../src/basic/extract-word.c:244:77: note: parameter of type 'ExtractFlags' (aka 'enum ExtractFlags') is declared here
int extract_many_words(const char **p, const char *separators, ExtractFlags flags, ...) {
^
2 warnings generated.
I think the relevant part of C99 is 6.7.2.2 Enumeration specifiers:
Each enumerated type shall be compatible with char, a signed integer type, or
an unsigned integer type. The choice of type is implementation-defined, but
shall be capable of representing the values of all the members of the
enumeration.
and 7.16.1.4:
The parameter parmN is the identifier of the rightmost parameter in the
variable parameter list in the function definition (the one just before the
...). If the parameter parmN is declared with the register storage class, with
a function or array type, or with a type that is not compatible with the type
that results after application of the default argument promotions, the behavior
is undefined.
This might cause a real issue if the compiler chooses something that is not an
integer for ExtractFlags. Rework the code to avoid the warning, but add an
assert_cc in a large-valued ExtractFlags element is ever defined and the type
is bumped to something wider than an int.
2017-04-23 01:04:02 +02:00
|
|
|
/* We pass ExtractFlags as unsigned int (to avoid undefined behaviour when passing
|
|
|
|
|
* an object that undergoes default argument promotion as an argument to va_start).
|
|
|
|
|
* Let's make sure that ExtractFlags fits into an unsigned int. */
|
|
|
|
|
assert_cc(sizeof(enum ExtractFlags) <= sizeof(unsigned));
|
|
|
|
|
|
|
|
|
|
int extract_many_words(const char **p, const char *separators, unsigned flags, ...) {
|
2015-10-22 20:12:31 +02:00
|
|
|
va_list ap;
|
|
|
|
|
char **l;
|
|
|
|
|
int n = 0, i, c, r;
|
|
|
|
|
|
|
|
|
|
/* Parses a number of words from a string, stripping any
|
|
|
|
|
* quotes if necessary. */
|
|
|
|
|
|
|
|
|
|
assert(p);
|
|
|
|
|
|
|
|
|
|
/* Count how many words are expected */
|
|
|
|
|
va_start(ap, flags);
|
|
|
|
|
for (;;) {
|
|
|
|
|
if (!va_arg(ap, char **))
|
|
|
|
|
break;
|
|
|
|
|
n++;
|
|
|
|
|
}
|
|
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
|
|
if (n <= 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/* Read all words into a temporary array */
|
|
|
|
|
l = newa0(char*, n);
|
|
|
|
|
for (c = 0; c < n; c++) {
|
|
|
|
|
|
|
|
|
|
r = extract_first_word(p, &l[c], separators, flags);
|
|
|
|
|
if (r < 0) {
|
|
|
|
|
int j;
|
|
|
|
|
|
|
|
|
|
for (j = 0; j < c; j++)
|
|
|
|
|
free(l[j]);
|
|
|
|
|
|
|
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (r == 0)
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If we managed to parse all words, return them in the passed
|
|
|
|
|
* in parameters */
|
|
|
|
|
va_start(ap, flags);
|
|
|
|
|
for (i = 0; i < n; i++) {
|
|
|
|
|
char **v;
|
|
|
|
|
|
|
|
|
|
v = va_arg(ap, char **);
|
|
|
|
|
assert(v);
|
|
|
|
|
|
|
|
|
|
*v = l[i];
|
|
|
|
|
}
|
|
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
|
|
return c;
|
|
|
|
|
}
|