X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Fgetndelim2.c;h=9a9e6e756ae21f588bc9cece4eb315daf8a5ac93;hb=738e912a0f97a43c2b195bcec6fe34512208e81f;hp=3959462593d33460b35b072dcaca161d21c7d2e2;hpb=1af434e77bc9dcb94baaf1f6d9b26fdd9aa1770c;p=gnulib.git

diff --git a/lib/getndelim2.c b/lib/getndelim2.c
index 395946259..9a9e6e756 100644
--- a/lib/getndelim2.c
+++ b/lib/getndelim2.c
@@ -1,8 +1,8 @@
 /* getndelim2 - Read a line from a stream, stopping at one of 2 delimiters,
    with bounded memory allocation.
 
-   Copyright (C) 1993, 1996, 1997, 1998, 2000, 2003 Free Software
-   Foundation, Inc.
+   Copyright (C) 1993, 1996, 1997, 1998, 2000, 2003, 2004, 2006 Free
+   Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -16,88 +16,105 @@
 
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software Foundation,
-   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.  */
+   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.  */
 
 /* Originally written by Jan Brittenson, bson@gnu.ai.mit.edu.  */
 
-#if HAVE_CONFIG_H
-# include <config.h>
-#endif
+#include <config.h>
 
-/* Specification.  */
 #include "getndelim2.h"
 
 #include <stdlib.h>
+#include <stddef.h>
+
+#if USE_UNLOCKED_IO
+# include "unlocked-io.h"
+#endif
+
+#include <limits.h>
+#include <stdint.h>
+
+#ifndef SSIZE_MAX
+# define SSIZE_MAX ((ssize_t) (SIZE_MAX / 2))
+#endif
 
-#include "unlocked-io.h"
+/* The maximum value that getndelim2 can return without suffering from
+   overflow problems, either internally (because of pointer
+   subtraction overflow) or due to the API (because of ssize_t).  */
+#define GETNDELIM2_MAXIMUM (PTRDIFF_MAX < SSIZE_MAX ? PTRDIFF_MAX : SSIZE_MAX)
 
-/* Always add at least this many bytes when extending the buffer.  */
+/* Try to add at least this many bytes when extending the buffer.
+   MIN_CHUNK must be no greater than GETNDELIM2_MAXIMUM.  */
 #define MIN_CHUNK 64
 
 ssize_t
-getndelim2 (char **lineptr, size_t *linesize, size_t nmax,
-	    FILE *stream, int delim1, int delim2, size_t offset)
+getndelim2 (char **lineptr, size_t *linesize, size_t offset, size_t nmax,
+            int delim1, int delim2, FILE *stream)
 {
-  size_t nbytes_avail;		/* Allocated but unused chars in *LINEPTR.  */
+  size_t nbytes_avail;		/* Allocated but unused bytes in *LINEPTR.  */
   char *read_pos;		/* Where we're reading into *LINEPTR. */
+  ssize_t bytes_stored = -1;
+  char *ptr = *lineptr;
+  size_t size = *linesize;
 
-  if (!lineptr || !linesize || !nmax || !stream)
-    return -1;
-
-  if (!*lineptr)
+  if (!ptr)
     {
-      size_t newlinesize = MIN_CHUNK;
-
-      if (newlinesize > nmax)
-	newlinesize = nmax;
-
-      *linesize = newlinesize;
-      *lineptr = malloc (*linesize);
-      if (!*lineptr)
+      size = nmax < MIN_CHUNK ? nmax : MIN_CHUNK;
+      ptr = malloc (size);
+      if (!ptr)
 	return -1;
     }
 
-  if (*linesize < offset)
-    return -1;
+  if (size < offset)
+    goto done;
 
-  nbytes_avail = *linesize - offset;
-  read_pos = *lineptr + offset;
+  nbytes_avail = size - offset;
+  read_pos = ptr + offset;
 
-  if (nbytes_avail == 0 && *linesize >= nmax)
-    return -1;
+  if (nbytes_avail == 0 && nmax <= size)
+    goto done;
 
   for (;;)
     {
-      /* Here always *lineptr + *linesize == read_pos + nbytes_avail.  */
+      /* Here always ptr + size == read_pos + nbytes_avail.  */
 
-      register int c;
+      int c;
 
-      /* We always want at least one char left in the buffer, since we
-	 always (unless we get an error while reading the first char)
+      /* We always want at least one byte left in the buffer, since we
+	 always (unless we get an error while reading the first byte)
 	 NUL-terminate the line buffer.  */
 
-      if (nbytes_avail < 2 && *linesize < nmax)
+      if (nbytes_avail < 2 && size < nmax)
 	{
-	  size_t newlinesize =
-	    (*linesize > MIN_CHUNK ? 2 * *linesize : *linesize + MIN_CHUNK);
-
-	  if (! (*linesize < newlinesize && newlinesize <= nmax))
-	    newlinesize = nmax;
-
-	  *linesize = newlinesize;
-	  nbytes_avail = *linesize + *lineptr - read_pos;
-	  *lineptr = realloc (*lineptr, *linesize);
-	  if (!*lineptr)
-	    return -1;
-	  read_pos = *linesize - nbytes_avail + *lineptr;
+	  size_t newsize = size < MIN_CHUNK ? size + MIN_CHUNK : 2 * size;
+	  char *newptr;
+
+	  if (! (size < newsize && newsize <= nmax))
+	    newsize = nmax;
+
+	  if (GETNDELIM2_MAXIMUM < newsize - offset)
+	    {
+	      size_t newsizemax = offset + GETNDELIM2_MAXIMUM + 1;
+	      if (size == newsizemax)
+		goto done;
+	      newsize = newsizemax;
+	    }
+
+	  nbytes_avail = newsize - (read_pos - ptr);
+	  newptr = realloc (ptr, newsize);
+	  if (!newptr)
+	    goto done;
+	  ptr = newptr;
+	  size = newsize;
+	  read_pos = size - nbytes_avail + ptr;
 	}
 
       c = getc (stream);
       if (c == EOF)
 	{
 	  /* Return partial line, if any.  */
-	  if (read_pos == *lineptr)
-	    return -1;
+	  if (read_pos == ptr)
+	    goto done;
 	  else
 	    break;
 	}
@@ -108,14 +125,19 @@ getndelim2 (char **lineptr, size_t *linesize, size_t nmax,
 	  nbytes_avail--;
 	}
 
-      if (c == delim1 || (delim2 && c == delim2))
+      if (c == delim1 || c == delim2)
 	/* Return the line.  */
 	break;
     }
 
-  /* Done - NUL terminate and return the number of chars read.
+  /* Done - NUL terminate and return the number of bytes read.
      At this point we know that nbytes_avail >= 1.  */
   *read_pos = '\0';
 
-  return read_pos - (*lineptr + offset);
+  bytes_stored = read_pos - (ptr + offset);
+
+ done:
+  *lineptr = ptr;
+  *linesize = size;
+  return bytes_stored;
 }