-/* getndelim2 - Core of getline, getdelim, getnline, getndelim.
+/* getndelim2 - Read a line from a stream, stopping at one of 2 delimiters,
+ with bounded memory allocation.
- Copyright (C) 1993, 1996, 1997, 1998, 2000, 2003 Free Software
+ Copyright (C) 1993, 1996, 1997, 1998, 2000, 2003, 2004 Free Software
Foundation, Inc.
This program is free software; you can redistribute it and/or modify
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software Foundation,
- Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
+ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
-#if STDC_HEADERS
-# include <stdlib.h>
-#else
-char *malloc (), *realloc ();
+/* Originally written by Jan Brittenson, bson@gnu.ai.mit.edu. */
+
+#if HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include "getndelim2.h"
+
+#include <stdlib.h>
+#include <stddef.h>
+
+#if USE_UNLOCKED_IO
+# include "unlocked-io.h"
+#endif
+
+#include <limits.h>
+#if HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#if HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifndef PTRDIFF_MAX
+# define PTRDIFF_MAX ((ptrdiff_t) (SIZE_MAX / 2))
+#endif
+#ifndef SIZE_MAX
+# define SIZE_MAX ((size_t) -1)
+#endif
+#ifndef SSIZE_MAX
+# define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2))
#endif
-#include "unlocked-io.h"
+/* The maximum value that getndelim2 can return without suffering from
+ overflow problems, either internally (because of pointer
+ subtraction overflow) or due to the API (because of ssize_t). */
+#define GETNDELIM2_MAXIMUM (PTRDIFF_MAX < SSIZE_MAX ? PTRDIFF_MAX : SSIZE_MAX)
-/* Always add at least this many bytes when extending the buffer. */
+/* Try to add at least this many bytes when extending the buffer.
+ MIN_CHUNK must be no greater than GETNDELIM2_MAXIMUM. */
#define MIN_CHUNK 64
-/* Read up to (and including) a delimiter DELIM1 from STREAM into *LINEPTR
- + OFFSET (and NUL-terminate it). If DELIM2 is non-zero, then read up
- and including the first occurrence of DELIM1 or DELIM2. *LINEPTR is
- a pointer returned from malloc (or NULL), pointing to *LINESIZE bytes of
- space. It is realloc'd as necessary. Reallocation is limited to
- NMAX bytes; if the line is longer than that, the extra bytes are read but
- thrown away.
- Return the number of bytes read and stored at *LINEPTR + OFFSET (not
- including the NUL terminator), or -1 on error or EOF. */
-
-static int
-getndelim2 (char **lineptr, size_t *linesize, size_t nmax,
- FILE *stream, int delim1, int delim2, size_t offset)
+ssize_t
+getndelim2 (char **lineptr, size_t *linesize, size_t offset, size_t nmax,
+ int delim1, int delim2, FILE *stream)
{
- size_t nbytes_avail; /* Allocated but unused chars in *LINEPTR. */
+ size_t nbytes_avail; /* Allocated but unused bytes in *LINEPTR. */
char *read_pos; /* Where we're reading into *LINEPTR. */
+ ssize_t bytes_stored = -1;
+ char *ptr = *lineptr;
+ size_t size = *linesize;
- if (!lineptr || !linesize || !nmax || !stream)
- return -1;
-
- if (!*lineptr)
+ if (!ptr)
{
- size_t newlinesize = MIN_CHUNK;
-
- if (newlinesize > nmax)
- newlinesize = nmax;
-
- *linesize = newlinesize;
- *lineptr = malloc (*linesize);
- if (!*lineptr)
+ size = nmax < MIN_CHUNK ? nmax : MIN_CHUNK;
+ ptr = malloc (size);
+ if (!ptr)
return -1;
}
- if (*linesize < offset)
- return -1;
+ if (size < offset)
+ goto done;
- nbytes_avail = *linesize - offset;
- read_pos = *lineptr + offset;
+ nbytes_avail = size - offset;
+ read_pos = ptr + offset;
- if (nbytes_avail == 0 && *linesize >= nmax)
- return -1;
+ if (nbytes_avail == 0 && nmax <= size)
+ goto done;
for (;;)
{
- /* Here always *lineptr + *linesize == read_pos + nbytes_avail. */
+ /* Here always ptr + size == read_pos + nbytes_avail. */
- register int c = getc (stream);
+ int c;
- /* We always want at least one char left in the buffer, since we
- always (unless we get an error while reading the first char)
+ /* We always want at least one byte left in the buffer, since we
+ always (unless we get an error while reading the first byte)
NUL-terminate the line buffer. */
- if (nbytes_avail < 2 && *linesize < nmax)
+ if (nbytes_avail < 2 && size < nmax)
{
- size_t newlinesize =
- (*linesize > MIN_CHUNK ? 2 * *linesize : *linesize + MIN_CHUNK);
+ size_t newsize = size < MIN_CHUNK ? size + MIN_CHUNK : 2 * size;
+ char *newptr;
- if (newlinesize > nmax)
- newlinesize = nmax;
+ if (! (size < newsize && newsize <= nmax))
+ newsize = nmax;
- if (newlinesize > *linesize)
+ if (GETNDELIM2_MAXIMUM < newsize - offset)
{
- *linesize = newlinesize;
- nbytes_avail = *linesize + *lineptr - read_pos;
- *lineptr = realloc (*lineptr, *linesize);
- if (!*lineptr)
- return -1;
- read_pos = *linesize - nbytes_avail + *lineptr;
+ size_t newsizemax = offset + GETNDELIM2_MAXIMUM + 1;
+ if (size == newsizemax)
+ goto done;
+ newsize = newsizemax;
}
+
+ nbytes_avail = newsize - (read_pos - ptr);
+ newptr = realloc (ptr, newsize);
+ if (!newptr)
+ goto done;
+ ptr = newptr;
+ size = newsize;
+ read_pos = size - nbytes_avail + ptr;
}
- if (c == EOF || ferror (stream))
+ c = getc (stream);
+ if (c == EOF)
{
/* Return partial line, if any. */
- if (read_pos == *lineptr)
- return -1;
+ if (read_pos == ptr)
+ goto done;
else
break;
}
nbytes_avail--;
}
- if (c == delim1 || (delim2 && c == delim2))
+ if (c == delim1 || c == delim2)
/* Return the line. */
break;
}
- /* Done - NUL terminate and return the number of chars read.
+ /* Done - NUL terminate and return the number of bytes read.
At this point we know that nbytes_avail >= 1. */
*read_pos = '\0';
- return read_pos - (*lineptr + offset);
+ bytes_stored = read_pos - (ptr + offset);
+
+ done:
+ *lineptr = ptr;
+ *linesize = size;
+ return bytes_stored;
}