Commit Graph

371 Commits

Author SHA1 Message Date
Jessica Clarke
ccb86b40c1 strerror.3: Fix whitespace issue introduced in r368714
MFC with:	368714
2020-12-18 22:10:17 +00:00
Mateusz Piotrowski
87394cdd01 strerror.3: Add an example for perror()
This is a nice and quick reference.

Reviewed by:	jilles, yuripv
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D27623
2020-12-17 12:41:47 +00:00
Konstantin Belousov
675079b1ea Implement strerror_l().
Only for the arches that provide user-mode TLS.

PR: 251651
Requested by:	yuri
Discussed with:	emaste, jilles, tijl
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D27495
MFC after:	2 weeks
2020-12-16 09:02:09 +00:00
Jessica Clarke
87973534d2 strdup.3: Function appeared in 4.3BSD-Reno, not 4.4BSD
Linux claims 4.3BSD, we claim 4.4BSD and OpenBSD claims 4.3BSD-Reno. It turns
out that OpenBSD got it right: the function was added in late 1988 a few months
after 4.3BSD-Tahoe, well in advance of 4.3BSD-Reno.

Reviewed by:	bcr
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D27392
2020-12-14 00:50:45 +00:00
Ed Maste
33482dae89 libc: fix undefined behavior from signed overflow in strstr and memmem
unsigned char promotes to int, which can overflow when shifted left by
24 bits or more. this has been reported multiple times but then
forgotten. it's expected to be benign UB, but can trap when built with
explicit overflow catching (ubsan or similar). fix it now.

note that promotion to uint32_t is safe and portable even outside of
the assumptions usually made in musl, since either uint32_t has rank
at least unsigned int, so that no further default promotions happen,
or int is wide enough that the shift can't overflow. this is a
desirable property to have in case someone wants to reuse the code
elsewhere.

musl commit: 593caa456309714402ca4cb77c3770f4c24da9da

Obtained from:	musl
2020-11-19 00:03:15 +00:00
Ed Maste
7dbcd06e63 libc: optimize memmem two-way bad character shift
first, the condition (mem && k < p) is redundant, because mem being
nonzero implies the needle is periodic with period exactly p, in which
case any byte that appears in the needle must appear in the last p
bytes of the needle, bounding the shift (k) by p.

second, the whole point of replacing the shift k by mem (=l-p) is to
prevent shifting by less than mem when discarding the memory on shift,
in which case linear time could not be guaranteed. but as written, the
check also replaced shifts greater than mem by mem, reducing the
benefit of the shift. there is no possible benefit to this reduction of
the shift; since mem is being cleared, the full shift is valid and
more optimal. so only replace the shift by mem when it would be less
than mem.

musl commits:
8f5a820d147da36bcdbddd201b35d293699dacd8
122d67f846cb0be2c9e1c3880db9eb9545bbe38c

Obtained from:	musl
MFC after:	2 weeks
2020-11-19 00:02:12 +00:00
Ed Maste
4874ddfd37 clang-format libc string functions imported from musl
We have adopted these and don't consider them 'contrib' code, so bring
them closer to style(9).  This is a followon to r315467 and r351700.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-11-18 22:01:34 +00:00
Piotr Pawel Stefaniak
2abf05c4c6 strtok(3): make it easier to find the RETURN VALUES section
MFC after:	1 week
2020-06-22 11:03:36 +00:00
Gordon Bergling
e0f7c06de2 libc manpages: various improvements from NetBSD
- Add STANDARDS and HISTORY sections within the appropriate manpages
- Mention two USENIX papers within kqueue(2) and strlcpy(3)

Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
Obtained from:	NetBSD
MFC after:	7 days
Differential Revision: https://reviews.freebsd.org/D24650
2020-06-14 05:59:30 +00:00
Conrad Meyer
b34f8412c5 strdup.3: Slightly canonicalize OOM return/error status
Attempted to clean up the language around "this is a malloc'd object."  May be
passed as a parameter to free(3) is a bit obtuse.

Sponsored by:	Dell EMC Isilon
2020-05-05 17:57:04 +00:00
Eitan Adler
66a23ebe19 memset.3: better fix previous typo
Upon re-reading the whole sentence this is a better fix.

MFC with: r357681
2020-02-08 21:17:48 +00:00
Eitan Adler
3f8bd4b7bf memset.3: fix a a duplicate word 2020-02-08 20:56:38 +00:00
Leandro Lupori
181e35008c [PPC64] strncpy optimization
Assembly optimization of strncpy for PowerPC64, using double words
instead of bytes to copy strings.

Submitted by:	Leonardo Bianconi <leonardo.bianconi_eldorado.org.br> (original version)
Reviewed by:	jhibbits
Differential Revision:	https://reviews.freebsd.org/D15369
2020-01-15 19:53:03 +00:00
Leandro Lupori
075fb85f09 [PPC64] strcpy optimization
Assembly optimization of strcpy for PowerPC64, using double words
instead of bytes to copy strings.

Submitted by:	Leonardo Bianconi <leonardo.bianconi_eldorado.org.br> (original version)
Reviewed by:	jhibbits
Differential Revision:	https://reviews.freebsd.org/D15368
2020-01-15 19:46:01 +00:00
Ed Maste
6b62f42434 libc: Use musl's optimized memchr
Parentheses added to HASZERO macro to avoid a GCC warning.

Reviewed by:	kib, mjg
Obtained from:	musl (snapshot at commit 4d0a82170a)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17631
2019-09-02 13:56:44 +00:00
Dimitry Andric
aa8d126847 Fix a possible segfault in wcsxfrm(3) and wcsxfrm_l(3).
If the length of the source wide character string, passed in via the
"size_t n" parameter, is set to zero, the function should only return
the required length for the destination wide character string.  In this
case, it should *not* attempt to write to the destination, so the "dst"
parameter is permitted to be NULL.

However, when the internally called _collate_wxfrm() function returns an
error, such as when using the "C" locale, as a fallback wcscpy(3) or
wcsncpy(3) are used.  But if the input length is zero, wcsncpy(3) will
be called with a length of -1!  If the "dst" parameter is NULL, this
will immediately result in a segfault, or if "dst" is a valid pointer,
it will most likely result in unexpectedly overwritten memory.

Fix this by explicitly checking for an input length greater than zero,
before calling wcsncpy(3).

Note that a similar situation does not occur in strxfrm(3), the plain
character version of this function, as it uses strlcpy(3) for the error
case.  The strlcpy(3) function does not write to the destination if the
input length is zero.

MFC after:	1 week
2019-08-07 20:13:43 +00:00
Ed Maste
22ccf855bf libc: update strstr implementation to match musl
musl commits:
122d67f846cb0be2c9e1c3880db9eb9545bbe38c
0239cd0681e889a269fb7691f60e81ef8d081e6b
8f5a820d147da36bcdbddd201b35d293699dacd8

Submitted by:	David CARLIER <devnexen_gmail.com>
Obtained from:	musl
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19834
2019-04-09 15:52:18 +00:00
Konstantin Belousov
311a17259e Fix WITHOUT_NLS build after r342551.
Reported by:	gj
MFC after:	13 days
Sponsored by:	The FreeBSD Foundation
2018-12-28 16:08:49 +00:00
Konstantin Belousov
cd49e866fc Bump sys_errlist size to keep ABI backward-compatible for some time.
Addition of the new errno values requires adding new elements to
sys_errlist array, which is actually ABI-incompatible, since ELF
records the object size.  Expand array in advance to 150 elements so
that we have our users to go over the issue only once, at least until
more than 53 new errors are added.

I did not bumped the symbol version, same as it was not done for
previous increases of the array size.  Runtime linker only copies as
much data into binary object on copy relocation as the binary'object
specifies.  This is not fixable for binaries which access sys_errlist
directly.

While there, correct comment and calculation of the temporary buffer
size for the message printed for unknown error.  The on-stack buffer
is used only for the number and delimiter since r108603.

Requested by:	mckusick
Reviewed by:	mckusick, yuripv
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D18656
2018-12-27 13:02:15 +00:00
Gleb Smirnoff
9004dbddea Avoid OOB reads in memmem(3).
commit 51bdcdc424bd7169c8cccdc2de7cad17f5ea0f70
Author: Alexander Monakov <amonakov@ispras.ru>
Date:   Fri Jun 30 00:35:33 2017 +0300

    fix OOB reads in Xbyte_memmem

    Reported by Leah Neukirchen.

Reviewed by:	emaste
Approved by:	re (kib)
2018-10-15 20:20:57 +00:00
Konstantin Belousov
540cc17f7b Provide set_constraint_handler_s(3) man page.
Mention abort_handler_s(3) and ignore_handler_s(3), provide
cross-reference from memset(3).

Submitted by:	Yuri Pankov <yuripv@yuripv.net>
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D16797
2018-08-19 14:39:57 +00:00
Konstantin Belousov
759a4bc697 Clarify that memset_s(3) requires __STDC_WANT_LIB_EXT1__ for visibility.
Fix typos and other nits.

Submitted by:	Yuri Pankov <yuripv@yuripv.net>
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D16797
2018-08-19 14:25:28 +00:00
Conrad Meyer
9316908f48 strdup.3: Document standardization in POSIX
Sponsored by:	Dell EMC Isilon
2018-06-06 21:32:49 +00:00
Conrad Meyer
b7e471c2b2 strcpy.3: Improve legibility and clarity
In the DESCRIPTION, put the more commonly used functions first in the
corresponding sentence, to help catch the eye.

Pull out the note about overlapping buffers to its own paragraph, as it
applies to all routines documented by this page.

Emphasize the potentially surprising strncpy(3) behavior of zero-filling the
remainder of a buffer larger than the source string.

Encourage strlcpy use; remove portability note about strlcpy(3).  Adapting a
strlcpy-using code base to a platform that does not provide strlcpy in libc
is so trivial as to not be worth mentioning.  (Just copy strlcpy.c out of
any BSD libc, or include and link the pre-packaged libbsd library on non-BSD
platforms.)

Likewise, expand the page's warning about ease of potential misuse to cover
all functions documented herein, and explicitly suggest using strlcpy most
of the time.  The text was mostly cribbed from a similar suggestion in
gets(3).

Finally, document the remaining valid use of strncpy -- the rare
fixed-length record with no expectation of nul-termination.

Sponsored by:	Dell EMC Isilon
2018-06-06 20:09:21 +00:00
Ed Maste
0eff530775 strsep.3: don't silently ignore errors
Reported by:	bde
MFC with:	r334275
2018-05-28 18:29:15 +00:00
Marcelo Araujo
7e3d9013f2 Remove unnecessary free(string) from EXAMPLES.
Reported by:	se
2018-05-28 06:01:02 +00:00
Marcelo Araujo
4bee02ad1b Update strsep(3) EXAMPLE section regards the usage of assert(3).
As many people has pointed out, using assert(3) shall be not the best approach
to verify if strdup(3) has allocated memory to string.

Reviewed by:	imp
MFC after:	4 weeks.
Sponsored by:	iXsystems Inc.
Differential Revision:	https://reviews.freebsd.org/D15594
2018-05-28 05:01:42 +00:00
Xin LI
b6f7731dba Remove "All rights reserved" from my files.
See r333391 for the rationale.

MFC after:	1 week
2018-05-10 06:41:08 +00:00
Niclas Zeising
480e017cc8 Remove "all rights reserved" on files where I have copyright.
According to r333391 it is not needed any more.

Reviewed by:	imp, emaste
Differential Revision:	https://reviews.freebsd.org/D15370
2018-05-09 17:06:52 +00:00
Edward Tomasz Napierala
604f1c416c Don't put multiple names on a single .Nm line. This fixes apropos(1)
output, from this:

strnlen, strlen, strlen,(3) - find length of string                                                                                                                                                     │·······

... to this:

strlen, strnlen(3) - find length of string

PR:		223525
MFC after:	2 weeks
2018-04-17 09:05:46 +00:00
Cy Schubert
a4d179eeb6 Document memset_s(3). memset_s(3) is defined in
C11 standard (ISO/IEC 9899:2011) K.3.7.4.1 The memset_s function
(p: 621-622)

Fix memset(3) portion of the man page by replacing the first argument
(destination) "b" with "dest", which is more descriptive than "b".
This also makes it consistent with the term used in the memset_s()
portion of the man page.

See also http://en.cppreference.com/w/c/string/byte/memset.

Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D13682
2018-02-16 05:48:45 +00:00
Pedro F. Giffuni
d915a14ef0 libc: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-25 17:12:48 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Warner Losh
50a717a67b Add notes about overlapping copies.
Add notes to each of these that specifically state that results are
undefined if the strings overlap. In the case of memcpy, we document
the overlapping behavior on FreeBSD (pre-existing). For str*, it is
left unspecified, however, since the default (and x86) implementations
do not handle overlapping strings properly.

PR: 223653
Sponsored by: Netflix
2017-11-13 17:04:44 +00:00
Konstantin Belousov
25b73e6327 Improve standard compliance for memset_s() and abort_handler_s().
abort_handler_s() currently simply calls abort(), though the standard
specifies more: "Writes an implementation-defined message to stderr
which must include the string pointed to by msg and calls abort()."

memset_s() is missing error condition "n > smax", and does not invoke
the constraint handler after filling the buffer: "following errors are
detected at runtime and call the currently installed constraint
handler function after storing ch in every location of the destination
range [dest, dest+destsz) if dest and destsz are themselves valid",
one of the errors is "n > smax" itself.

Submitted by:	Yuri Pankov <yuripv@gmx.com>
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D11991
2017-08-12 15:18:17 +00:00
Konstantin Belousov
6fe9e5b821 Fix indent.
Submitted by:	Yuri Pankov <yuripv@gmx.com>
MFC after:	3 days
2017-08-12 14:58:09 +00:00
Baptiste Daroussin
c48dc2a193 Fix strcoll_l disagreeing with strxfrm by reworking the forward order case in
wcscoll_l().

Illumos fixed this while grabbing back our patches:
https://www.illumos.org/rb/r/402/

This does not 100% fix what postgresql folks reported as there is still a
remaining issue: https://www.illumos.org/issues/7962, it improves the situation

The initial issue was reported in postgresql mailing lists:
https://www.postgresql.org/message-id/flat/111D0E27-A8F3-4A84-A4E0-B0FB703863DF@s24.com#111D0E27-A8F3-4A84-A4E0-B0FB703863DF@s24.com

Submitted by:	Yuri Pankov <yuri.pankov@nexenta.com>
Obtained from:	Illumos
MFC after:	2 weeks
2017-04-16 19:12:07 +00:00
Konstantin Belousov
9851b3400a Implement the memset_s(3) function as specified by the C11 ISO/IEC
9899:2011 Appendix K 3.7.4.1.

Other needed supporting types, defines and constraint_handler
infrastructure is added as specified in the C11 spec.

Submitted by:	Tom Rix <trix@juniper.net>
Sponsored by:	Juniper Networks
Discussed with:	ed
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D9903
Differential revision:	https://reviews.freebsd.org/D10161
2017-03-30 04:57:26 +00:00
Ed Maste
01dc206b22 libc: add reference to two-way algorithm and bad shift table in memmem/strstr
Requested by:	ed
2017-03-18 00:53:24 +00:00
Ed Maste
88521634e9 libc: Use musl's O(n) memmem and strstr
It is O(n) in the length of the haystack (big) string, and has special
cases for short needle (little) strings, of one to four bytes, to avoid
excessive overhead.

There are a small set of nearly trivial cases where the startup overhead
of the musl implementation makes it slightly slower -- for example, a 31
byte needle that matches the beginning of the haystack.  It's faster for
non-trivial cases, and significantly so for inputs that trigger worst-
case behaviour of the previous implementation.  As an example, in my
tests a 16K needle that matches the end of a 64K haystack is nearly
2000x faster with this implementation.

Reviewed by:	bapt (earlier), ed (earlier)
Obtained from:	musl (snapshot at commit c718f9fc)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D2601
2017-03-18 00:51:39 +00:00
Enji Cooper
d0fd0203fb Replace dot-dot relative pathing with SRCTOP-relative paths where possible
This reduces build output, need for recalculating paths, and makes it clearer
which paths are relative to what areas in the source tree. The change in
performance over a locally mounted UFS filesystem was negligible in my testing,
but this may more positively impact other filesystems like NFS.

LIBC_SRCTOP was left alone so Juniper (and other users) can continue to
manipulate lib/libc/Makefile (and other Makefile.inc's under lib/libc) as
include Makefiles with custom options.

Discussed with:	marcel, sjg
MFC after:	1 week
Reviewed by:	emaste
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9207
2017-01-20 03:23:24 +00:00
Xin LI
854023f054 Add timingsafe_bcmp and timingsafe_memcmp.
Obtained from:	OpenBSD
Reviewed by:	trasz
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D7280
2016-08-14 23:38:50 +00:00
Pedro F. Giffuni
32223c1b7d libc: spelling fixes.
Mostly on comments.
2016-04-30 01:24:24 +00:00
Bryan Drewery
ffc534f75b Make it clear that the "size" argument is for the dst string.
The rest of the manpage already referenced 'dstsize' but did not rename
the variable in the prototype in r257646.

MFC after:	3 days
Sponsored by:	EMC / Isilon Storage Division
2016-02-26 22:14:19 +00:00
Warren Block
c18d8171a6 Add a standards compliance note for strtok_r as suggested by cpercival.
Reviewed by:	cpercival
MFC after:	1 week
2016-01-22 20:36:03 +00:00
Brooks Davis
216818a1bb Avoid reading pass the end of the source buffer when it is not NUL
terminated.

If this buffer is adjacent to an unmapped page or a version of C with
bounds checked is used this may result in a crash.

PR:		206178
Submitted by:	Alexander Cherepanov <cherepan@mccme.ru>
MFC after:	1 week
2016-01-13 21:50:08 +00:00
Brooks Davis
cd3dbc2573 Avoid reading pass the end of the source buffer when it is not NUL
terminated.

If this buffer is adjacent to an unmapped page or a version of C with
bounds checked is used this may result in a crash.

PR:		206177
Submitted by:	Alexander Cherepanov <cherepan@mccme.ru>
MFC after:	1 week
2016-01-13 21:49:01 +00:00
Baptiste Daroussin
76e6db686e collate: Fix expansion substitions (broken upstream too)
Through testing, the user noted that some Cyrillic characters were not
sorting correctly, and this was confirmed.

After extensive testing and review, the localedef tool was eliminated
as the culprit.  The sustitutions were encoded correctly in LC_COLLATE.

The error was mainly in wcscoll where character expansions were
mishandled.  The main directive pass routines had to be written to
go back for a new collation value when the "state" variable was set.
Before pointers were being advanced, the second lookup was gettting
applied to the wrong character, etc.

The "eat expansion codes" section on collate.c also had a bug.  Later
own, the "state" variable logic was changed to only set if next
code was greater than zero (rather than >= 0).

Some additional cleanups got captured from previous work:
1) The previous commit moved the binary search comment from the
   correct location to a wrong location because it's wrong upstream
   in Illumos.  The comment has little value so I just removed it.
2) Don't check if pointers are null before freeing, this is
   redundant as free() handles null pointers.
3) The two binary search trees were standardized wrt initialization
4) On the binary search trees, a negative "high" exits rather than
   checking the table count again.

Submitted by:	marino
Obtained from:	DragonflyBSD
2015-10-23 23:24:03 +00:00
Baptiste Daroussin
031c294c1d Merge from head 2015-10-19 11:51:10 +00:00
Conrad Meyer
7ebf41220c Document bitset(9) 2015-10-17 19:55:58 +00:00