util.c 114 KB
Newer Older
1
2
/* Copyright (c) 2003, Roger Dingledine
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3
 * Copyright (c) 2007-2011, The Tor Project, Inc. */
4
5
/* See LICENSE for licensing information */

6
7
8
/**
 * \file util.c
 * \brief Common functions for strings, IO, network, data structures,
9
 * process control.
10
 **/
11

12
13
14
15
/* This is required on rh7 to make strptime not complain.
 */
#define _GNU_SOURCE

16
#include "orconfig.h"
17
18
19
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
20
#define UTIL_PRIVATE
Nick Mathewson's avatar
Nick Mathewson committed
21
#include "util.h"
Nick Mathewson's avatar
Nick Mathewson committed
22
#include "torlog.h"
23
#undef log
Nick Mathewson's avatar
Nick Mathewson committed
24
#include "crypto.h"
25
#include "torint.h"
26
#include "container.h"
27
#include "address.h"
28

29
#ifdef _WIN32
30
31
#include <io.h>
#include <direct.h>
32
#include <process.h>
33
#include <tchar.h>
34
#include <Winbase.h>
35
36
#else
#include <dirent.h>
37
#include <pwd.h>
38
#include <grp.h>
39
40
#endif

41
42
43
44
45
/* math.h needs this on Linux */
#ifndef __USE_ISOC99
#define __USE_ISOC99 1
#endif
#include <math.h>
46
47
48
49
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <assert.h>
50
#include <signal.h>
51

52
53
54
55
56
57
58
59
60
61
62
63
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_ERRNO_H
#include <errno.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
64
65
66
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
67
68
69
70
71
72
73
74
75
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#ifdef HAVE_SYS_FCNTL_H
#include <sys/fcntl.h>
#endif
76
77
78
#ifdef HAVE_TIME_H
#include <time.h>
#endif
79
80
81
82
#ifdef HAVE_MALLOC_MALLOC_H
#include <malloc/malloc.h>
#endif
#ifdef HAVE_MALLOC_H
83
84
85
86
#ifndef OPENBSD
/* OpenBSD has a malloc.h, but for our purposes, it only exists in order to
 * scold us for being so stupid as to autodetect its presence.  To be fair,
 * they've done this since 1996, when autoconf was only 5 years old. */
87
88
#include <malloc.h>
#endif
89
#endif
90
91
92
#ifdef HAVE_MALLOC_NP_H
#include <malloc_np.h>
#endif
93
94
95
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
96

97
98
99
/* =====
 * Memory management
 * ===== */
100
#ifdef USE_DMALLOC
101
 #undef strndup
102
 #include <dmalloc.h>
103
 /* Macro to pass the extra dmalloc args to another function. */
104
 #define DMALLOC_FN_ARGS , file, line
105
106
107
108
109
110
111
112
113
114
115

 #if defined(HAVE_DMALLOC_STRDUP)
 /* the dmalloc_strdup should be fine as defined */
 #elif defined(HAVE_DMALLOC_STRNDUP)
 #define dmalloc_strdup(file, line, string, xalloc_b) \
         dmalloc_strndup(file, line, (string), -1, xalloc_b)
 #else
 #error "No dmalloc_strdup or equivalent"
 #endif

#else /* not using dmalloc */
116

117
 #define DMALLOC_FN_ARGS
118
#endif
119

120
/** Allocate a chunk of <b>size</b> bytes of memory, and return a pointer to
121
122
 * result.  On error, log and terminate the process.  (Same as malloc(size),
 * but never returns NULL.)
123
124
125
 *
 * <b>file</b> and <b>line</b> are used if dmalloc is enabled, and
 * ignored otherwise.
126
 */
127
void *
128
_tor_malloc(size_t size DMALLOC_PARAMS)
129
{
130
131
  void *result;

132
133
  tor_assert(size < SIZE_T_CEILING);

134
#ifndef MALLOC_ZERO_WORKS
135
  /* Some libc mallocs don't work when size==0. Override them. */
136
137
138
  if (size==0) {
    size=1;
  }
139
#endif
140
141

#ifdef USE_DMALLOC
142
  result = dmalloc_malloc(file, line, size, DMALLOC_FUNC_MALLOC, 0, 0);
143
144
145
#else
  result = malloc(size);
#endif
146

147
  if (PREDICT_UNLIKELY(result == NULL)) {
148
    log_err(LD_MM,"Out of memory on malloc(). Dying.");
149
150
151
    /* If these functions die within a worker process, they won't call
     * spawn_exit, but that's ok, since the parent will run out of memory soon
     * anyway. */
152
153
154
155
156
    exit(1);
  }
  return result;
}

157
/** Allocate a chunk of <b>size</b> bytes of memory, fill the memory with
158
159
160
 * zero bytes, and return a pointer to the result.  Log and terminate
 * the process on error.  (Same as calloc(size,1), but never returns NULL.)
 */
161
void *
162
_tor_malloc_zero(size_t size DMALLOC_PARAMS)
163
{
164
165
166
167
168
169
  /* You may ask yourself, "wouldn't it be smart to use calloc instead of
   * malloc+memset?  Perhaps libc's calloc knows some nifty optimization trick
   * we don't!"  Indeed it does, but its optimizations are only a big win when
   * we're allocating something very big (it knows if it just got the memory
   * from the OS in a pre-zeroed state).  We don't want to use tor_malloc_zero
   * for big stuff, so we don't bother with calloc. */
170
  void *result = _tor_malloc(size DMALLOC_FN_ARGS);
171
172
173
174
  memset(result, 0, size);
  return result;
}

175
/** Change the size of the memory block pointed to by <b>ptr</b> to <b>size</b>
176
177
178
 * bytes long; return the new memory block.  On error, log and
 * terminate. (Like realloc(ptr,size), but never returns NULL.)
 */
179
void *
180
_tor_realloc(void *ptr, size_t size DMALLOC_PARAMS)
181
{
182
  void *result;
183

184
185
  tor_assert(size < SIZE_T_CEILING);

186
#ifdef USE_DMALLOC
187
  result = dmalloc_realloc(file, line, ptr, size, DMALLOC_FUNC_REALLOC, 0);
188
189
190
191
#else
  result = realloc(ptr, size);
#endif

192
  if (PREDICT_UNLIKELY(result == NULL)) {
193
    log_err(LD_MM,"Out of memory on realloc(). Dying.");
194
195
196
197
198
    exit(1);
  }
  return result;
}

199
/** Return a newly allocated copy of the NUL-terminated string s. On
200
201
202
 * error, log and terminate.  (Like strdup(s), but never returns
 * NULL.)
 */
203
char *
204
_tor_strdup(const char *s DMALLOC_PARAMS)
205
{
206
  char *dup;
207
  tor_assert(s);
208

209
#ifdef USE_DMALLOC
210
  dup = dmalloc_strdup(file, line, s, 0);
211
#else
212
213
  dup = strdup(s);
#endif
214
  if (PREDICT_UNLIKELY(dup == NULL)) {
215
    log_err(LD_MM,"Out of memory on strdup(). Dying.");
216
217
218
219
220
    exit(1);
  }
  return dup;
}

221
222
223
224
225
/** Allocate and return a new string containing the first <b>n</b>
 * characters of <b>s</b>.  If <b>s</b> is longer than <b>n</b>
 * characters, only the first <b>n</b> are copied.  The result is
 * always NUL-terminated.  (Like strndup(s,n), but never returns
 * NULL.)
226
 */
227
char *
228
_tor_strndup(const char *s, size_t n DMALLOC_PARAMS)
229
{
230
  char *dup;
231
  tor_assert(s);
232
  tor_assert(n < SIZE_T_CEILING);
233
  dup = _tor_malloc((n+1) DMALLOC_FN_ARGS);
234
  /* Performance note: Ordinarily we prefer strlcpy to strncpy.  But
235
236
237
   * this function gets called a whole lot, and platform strncpy is
   * much faster than strlcpy when strlen(s) is much longer than n.
   */
Nick Mathewson's avatar
Nick Mathewson committed
238
  strncpy(dup, s, n);
239
  dup[n]='\0';
240
  return dup;
Nick Mathewson's avatar
Nick Mathewson committed
241
242
}

243
244
/** Allocate a chunk of <b>len</b> bytes, with the same contents as the
 * <b>len</b> bytes starting at <b>mem</b>. */
Nick Mathewson's avatar
Nick Mathewson committed
245
246
247
248
void *
_tor_memdup(const void *mem, size_t len DMALLOC_PARAMS)
{
  char *dup;
249
  tor_assert(len < SIZE_T_CEILING);
Nick Mathewson's avatar
Nick Mathewson committed
250
251
252
253
  tor_assert(mem);
  dup = _tor_malloc(len DMALLOC_FN_ARGS);
  memcpy(dup, mem, len);
  return dup;
254
255
}

256
257
258
/** Helper for places that need to take a function pointer to the right
 * spelling of "free()". */
void
259
260
_tor_free(void *mem)
{
261
262
263
  tor_free(mem);
}

264
265
266
267
268
269
270
271
#if defined(HAVE_MALLOC_GOOD_SIZE) && !defined(HAVE_MALLOC_GOOD_SIZE_PROTOTYPE)
/* Some version of Mac OSX have malloc_good_size in their libc, but not
 * actually defined in malloc/malloc.h.  We detect this and work around it by
 * prototyping.
 */
extern size_t malloc_good_size(size_t size);
#endif

272
/** Allocate and return a chunk of memory of size at least *<b>size</b>, using
273
274
275
276
277
278
 * the same resources we would use to malloc *<b>sizep</b>.  Set *<b>sizep</b>
 * to the number of usable bytes in the chunk of memory. */
void *
_tor_malloc_roundup(size_t *sizep DMALLOC_PARAMS)
{
#ifdef HAVE_MALLOC_GOOD_SIZE
279
  tor_assert(*sizep < SIZE_T_CEILING);
280
281
  *sizep = malloc_good_size(*sizep);
  return _tor_malloc(*sizep DMALLOC_FN_ARGS);
282
283
284
#elif 0 && defined(HAVE_MALLOC_USABLE_SIZE) && !defined(USE_DMALLOC)
  /* Never use malloc_usable_size(); it makes valgrind really unhappy,
   * and doesn't win much in terms of usable space where it exists. */
285
286
287
  void *result;
  tor_assert(*sizep < SIZE_T_CEILING);
  result = _tor_malloc(*sizep DMALLOC_FN_ARGS);
288
289
290
  *sizep = malloc_usable_size(result);
  return result;
#else
291
  return _tor_malloc(*sizep DMALLOC_FN_ARGS);
292
293
294
#endif
}

295
296
/** Call the platform malloc info function, and dump the results to the log at
 * level <b>severity</b>.  If no such function exists, do nothing. */
297
298
299
300
301
302
303
void
tor_log_mallinfo(int severity)
{
#ifdef HAVE_MALLINFO
  struct mallinfo mi;
  memset(&mi, 0, sizeof(mi));
  mi = mallinfo();
304
  tor_log(severity, LD_MM,
305
306
307
308
309
310
      "mallinfo() said: arena=%d, ordblks=%d, smblks=%d, hblks=%d, "
      "hblkhd=%d, usmblks=%d, fsmblks=%d, uordblks=%d, fordblks=%d, "
      "keepcost=%d",
      mi.arena, mi.ordblks, mi.smblks, mi.hblks,
      mi.hblkhd, mi.usmblks, mi.fsmblks, mi.uordblks, mi.fordblks,
      mi.keepcost);
311
312
#else
  (void)severity;
313
#endif
314
#ifdef USE_DMALLOC
315
316
317
318
319
  dmalloc_log_changed(0, /* Since the program started. */
                      1, /* Log info about non-freed pointers. */
                      0, /* Do not log info about freed pointers. */
                      0  /* Do not log individual pointers. */
                      );
320
#endif
321
322
}

323
324
325
326
/* =====
 * Math
 * ===== */

327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
/**
 * Returns the natural logarithm of d base 2.  We define this wrapper here so
 * as to make it easier not to conflict with Tor's log() macro.
 */
double
tor_mathlog(double d)
{
  return log(d);
}

/** Return the long integer closest to d.  We define this wrapper here so
 * that not all users of math.h need to use the right incancations to get
 * the c99 functions. */
long
tor_lround(double d)
{
343
#if defined(HAVE_LROUND)
344
  return lround(d);
345
346
347
348
#elif defined(HAVE_RINT)
  return (long)rint(d);
#else
  return (long)(d > 0 ? d + 0.5 : ceil(d - 0.5));
Gisle Vanem's avatar
Gisle Vanem committed
349
#endif
350
351
}

352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
/** Returns floor(log2(u64)).  If u64 is 0, (incorrectly) returns 0. */
int
tor_log2(uint64_t u64)
{
  int r = 0;
  if (u64 >= (U64_LITERAL(1)<<32)) {
    u64 >>= 32;
    r = 32;
  }
  if (u64 >= (U64_LITERAL(1)<<16)) {
    u64 >>= 16;
    r += 16;
  }
  if (u64 >= (U64_LITERAL(1)<<8)) {
    u64 >>= 8;
    r += 8;
  }
  if (u64 >= (U64_LITERAL(1)<<4)) {
    u64 >>= 4;
    r += 4;
  }
  if (u64 >= (U64_LITERAL(1)<<2)) {
    u64 >>= 2;
    r += 2;
  }
  if (u64 >= (U64_LITERAL(1)<<1)) {
    u64 >>= 1;
    r += 1;
  }
  return r;
}

/** Return the power of 2 closest to <b>u64</b>. */
uint64_t
round_to_power_of_2(uint64_t u64)
{
  int lg2 = tor_log2(u64);
  uint64_t low = U64_LITERAL(1) << lg2, high = U64_LITERAL(1) << (lg2+1);
  if (high - u64 < u64 - low)
    return high;
  else
    return low;
}

396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
/** Return the lowest x such that x is at least <b>number</b>, and x modulo
 * <b>divisor</b> == 0. */
unsigned
round_to_next_multiple_of(unsigned number, unsigned divisor)
{
  number += divisor - 1;
  number -= number % divisor;
  return number;
}

/** Return the lowest x such that x is at least <b>number</b>, and x modulo
 * <b>divisor</b> == 0. */
uint32_t
round_uint32_to_next_multiple_of(uint32_t number, uint32_t divisor)
{
  number += divisor - 1;
  number -= number % divisor;
  return number;
}

/** Return the lowest x such that x is at least <b>number</b>, and x modulo
 * <b>divisor</b> == 0. */
uint64_t
round_uint64_to_next_multiple_of(uint64_t number, uint64_t divisor)
{
  number += divisor - 1;
  number -= number % divisor;
  return number;
}

Nick Mathewson's avatar
Nick Mathewson committed
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
/** Return the number of bits set in <b>v</b>. */
int
n_bits_set_u8(uint8_t v)
{
  static const int nybble_table[] = {
    0, /* 0000 */
    1, /* 0001 */
    1, /* 0010 */
    2, /* 0011 */
    1, /* 0100 */
    2, /* 0101 */
    2, /* 0110 */
    3, /* 0111 */
    1, /* 1000 */
    2, /* 1001 */
    2, /* 1010 */
    3, /* 1011 */
    2, /* 1100 */
    3, /* 1101 */
    3, /* 1110 */
    4, /* 1111 */
  };

  return nybble_table[v & 15] + nybble_table[v>>4];
}

452
453
454
455
/* =====
 * String manipulation
 * ===== */

456
/** Remove from the string <b>s</b> every character which appears in
457
458
 * <b>strip</b>. */
void
459
tor_strstrip(char *s, const char *strip)
460
461
462
463
464
465
466
467
468
469
470
{
  char *read = s;
  while (*read) {
    if (strchr(strip, *read)) {
      ++read;
    } else {
      *s++ = *read++;
    }
  }
  *s = '\0';
}
471

472
/** Return a pointer to a NUL-terminated hexadecimal string encoding
473
 * the first <b>fromlen</b> bytes of <b>from</b>. (fromlen must be \<= 32.) The
474
475
476
 * result does not need to be deallocated, but repeated calls to
 * hex_str will trash old results.
 */
477
478
const char *
hex_str(const char *from, size_t fromlen)
479
480
481
482
{
  static char buf[65];
  if (fromlen>(sizeof(buf)-1)/2)
    fromlen = (sizeof(buf)-1)/2;
Nick Mathewson's avatar
Nick Mathewson committed
483
  base16_encode(buf,sizeof(buf),from,fromlen);
484
485
486
  return buf;
}

487
488
/** Convert all alphabetic characters in the nul-terminated string <b>s</b> to
 * lowercase. */
489
490
void
tor_strlower(char *s)
491
492
{
  while (*s) {
493
    *s = TOR_TOLOWER(*s);
494
495
496
497
    ++s;
  }
}

Nick Mathewson's avatar
Nick Mathewson committed
498
499
/** Convert all alphabetic characters in the nul-terminated string <b>s</b> to
 * lowercase. */
500
501
void
tor_strupper(char *s)
Nick Mathewson's avatar
Nick Mathewson committed
502
503
{
  while (*s) {
504
    *s = TOR_TOUPPER(*s);
Nick Mathewson's avatar
Nick Mathewson committed
505
506
507
508
    ++s;
  }
}

509
510
511
512
513
514
515
516
517
518
519
520
521
/** Return 1 if every character in <b>s</b> is printable, else return 0.
 */
int
tor_strisprint(const char *s)
{
  while (*s) {
    if (!TOR_ISPRINT(*s))
      return 0;
    s++;
  }
  return 1;
}

522
523
524
525
526
527
/** Return 1 if no character in <b>s</b> is uppercase, else return 0.
 */
int
tor_strisnonupper(const char *s)
{
  while (*s) {
528
    if (TOR_ISUPPER(*s))
529
530
531
532
533
534
      return 0;
    s++;
  }
  return 1;
}

535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
/** As strcmp, except that either string may be NULL.  The NULL string is
 * considered to be before any non-NULL string. */
int
strcmp_opt(const char *s1, const char *s2)
{
  if (!s1) {
    if (!s2)
      return 0;
    else
      return -1;
  } else if (!s2) {
    return 1;
  } else {
    return strcmp(s1, s2);
  }
}

552
/** Compares the first strlen(s2) characters of s1 with s2.  Returns as for
553
554
 * strcmp.
 */
555
556
int
strcmpstart(const char *s1, const char *s2)
557
558
559
560
561
{
  size_t n = strlen(s2);
  return strncmp(s1, s2, n);
}

562
563
564
565
566
567
568
569
570
571
572
573
/** Compare the s1_len-byte string <b>s1</b> with <b>s2</b>,
 * without depending on a terminating nul in s1.  Sorting order is first by
 * length, then lexically; return values are as for strcmp.
 */
int
strcmp_len(const char *s1, const char *s2, size_t s1_len)
{
  size_t s2_len = strlen(s2);
  if (s1_len < s2_len)
    return -1;
  if (s1_len > s2_len)
    return 1;
574
  return fast_memcmp(s1, s2, s2_len);
575
576
}

577
/** Compares the first strlen(s2) characters of s1 with s2.  Returns as for
578
579
 * strcasecmp.
 */
580
581
int
strcasecmpstart(const char *s1, const char *s2)
582
583
584
585
586
{
  size_t n = strlen(s2);
  return strncasecmp(s1, s2, n);
}

587
/** Compares the last strlen(s2) characters of s1 with s2.  Returns as for
588
589
 * strcmp.
 */
590
591
int
strcmpend(const char *s1, const char *s2)
592
593
594
595
596
597
598
599
{
  size_t n1 = strlen(s1), n2 = strlen(s2);
  if (n2>n1)
    return strcmp(s1,s2);
  else
    return strncmp(s1+(n1-n2), s2, n2);
}

600
/** Compares the last strlen(s2) characters of s1 with s2.  Returns as for
601
602
 * strcasecmp.
 */
603
604
int
strcasecmpend(const char *s1, const char *s2)
605
606
{
  size_t n1 = strlen(s1), n2 = strlen(s2);
Roger Dingledine's avatar
Roger Dingledine committed
607
  if (n2>n1) /* then they can't be the same; figure out which is bigger */
608
609
610
611
612
    return strcasecmp(s1,s2);
  else
    return strncasecmp(s1+(n1-n2), s2, n2);
}

613
614
615
/** Compare the value of the string <b>prefix</b> with the start of the
 * <b>memlen</b>-byte memory chunk at <b>mem</b>.  Return as for strcmp.
 *
616
617
 * [As fast_memcmp(mem, prefix, strlen(prefix)) but returns -1 if memlen is
 * less than strlen(prefix).]
618
619
 */
int
620
fast_memcmpstart(const void *mem, size_t memlen,
621
622
623
624
625
                const char *prefix)
{
  size_t plen = strlen(prefix);
  if (memlen < plen)
    return -1;
626
  return fast_memcmp(mem, prefix, plen);
627
628
}

629
/** Return a pointer to the first char of s that is not whitespace and
630
631
 * not a comment, or to the terminating NUL if no such character exists.
 */
632
633
634
const char *
eat_whitespace(const char *s)
{
635
  tor_assert(s);
636

637
638
639
640
641
642
643
644
645
646
647
648
649
  while (1) {
    switch (*s) {
    case '\0':
    default:
      return s;
    case ' ':
    case '\t':
    case '\n':
    case '\r':
      ++s;
      break;
    case '#':
      ++s;
650
      while (*s && *s != '\n')
651
        ++s;
652
653
654
655
    }
  }
}

656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
/** Return a pointer to the first char of s that is not whitespace and
 * not a comment, or to the terminating NUL if no such character exists.
 */
const char *
eat_whitespace_eos(const char *s, const char *eos)
{
  tor_assert(s);
  tor_assert(eos && s <= eos);

  while (s < eos) {
    switch (*s) {
    case '\0':
    default:
      return s;
    case ' ':
    case '\t':
    case '\n':
    case '\r':
      ++s;
      break;
    case '#':
      ++s;
      while (s < eos && *s && *s != '\n')
        ++s;
    }
  }
  return s;
}

685
686
/** Return a pointer to the first char of s that is not a space or a tab
 * or a \\r, or to the terminating NUL if no such character exists. */
687
688
689
const char *
eat_whitespace_no_nl(const char *s)
{
690
  while (*s == ' ' || *s == '\t' || *s == '\r')
691
692
693
694
    ++s;
  return s;
}

695
696
/** As eat_whitespace_no_nl, but stop at <b>eos</b> whether we have
 * found a non-whitespace character or not. */
697
698
699
const char *
eat_whitespace_eos_no_nl(const char *s, const char *eos)
{
700
  while (s < eos && (*s == ' ' || *s == '\t' || *s == '\r'))
701
702
703
704
    ++s;
  return s;
}

705
/** Return a pointer to the first char of s that is whitespace or <b>#</b>,
706
 * or to the terminating NUL if no such character exists.
707
 */
708
709
710
const char *
find_whitespace(const char *s)
{
711
  /* tor_assert(s); */
712
713
714
715
716
717
718
719
720
721
722
723
724
725
  while (1) {
    switch (*s)
    {
    case '\0':
    case '#':
    case ' ':
    case '\r':
    case '\n':
    case '\t':
      return s;
    default:
      ++s;
    }
  }
726
727
}

728
729
/** As find_whitespace, but stop at <b>eos</b> whether we have found a
 * whitespace or not. */
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
const char *
find_whitespace_eos(const char *s, const char *eos)
{
  /* tor_assert(s); */
  while (s < eos) {
    switch (*s)
    {
    case '\0':
    case '#':
    case ' ':
    case '\r':
    case '\n':
    case '\t':
      return s;
    default:
      ++s;
    }
  }
748
  return s;
749
750
}

751
/** Return the first occurrence of <b>needle</b> in <b>haystack</b> that
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
 * occurs at the start of a line (that is, at the beginning of <b>haystack</b>
 * or immediately after a newline).  Return NULL if no such string is found.
 */
const char *
find_str_at_start_of_line(const char *haystack, const char *needle)
{
  size_t needle_len = strlen(needle);

  do {
    if (!strncmp(haystack, needle, needle_len))
      return haystack;

    haystack = strchr(haystack, '\n');
    if (!haystack)
      return NULL;
    else
      ++haystack;
  } while (*haystack);

  return NULL;
}

774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
/** Returns true if <b>string</b> could be a C identifier.
    A C identifier must begin with a letter or an underscore and the
    rest of its characters can be letters, numbers or underscores. No
    length limit is imposed. */
int
string_is_C_identifier(const char *string)
{
  size_t iter;
  size_t length = strlen(string);
  if (!length)
    return 0;

  for (iter = 0; iter < length ; iter++) {
    if (iter == 0) {
      if (!(TOR_ISALPHA(string[iter]) ||
            string[iter] == '_'))
        return 0;
    } else {
      if (!(TOR_ISALPHA(string[iter]) ||
            TOR_ISDIGIT(string[iter]) ||
            string[iter] == '_'))
        return 0;
    }
  }

  return 1;
}

802
/** Return true iff the 'len' bytes at 'mem' are all zero. */
Nick Mathewson's avatar
Nick Mathewson committed
803
804
int
tor_mem_is_zero(const char *mem, size_t len)
805
806
807
808
809
{
  static const char ZERO[] = {
    0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0,
  };
  while (len >= sizeof(ZERO)) {
810
811
812
    /* It's safe to use fast_memcmp here, since the very worst thing an
     * attacker could learn is how many initial bytes of a secret were zero */
    if (fast_memcmp(mem, ZERO, sizeof(ZERO)))
813
814
815
816
817
818
      return 0;
    len -= sizeof(ZERO);
    mem += sizeof(ZERO);
  }
  /* Deal with leftover bytes. */
  if (len)
819
    return fast_memeq(mem, ZERO, len);
820
821
822
823

  return 1;
}

824
825
826
827
/** Return true iff the DIGEST_LEN bytes in digest are all zero. */
int
tor_digest_is_zero(const char *digest)
{
828
829
830
831
  static const uint8_t ZERO_DIGEST[] = {
    0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0
  };
  return tor_memeq(digest, ZERO_DIGEST, DIGEST_LEN);
832
833
}

834
835
836
837
838
839
840
/** Return true iff the DIGEST256_LEN bytes in digest are all zero. */
int
tor_digest256_is_zero(const char *digest)
{
  return tor_mem_is_zero(digest, DIGEST256_LEN);
}

841
842
/* Helper: common code to check whether the result of a strtol or strtoul or
 * strtoll is correct. */
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
#define CHECK_STRTOX_RESULT()                           \
  /* Was at least one character converted? */           \
  if (endptr == s)                                      \
    goto err;                                           \
  /* Were there unexpected unconverted characters? */   \
  if (!next && *endptr)                                 \
    goto err;                                           \
  /* Is r within limits? */                             \
  if (r < min || r > max)                               \
    goto err;                                           \
  if (ok) *ok = 1;                                      \
  if (next) *next = endptr;                             \
  return r;                                             \
 err:                                                   \
  if (ok) *ok = 0;                                      \
  if (next) *next = endptr;                             \
859
  return 0
860

861
862
863
864
865
866
867
868
869
870
871
/** Extract a long from the start of <b>s</b>, in the given numeric
 * <b>base</b>.  If <b>base</b> is 0, <b>s</b> is parsed as a decimal,
 * octal, or hex number in the syntax of a C integer literal.  If
 * there is unconverted data and <b>next</b> is provided, set
 * *<b>next</b> to the first unconverted character.  An error has
 * occurred if no characters are converted; or if there are
 * unconverted characters and <b>next</b> is NULL; or if the parsed
 * value is not between <b>min</b> and <b>max</b>.  When no error
 * occurs, return the parsed value and set *<b>ok</b> (if provided) to
 * 1.  When an error occurs, return 0 and set *<b>ok</b> (if provided)
 * to 0.
872
 */
873
long
874
875
tor_parse_long(const char *s, int base, long min, long max,
               int *ok, char **next)
876
{
877
878
  char *endptr;
  long r;
879

880
  r = strtol(s, &endptr, base);
881
  CHECK_STRTOX_RESULT();
882
883
}

Roger Dingledine's avatar
Roger Dingledine committed
884
/** As tor_parse_long(), but return an unsigned long. */
885
886
887
888
889
890
891
unsigned long
tor_parse_ulong(const char *s, int base, unsigned long min,
                unsigned long max, int *ok, char **next)
{
  char *endptr;
  unsigned long r;

892
893
  r = strtoul(s, &endptr, base);
  CHECK_STRTOX_RESULT();
894
}
895

896
897
898
899
900
901
902
903
904
905
906
/** As tor_parse_long(), but return a double. */
double
tor_parse_double(const char *s, double min, double max, int *ok, char **next)
{
  char *endptr;
  double r;

  r = strtod(s, &endptr);
  CHECK_STRTOX_RESULT();
}

Sebastian Hahn's avatar
typo    
Sebastian Hahn committed
907
/** As tor_parse_long, but return a uint64_t.  Only base 10 is guaranteed to
908
 * work for now. */
909
910
911
912
913
914
915
916
917
uint64_t
tor_parse_uint64(const char *s, int base, uint64_t min,
                 uint64_t max, int *ok, char **next)
{
  char *endptr;
  uint64_t r;

#ifdef HAVE_STRTOULL
  r = (uint64_t)strtoull(s, &endptr, base);
918
#elif defined(_WIN32)
919
#if defined(_MSC_VER) && _MSC_VER < 1300
920
921
922
  tor_assert(base <= 10);
  r = (uint64_t)_atoi64(s);
  endptr = (char*)s;
923
924
  while (TOR_ISSPACE(*endptr)) endptr++;
  while (TOR_ISDIGIT(*endptr)) endptr++;
925
#else
926
  r = (uint64_t)_strtoui64(s, &endptr, base);
927
#endif
928
929
930
931
#elif SIZEOF_LONG == 8
  r = (uint64_t)strtoul(s, &endptr, base);
#else
#error "I don't know how to parse 64-bit numbers."
932
#endif
933

934
935
936
  CHECK_STRTOX_RESULT();
}

937
938
939
940
/** Encode the <b>srclen</b> bytes at <b>src</b> in a NUL-terminated,
 * uppercase hexadecimal string; store it in the <b>destlen</b>-byte buffer
 * <b>dest</b>.
 */
941
942
void
base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
943
944
945
946
947
{
  const char *end;
  char *cp;

  tor_assert(destlen >= srclen*2+1);
948
  tor_assert(destlen < SIZE_T_CEILING);
949
950
951
952

  cp = dest;
  end = src+srclen;
  while (src<end) {
953
954
    *cp++ = "0123456789ABCDEF"[ (*(const uint8_t*)src) >> 4 ];
    *cp++ = "0123456789ABCDEF"[ (*(const uint8_t*)src) & 0xf ];
955
956
957
958
959
    ++src;
  }
  *cp = '\0';
}

960
/** Helper: given a hex digit, return its value, or -1 if it isn't hex. */
961
static INLINE int
962
_hex_decode_digit(char c)
963
{
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
  switch (c) {
    case '0': return 0;
    case '1': return 1;
    case '2': return 2;
    case '3': return 3;
    case '4': return 4;
    case '5': return 5;
    case '6': return 6;
    case '7': return 7;
    case '8': return 8;
    case '9': return 9;
    case 'A': case 'a': return 10;
    case 'B': case 'b': return 11;
    case 'C': case 'c': return 12;
    case 'D': case 'd': return 13;
    case 'E': case 'e': return 14;
    case 'F': case 'f': return 15;
    default:
      return -1;
  }
984
985
}

986
987
988
989
990
991
992
/** Helper: given a hex digit, return its value, or -1 if it isn't hex. */
int
hex_decode_digit(char c)
{
  return _hex_decode_digit(c);
}

993
/** Given a hexadecimal string of <b>srclen</b> bytes in <b>src</b>, decode it
994
995
 * and store the result in the <b>destlen</b>-byte buffer at <b>dest</b>.
 * Return 0 on success, -1 on failure. */
996
997
int
base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
998
999
{
  const char *end;
1000

For faster browsing, not all history is shown. View entire blame