From 34a01b2cf737d946ddb140618e28c3048ab7a229 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 8 Apr 2016 08:19:17 +0000 Subject: upstream commit whitespace at EOL Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6 --- sftp-client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sftp-client.c') diff --git a/sftp-client.c b/sftp-client.c index d49bfaaba..cd990579e 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.121 2016/02/11 02:21:34 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.122 2016/04/08 08:19:17 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -1601,7 +1601,7 @@ do_upload(struct sftp_conn *conn, const char *local_path, if (resume) { /* Get remote file size if it exists */ if ((c = do_stat(conn, remote_path, 0)) == NULL) { - close(local_fd); + close(local_fd); return -1; } -- cgit v1.2.3 From 1a31d02b2411c4718de58ce796dbb7b5e14db93e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Mon, 2 May 2016 08:49:03 +0000 Subject: upstream commit fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820 --- auth2-chall.c | 6 +++--- auth2.c | 6 +++--- kex.h | 7 ++++--- kexc25519.c | 6 +++--- monitor.c | 27 ++++++++++++++++----------- servconf.c | 5 +++-- sftp-client.c | 5 ++--- ssh-agent.c | 15 ++++++++------- ssh-keygen.c | 8 ++++---- sshbuf-misc.c | 25 ++++++++++++++++++++++++- sshbuf.h | 9 ++++++++- sshconnect2.c | 6 +++--- sshd.c | 51 +++++++++++++++++++++++++++++++-------------------- 13 files changed, 112 insertions(+), 64 deletions(-) (limited to 'sftp-client.c') diff --git a/auth2-chall.c b/auth2-chall.c index 4aff09d80..ead480318 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.44 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -122,8 +122,8 @@ kbdint_alloc(const char *devs) buffer_append(&b, devices[i]->name, strlen(devices[i]->name)); } - buffer_append(&b, "\0", 1); - kbdintctxt->devices = xstrdup(buffer_ptr(&b)); + if ((kbdintctxt->devices = sshbuf_dup_string(&b)) == NULL) + fatal("%s: sshbuf_dup_string failed", __func__); buffer_free(&b); } else { kbdintctxt->devices = xstrdup(devs); diff --git a/auth2.c b/auth2.c index 717796228..9108b8612 100644 --- a/auth2.c +++ b/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.135 2015/01/19 20:07:45 markus Exp $ */ +/* $OpenBSD: auth2.c,v 1.136 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -424,8 +424,8 @@ authmethods_get(Authctxt *authctxt) buffer_append(&b, authmethods[i]->name, strlen(authmethods[i]->name)); } - buffer_append(&b, "\0", 1); - list = xstrdup(buffer_ptr(&b)); + if ((list = sshbuf_dup_string(&b)) == NULL) + fatal("%s: sshbuf_dup_string failed", __func__); buffer_free(&b); return list; } diff --git a/kex.h b/kex.h index 1c5896605..131b8d93d 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.76 2016/02/08 10:57:07 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.77 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -205,8 +205,9 @@ int kex_ecdh_hash(int, const EC_GROUP *, const char *, const char *, const u_char *, size_t, const u_char *, size_t, const u_char *, size_t, const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *); -int kex_c25519_hash(int, const char *, const char *, const char *, size_t, - const char *, size_t, const u_char *, size_t, const u_char *, const u_char *, +int kex_c25519_hash(int, const char *, const char *, + const u_char *, size_t, const u_char *, size_t, + const u_char *, size_t, const u_char *, const u_char *, const u_char *, size_t, u_char *, size_t *); void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) diff --git a/kexc25519.c b/kexc25519.c index 8d8cd4a2b..0897b8c51 100644 --- a/kexc25519.c +++ b/kexc25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexc25519.c,v 1.9 2015/03/26 07:00:04 djm Exp $ */ +/* $OpenBSD: kexc25519.c,v 1.10 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -86,8 +86,8 @@ kex_c25519_hash( int hash_alg, const char *client_version_string, const char *server_version_string, - const char *ckexinit, size_t ckexinitlen, - const char *skexinit, size_t skexinitlen, + const u_char *ckexinit, size_t ckexinitlen, + const u_char *skexinit, size_t skexinitlen, const u_char *serverhostkeyblob, size_t sbloblen, const u_char client_dh_pub[CURVE25519_SIZE], const u_char server_dh_pub[CURVE25519_SIZE], diff --git a/monitor.c b/monitor.c index 6b780e480..dce920c23 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.158 2016/03/07 19:02:43 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.159 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -34,6 +34,7 @@ #include #include +#include #ifdef HAVE_PATHS_H #include #endif @@ -688,7 +689,8 @@ mm_answer_sign(int sock, Buffer *m) u_char *p = NULL, *signature = NULL; char *alg = NULL; size_t datlen, siglen, alglen; - int r, keyid, is_proof = 0; + int r, is_proof = 0; + u_int keyid; const char proof_req[] = "hostkeys-prove-00@openssh.com"; debug3("%s", __func__); @@ -697,6 +699,8 @@ mm_answer_sign(int sock, Buffer *m) (r = sshbuf_get_string(m, &p, &datlen)) != 0 || (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); + if (keyid > INT_MAX) + fatal("%s: invalid key ID", __func__); /* * Supported KEX types use SHA1 (20 bytes), SHA256 (32 bytes), @@ -1289,7 +1293,8 @@ static int monitor_valid_userblob(u_char *data, u_int datalen) { Buffer b; - char *p, *userstyle; + u_char *p; + char *userstyle, *cp; u_int len; int fail = 0; @@ -1314,26 +1319,26 @@ monitor_valid_userblob(u_char *data, u_int datalen) } if (buffer_get_char(&b) != SSH2_MSG_USERAUTH_REQUEST) fail++; - p = buffer_get_cstring(&b, NULL); + cp = buffer_get_cstring(&b, NULL); xasprintf(&userstyle, "%s%s%s", authctxt->user, authctxt->style ? ":" : "", authctxt->style ? authctxt->style : ""); - if (strcmp(userstyle, p) != 0) { - logit("wrong user name passed to monitor: expected %s != %.100s", - userstyle, p); + if (strcmp(userstyle, cp) != 0) { + logit("wrong user name passed to monitor: " + "expected %s != %.100s", userstyle, cp); fail++; } free(userstyle); - free(p); + free(cp); buffer_skip_string(&b); if (datafellows & SSH_BUG_PKAUTH) { if (!buffer_get_char(&b)) fail++; } else { - p = buffer_get_cstring(&b, NULL); - if (strcmp("publickey", p) != 0) + cp = buffer_get_cstring(&b, NULL); + if (strcmp("publickey", cp) != 0) fail++; - free(p); + free(cp); if (!buffer_get_char(&b)) fail++; buffer_skip_string(&b); diff --git a/servconf.c b/servconf.c index ba39dce1d..6111c5a94 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.286 2016/03/07 19:02:43 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.287 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2059,7 +2059,8 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf, debug2("%s: config %s len %d", __func__, filename, buffer_len(conf)); - obuf = cbuf = xstrdup(buffer_ptr(conf)); + if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL) + fatal("%s: sshbuf_dup_string failed", __func__); active = connectinfo ? 0 : 1; linenum = 1; while ((cp = strsep(&cbuf, "\n")) != NULL) { diff --git a/sftp-client.c b/sftp-client.c index cd990579e..faf14684c 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.122 2016/04/08 08:19:17 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.123 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -515,8 +515,7 @@ do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag, struct sshbuf *msg; u_int count, id, i, expected_id, ents = 0; size_t handle_len; - u_char type; - char *handle; + u_char type, *handle; int status = SSH2_FX_FAILURE; int r; diff --git a/ssh-agent.c b/ssh-agent.c index c38906d94..8aa25b30d 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.212 2016/02/15 09:47:49 dtucker Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.213 2016/05/02 08:49:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -144,8 +144,8 @@ char socket_dir[PATH_MAX]; #define LOCK_SALT_SIZE 16 #define LOCK_ROUNDS 1 int locked = 0; -char lock_passwd[LOCK_SIZE]; -char lock_salt[LOCK_SALT_SIZE]; +u_char lock_pwhash[LOCK_SIZE]; +u_char lock_salt[LOCK_SALT_SIZE]; extern char *__progname; @@ -677,7 +677,8 @@ static void process_lock_agent(SocketEntry *e, int lock) { int r, success = 0, delay; - char *passwd, passwdhash[LOCK_SIZE]; + char *passwd; + u_char passwdhash[LOCK_SIZE]; static u_int fail_count = 0; size_t pwlen; @@ -689,11 +690,11 @@ process_lock_agent(SocketEntry *e, int lock) if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0) fatal("bcrypt_pbkdf"); - if (timingsafe_bcmp(passwdhash, lock_passwd, LOCK_SIZE) == 0) { + if (timingsafe_bcmp(passwdhash, lock_pwhash, LOCK_SIZE) == 0) { debug("agent unlocked"); locked = 0; fail_count = 0; - explicit_bzero(lock_passwd, sizeof(lock_passwd)); + explicit_bzero(lock_pwhash, sizeof(lock_pwhash)); success = 1; } else { /* delay in 0.1s increments up to 10s */ @@ -710,7 +711,7 @@ process_lock_agent(SocketEntry *e, int lock) locked = 1; arc4random_buf(lock_salt, sizeof(lock_salt)); if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt), - lock_passwd, sizeof(lock_passwd), LOCK_ROUNDS) < 0) + lock_pwhash, sizeof(lock_pwhash), LOCK_ROUNDS) < 0) fatal("bcrypt_pbkdf"); success = 1; } diff --git a/ssh-keygen.c b/ssh-keygen.c index 478520123..079f10321 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.289 2016/05/02 08:49:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -883,7 +883,7 @@ do_fingerprint(struct passwd *pw) char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; int i, invalid = 1; const char *path; - long int lnum = 0; + u_long lnum = 0; if (!have_identity) ask_filename(pw, "Enter file in which the key is"); @@ -946,7 +946,7 @@ do_fingerprint(struct passwd *pw) } /* Retry after parsing leading hostname/key options */ if (public == NULL && (public = try_read_key(&cp)) == NULL) { - debug("%s:%ld: not a public key", path, lnum); + debug("%s:%lu: not a public key", path, lnum); continue; } @@ -1920,7 +1920,7 @@ do_show_cert(struct passwd *pw) FILE *f; char *cp, line[SSH_MAX_PUBKEY_BYTES]; const char *path; - long int lnum = 0; + u_long lnum = 0; if (!have_identity) ask_filename(pw, "Enter file in which the key is"); diff --git a/sshbuf-misc.c b/sshbuf-misc.c index 3da4b80e7..15dcfbc79 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.5 2015/10/05 17:11:21 djm Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.6 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -136,3 +136,26 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64) return 0; } +char * +sshbuf_dup_string(struct sshbuf *buf) +{ + const u_char *p = NULL, *s = sshbuf_ptr(buf); + size_t l = sshbuf_len(buf); + char *r; + + if (s == NULL || l > SIZE_MAX) + return NULL; + /* accept a nul only as the last character in the buffer */ + if (l > 0 && (p = memchr(s, '\0', l)) != NULL) { + if (p != s + l - 1) + return NULL; + l--; /* the nul is put back below */ + } + if ((r = malloc(l + 1)) == NULL) + return NULL; + if (l > 0) + memcpy(r, s, l); + r[l] = '\0'; + return r; +} + diff --git a/sshbuf.h b/sshbuf.h index 63495fbb0..52ff017cc 100644 --- a/sshbuf.h +++ b/sshbuf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.h,v 1.6 2015/12/10 07:01:35 mmcc Exp $ */ +/* $OpenBSD: sshbuf.h,v 1.7 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -239,6 +239,13 @@ char *sshbuf_dtob64(struct sshbuf *buf); /* Decode base64 data and append it to the buffer */ int sshbuf_b64tod(struct sshbuf *buf, const char *b64); +/* + * Duplicate the contents of a buffer to a string (caller to free). + * Returns NULL on buffer error, or if the buffer contains a premature + * nul character. + */ +char *sshbuf_dup_string(struct sshbuf *buf); + /* Macros for decoding/encoding integers */ #define PEEK_U64(p) \ (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \ diff --git a/sshconnect2.c b/sshconnect2.c index f7d0644e8..1dddf75aa 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.241 2016/04/28 14:30:21 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.242 2016/05/02 08:49:03 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1922,8 +1922,8 @@ authmethods_get(void) buffer_append(&b, method->name, strlen(method->name)); } } - buffer_append(&b, "\0", 1); - list = xstrdup(buffer_ptr(&b)); + if ((list = sshbuf_dup_string(&b)) == NULL) + fatal("%s: sshbuf_dup_string failed", __func__); buffer_free(&b); return list; } diff --git a/sshd.c b/sshd.c index d21aed515..8b8af2494 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.466 2016/03/07 19:02:43 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.467 2016/05/02 08:49:03 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -845,8 +845,8 @@ list_hostkey_types(void) break; } } - buffer_append(&b, "\0", 1); - ret = xstrdup(buffer_ptr(&b)); + if ((ret = sshbuf_dup_string(&b)) == NULL) + fatal("%s: sshbuf_dup_string failed", __func__); buffer_free(&b); debug("list_hostkey_types: %s", ret); return ret; @@ -1027,12 +1027,13 @@ usage(void) } static void -send_rexec_state(int fd, Buffer *conf) +send_rexec_state(int fd, struct sshbuf *conf) { - Buffer m; + struct sshbuf *m; + int r; - debug3("%s: entering fd = %d config len %d", __func__, fd, - buffer_len(conf)); + debug3("%s: entering fd = %d config len %zu", __func__, fd, + sshbuf_len(conf)); /* * Protocol from reexec master to child: @@ -1046,31 +1047,41 @@ send_rexec_state(int fd, Buffer *conf) * bignum q " * string rngseed (only if OpenSSL is not self-seeded) */ - buffer_init(&m); - buffer_put_cstring(&m, buffer_ptr(conf)); + if ((m = sshbuf_new()) == NULL) + fatal("%s: sshbuf_new failed", __func__); + if ((r = sshbuf_put_stringb(m, conf)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); #ifdef WITH_SSH1 if (sensitive_data.server_key != NULL && sensitive_data.server_key->type == KEY_RSA1) { - buffer_put_int(&m, 1); - buffer_put_bignum(&m, sensitive_data.server_key->rsa->e); - buffer_put_bignum(&m, sensitive_data.server_key->rsa->n); - buffer_put_bignum(&m, sensitive_data.server_key->rsa->d); - buffer_put_bignum(&m, sensitive_data.server_key->rsa->iqmp); - buffer_put_bignum(&m, sensitive_data.server_key->rsa->p); - buffer_put_bignum(&m, sensitive_data.server_key->rsa->q); + if ((r = sshbuf_put_u32(m, 1)) != 0 || + (r = sshbuf_put_bignum1(m, + sensitive_data.server_key->rsa->e)) != 0 || + (r = sshbuf_put_bignum1(m, + sensitive_data.server_key->rsa->n)) != 0 || + (r = sshbuf_put_bignum1(m, + sensitive_data.server_key->rsa->d)) != 0 || + (r = sshbuf_put_bignum1(m, + sensitive_data.server_key->rsa->iqmp)) != 0 || + (r = sshbuf_put_bignum1(m, + sensitive_data.server_key->rsa->p)) != 0 || + (r = sshbuf_put_bignum1(m, + sensitive_data.server_key->rsa->q)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); } else #endif - buffer_put_int(&m, 0); + if ((r = sshbuf_put_u32(m, 1)) != 0) + fatal("%s: buffer error: %s", __func__, ssh_err(r)); #if defined(WITH_OPENSSL) && !defined(OPENSSL_PRNG_ONLY) - rexec_send_rng_seed(&m); + rexec_send_rng_seed(m); #endif - if (ssh_msg_send(fd, 0, &m) == -1) + if (ssh_msg_send(fd, 0, m) == -1) fatal("%s: ssh_msg_send failed", __func__); - buffer_free(&m); + sshbuf_free(m); debug3("%s: done", __func__); } -- cgit v1.2.3 From 0e059cdf5fd86297546c63fa8607c24059118832 Mon Sep 17 00:00:00 2001 From: "schwarze@openbsd.org" Date: Wed, 25 May 2016 23:48:45 +0000 Subject: upstream commit To prevent screwing up terminal settings when printing to the terminal, for ASCII and UTF-8, escape bytes not forming characters and bytes forming non-printable characters with vis(3) VIS_OCTAL. For other character sets, abort printing of the current string in these cases. In particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * sanitize data received from the remote host; * sanitize filenames, usernames, and similar data even locally; * take character display widths into account for the progressmeter. This is believed to be sufficient to keep the local terminal safe on OpenBSD, but bad things can still happen on other systems with state-dependent locales because many places in the code print unencoded ASCII characters into the output stream. Using feedback from djm@ and martijn@, various aspects discussed with many others. deraadt@ says it should go in now, i probably already hesitated too long Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0 --- Makefile.in | 2 +- progressmeter.c | 51 +++++------ scp.c | 45 ++++++---- sftp-client.c | 9 +- sftp.c | 46 +++++----- utf8.c | 258 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ utf8.h | 24 ++++++ 7 files changed, 369 insertions(+), 66 deletions(-) create mode 100644 utf8.c create mode 100644 utf8.h (limited to 'sftp-client.c') diff --git a/Makefile.in b/Makefile.in index af758d035..6267fefda 100644 --- a/Makefile.in +++ b/Makefile.in @@ -82,7 +82,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ compat.o crc32.o deattack.o fatal.o hostfile.o \ log.o match.o md-sha256.o moduli.o nchan.o packet.o opacket.o \ readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ - atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o \ + atomicio.o key.o dispatch.o mac.o uidswap.o uuencode.o misc.o utf.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o smult_curve25519_ref.o \ diff --git a/progressmeter.c b/progressmeter.c index 3a455408c..4fed2f4f0 100644 --- a/progressmeter.c +++ b/progressmeter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: progressmeter.c,v 1.42 2016/03/02 22:42:40 dtucker Exp $ */ +/* $OpenBSD: progressmeter.c,v 1.43 2016/05/25 23:48:45 schwarze Exp $ */ /* * Copyright (c) 2003 Nils Nordman. All rights reserved. * @@ -31,6 +31,7 @@ #include #include +#include #include #include #include @@ -39,6 +40,7 @@ #include "progressmeter.h" #include "atomicio.h" #include "misc.h" +#include "utf8.h" #define DEFAULT_WINSIZE 80 #define MAX_WINSIZE 512 @@ -119,14 +121,14 @@ format_size(char *buf, int size, off_t bytes) void refresh_progress_meter(void) { - char buf[MAX_WINSIZE + 1]; + char buf[MAX_WINSIZE * 4 + 1]; off_t transferred; double elapsed, now; int percent; off_t bytes_left; int cur_speed; int hours, minutes, seconds; - int i, len; + size_t i; int file_len; transferred = *counter - (cur_pos ? cur_pos : start_pos); @@ -157,17 +159,16 @@ refresh_progress_meter(void) bytes_per_second = cur_speed; /* filename */ - buf[0] = '\0'; + buf[0] = '\r'; + buf[1] = '\0'; file_len = win_size - 35; if (file_len > 0) { - len = snprintf(buf, file_len + 1, "\r%s", file); - if (len < 0) - len = 0; - if (len >= file_len + 1) - len = file_len; - for (i = len; i < file_len; i++) - buf[i] = ' '; - buf[file_len] = '\0'; + (void) snmprintf(buf + 1, sizeof(buf) - 1 - 35, + &file_len, "%s", file); + i = strlen(buf); + while (++file_len < win_size - 35 && i + 1 < sizeof(buf)) + buf[i++] = ' '; + buf[i] = '\0'; } /* percent of transfer done */ @@ -175,18 +176,18 @@ refresh_progress_meter(void) percent = ((float)cur_pos / end_pos) * 100; else percent = 100; - snprintf(buf + strlen(buf), win_size - strlen(buf), + snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), " %3d%% ", percent); /* amount transferred */ - format_size(buf + strlen(buf), win_size - strlen(buf), + format_size(buf + strlen(buf), sizeof(buf) - strlen(buf), cur_pos); - strlcat(buf, " ", win_size); + strlcat(buf, " ", sizeof(buf)); /* bandwidth usage */ - format_rate(buf + strlen(buf), win_size - strlen(buf), + format_rate(buf + strlen(buf), sizeof(buf) - strlen(buf), (off_t)bytes_per_second); - strlcat(buf, "/s ", win_size); + strlcat(buf, "/s ", sizeof(buf)); /* ETA */ if (!transferred) @@ -195,9 +196,9 @@ refresh_progress_meter(void) stalled = 0; if (stalled >= STALL_TIME) - strlcat(buf, "- stalled -", win_size); + strlcat(buf, "- stalled -", sizeof(buf)); else if (bytes_per_second == 0 && bytes_left) - strlcat(buf, " --:-- ETA", win_size); + strlcat(buf, " --:-- ETA", sizeof(buf)); else { if (bytes_left > 0) seconds = bytes_left / bytes_per_second; @@ -210,19 +211,21 @@ refresh_progress_meter(void) seconds -= minutes * 60; if (hours != 0) - snprintf(buf + strlen(buf), win_size - strlen(buf), + snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "%d:%02d:%02d", hours, minutes, seconds); else - snprintf(buf + strlen(buf), win_size - strlen(buf), + snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), " %02d:%02d", minutes, seconds); if (bytes_left > 0) - strlcat(buf, " ETA", win_size); + strlcat(buf, " ETA", sizeof(buf)); else - strlcat(buf, " ", win_size); + strlcat(buf, " ", sizeof(buf)); } + if (win_size < 35) + buf[win_size] = '\0'; - atomicio(vwrite, STDOUT_FILENO, buf, win_size - 1); + atomicio(vwrite, STDOUT_FILENO, buf, strlen(buf)); last_update = now; } diff --git a/scp.c b/scp.c index 3f0d75090..43ca3fa09 100644 --- a/scp.c +++ b/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.185 2016/03/02 22:43:52 dtucker Exp $ */ +/* $OpenBSD: scp.c,v 1.186 2016/05/25 23:48:45 schwarze Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -96,6 +96,7 @@ #include #include #include +#include #include #include #include @@ -114,6 +115,7 @@ #include "log.h" #include "misc.h" #include "progressmeter.h" +#include "utf8.h" extern char *__progname; @@ -191,7 +193,7 @@ do_local_cmd(arglist *a) if (verbose_mode) { fprintf(stderr, "Executing:"); for (i = 0; i < a->num; i++) - fprintf(stderr, " %s", a->list[i]); + fmprintf(stderr, " %s", a->list[i]); fprintf(stderr, "\n"); } if ((pid = fork()) == -1) @@ -232,7 +234,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout) int pin[2], pout[2], reserved[2]; if (verbose_mode) - fprintf(stderr, + fmprintf(stderr, "Executing: program %s host %s, user %s, command %s\n", ssh_program, host, remuser ? remuser : "(unspecified)", cmd); @@ -307,7 +309,7 @@ do_cmd2(char *host, char *remuser, char *cmd, int fdin, int fdout) int status; if (verbose_mode) - fprintf(stderr, + fmprintf(stderr, "Executing: 2nd program %s host %s, user %s, command %s\n", ssh_program, host, remuser ? remuser : "(unspecified)", cmd); @@ -378,6 +380,8 @@ main(int argc, char **argv) /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); + setlocale(LC_CTYPE, ""); + /* Copy argv, because we modify it */ newargv = xcalloc(MAX(argc + 1, 1), sizeof(*newargv)); for (n = 0; n < argc; n++) @@ -810,9 +814,8 @@ syserr: run_err("%s: %s", name, strerror(errno)); snprintf(buf, sizeof buf, "C%04o %lld %s\n", (u_int) (stb.st_mode & FILEMODEMASK), (long long)stb.st_size, last); - if (verbose_mode) { - fprintf(stderr, "Sending file modes: %s", buf); - } + if (verbose_mode) + fmprintf(stderr, "Sending file modes: %s", buf); (void) atomicio(vwrite, remout, buf, strlen(buf)); if (response() < 0) goto next; @@ -889,7 +892,7 @@ rsource(char *name, struct stat *statp) (void) snprintf(path, sizeof path, "D%04o %d %.1024s\n", (u_int) (statp->st_mode & FILEMODEMASK), 0, last); if (verbose_mode) - fprintf(stderr, "Entering directory: %s", path); + fmprintf(stderr, "Entering directory: %s", path); (void) atomicio(vwrite, remout, path, strlen(path)); if (response() < 0) { closedir(dirp); @@ -929,7 +932,7 @@ sink(int argc, char **argv) off_t size, statbytes; unsigned long long ull; int setimes, targisdir, wrerrno = 0; - char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; + char ch, *cp, *np, *targ, *why, *vect[1], buf[2048], visbuf[2048]; struct timeval tv[2]; #define atime tv[0] @@ -964,12 +967,15 @@ sink(int argc, char **argv) } while (cp < &buf[sizeof(buf) - 1] && ch != '\n'); *cp = 0; if (verbose_mode) - fprintf(stderr, "Sink: %s", buf); + fmprintf(stderr, "Sink: %s", buf); if (buf[0] == '\01' || buf[0] == '\02') { - if (iamremote == 0) + if (iamremote == 0) { + (void) snmprintf(visbuf, sizeof(visbuf), + NULL, "%s", buf + 1); (void) atomicio(vwrite, STDERR_FILENO, - buf + 1, strlen(buf + 1)); + visbuf, strlen(visbuf)); + } if (buf[0] == '\02') exit(1); ++errs; @@ -1212,7 +1218,7 @@ screwup: int response(void) { - char ch, *cp, resp, rbuf[2048]; + char ch, *cp, resp, rbuf[2048], visbuf[2048]; if (atomicio(read, remin, &resp, sizeof(resp)) != sizeof(resp)) lostconn(0); @@ -1232,8 +1238,13 @@ response(void) *cp++ = ch; } while (cp < &rbuf[sizeof(rbuf) - 1] && ch != '\n'); - if (!iamremote) - (void) atomicio(vwrite, STDERR_FILENO, rbuf, cp - rbuf); + if (!iamremote) { + cp[-1] = '\0'; + (void) snmprintf(visbuf, sizeof(visbuf), + NULL, "%s\n", rbuf); + (void) atomicio(vwrite, STDERR_FILENO, + visbuf, strlen(visbuf)); + } ++errs; if (resp == 1) return (-1); @@ -1271,7 +1282,7 @@ run_err(const char *fmt,...) if (!iamremote) { va_start(ap, fmt); - vfprintf(stderr, fmt, ap); + vfmprintf(stderr, fmt, ap); va_end(ap); fprintf(stderr, "\n"); } @@ -1317,7 +1328,7 @@ okname(char *cp0) } while (*++cp); return (1); -bad: fprintf(stderr, "%s: invalid user name\n", cp0); +bad: fmprintf(stderr, "%s: invalid user name\n", cp0); return (0); } diff --git a/sftp-client.c b/sftp-client.c index faf14684c..0ca44a4d6 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.123 2016/05/02 08:49:03 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.124 2016/05/25 23:48:45 schwarze Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -53,6 +53,7 @@ #include "atomicio.h" #include "progressmeter.h" #include "misc.h" +#include "utf8.h" #include "sftp.h" #include "sftp-common.h" @@ -610,7 +611,7 @@ do_lsreaddir(struct sftp_conn *conn, const char *path, int print_flag, } if (print_flag) - printf("%s\n", longname); + mprintf("%s\n", longname); /* * Directory entries should never contain '/' @@ -1460,7 +1461,7 @@ download_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, return -1; } if (print_flag) - printf("Retrieving %s\n", src); + mprintf("Retrieving %s\n", src); if (dirattrib->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) mode = dirattrib->perm & 01777; @@ -1793,7 +1794,7 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst, return -1; } if (print_flag) - printf("Entering %s\n", src); + mprintf("Entering %s\n", src); attrib_clear(&a); stat_to_attrib(&sb, &a); diff --git a/sftp.c b/sftp.c index 3d2d13aaf..6a7048431 100644 --- a/sftp.c +++ b/sftp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.c,v 1.173 2016/04/08 08:19:17 djm Exp $ */ +/* $OpenBSD: sftp.c,v 1.174 2016/05/25 23:48:45 schwarze Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -49,6 +49,7 @@ typedef void EditLine; #endif #include #include +#include #include #include #include @@ -63,6 +64,7 @@ typedef void EditLine; #include "log.h" #include "pathnames.h" #include "misc.h" +#include "utf8.h" #include "sftp.h" #include "ssherr.h" @@ -644,9 +646,11 @@ process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, resume |= global_aflag; if (!quiet && resume) - printf("Resuming %s to %s\n", g.gl_pathv[i], abs_dst); + mprintf("Resuming %s to %s\n", + g.gl_pathv[i], abs_dst); else if (!quiet && !resume) - printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); + mprintf("Fetching %s to %s\n", + g.gl_pathv[i], abs_dst); if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { if (download_dir(conn, g.gl_pathv[i], abs_dst, NULL, pflag || global_pflag, 1, resume, @@ -735,10 +739,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, resume |= global_aflag; if (!quiet && resume) - printf("Resuming upload of %s to %s\n", g.gl_pathv[i], - abs_dst); + mprintf("Resuming upload of %s to %s\n", + g.gl_pathv[i], abs_dst); else if (!quiet && !resume) - printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst); + mprintf("Uploading %s to %s\n", + g.gl_pathv[i], abs_dst); if (pathname_is_dir(g.gl_pathv[i]) && (rflag || global_rflag)) { if (upload_dir(conn, g.gl_pathv[i], abs_dst, pflag || global_pflag, 1, resume, @@ -839,12 +844,12 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) attrib_to_stat(&d[n]->a, &sb); lname = ls_file(fname, &sb, 1, (lflag & LS_SI_UNITS)); - printf("%s\n", lname); + mprintf("%s\n", lname); free(lname); } else - printf("%s\n", d[n]->longname); + mprintf("%s\n", d[n]->longname); } else { - printf("%-*s", colspace, fname); + mprintf("%-*s", colspace, fname); if (c >= columns) { printf("\n"); c = 1; @@ -925,10 +930,10 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, } lname = ls_file(fname, g.gl_statv[i], 1, (lflag & LS_SI_UNITS)); - printf("%s\n", lname); + mprintf("%s\n", lname); free(lname); } else { - printf("%-*s", colspace, fname); + mprintf("%-*s", colspace, fname); if (c >= columns) { printf("\n"); c = 1; @@ -1456,7 +1461,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); for (i = 0; g.gl_pathv[i] && !interrupted; i++) { if (!quiet) - printf("Removing %s\n", g.gl_pathv[i]); + mprintf("Removing %s\n", g.gl_pathv[i]); err = do_rm(conn, g.gl_pathv[i]); if (err != 0 && err_abort) break; @@ -1556,7 +1561,8 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); for (i = 0; g.gl_pathv[i] && !interrupted; i++) { if (!quiet) - printf("Changing mode on %s\n", g.gl_pathv[i]); + mprintf("Changing mode on %s\n", + g.gl_pathv[i]); err = do_setstat(conn, g.gl_pathv[i], &a); if (err != 0 && err_abort) break; @@ -1586,12 +1592,12 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, aa->flags &= SSH2_FILEXFER_ATTR_UIDGID; if (cmdnum == I_CHOWN) { if (!quiet) - printf("Changing owner on %s\n", + mprintf("Changing owner on %s\n", g.gl_pathv[i]); aa->uid = n_arg; } else { if (!quiet) - printf("Changing group on %s\n", + mprintf("Changing group on %s\n", g.gl_pathv[i]); aa->gid = n_arg; } @@ -1601,7 +1607,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, } break; case I_PWD: - printf("Remote working directory: %s\n", *pwd); + mprintf("Remote working directory: %s\n", *pwd); break; case I_LPWD: if (!getcwd(path_buf, sizeof(path_buf))) { @@ -1609,7 +1615,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd, err = -1; break; } - printf("Local working directory: %s\n", path_buf); + mprintf("Local working directory: %s\n", path_buf); break; case I_QUIT: /* Processed below */ @@ -1678,7 +1684,7 @@ complete_display(char **list, u_int len) for (y = 0; list[y]; y++) { llen = strlen(list[y]); tmp = llen > len ? list[y] + len : ""; - printf("%-*s", colspace, tmp); + mprintf("%-*s", colspace, tmp); if (m >= columns) { printf("\n"); m = 1; @@ -2062,7 +2068,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) if (remote_is_dir(conn, dir) && file2 == NULL) { if (!quiet) - printf("Changing to: %s\n", dir); + mprintf("Changing to: %s\n", dir); snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); if (parse_dispatch_command(conn, cmd, &remote_path, 1) != 0) { @@ -2106,7 +2112,7 @@ interactive_loop(struct sftp_conn *conn, char *file1, char *file2) break; } if (!interactive) { /* Echo command */ - printf("sftp> %s", cmd); + mprintf("sftp> %s", cmd); if (strlen(cmd) > 0 && cmd[strlen(cmd) - 1] != '\n') printf("\n"); diff --git a/utf8.c b/utf8.c new file mode 100644 index 000000000..d6089bdec --- /dev/null +++ b/utf8.c @@ -0,0 +1,258 @@ +/* $OpenBSD: utf8.c,v 1.1 2016/05/25 23:48:45 schwarze Exp $ */ +/* + * Copyright (c) 2016 Ingo Schwarze + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Utility functions for multibyte-character handling, + * in particular to sanitize untrusted strings for terminal output. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "utf8.h" + +static int dangerous_locale(void); +static int vasnmprintf(char **, size_t, int *, const char *, va_list); + + +/* + * For US-ASCII and UTF-8 encodings, we can safely recover from + * encoding errors and from non-printable characters. For any + * other encodings, err to the side of caution and abort parsing: + * For state-dependent encodings, recovery is impossible. + * For arbitrary encodings, replacement of non-printable + * characters would be non-trivial and too fragile. + */ + +static int +dangerous_locale(void) { + char *loc; + + loc = nl_langinfo(CODESET); + return strcmp(loc, "US-ASCII") && strcmp(loc, "UTF-8"); +} + +/* + * The following two functions limit the number of bytes written, + * including the terminating '\0', to sz. Unless wp is NULL, + * they limit the number of display columns occupied to *wp. + * Whichever is reached first terminates the output string. + * To stay close to the standard interfaces, they return the number of + * non-NUL bytes that would have been written if both were unlimited. + * If wp is NULL, newline, carriage return, and tab are allowed; + * otherwise, the actual number of columns occupied by what was + * written is returned in *wp. + */ + +static int +vasnmprintf(char **str, size_t maxsz, int *wp, const char *fmt, va_list ap) +{ + char *src; /* Source string returned from vasprintf. */ + char *sp; /* Pointer into src. */ + char *dst; /* Destination string to be returned. */ + char *dp; /* Pointer into dst. */ + char *tp; /* Temporary pointer for dst. */ + size_t sz; /* Number of bytes allocated for dst. */ + size_t tsz; /* Temporary size while extending dst. */ + wchar_t wc; /* Wide character at sp. */ + int len; /* Number of bytes in the character at sp. */ + int ret; /* Number of bytes needed to format src. */ + int width; /* Display width of the character wc. */ + int total_width, max_width, print; + + src = dst = NULL; + if (vasprintf(&src, fmt, ap) <= 0) + goto fail; + + sz = strlen(src); + if ((dst = malloc(sz)) == NULL) + goto fail; + + if (maxsz > INT_MAX) + maxsz = INT_MAX; + + sp = src; + dp = dst; + ret = 0; + print = 1; + total_width = 0; + max_width = wp == NULL ? INT_MAX : *wp; + while (*sp != '\0') { + if ((len = mbtowc(&wc, sp, MB_CUR_MAX)) == -1) { + (void)mbtowc(NULL, NULL, MB_CUR_MAX); + if (dangerous_locale()) { + ret = -1; + break; + } + len = 1; + width = -1; + } else if (wp == NULL && + (wc == L'\n' || wc == L'\r' || wc == L'\t')) { + /* + * Don't use width uninitialized; the actual + * value doesn't matter because total_width + * is only returned for wp != NULL. + */ + width = 0; + } else if ((width = wcwidth(wc)) == -1 && + dangerous_locale()) { + ret = -1; + break; + } + + /* Valid, printable character. */ + + if (width >= 0) { + if (print && (dp - dst >= (int)maxsz - len || + total_width > max_width - width)) + print = 0; + if (print) { + total_width += width; + memcpy(dp, sp, len); + dp += len; + } + sp += len; + if (ret >= 0) + ret += len; + continue; + } + + /* Escaping required. */ + + while (len > 0) { + if (print && (dp - dst >= (int)maxsz - 4 || + total_width > max_width - 4)) + print = 0; + if (print) { + if (dp + 4 >= dst + sz) { + tsz = sz + 128; + if (tsz > maxsz) + tsz = maxsz; + tp = realloc(dst, tsz); + if (tp == NULL) { + ret = -1; + break; + } + dp = tp + (dp - dst); + dst = tp; + sz = tsz; + } + tp = vis(dp, *sp, VIS_OCTAL | VIS_ALL, 0); + width = tp - dp; + total_width += width; + dp = tp; + } else + width = 4; + len--; + sp++; + if (ret >= 0) + ret += width; + } + if (len > 0) + break; + } + free(src); + *dp = '\0'; + *str = dst; + if (wp != NULL) + *wp = total_width; + + /* + * If the string was truncated by the width limit but + * would have fit into the size limit, the only sane way + * to report the problem is using the return value, such + * that the usual idiom "if (ret < 0 || ret >= sz) error" + * works as expected. + */ + + if (ret < (int)maxsz && !print) + ret = -1; + return ret; + +fail: + free(src); + free(dst); + *str = NULL; + if (wp != NULL) + *wp = 0; + return -1; +} + +int +snmprintf(char *str, size_t sz, int *wp, const char *fmt, ...) +{ + va_list ap; + char *cp; + int ret; + + va_start(ap, fmt); + ret = vasnmprintf(&cp, sz, wp, fmt, ap); + va_end(ap); + (void)strlcpy(str, cp, sz); + free(cp); + return ret; +} + +/* + * To stay close to the standard interfaces, the following functions + * return the number of non-NUL bytes written. + */ + +int +vfmprintf(FILE *stream, const char *fmt, va_list ap) +{ + char *str; + int ret; + + if ((ret = vasnmprintf(&str, INT_MAX, NULL, fmt, ap)) < 0) + return -1; + if (fputs(str, stream) == EOF) + ret = -1; + free(str); + return ret; +} + +int +fmprintf(FILE *stream, const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = vfmprintf(stream, fmt, ap); + va_end(ap); + return ret; +} + +int +mprintf(const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = vfmprintf(stdout, fmt, ap); + va_end(ap); + return ret; +} diff --git a/utf8.h b/utf8.h new file mode 100644 index 000000000..43ce1d55d --- /dev/null +++ b/utf8.h @@ -0,0 +1,24 @@ +/* $OpenBSD: utf8.h,v 1.1 2016/05/25 23:48:45 schwarze Exp $ */ +/* + * Copyright (c) 2016 Ingo Schwarze + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +int mprintf(const char *, ...) + __attribute__((format(printf, 1, 2))); +int fmprintf(FILE *, const char *, ...) + __attribute__((format(printf, 2, 3))); +int vfmprintf(FILE *, const char *, va_list); +int snmprintf(char *, size_t, int *, const char *, ...) + __attribute__((format(printf, 4, 5))); -- cgit v1.2.3