1 /*
2 * Copyright (c) 2021 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "vsnprintf_s_p.h"
17
18 #include <cstdlib>
19 #include <cstring>
20 #include <stdio.h>
21
22 /* Define the max length of the string */
23 #ifndef SECUREC_STRING_MAX_LEN
24 #define SECUREC_STRING_MAX_LEN 0x7fffffffUL
25 #endif
26
27 #if SECUREC_STRING_MAX_LEN > 0x7fffffffUL
28 #error "max string is 2G"
29 #endif
30
31 #if defined(_WIN64) || defined(WIN64) || defined(__LP64__) || defined(_LP64)
32 #define SECUREC_ON_64BITS
33 #endif
34
35 #if defined(_DEBUG) || defined(DEBUG)
36 #if defined(SECUREC_ERROR_HANDLER_BY_ASSERT)
37 #define SECUREC_ERROR_INVALID_PARAMTER(msg) assert( msg "invalid argument" == NULL)
38 #define SECUREC_ERROR_INVALID_RANGE(msg) assert( msg "invalid dest buffer size" == NULL)
39 #elif defined(SECUREC_ERROR_HANDLER_BY_PRINTF)
40 #if SECUREC_IN_KERNEL
41 #define SECUREC_ERROR_INVALID_PARAMTER(msg) printk( "%s invalid argument\n",msg)
42 #define SECUREC_ERROR_INVALID_RANGE(msg) printk( "%s invalid dest buffer size\n", msg)
43 #else
44 #define SECUREC_ERROR_INVALID_PARAMTER(msg) printf( "%s invalid argument\n",msg)
45 #define SECUREC_ERROR_INVALID_RANGE(msg) printf( "%s invalid dest buffer size\n", msg)
46 #endif
47 #elif defined(SECUREC_ERROR_HANDLER_BY_FILE_LOG)
48 #define SECUREC_ERROR_INVALID_PARAMTER(msg) LogSecureCRuntimeError(msg " EINVAL\n")
49 #define SECUREC_ERROR_INVALID_RANGE(msg) LogSecureCRuntimeError(msg " ERANGE\n")
50 #else
51 #define SECUREC_ERROR_INVALID_PARAMTER(msg) ((void)0)
52 #define SECUREC_ERROR_INVALID_RANGE(msg) ((void)0)
53 #endif
54
55 #else
56 #define SECUREC_ERROR_INVALID_PARAMTER(msg) ((void)0)
57 #define SECUREC_ERROR_INVALID_RANGE(msg) ((void)0)
58 #define SECUREC_ERROR_BUFFER_OVERLAP(msg) ((void)0)
59 #endif
60
61 #define SECUREC_PRINTF_TRUNCATE (-2)
62 typedef struct {
63 int count;
64 char *cur;
65 } SecPrintfStream;
66
67 #ifdef SECUREC_STACK_SIZE_LESS_THAN_1K
68 /* SECUREC_BUFFER_SIZE Can not be less than 23 ,
69 *the length of the octal representation of 64-bit integers with zero lead
70 */
71 #define SECUREC_BUFFER_SIZE 256
72 #else
73 #define SECUREC_BUFFER_SIZE 512
74 #endif
75 #define SECUREC_MAX_PRECISION SECUREC_BUFFER_SIZE
76 /* max. # bytes in multibyte char ,see MB_LEN_MAX */
77 #define SECUREC_MB_LEN 16
78
79 #if (defined(_MSC_VER)) && (_MSC_VER >= 1400)
80 #define SECUREC_MASK_MSVC_CRT_WARNING __pragma(warning(push)) \
81 __pragma(warning(disable:4996 4127))
82 #define SECUREC_END_MASK_MSVC_CRT_WARNING __pragma(warning(pop))
83 #else
84 #define SECUREC_MASK_MSVC_CRT_WARNING
85 #define SECUREC_END_MASK_MSVC_CRT_WARNING
86 #endif
87
88 #define SECUREC_WHILE_ZERO SECUREC_MASK_MSVC_CRT_WARNING while (0) SECUREC_END_MASK_MSVC_CRT_WARNING
89
90 /* flag definitions */
91 /* Using macros instead of enumerations is because some of the enumerated types under the compiler are 16bit. */
92 #define SECUREC_FLAG_SIGN 0x00001U
93 #define SECUREC_FLAG_SIGN_SPACE 0x00002U
94 #define SECUREC_FLAG_LEFT 0x00004U
95 #define SECUREC_FLAG_LEADZERO 0x00008U
96 #define SECUREC_FLAG_LONG 0x00010U
97 #define SECUREC_FLAG_SHORT 0x00020U
98 #define SECUREC_FLAG_SIGNED 0x00040U
99 #define SECUREC_FLAG_ALTERNATE 0x00080U
100 #define SECUREC_FLAG_NEGATIVE 0x00100U
101 #define SECUREC_FLAG_FORCE_OCTAL 0x00200U
102 #define SECUREC_FLAG_LONG_DOUBLE 0x00400U
103 #define SECUREC_FLAG_WIDECHAR 0x00800U
104 #define SECUREC_FLAG_LONGLONG 0x01000U
105 #define SECUREC_FLAG_CHAR 0x02000U
106 #define SECUREC_FLAG_POINTER 0x04000U
107 #define SECUREC_FLAG_I64 0x08000U
108 #define SECUREC_FLAG_PTRDIFF 0x10000U
109 #define SECUREC_FLAG_SIZE 0x20000U
110 #ifdef SECUREC_COMPATIBLE_LINUX_FORMAT
111 #define SECUREC_FLAG_INTMAX 0x40000U
112 #endif
113
114 /* put a char to output */
115 #define SECUREC_PUTC(_c, _stream) ((--(_stream)->count >= 0) ? ((*(_stream)->cur++ = (char)(_c)) & 0xff) : EOF)
116 /* to clear e835 */
117 #define SECUREC_PUTC_ZERO(_stream) ((--(_stream)->count >= 0) ? ((*(_stream)->cur++ = (char)('\0'))) : EOF)
118
119 /* state definitions */
120 typedef enum {
121 STAT_NORMAL,
122 STAT_PERCENT,
123 STAT_FLAG,
124 STAT_WIDTH,
125 STAT_DOT,
126 STAT_PRECIS,
127 STAT_SIZE,
128 STAT_TYPE,
129 STAT_INVALID
130 } SecFmtState;
131
132 #ifndef HILOG_PROHIBIT_ALLOCATION
133 #ifndef SECUREC_MALLOC
134 #define SECUREC_MALLOC(x) malloc((size_t)(x))
135 #endif
136
137 #ifndef SECUREC_FREE
138 #define SECUREC_FREE(x) free((void *)(x))
139 #endif
140
141 #else
142 #define SECUREC_MALLOC(x) (nullptr)
143 #define SECUREC_FREE(x) { printf("Malloc is not allowed, so free should not be possible to execute!"); std::abort(); }
144 #endif
145
146 #if (defined(_WIN32) || defined(_WIN64) || defined(_MSC_VER)) || defined(__ARMCC_VERSION)
147 typedef __int64 SecInt64;
148 typedef unsigned __int64 SecUnsignedInt64;
149 #if defined(__ARMCC_VERSION)
150 typedef int SecInt32;
151 typedef unsigned int SecUnsignedInt32;
152 #else
153 typedef __int32 SecInt32;
154 typedef unsigned __int32 SecUnsignedInt32;
155 #endif
156 #else
157 typedef int SecInt32;
158 typedef unsigned int SecUnsignedInt32;
159 typedef long long SecInt64;
160 typedef unsigned long long SecUnsignedInt64;
161 #endif
162
SecWriteString(const char * string,int len,SecPrintfStream * f,int * pnumwritten)163 static inline void SecWriteString(const char *string, int len, SecPrintfStream *f, int *pnumwritten)
164 {
165 const char *str = string;
166 int count = len;
167 while (count-- > 0) {
168 if (SECUREC_PUTC(*str, f) == EOF) {
169 *pnumwritten = -1;
170 break;
171 } else {
172 ++(*pnumwritten);
173 ++str;
174 }
175 }
176 }
177
SecWriteMultiChar(char ch,int num,SecPrintfStream * f,int * pnumwritten)178 static inline void SecWriteMultiChar(char ch, int num, SecPrintfStream *f, int *pnumwritten)
179 {
180 int count = num;
181 while (count-- > 0) {
182 if (SECUREC_PUTC(ch, f) == EOF) {
183 *pnumwritten = -1;
184 break;
185 } else {
186 ++(*pnumwritten);
187 }
188 }
189 }
190
191 static inline int SecVsnprintfPImpl(char *string, size_t count, int priv, const char *format, va_list arglist);
192
193 /*******************************************************************************
194 * <FUNCTION DESCRIPTION>
195 * The vsnprintf_s function is equivalent to the vsnprintf function
196 * except for the parameter destMax/count and the explicit runtime-constraints violation
197 * The vsnprintf_s function takes a pointer to an argument list, then formats
198 * and writes up to count characters of the given data to the memory pointed
199 * to by strDest and appends a terminating null.
200 *
201 * <INPUT PARAMETERS>
202 * strDest Storage location for the output.
203 * destMax The size of the strDest for output.
204 * count Maximum number of character to write(not including
205 * the terminating NULL)
206 * priv_on whether print <private> for not-public args
207 * format Format-control string.
208 * arglist pointer to list of arguments.
209 *
210 * <OUTPUT PARAMETERS>
211 * strDest is updated
212 *
213 * <RETURN VALUE>
214 * return the number of characters written, not including the terminating null
215 * return -1 if an error occurs.
216 * return -1 if count < destMax and the output string has been truncated
217 *
218 * If there is a runtime-constraint violation, strDest[0] will be set to the '\0' when strDest and destMax valid
219 *******************************************************************************
220 */
221 HILOG_LOCAL_API
vsnprintfp_s(char * strDest,size_t destMax,size_t count,int priv,const char * format,va_list arglist)222 int vsnprintfp_s(char *strDest, size_t destMax, size_t count, int priv, const char *format, va_list arglist)
223 {
224 int retVal;
225
226 if (format == NULL || strDest == NULL || destMax == 0 || destMax > SECUREC_STRING_MAX_LEN ||
227 (count > (SECUREC_STRING_MAX_LEN - 1) && count != static_cast<size_t>(-1))) {
228 if (strDest != NULL && destMax > 0) {
229 strDest[0] = '\0';
230 }
231 SECUREC_ERROR_INVALID_PARAMTER("vsnprintfp_s");
232 return -1;
233 }
234
235 if (destMax > count) {
236 retVal = SecVsnprintfPImpl(strDest, count + 1, priv, format, arglist);
237 if (retVal == SECUREC_PRINTF_TRUNCATE) { /* lsd add to keep dest buffer not destroyed 2014.2.18 */
238 /* the string has been truncated, return -1 */
239 return -1; /* to skip error handler, return strlen(strDest) or -1 */
240 }
241 } else { /* destMax <= count */
242 retVal = SecVsnprintfPImpl(strDest, destMax, priv, format, arglist);
243 #ifdef SECUREC_COMPATIBLE_WIN_FORMAT
244 if (retVal == SECUREC_PRINTF_TRUNCATE && count == (size_t)-1) {
245 return -1;
246 }
247 #endif
248 }
249
250 if (retVal < 0) {
251 strDest[0] = '\0'; /* empty the dest strDest */
252
253 if (retVal == SECUREC_PRINTF_TRUNCATE) {
254 /* Buffer too small */
255 SECUREC_ERROR_INVALID_RANGE("vsnprintfp_s");
256 }
257
258 SECUREC_ERROR_INVALID_PARAMTER("vsnprintfp_s");
259 return -1;
260 }
261
262 return retVal;
263 }
264
265 HILOG_LOCAL_API
vsnprintfp_s(char * strDest,size_t destMax,size_t count,int priv,const char * format,...)266 int vsnprintfp_s(char *strDest, size_t destMax, size_t count, int priv, const char *format, ...)
267 {
268 va_list ap;
269 va_start(ap, format);
270 int ret = vsnprintfp_s(strDest, destMax, count, priv, format, ap);
271 va_end(ap);
272 return ret;
273 }
274
275 #ifdef SECUREC_FOR_WCHAR
276 #undef SECUREC_FOR_WCHAR
277 #endif
278
279 typedef char SecChar;
280 #define SECUREC_CHAR(x) x
281
282 #define SECUREC_WRITE_MULTI_CHAR SecWriteMultiChar
283 #define SECUREC_WRITE_STRING SecWriteString
284 #include "output_p.inl"
285
SecVsnprintfPImpl(char * string,size_t count,int priv,const char * format,va_list arglist)286 static inline int SecVsnprintfPImpl(char *string, size_t count, int priv, const char *format, va_list arglist)
287 {
288 SecPrintfStream str;
289 int retVal;
290
291 str.count = static_cast<int>(count); /* this count include \0 character */
292 str.cur = string;
293
294 retVal = SecOutputPS(&str, priv, format, arglist);
295 if ((retVal >= 0) && (SECUREC_PUTC_ZERO(&str) != EOF)) {
296 return (retVal);
297 } else if (str.count < 0) {
298 /* the buffer was too small; we return truncation */
299 string[count - 1] = 0;
300 return SECUREC_PRINTF_TRUNCATE;
301 }
302
303 return -1;
304 }
305