Commit Graph

57 Commits

Author SHA1 Message Date
Poul-Henning Kamp
d58b610faa Fail the sbuf if vsnprintf(3) fails. 2015-10-02 09:23:14 +00:00
Conrad Meyer
2f1c4e0ebf sbuf: Process more than one char at a time
Revamp sbuf_put_byte() to sbuf_put_bytes() in the obvious fashion and
fixup callers.

Add a thin shim around sbuf_put_bytes() with the old ABI to avoid ugly
changes to some callers.

Reviewed by:	jhb, markj
Obtained from:	Dan Sledz
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D3717
2015-09-25 18:37:14 +00:00
Ian Lepore
612d9391a4 The minimum sbuf buffer size is 2 bytes (a byte plus a nulterm), assert that.
Values smaller than two lead to strange asserts that have nothing to do
with the actual problem (in the case of size=0), or to writing beyond the
end of the allocated buffer in sbuf_finish() (in the case of size=1).
2015-03-17 21:00:31 +00:00
Ian Lepore
8d5628fdb8 Update an sbuf assertion to allow for the new SBUF_INCLUDENUL flag. If
INCLUDENUL is set and sbuf_finish() has been called, the length has been
incremented to count the nulterm byte, and in that case current length is
allowed to be equal to buffer size, otherwise it must be less than.

Add a predicate macro to test for SBUF_INCLUDENUL, and use it in tests, to
be consistant with the style in the rest of this file.
2015-03-16 17:45:41 +00:00
Ian Lepore
f4d281428f Add a new flag, SBUF_INCLUDENUL, and new get/set/clear functions for flags.
The SBUF_INCLUDENUL flag causes the nulterm byte at the end of the string
to be counted in the length of the data.  If copying the data using the
sbuf_data() and sbuf_len() functions, or if writing it automatically with
a drain function, the net effect is that the nulterm byte is copied along
with the rest of the data.
2015-03-14 16:02:11 +00:00
Pietro Cerutti
adecd05bf0 Unbreak the ABI by reverting r268494 until the compat shims are provided 2014-07-28 07:20:22 +00:00
Pietro Cerutti
7150b86bfe Implement Short/Small String Optimization in SBUF(9) and change lengths and
positions in the API from ssize_t and int to size_t.

CR:		D388
Approved by:	des, bapt
2014-07-10 13:08:51 +00:00
Dag-Erling Smørgrav
0f7bc112c0 Always request zeroed memory, in case we're dumb enough to leak it later.
Approved by:	re (gjb)
2013-09-22 23:47:56 +00:00
Jaakko Heinonen
c532f8c4d6 A library function shall not set errno to 0.
Reviewed by:	mdf
2013-05-16 18:13:10 +00:00
Mikolaj Golub
ddb9b61248 Add sbuf_start_section() and sbuf_end_section() functions, which can
be used for automatic section alignment.

Discussed with:	kib
Reviewed by:	kib
MFC after:	1 month
2013-04-11 19:49:18 +00:00
Robert Watson
311fa10b52 r222015 introduced a new assertion that the size of a fixed-length sbuf
buffer is greater than 1.  This triggered panics in at least one spot in
the kernel (the MAC Framework) which passes non-negative, rather than >1
buffer sizes based on the size of a user buffer passed into a system
call.  While 0-size buffers aren't particularly useful, they also aren't
strictly incorrect, so loosen the assertion.

Discussed with:	phk (fears I might be EDOOFUS but willing to go along)
Spotted by:	pho + stress2
Approved by:	re (kib)
2011-08-19 08:29:10 +00:00
Poul-Henning Kamp
384bf94c48 Use memset() instead of bzero() and memcpy() instead of bcopy(), there
is no relevant difference for sbufs, and it increases portability of
the source code.

Split the actual initialization of the sbuf into a separate local
function, so that certain static code checkers can understand
what sbuf_new() does, thus eliminating on silly annoyance of
MISRA compliance testing.

Contributed by:		An anonymous company in the last business I
			expected sbufs to invade.
2011-05-17 11:04:50 +00:00
Poul-Henning Kamp
eb05ee7a71 Don't expect PAGE_SIZE to exist on all platforms (It is a pretty arbitrary
choice of default size in the first place)

Reverse the order of arguments to the internal static sbuf_put_byte()
function to match everything else in this file.

Move sbuf_putc_func() inside the kernel version of sbuf_vprintf
where it belongs.

sbuf_putc() incorrectly used sbuf_putc_func() which supress NUL
characters, it should use sbuf_put_byte().

Make sbuf_finish() return -1 on error.

Minor stylistic nits fixed.
2011-05-17 06:36:32 +00:00
Poul-Henning Kamp
71c2bc5c6b Change the length quantities of sbufs to be ssize_t rather than int.
Constify a couple of arguments.
2011-05-16 16:18:40 +00:00
Matthew D Fleming
4e6571599b Re-add r212370 now that the LOR in powerpc64 has been resolved:
Add a drain function for struct sysctl_req, and use it for a variety
of handlers, some of which had to do awkward things to get a large
enough SBUF_FIXEDLEN buffer.

Note that some sysctl handlers were explicitly outputting a trailing
NUL byte.  This behaviour was preserved, though it should not be
necessary.

Reviewed by:    phk (original patch)
2010-09-16 16:13:12 +00:00
Matthew D Fleming
404a593e28 Revert r212370, as it causes a LOR on powerpc. powerpc does a few
unexpected things in copyout(9) and so wiring the user buffer is not
sufficient to perform a copyout(9) while holding a random mutex.

Requested by: nwhitehorn
2010-09-13 18:48:23 +00:00
Alexander Kabaev
eb262be333 Add missing pointer increment to sbuf_cat. 2010-09-11 19:42:50 +00:00
Matthew D Fleming
4d369413e1 Replace sbuf_overflowed() with sbuf_error(), which returns any error
code associated with overflow or with the drain function.  While this
function is not expected to be used often, it produces more information
in the form of an errno that sbuf_overflowed() did.
2010-09-10 16:42:16 +00:00
Matthew D Fleming
dd67e2103c Add a drain function for struct sysctl_req, and use it for a variety of
handlers, some of which had to do awkward things to get a large enough
FIXEDLEN buffer.

Note that some sysctl handlers were explicitly outputting a trailing NUL
byte.  This behaviour was preserved, though it should not be necessary.

Reviewed by:	phk
2010-09-09 18:33:46 +00:00
Matthew D Fleming
4351ba272c Add drain functionality to sbufs. The drain is a function that is
called when the sbuf internal buffer is filled.  For kernel sbufs with a
drain, the internal buffer will never be expanded.  For userland sbufs
with a drain, the internal buffer may still be expanded by
sbuf_[v]printf(3).

Sbufs now have three basic uses:
1) static string manipulation.  Overflow is marked.
2) dynamic string manipulation.  Overflow triggers string growth.
3) drained string manipulation.  Overflow triggers draining.

In all cases the manipulation is 'safe' in that overflow is detected and
managed.

Reviewed by:	phk (the previous version)
2010-09-09 17:49:18 +00:00
Matthew D Fleming
01f6f5fcd4 Refactor sbuf code so that most uses of sbuf_extend() are in a new
sbuf_put_byte().  This makes it easier to add drain functionality when a
buffer would overflow as there are fewer code points.

Reviewed by:	phk
2010-09-09 16:51:52 +00:00
Matthew D Fleming
181ff3d503 Use a better #if guard.
Suggested by pluknet <pluknet at gmail dot com>.
2010-09-03 17:42:17 +00:00
Matthew D Fleming
c05dbe7a54 Style(9) fixes and eliminate the use of min(). 2010-09-03 17:42:12 +00:00
Matthew D Fleming
969292fb1b Fix user-space libsbuf build. Why isn't CTASSERT available to
user-space?
2010-09-03 17:23:26 +00:00
Matthew D Fleming
f5a5dc5da8 Fix brain fart when converting an if statement into a KASSERT. 2010-09-03 16:12:39 +00:00
Matthew D Fleming
f4bafab8da Use math rather than iteration when the desired sbuf size is larger than
SBUF_MAXEXTENDSIZE.
2010-09-03 16:09:17 +00:00
Dag-Erling Smørgrav
546d78908b Switch to simplified BSD license (with phk's approval), plus whitespace
and style(9) cleanup.
2008-08-09 10:26:21 +00:00
Poul-Henning Kamp
49091c48d5 Make sbuf_copyin() return the number of bytes copied on success.
Submitted by:	"Wojciech A. Koszek" <dunstan@freebsd.czest.pl>
2005-12-23 11:49:53 +00:00
Poul-Henning Kamp
c711aea6ca Make a bunch of malloc types static.
Found by:	src/tools/tools/kernxref
2005-02-10 12:02:37 +00:00
Dag-Erling Smørgrav
520df27692 Cosmetic adjustment to previous commit: name the second argument to
sbuf_bcat() and sbuf_bcpy() "buf" rather than "data".
2004-07-09 11:37:44 +00:00
Dag-Erling Smørgrav
d751f0a935 Have sbuf_bcat() and sbuf_bcpy() take a const void * instead of a
const char *, since callers are likely to pass in pointers to all
kinds of structs and whatnot.
2004-07-09 11:35:30 +00:00
Dag-Erling Smørgrav
963385cf22 Mechanical whistespace cleanup. 2004-02-17 10:21:03 +00:00
David E. O'Brien
677b542ea2 Use __FBSDID(). 2003-06-11 00:56:59 +00:00
Peter Wemm
a9a0bbad19 Copy the va_list in sbuf_vprintf() before passing it to vsnprintf(),
because we could fail due to a small buffer and loop and rerun.  If this
happens, then the vsnprintf() will have already taken the arguments off
the va_list.  For i386 and others, this doesn't matter because the
va_list type is a passed as a copy.  But on powerpc and amd64, this is
fatal because the va_list is a reference to an external structure that
keeps the vararg state due to the more complicated argument passing system.
On amd64, arguments can be passed as follows:
First 6 int/pointer type arguments go in registers, the rest go on
  the memory stack.
Float and double are similar, except using SSE registers.
long double (80 bit precision) are similar except using the x87 stack.
Where the 'next argument' comes from depends on how many have been
processed so far and what type it is.  For amd64, gcc keeps this state
somewhere that is referenced by the va_list.

I found a description that showed the va_copy was required here:
http://mirrors.ccs.neu.edu/cgi-bin/unixhelp/man-cgi?va_end+9
The single unix spec doesn't mention va_copy() at all.

Anyway, the problem was that the sysctl kern.geom.conf* nodes would panic
due to walking off the end of the va_arg lists in vsnprintf.  A better fix
would be to have sbuf_vprintf() use a single pass and call kvprintf()
with a callback function that stored the results and grew the buffer
as needed.

Approved by:	re (scottl)
2003-05-25 19:03:08 +00:00
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Poul-Henning Kamp
c5f9218b48 Add the new function "sbuf_done()" which returns non-zero if the sbuf is
finished.

This allows sbufs to be used for request/response scenarioes without
needing additional communication flags.

Sponsored by:	DARPA & NAI Labs.
2002-10-04 09:58:17 +00:00
Poul-Henning Kamp
7b08810243 Add a cast to make this file compile in userland on sparc64 without
warnings.
2002-09-16 18:45:18 +00:00
Peter Wemm
a5e7c7da5e Fix warnings on gcc-3.1+ where __func__ is a const char * instead of a
string.
2002-03-19 10:56:46 +00:00
Poul-Henning Kamp
9118ec5a27 Yet a bug with extensible sbufs being marked as OVERFLOWED. This time
because of a signed/unsigned problem.

Approved by:	DES
2002-01-24 20:57:56 +00:00
Poul-Henning Kamp
1a25c86b3b In certain cases sbuf_printf() and sbuf_vprintf() could mistakely
make extendable sbufs as overflowed.

Approved by:	des
2002-01-22 11:22:55 +00:00
Kelly Yancey
2bbe1e9d6c Replace spaces after #defines with tabs; this makes all #defines
consistent in their adherence with style(9).
2002-01-09 07:29:28 +00:00
Kelly Yancey
7195eb40f9 * Implement SBUF_AUTOEXTEND flag; sbufs created with this flag are
automatically extended to prevent overflow.
 * Added sbuf_vprintf(); sbuf_printf() is now just a wrapper around
   sbuf_vprintf().
 * Include <stdio.h> and <string.h> when building libsbuf to silence
   WARNS=4 warnings.

Reviewed by:	des
2002-01-06 08:38:23 +00:00
Matthew Dillon
a57094a011 Calculate whether the sbuf is dynamic *before* bzero()ing the
structure.  This fixes a serious memory leak in the sbuf code.

MFC after:	3 days
2001-12-19 19:04:57 +00:00
David E. O'Brien
a48740b6c5 Update to C99, s/__FUNCTION__/__func__/. 2001-12-10 05:51:45 +00:00
Dag-Erling Smørgrav
5b6db47748 Add a couple of API functions I need for my pseudofs WIP. Documentation
will follow when I've decided whether to keep this API or ditch it in
favor of something slightly more subtle.
2001-09-29 00:32:46 +00:00
Dag-Erling Smørgrav
2687c8741b Constify the format string.
Submitted by:	Mike Barcroft <mike@q9media.com>
2001-07-03 21:46:43 +00:00
Jonathan Lemon
9fa416ca19 Fix warnings:
112: warning: cast to pointer from integer of different size
125: warning: cast to pointer from integer of different size
2001-06-16 07:02:47 +00:00
Dag-Erling Smørgrav
fe46349692 Blah, I cut out a tad too much in the previous commit. (thanks again, Jake!) 2001-06-11 18:43:32 +00:00
Dag-Erling Smørgrav
e3b373228c copyin(9) doesn't return ENAMETOOLONG. (thanks, Jake!) 2001-06-11 18:36:18 +00:00