/Python/mysnprintf.c

http://unladen-swallow.googlecode.com/ · C · 105 lines · 57 code · 8 blank · 40 comment · 10 complexity · 1788e73742ee1e82db401ef85d50d66c MD5 · raw file

  1. #include "Python.h"
  2. #include <ctype.h>
  3. /* snprintf() wrappers. If the platform has vsnprintf, we use it, else we
  4. emulate it in a half-hearted way. Even if the platform has it, we wrap
  5. it because platforms differ in what vsnprintf does in case the buffer
  6. is too small: C99 behavior is to return the number of characters that
  7. would have been written had the buffer not been too small, and to set
  8. the last byte of the buffer to \0. At least MS _vsnprintf returns a
  9. negative value instead, and fills the entire buffer with non-\0 data.
  10. The wrappers ensure that str[size-1] is always \0 upon return.
  11. PyOS_snprintf and PyOS_vsnprintf never write more than size bytes
  12. (including the trailing '\0') into str.
  13. If the platform doesn't have vsnprintf, and the buffer size needed to
  14. avoid truncation exceeds size by more than 512, Python aborts with a
  15. Py_FatalError.
  16. Return value (rv):
  17. When 0 <= rv < size, the output conversion was unexceptional, and
  18. rv characters were written to str (excluding a trailing \0 byte at
  19. str[rv]).
  20. When rv >= size, output conversion was truncated, and a buffer of
  21. size rv+1 would have been needed to avoid truncation. str[size-1]
  22. is \0 in this case.
  23. When rv < 0, "something bad happened". str[size-1] is \0 in this
  24. case too, but the rest of str is unreliable. It could be that
  25. an error in format codes was detected by libc, or on platforms
  26. with a non-C99 vsnprintf simply that the buffer wasn't big enough
  27. to avoid truncation, or on platforms without any vsnprintf that
  28. PyMem_Malloc couldn't obtain space for a temp buffer.
  29. CAUTION: Unlike C99, str != NULL and size > 0 are required.
  30. */
  31. int
  32. PyOS_snprintf(char *str, size_t size, const char *format, ...)
  33. {
  34. int rc;
  35. va_list va;
  36. va_start(va, format);
  37. rc = PyOS_vsnprintf(str, size, format, va);
  38. va_end(va);
  39. return rc;
  40. }
  41. int
  42. PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va)
  43. {
  44. int len; /* # bytes written, excluding \0 */
  45. #ifdef HAVE_SNPRINTF
  46. #define _PyOS_vsnprintf_EXTRA_SPACE 1
  47. #else
  48. #define _PyOS_vsnprintf_EXTRA_SPACE 512
  49. char *buffer;
  50. #endif
  51. assert(str != NULL);
  52. assert(size > 0);
  53. assert(format != NULL);
  54. /* We take a size_t as input but return an int. Sanity check
  55. * our input so that it won't cause an overflow in the
  56. * vsnprintf return value or the buffer malloc size. */
  57. if (size > INT_MAX - _PyOS_vsnprintf_EXTRA_SPACE) {
  58. len = -666;
  59. goto Done;
  60. }
  61. #ifdef HAVE_SNPRINTF
  62. len = vsnprintf(str, size, format, va);
  63. #else
  64. /* Emulate it. */
  65. buffer = PyMem_MALLOC(size + _PyOS_vsnprintf_EXTRA_SPACE);
  66. if (buffer == NULL) {
  67. len = -666;
  68. goto Done;
  69. }
  70. len = vsprintf(buffer, format, va);
  71. if (len < 0)
  72. /* ignore the error */;
  73. else if ((size_t)len >= size + _PyOS_vsnprintf_EXTRA_SPACE)
  74. Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf");
  75. else {
  76. const size_t to_copy = (size_t)len < size ?
  77. (size_t)len : size - 1;
  78. assert(to_copy < size);
  79. memcpy(str, buffer, to_copy);
  80. str[to_copy] = '\0';
  81. }
  82. PyMem_FREE(buffer);
  83. #endif
  84. Done:
  85. if (size > 0)
  86. str[size-1] = '\0';
  87. return len;
  88. #undef _PyOS_vsnprintf_EXTRA_SPACE
  89. }