X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Fgetndelim2.c;h=3c0fa3f05e9dd1d4b192ffde11f4886aeb54dbbf;hb=4142fa04c1b8254b53ec1060f8a774e73e3ffcb8;hp=db81e1b29dbf9aeeed30203c20a764a14d1d75d3;hpb=bbc37b90fa1f1723658d7d9232f96e09b9363788;p=gnulib.git

diff --git a/lib/getndelim2.c b/lib/getndelim2.c
index db81e1b29..3c0fa3f05 100644
--- a/lib/getndelim2.c
+++ b/lib/getndelim2.c
@@ -1,7 +1,7 @@
 /* getndelim2 - Read a line from a stream, stopping at one of 2 delimiters,
    with bounded memory allocation.
 
-   Copyright (C) 1993, 1996, 1997, 1998, 2000, 2003 Free Software
+   Copyright (C) 1993, 1996, 1997, 1998, 2000, 2003, 2004 Free Software
    Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
@@ -16,90 +16,117 @@
 
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software Foundation,
-   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
+   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.  */
 
 /* Originally written by Jan Brittenson, bson@gnu.ai.mit.edu.  */
 
-#if HAVE_CONFIG_H
+#ifdef HAVE_CONFIG_H
 # include <config.h>
 #endif
 
-/* Specification.  */
 #include "getndelim2.h"
 
 #include <stdlib.h>
+#include <stddef.h>
 
-#include "unlocked-io.h"
+#if USE_UNLOCKED_IO
+# include "unlocked-io.h"
+#endif
+
+#include <limits.h>
+#if HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#if HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifndef PTRDIFF_MAX
+# define PTRDIFF_MAX ((ptrdiff_t) (SIZE_MAX / 2))
+#endif
+#ifndef SIZE_MAX
+# define SIZE_MAX ((size_t) -1)
+#endif
+#ifndef SSIZE_MAX
+# define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2))
+#endif
 
-/* Always add at least this many bytes when extending the buffer.  */
+/* The maximum value that getndelim2 can return without suffering from
+   overflow problems, either internally (because of pointer
+   subtraction overflow) or due to the API (because of ssize_t).  */
+#define GETNDELIM2_MAXIMUM (PTRDIFF_MAX < SSIZE_MAX ? PTRDIFF_MAX : SSIZE_MAX)
+
+/* Try to add at least this many bytes when extending the buffer.
+   MIN_CHUNK must be no greater than GETNDELIM2_MAXIMUM.  */
 #define MIN_CHUNK 64
 
 ssize_t
-getndelim2 (char **lineptr, size_t *linesize, size_t nmax,
-	    FILE *stream, int delim1, int delim2, size_t offset)
+getndelim2 (char **lineptr, size_t *linesize, size_t offset, size_t nmax,
+            int delim1, int delim2, FILE *stream)
 {
-  size_t nbytes_avail;		/* Allocated but unused chars in *LINEPTR.  */
+  size_t nbytes_avail;		/* Allocated but unused bytes in *LINEPTR.  */
   char *read_pos;		/* Where we're reading into *LINEPTR. */
+  ssize_t bytes_stored = -1;
+  char *ptr = *lineptr;
+  size_t size = *linesize;
 
-  if (!lineptr || !linesize || !nmax || !stream)
-    return -1;
-
-  if (!*lineptr)
+  if (!ptr)
     {
-      size_t newlinesize = MIN_CHUNK;
-
-      if (newlinesize > nmax)
-	newlinesize = nmax;
-
-      *linesize = newlinesize;
-      *lineptr = malloc (*linesize);
-      if (!*lineptr)
+      size = nmax < MIN_CHUNK ? nmax : MIN_CHUNK;
+      ptr = malloc (size);
+      if (!ptr)
 	return -1;
     }
 
-  if (*linesize < offset)
-    return -1;
+  if (size < offset)
+    goto done;
 
-  nbytes_avail = *linesize - offset;
-  read_pos = *lineptr + offset;
+  nbytes_avail = size - offset;
+  read_pos = ptr + offset;
 
-  if (nbytes_avail == 0 && *linesize >= nmax)
-    return -1;
+  if (nbytes_avail == 0 && nmax <= size)
+    goto done;
 
   for (;;)
     {
-      /* Here always *lineptr + *linesize == read_pos + nbytes_avail.  */
+      /* Here always ptr + size == read_pos + nbytes_avail.  */
 
-      register int c = getc (stream);
+      int c;
 
-      /* We always want at least one char left in the buffer, since we
-	 always (unless we get an error while reading the first char)
+      /* We always want at least one byte left in the buffer, since we
+	 always (unless we get an error while reading the first byte)
 	 NUL-terminate the line buffer.  */
 
-      if (nbytes_avail < 2 && *linesize < nmax)
+      if (nbytes_avail < 2 && size < nmax)
 	{
-	  size_t newlinesize =
-	    (*linesize > MIN_CHUNK ? 2 * *linesize : *linesize + MIN_CHUNK);
+	  size_t newsize = size < MIN_CHUNK ? size + MIN_CHUNK : 2 * size;
+	  char *newptr;
 
-	  if (newlinesize > nmax)
-	    newlinesize = nmax;
+	  if (! (size < newsize && newsize <= nmax))
+	    newsize = nmax;
 
-	  if (newlinesize > *linesize)
+	  if (GETNDELIM2_MAXIMUM < newsize - offset)
 	    {
-	      *linesize = newlinesize;
-	      nbytes_avail = *linesize + *lineptr - read_pos;
-	      *lineptr = realloc (*lineptr, *linesize);
-	      if (!*lineptr)
-		return -1;
-	      read_pos = *linesize - nbytes_avail + *lineptr;
+	      size_t newsizemax = offset + GETNDELIM2_MAXIMUM + 1;
+	      if (size == newsizemax)
+		goto done;
+	      newsize = newsizemax;
 	    }
+
+	  nbytes_avail = newsize - (read_pos - ptr);
+	  newptr = realloc (ptr, newsize);
+	  if (!newptr)
+	    goto done;
+	  ptr = newptr;
+	  size = newsize;
+	  read_pos = size - nbytes_avail + ptr;
 	}
 
-      if (c == EOF || ferror (stream))
+      c = getc (stream);
+      if (c == EOF)
 	{
 	  /* Return partial line, if any.  */
-	  if (read_pos == *lineptr)
-	    return -1;
+	  if (read_pos == ptr)
+	    goto done;
 	  else
 	    break;
 	}
@@ -110,14 +137,19 @@ getndelim2 (char **lineptr, size_t *linesize, size_t nmax,
 	  nbytes_avail--;
 	}
 
-      if (c == delim1 || (delim2 && c == delim2))
+      if (c == delim1 || c == delim2)
 	/* Return the line.  */
 	break;
     }
 
-  /* Done - NUL terminate and return the number of chars read.
+  /* Done - NUL terminate and return the number of bytes read.
      At this point we know that nbytes_avail >= 1.  */
   *read_pos = '\0';
 
-  return read_pos - (*lineptr + offset);
+  bytes_stored = read_pos - (ptr + offset);
+
+ done:
+  *lineptr = ptr;
+  *linesize = size;
+  return bytes_stored;
 }