1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-24 11:29:10 +00:00
Commit Graph

313 Commits

Author SHA1 Message Date
Andrey A. Chernov
7cf30ace84 Drop buffer first, _then_ ask for real position 2001-08-31 18:54:44 +00:00
Andrey A. Chernov
2ff678f5bb The same big piece of ftell code repeated in 3 places. Simplify things moving
it into one subfunction instead.
Try to use real offset in strange cases.
2001-08-31 18:23:29 +00:00
Andrey A. Chernov
ee75810413 If file offset is smaller than internal buffer character left count, just drop
internal buffer and trust offset, not return error.
2001-08-31 14:11:14 +00:00
Andrey A. Chernov
1dfa423639 Initialize _offset to 0 in fopen(), it helps to optimize fseek/ftell 2001-08-31 13:14:49 +00:00
Andrey A. Chernov
ca934ebcae Detect fp->_offset overflow on read
Use errno to catch negative seek with -1 offset
2001-08-31 12:55:22 +00:00
Ruslan Ermilov
d6002fef6f Use ``.Rv -std'' wherever possible.
Submitted by:	yar
2001-08-31 09:57:38 +00:00
Andrey A. Chernov
57935eeb3d Try to discard some ungetc data in saved internal buffer checks too,
if offset tends to be negative.
2001-08-30 20:49:47 +00:00
Andrey A. Chernov
77f71bc5ac goto dumb; if can't obtain curoff for whence != SEEK_CUR cases, as supposed 2001-08-30 20:19:45 +00:00
Andrey A. Chernov
e54bc118c1 Add more EOVERFLOW checks.
When file offset tends to be negative due to internal and ungetc buffers
additions counted, try to discard some ungetc data first, then return EBADF.
Later one can happens if lseek(fileno(fd),...) called f.e. POSIX says that
ungetc beyond beginning of the file results are undefined, so we can just
discard some of ungetc data in that case.

Don't rely on gcc cast when checking for overflow, use OFF_MAX.

Cosmetique.
2001-08-30 19:54:04 +00:00
Andrey A. Chernov
b0eeb07b5b Cosmetique fixes from bde 2001-08-26 10:38:29 +00:00
Andrey A. Chernov
f0d5097e06 Cosmetique: correct English in comments 2001-08-23 14:49:02 +00:00
Kris Kennaway
6dac8ac9e5 Mark some functions as __printflike() and/or taking const char * arguments
instead of char *.

MFC after:	2 weeks
2001-08-20 12:53:36 +00:00
Andrey A. Chernov
c5981656ea Add about rewind+errno, describe ESPIPE, minor formatting. 2001-08-19 08:24:50 +00:00
Andrey A. Chernov
98aa5183a2 Simplify overflow calculations a bit 2001-08-17 11:08:56 +00:00
Andrey A. Chernov
4a9f1ee4e5 Remove extra check, already done in upper level caller, i.e. in
_fseeko()
2001-08-17 10:43:03 +00:00
Andrey A. Chernov
5fdaf178ae Mention ftell & ftello in EOVERFLOW section too. 2001-08-17 10:29:09 +00:00
Andrey A. Chernov
b98ba4224b Add more overflow checks in case of fseek() 2001-08-17 10:22:03 +00:00
Andrey A. Chernov
68ce9bfb10 Don't clear "we have offset" flag even if long is overflow for fseek(),
there is no harm to have it, it will reduce next call efforts.
2001-08-17 10:06:46 +00:00
Andrey A. Chernov
71b5a4326d fseek.c:
Resulting fseek() offset must fit in long, required by POSIX (pointed by bde),
so add LONG_MAX and final tests for it.

rewind.c:
1) add missing __sinit() as in fseek() it pretends to be.
2) use clearerr_unlocked() since we already lock stream before _fseeko()
3) don't zero errno at the end, it explicitely required by POSIX as the
only one method to test rewind() error condition.
4) don't clearerr() if error happens in _fseeko()
2001-08-17 09:57:11 +00:00
Dima Dorfman
7bc6682520 Explain the relation of getchar() to getc() in less words.
Submitted by:	ru
2001-08-16 03:09:33 +00:00
Andrey A. Chernov
74b2772824 Use smarter overflow tests
Suggested by: bde
2001-08-15 20:10:38 +00:00
Andrey A. Chernov
d9e3eff33a 1) Disallow negative seek as POSIX require for fseek{o} (but not for lseek):
"[EINVAL] ... The resulting file-position indicator would be set to a
negative value."

Moreover, in real life negative seek in stdio cause EOF indicator cleared
and not set again forever even if EOF returned.

2) Catch few possible off_t overflows.

Reviewed by:	arch discussion
2001-08-15 02:07:47 +00:00
Peter Wemm
2b618987fe Rip out the old __stdin/out/err stuff. It was completely 100% useless. :-(
It was foiled because of dynamic copy relocations that caused compile-time
space to be reserved in .bss and at run time a blob of data was copied to
that space and everything used the .bss version..  The problem is that
the space is reserved at compile time, not runtime... So we *still* could
not change the size of FILE.  Sigh.  :-(

Replace it with something that does actually work and really does let us
make 'FILE' extendable.  It also happens to be the same as Linux does in
glibc, but has the slight cost of a pointer.  Note that this is the
same cost that 'fp = fopen(), fprintf(fp, ...); fclose(fp);' has.
Fortunately, actual references to stdin/out/err are not all that common
since we have implicit stdin/out/err-using versions of functions
(printf() vs. fprintf()).
2001-08-13 21:48:44 +00:00
Dima Dorfman
7f55e48eb1 Use .Fn, .Fa, and .Dv where appropriate. 2001-08-10 20:49:38 +00:00
Yaroslav Tykhiy
b1250632c5 Use the ``.Rv -std'' mdoc(7) macro in appropriate cases.
Reviewed by:	ru
2001-08-09 13:32:13 +00:00
Ruslan Ermilov
c4d9468ea0 mdoc(7) police:
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
Sheldon Hearn
549c291915 Avoid any chance of being misunderstood as having libelled developers
or developers' vendors without compromising the importance of warning
against bad practice.

Reported by:	mjacob
MFC after:	1 week
2001-07-29 15:08:14 +00:00
Dima Dorfman
7ebcc426ef Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
Ruslan Ermilov
a307d59838 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
Dima Dorfman
70d51341bf mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
Mike Heffner
0bada8603d Attempt to use the environment variable TMPDIR for the temporary
directory, defaulting to /tmp.

PR:		bin/16924
Reviewed by:	dd
MFC after:	2 weeks
2001-07-07 04:08:32 +00:00
Ruslan Ermilov
4988599f44 mdoc(7) police: fixed/simplified formatting. 2001-07-04 11:59:14 +00:00
Assar Westerlund
1866adc54f (cantwrite): do not allocate memory for a NULL string
PR:		misc/26044

MFC after:	1 week

Submitted by:	bde
2001-06-18 04:44:23 +00:00
Assar Westerlund
a52532c91a revert freeing of memory that gets allocated when str == NULL
(this will be fixed in a better way)

PR:		misc/26044
2001-06-18 04:40:52 +00:00
Assar Westerlund
207d92d043 free memory that gets allocated by vfprintf when str == NULL
PR:		misc/26044

MFC after:	1 week
2001-06-16 05:37:57 +00:00
Jens Schweikhardt
32b21f091e Add description for the 'll' modifier for long long. In essence a copy
from the 'l' description with s/long/long long/g.

PR:		27017
Submitted by:	Guy Harris <guy@alum.mit.edu>
MFC after:	2 weeks
2001-06-13 19:05:12 +00:00
Warner Losh
656f411d33 Back out my changes describing how snprintf nul terminates. It
was from the iso standard.  Keep the sentence that says it is always
NUL terminated to make sure that people understand that.

Requested by: bde
2001-06-05 23:39:45 +00:00
Warner Losh
890d5b436d Minor improvements:
o Explain snprintf's return value better.
o Document snprintf, et al, were defined in C-99
o Warn against %n.
2001-06-05 04:22:30 +00:00
Daniel Eischen
fcd70a7565 Properly initialize a temporary FILE that is allocated off the stack.
The change to reuse _up from FILE (to allow FILE to grow without changing
size) overlooked FILE being allocated off the stack.

Approved by:	sobomax
2001-06-04 12:36:07 +00:00
Gregory Neil Shapiro
1259dd85eb Correct the documentation for snprintf() and vsprintf() which actually
return the number of characters that would have been in the new string.

Obtained from:	OpenBSD
MFC after:	3 days
2001-05-30 23:47:14 +00:00
Eric Melville
2de2196026 Add warnings about trusting user-supplied data.
Reviewed by:	ru
Approved by:	murray
Obtained from:	OpenBSD
2001-05-25 20:42:40 +00:00
Ruslan Ermilov
2d105f1659 mdoc(7) police: fix markup. 2001-04-18 13:16:47 +00:00
Daniel Eischen
54fd7f685f To be consistent, use the __weak_reference macro from <sys/cdefs.h>
instead of #pragma weak to create weak definitions.  This macro is
improperly named, though, since a weak definition is not the same
thing as a weak reference.

Suggested by:	bde
2001-04-10 04:11:50 +00:00
Ruslan Ermilov
4a558355e5 MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
David E. O'Brien
eed5465d4e Fix style nit. 2001-03-05 11:10:12 +00:00
David E. O'Brien
2c4b10dd85 Fix style breakage. 2001-03-05 11:06:18 +00:00
Daniel Eischen
45d8008748 Hide the definition of struct __sFILEX and add the needed
lock definitions to it.  flockfile state is now allocated
along with the rest of FILE.  This eliminates the need for a
separate allocation of flockfile state as well as eliminating
the mutex/lock used to serialize its allocation.
2001-03-01 05:22:14 +00:00
Ruslan Ermilov
588a200ce1 .St -ansiC -> .St -isoC 2001-02-26 13:23:47 +00:00
Brian Feldman
75d4fd11cb Correctly handle the race itself, too (don't leave it locked).
This is about to be replaced anyway by initialization explicitly
instead of lazily, and reducing the complexity of it.  As it is
now, this will work fine, however.
2001-02-23 17:55:01 +00:00
Brian Feldman
93f9377a7c Use the right names to call pthread_mutex_{,un}lock so that things
work in both the libc only and libc/libc_r case.
2001-02-23 06:26:22 +00:00
Brian Feldman
4524204190 Fix the problems I (and others, undoubtedly) have been having for a
while with threaded software in -CURRENT acting very "weird".  It has
seemed, for example, in Mozilla that threads attempting to do host
lookups have been locking up.  That's exactly the case.

There was a race condition in the implementation of the initialization
of the mutex used to protect FILE operations, first of all: multiple
instances of FLOCKFILE() in libc could occur on the same FILE at
the same time and cause strange behavior by overwriting eachothers'
creation of the mutex and the rest of the file lock.

Secondly, it's not appropriate to test the "validity" of the file
descriptor referenced by the FILE; if the code is calling FLOCKFILE()
or FUNLOCKFILE(), it wants the FILE to be locked or unlocked, not
to be locked or unlocked on the condition that _file is >= 0.  This
also could quite easily cause leaks by failing to perform the lock or
unlock operation when it actually is needed.

Mozilla now works again on -CURRENT when linked to libc_r.so.5 and
libc.so.5.
2001-02-23 04:59:12 +00:00
Peter Wemm
3d92fc05aa Place some hooks (__stdin, __stdout, __stderr) into libc for a future
ABI change.  There is some serious evilness here to work around some
gcc weaknesses.  We need to know the sizeof(FILE) manually until __sF
goes away in the next major bump.  We have the size for Alpha and i386,
missing is ia64, ppc and sparc* (and i386 with 64 bit longs).
At some point down the track we can change the stdin etc #defines to
stop hard coding the size of FILE into application binaries.

Lots of head scratching and ideas and testing by: green, imp
2001-02-20 01:56:52 +00:00
Warner Losh
b0f8f42120 Extra needs to be initialized for our usual pool of FILEs. This was
causing some versions of as to dump core.  This survived make
buildworld/installworld and the building gettext port afterwards.

Submitted by: <nnd@mail.nsk.ru> "N.Dudorov"
Reviewed by: "Daniel M. Eischen" <eischen@vigrid.com>
2001-02-16 21:09:49 +00:00
Warner Losh
91e1be28dc Fix the current libc breakage in current:
o Back out the __std* stuff.  Can't figure out how to do this right now,
  so we'll save it for late.
o use _up as a pointer for extra fields that we need to access.
o back out the libc major version bump.

Submitted by: green
reviewed by: peter, imp, green, obrien (to varying degrees).

We'll fix the "how do we stop encoding sizeof(FILE) in binaries" part
later.
2001-02-16 06:11:22 +00:00
Tor Egge
2ffc61ba9c Remove freelists managed by Balloc/Bfree.
Change __dtoa to not free the string it allocated the previous time it was
called.  The caller now frees the string after usage if appropiate.

PR:		15070
Reviewed by:	deischen
2001-02-15 22:12:50 +00:00
Peter Wemm
ff9dc074b5 Commit a libc fix going by the current state of the version numbering
bikeshed in -arch.  It isn't quite over, but it has been well established
that this can be adjusted or refined.  But we do seem to have consensis
on a major bump of some sort.  After this, it should reasonably safe
to build world again.

This change is to get rid of __sF[] and use seperate __stdin/out/err
handles.  This means we can pad on extra bits onto the end of FILE
at will without going through this all over again.  __sF[] was evil
because it compiled the sizeof(FILE) into every stdio using program.

Asbestos suit on: check!
Peril sensitive sunglasses on: check!
*gulp!*
2001-02-14 05:00:20 +00:00
Peter Wemm
56f98998e9 It sounded like a good idea at the time. The previous change breaks
FILE *buffer = stdout;
so back it out for now.
2001-02-12 03:31:23 +00:00
Peter Wemm
9b8ff47f40 Take advantage of the current libc sizeof(FILE) breakage (__sF[]) and
try a hopefully more robust stdin/stdout/stderr.  This costs an indirect
pointer fetch, but saves us from changes in 'FILE'.  The __stdin stuff
is there to not pollute application name space if the application does
not use <stdio.h> and also in case something depended on the current
behavior where stdin etc was a #define.

Reviewed by:	eischen, dillon
2001-02-12 02:50:30 +00:00
Daniel Eischen
29ac6bd228 libc MT-safety, part 2.
Add a lock to FILE.  flockfile and friends are now implemented
(for the most part) in libc.  flockfile_debug is implemented in
libc_r; I suppose it's about time to kill it but will do it in
a future commit.

Fix a potential deadlock in _fwalk in a threaded environment.
A file flag (__SIGN) was added to stdio.h that, when set, tells
_fwalk to ignore it in its walk.  This seemed to be needed in
refill.c because each file needs to be locked when flushing.

Add a stub for pthread_self in libc.  This is needed by flockfile
which is allowed by POSIX to be recursive.

Make fgetpos() error return value (-1) match man page.

Remove recursive calls to locked functions (stdio); I think I've
got them all, but I may have missed a couple.

A few K&R -> ANSI conversions along with removal of a few instances
of "register".

$Id$ -> $FreeBSD$ in libc/stdio/rget.c

Not objected to:	-arch, a few months ago
2001-02-11 22:06:43 +00:00
Ruslan Ermilov
429d919c70 mdoc(7) police: mark LC_NUMERIC with .Dv. 2001-02-10 10:26:52 +00:00
Andrey A. Chernov
1c97c57770 Note that decimal point taken from locale (SUSv2) 2001-02-10 06:32:03 +00:00
Andrey A. Chernov
9ad80ab51f Take decimal point from locale instead of hardcoded '.' (SUSv2) 2001-02-10 06:25:33 +00:00
Andrey A. Chernov
36db56802d Note that decimal point character taken from locale (SUSv2) 2001-02-10 05:52:59 +00:00
Andrey A. Chernov
a2a135c94f Use decimal point from localeconv() instead of hardcoded '.' (SUSv2) 2001-02-10 05:46:05 +00:00
Tor Egge
d7e56cc908 Backout previous commit. Use of spinlocks was not approved.
PR:		15070
2001-02-09 20:31:48 +00:00
Tor Egge
1d538861ff Protect freelists managed by Balloc/Bfree with a spinlock.
Change __dtoa to not free the string it allocated the previous time it was
called.  The caller now frees the string after usage if appropiate.

PR:		15070
2001-02-08 20:22:28 +00:00
Maxim Sobolev
a06f15e4b8 Fix a f^Hdamn typo, which prevented to fopen() more that 17 files at once.
Tested by:	knu, sobomax and other #bsdcode'rs
2001-02-07 17:34:48 +00:00
Ruslan Ermilov
d0353b836e mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
Daniel Eischen
d201fe46e3 Remove _THREAD_SAFE and make libc thread-safe by default by
adding (weak definitions to) stubs for some of the pthread
functions.  If the threads library is linked in, the real
pthread functions will pulled in.

Use the following convention for system calls wrapped by the
threads library:
	__sys_foo - actual system call
	_foo - weak definition to __sys_foo
	foo - weak definition to __sys_foo

Change all libc uses of system calls wrapped by the threads
library from foo to _foo.  In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde).  All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes.  <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h  namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.

Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE.  We have recursive mutexes, but would like to avoid
using them if possible.

Remove uneeded includes of <errno.h> from a few files.

Add $FreeBSD$ to a few files in order to pass commitprep.

Approved by:	-arch
2001-01-24 13:01:12 +00:00
Archie Cobbs
42cebaa5c0 Fix bugs in the handling of > 8 positional arguments:
- The stack was getting smashed by __grow_type_table()
- reallocf() was being called with the wrong pointer
- The maximum argument number was being incorrectly computed

PR:	misc/23521
2001-01-06 20:48:00 +00:00
Ben Smithurst
7e7a6ec033 Make it a bit clearer that asprintf doesn't actually "return" a pointer in
the normal sense of the word, but does it through one of its arguments which
is a pointer to a pointer.

PR:		23717
Submitted by:	phk
2001-01-01 05:19:52 +00:00
Ruslan Ermilov
4263595653 Prepare for mdoc(7)NG. 2000-12-29 14:08:20 +00:00
Ruslan Ermilov
a2fd3702a3 mdoc(7) police: use canonical form of .Dd macro. 2000-12-11 15:15:20 +00:00
Ruslan Ermilov
3b8ecdbbbe mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:08:07 +00:00
Kris Kennaway
dc3f2db745 Update the documentation to describe the new mktemp() family behaviour.
Also notes that mkstemp() first appeared in 4.4BSD (change obtained
from OpenBSD)

Reviewed by:	sheldonh
2000-11-19 10:21:32 +00:00
Ruslan Ermilov
b5c508fba3 Use Fx macro wherever possible. 2000-11-14 11:20:58 +00:00
Kris Kennaway
f1303ab4b2 Increase the size of the mktemp() filename space by dropping the PID from
the encoding and using the character set [a-zA-Z0-9]. This gives a total
of 62^6 = 56800235584 possible temporary filenames for the usual default
invocation of 6 X's (compared to as few as 52 possibilities for the
previous algorithm where up to 5 characters were wasted by the PID).

Update some apparently bitrotten comments to reflect reality.

Audited by:	eivind, freebsd-audit
Reviewed by:	freebsd-current (a while ago)
Originally submitted by:	Peter Jeremy <Peter.Jeremy@alcatel.com.au>
2000-11-10 23:27:55 +00:00
Ruslan Ermilov
726b61ab5f Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
Eivind Eklund
11ab3fc7cb Better documentation of append mode. This should have gone in -current
directly.   Now also .Xr fseek reference.

Prodded by:	sheldonh
2000-09-22 12:55:36 +00:00
David Malone
ad8c1e6a09 According to the susv2 man pages I have, remove(3) should act as
rmdir(2) on directories and unlink(2) otherwise. This modification,
and most of the man page update has been obtined from OpenBSD. This
was spotted by someone on a mailing lists a few months ago, but
I've lost their mail.

Reviewed by:	sheldonh
2000-08-28 15:45:42 +00:00
Alexey Zelkin
03fc63031e Use `Er' variable to define first column width in ERRORS section. 2000-05-06 12:07:59 +00:00
Alexey Zelkin
25bb73e063 Introduce ".Lb" macro to libc manpages.
More libraries manpages updates following.
2000-04-21 09:42:15 +00:00
Jeroen Ruigrok van der Werven
1c7ac7e759 Fix typo, reported by George Cox.
Fix hard sentence breaks.

Submitted by:	George Cox <gjvc@sophos.com>
2000-04-12 13:38:26 +00:00
Sheldon Hearn
4e86fcacf6 Remove more single-space hard sentence breaks. 2000-03-02 14:54:02 +00:00
Sheldon Hearn
c6ff3a1bf7 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-02 09:14:21 +00:00
Jason Evans
9233c4d942 Simplify sytem call renaming. Instead of _foo() <-- _libc_foo <-- foo(),
just use _foo() <-- foo().  In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate.  In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().

Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().

Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().

Make thread cancellation fully POSIX-compliant.

Suggested by:	deischen
2000-01-27 23:07:25 +00:00
Sheldon Hearn
71207448cf Improve the explanation on the (in)security of mktemp(3). 2000-01-25 13:58:46 +00:00
Kris Kennaway
466c0416c8 We no longer care about the VAX and Tahoe compilers :-) 2000-01-17 01:28:00 +00:00
Jason Evans
929273386f Add three-tier symbol naming in support of POSIX thread cancellation
points.  For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep().  The arrows represent weak aliases.  For
system calls, the pattern is _read() <-- _libc_read() <-- read().
2000-01-12 09:23:48 +00:00
Kris Kennaway
3076db1900 Correct discrepancy between definition of argument to tempnam() and
the name by which it is referenced in the text.
2000-01-09 08:54:03 +00:00
Peter Wemm
5f02be00bc While comparing this with OpenBSD (ie: trying to figure out what mkstemps()
is good for... :-)), I discovered that part of the change when mkstemps()
was brought in was missed - it was missing the termination case to make
sure it doesn't walk into the suffix.  This isn't the same code OpenBSD
has, I think this is a little better as we terminate the loop in a better
spot.
1999-12-11 14:48:24 +00:00
Dmitrij Tejblum
dcd26325e8 Make __sfp() even more thread-safe. 1999-11-21 22:34:57 +00:00
Dmitrij Tejblum
32fc781e06 Add (FILE *) locking. 1999-11-20 14:52:03 +00:00
Dmitrij Tejblum
e33f599134 Make __sfp() (FILE allocator) thread-safe: added locking like in malloc(). 1999-11-20 14:01:48 +00:00
David E. O'Brien
3c0c03cdf1 Fix HISTORY - the copyright header on the file of the GCC version was
misleading.

Submitted by:	Theo de Raadt <deraadt@cvs.openbsd.org>
1999-11-20 00:15:17 +00:00
David E. O'Brien
b6419b666f Add to the HISTORY. 1999-11-19 17:13:31 +00:00
Andrey A. Chernov
bac6a61c15 Add unsigned char cast to isdigit 1999-11-04 04:57:05 +00:00
Andrey A. Chernov
5eb8ccf583 Remove UNSAFE_WARN ifdef for mktemp warning (never defined)
Use _mktemp internally
1999-10-24 11:57:24 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Warner Losh
028aace8e1 Add warnings, ala mktemp, to tempnam and tmpnam as a reminder that
these are inherently unsafe interfaces.

Do not allow TMPDIR to override path for setuid/setgid programs.
1999-08-21 17:56:44 +00:00
Robert Nordier
18e08df153 Treat an attempt to read from a write-only stream more consistently.
Submitted by: Anton Berezin <tobez@plab.ku.dk>
PR          : 12852
1999-08-10 21:36:51 +00:00
Bruce Evans
749a33625d Fixed missing "G" in the list item for the main description of %g and
%G formats.
1999-08-08 11:00:01 +00:00
Tim Vanderhoek
6a8e2895aa asprintf() does use realloc() internally, but saying so in the manpage can be
misinterpreted to mean that the pointer passed to asprintf() must be suitable
for passing to realloc() as-is (ie. either a NULL pointer or a valid pointer).
1999-07-25 17:38:59 +00:00
Nik Clayton
fbc400a67a Add $Id$, to make it simpler for members of the translation teams to
track.

The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;

     .\"    $Id$
     .\"

If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.

Approved by:            bde
1999-07-12 20:50:10 +00:00
Archie Cobbs
f24c2153d5 Add a note that when a stream opened via fdopen() is closed via fclose(),
the underlying file descriptor is also closed. To me at least this wasn't
immediately obvious.
1999-05-17 23:47:27 +00:00
Warner Losh
26ba999e7e Various language and style concerns fixed.
Noted by: bde
1999-04-09 18:26:46 +00:00
Warner Losh
2ee878400e Add mkstemps to the man page, and create a link for it.
Obtained from: OpenBSD
Poked in the eye about committing new functions without a manpage: obrien
1999-04-04 21:15:37 +00:00
Warner Losh
06b6a8ab98 Add mkstemps from OpenBSD. This has been in my tree for months and
hasn't caused any problems until the egcs import.  This fix breaks the
world build, but my very next commit will remove mkstemps from the
egcs build.
1999-04-04 20:28:04 +00:00
Doug Rabson
93263596ac Add support for long long modifier (e.g. %llx, %lld).
Reviewed by: bde
1999-03-11 22:44:02 +00:00
Bruce Evans
dcf01d60ba Fixed disordering and incoinsistent style in previous commit. 1999-03-05 13:01:22 +00:00
Bruce Evans
b300c1d8f9 The pseudocode in the synopsis didn't come close to actually
compiling, since <stdio.h> correctly doesn't declare off_t although
the pseudo-prototypes for the new fseeko() and ftello() functions
use it.  Handle this like the corresponding problem for va_list
versus the vprintf() family.

Fixed some English errors.
1999-03-05 12:56:37 +00:00
Tim Vanderhoek
654b249ced Decapitalize function name by prepending with word "The".
PR:		docs/10247
1999-02-26 01:28:06 +00:00
Dmitrij Tejblum
7307d07db6 Added functions fseeko() and ftello() (from susv2).
Fixed fgetpos() and fsetpos() for offsets > 2GB.

PR:		8637
Submitted by:	 Dan Nelson <dnelson@emsphone.com> (adjusted by me a little)
1999-02-08 21:32:38 +00:00
Eivind Eklund
70efdda93d Note that dying on NULL is an implementation detail. 1998-12-17 17:13:47 +00:00
Robert Nordier
e524a581b1 Check for a zero-length as well as a NULL string argument. 1998-10-29 14:40:20 +00:00
Peter Wemm
ed1bbda829 Revert last change. mkstemp() wasn't to blame, it's nvi. However,
mkstemp() is not behaving as documented.
1998-10-20 15:33:21 +00:00
Peter Wemm
eb356f9af0 Stop mk*temp() from being pathologically stupid in the face of a umask(0);
There are other ways to fix this than wrapping _gettemp(), but this was
the most convenient.

Discovered by: bde
1998-10-20 12:36:36 +00:00
Eivind Eklund
b41c848d46 Remove the description of EBADF (that's an implementation detail if I
ever saw one), and move the description of NULL behaviour out to a
'NOTES' section, with an extra note that programs should not rely up
on it.

Kinda-approve-by:	bde (by not replying to the mail with the diff)
1998-10-10 13:31:32 +00:00
Eivind Eklund
aef1f383cf program written under FreeBSD -> programs written under FreeBSD
Noticed by:	Alex Nash <nash@mcs.net>
1998-10-03 16:17:30 +00:00
Eivind Eklund
8bd4c21699 Document that we will core-dump on getting a NULL pointer. 1998-09-28 15:34:24 +00:00
David E. O'Brien
5846581c2e Apply patch to properly sscanf(3) when there is whitespace in the format
string.  From the submitted patch:

Credit for patch:	Chris Torek <torek@bsdi.com>
			Tod Miller  <millert@openbsd.org>

This makes us in line with SunOS 4.1.3_U1, Solaris 2.6, OpenBSD 2.3,
HP-UX 10.20, Irix 5.3.  The previous behavior was in line with Ultrix 4.4.

PR:		bin/7970
Submitted by:	Niall Smart nialls@euristix.ie
1998-09-25 12:20:27 +00:00
Warner Losh
e8420087b0 Replace memory leaking instances of realloc with non-leaking reallocf.
In some cases replace if (a == null) a = malloc(x); else a =
realloc(a, x); with simple reallocf(a, x).  Per ANSI-C, this is
guaranteed to be the same thing.

I've been running these on my system here w/o ill effects for some
time.  However, the CTM-express is at part 6 of 34 for the CAM
changes, so I've not been able to do a build world with the CAM in the
tree with these changes.  Shouldn't impact anything, but...
1998-09-16 04:17:47 +00:00
Peter Wemm
64a965e707 Replace my original asprintf() and vasprintf() hacks with something
more cleanly integrated with stdio.  This should be faster and cleaner
since it doesn't memcpy() the data into a seperate buffer.  This lets
stdio allocate and manage the buffer and then hand it over to the user.

Obtained from: Todd Miller <Todd.Miller@courtesan.com> via OpenBSD
1998-07-08 00:44:56 +00:00
Joseph Koshy
9c727d2ca9 Spelling corrections.
PR: 6868
Submitted by: Josh Gilliam <josh@quick.net>
1998-06-06 05:50:53 +00:00
John Birrell
f9a8e5fafb Remote the NetBSD kludge for vfprintf.c 1998-05-08 05:17:11 +00:00
John Birrell
77af5d1ac8 Don't assign the va_list variable 'ap' directly to the argtable because
va_list is not a pointer on alpha. Instead, use the va_arg() macro
to return the address that is stored in the argtable.
1998-05-08 05:10:32 +00:00
John Birrell
4c717fd74d Remove leading underscores for the functions (weak symbols here) that
POSIX defines.
1998-05-05 21:56:42 +00:00
Peter Wemm
4fea76f539 Fix a nasty flaw as a result of using the arc4random() pre-seeding of
leading XXX's.  It could wrap an uppercase character through chars
like:  [ \ ] ^ _ `  in between Z and a.  The backslash and back tick
might be particularly nasty in a shell script context.  Also, since
we've been using upper-case generated values for a while now, go with
the flow and use them in the pathname search rotation.
1998-04-14 07:25:05 +00:00
John Birrell
ec216c2634 Add FILE locking stubs for libc.
Change the FILE locking to support kernel threads when linked with
libpthread (which you haven't see yet). This requires that libc become
thread-safe and thread-aware, testing __isthreaded before attempting
to do lock/unlock calls. The impact on non-threaded programs is minor.
This change works with libc_r, so it's the best compromise.
1998-04-11 07:40:47 +00:00
Bruce Evans
034abff918 Fixed disordering and inconsistent style in previous commit. 1998-03-12 12:05:14 +00:00
John Birrell
e7b6782c39 Added #include <string.h> to get prototypes. 1998-03-09 06:51:23 +00:00
Stephen McKay
b8e5e42d0f Fixed a few ancient typos, added a little missing stuff, and updated
references to abort() in light of POSIX mandated behaviour.  I'm
still not 100% happy with much of the wording, but it's better
than it was.
1998-03-08 15:15:33 +00:00
Bruce Evans
87ad126763 Fixed uninitialized pointer in previous commit. mktemp() was broken.
I noticed cvs core dumps and uncleaned cvs temporary files in /tmp.

Fixed ANSIisms.
1998-03-03 14:38:36 +00:00
Warner Losh
2f253e75c8 Many security improvements from OpenBSD:
implement mkdtemp
	improve man page for mk*temp
	use arc4random to seed extra XXX's randomly
	Optionally warn of unsafe mktemp uses
From various commits by theo de raadt and Todd Miller.
Obtained from: OpenBSD

This should go into 2.2 after a testing period.
1998-02-13 02:13:24 +00:00
Andrey A. Chernov
b250f24856 size_t -> unsigned
in arguments length INT_MAX overflow check
Suggested-by: bde
1998-01-04 22:28:47 +00:00
Andrey A. Chernov
8c6d2f42e1 1. EOF was returned when the buffer size was larger than INT_MAX. This
case has very little to do with the output size being larger than
   INT_MAX.
2. The new #include of <limits.h> was disordered.
3. The new declaration of `on' was disordered (integer types go together).
4. Testing an unsigned value for > 0 was fishy.

Submitted by: bde
1998-01-01 20:15:58 +00:00
Andrey A. Chernov
92e88f87b9 Add overflow checks: if output size becomes bigger than INT_MAX,
just return EOF
1997-12-25 00:32:17 +00:00
Andrey A. Chernov
fb25537fb8 Correct type of stored argument place (from previous fix) 1997-12-24 23:54:19 +00:00
Andrey A. Chernov
947d101171 1) Restore back comment about snprintf()
2) Optimize string buffer copy to call memcpy() and update pointers
only for count > 0, it makes snprintf(NULL, 0, ...) more efficient
1997-12-24 23:23:18 +00:00
Andrey A. Chernov
6e690ad4ca Return back to BSD snprintf semantics which recent C9x standard adopts
instead of Singe Unix, thanx Bruce for explaining, I am not realize
standards war was there.

But now, fix n == 0 case to not return error and fix check for too
big n.

Things left to do: check for overflow in arguments.
1997-12-24 23:02:47 +00:00
Andrey A. Chernov
e0b123f6d0 1) Oops! Insert again if (n == 0) return 0.
Final word is Bruce's quote:

C9x specifies the BSD4.4-Lite behaviour:

       [#3] ...   Thus,  the
       null-terminated  output  has  been completely written if and
       only if the returned value is less than n.

It means that if we not have any null-terminated output as for n == 0
we can't return value less than n, so we forced to return value
equal to n i.e. 0

The next good thing is glibc compatibility, of course.

2) Do check for too big n in machine-independent way.
3) Minor optimization assuming EOF is < 0
1997-12-24 20:24:08 +00:00
Andrey A. Chernov
5ebfa8de69 Back out part related to "return 0 if n == 0" and return EOF as before.
The main argument is that it is impossible to determine if %n evaluated or not
when snprintf return 0, because it can happens for both n == 0 and n == 1.
Although EOF here is good indication of the end of process, if n is
decreased in the loop...
Since it is already supposed in many places that EOF *is* negative, f.e.
from Single Unix specs for snprintf
"return ... a negative value if an output error was encountered"
this not makes situation worse.
1997-12-24 14:32:40 +00:00
Andrey A. Chernov
97adcd5ba1 Fix snprintf(...%n...)
to pass not more than buffer size to %n agrument, old variant
always assume infinite buffer.
%n is for actually transmitted characters, not for planned ones.
1997-12-24 13:47:13 +00:00
Andrey A. Chernov
a65a537cb1 Remove wrong comment about snprintf:
"return the number of bytes needed, rather the number used"

According to Single Unix specs:

Upon successful completion, these functions return the number of bytes
transmitted excluding the terminating null
1997-12-24 13:17:13 +00:00
Andrey A. Chernov
4ecaf22055 snprintf return value fixes to conform Single Unix specs:
1) if buffer size is smaller than arguments size, return buffer
size, not arguments size as before.

2) if buffer size is 0, return 0, not EOF as before.
(now it is compatible with Linux and Apache implementations too).

NOTE: Single Unix specs says:

If the value of n {buffer size} is zero on a call to snprintf(), an
unspecified value less than 1 is returned.

It means we can't return EOF since EOF can take *any* value in general
not especially < 1. Better variant will be return -1 (it is less then
1 and different with n == 1 case) but -1 value is already occuped by
EOF in our implementation, so we can't distinguish true IO error
in that case. So 0 here is only possible case still conforming
to Single Unix specs.
1997-12-24 12:31:32 +00:00
Bruce Evans
6a93659f24 Comment that long double is poorly implemented, not that it is unimplemented. 1997-12-19 21:59:22 +00:00
Bruce Evans
8fddd06099 Fixed long double formats. They were mostly not implemented except
on systems where long doubles are just doubles.  FreeBSD hasn't
been such a system since it started using gcc-2.5 many years ago.
The fix is of low quality.  It loses precision.

scanf() of long doubles doesn't seem to be used much, but gdb-4.16
uses %Lg format in its expression parser if it thinks that the
system supports printf'ing of long doubles.  The symptom was that
floating point literals were usually interpreted to be 0.0.
1997-11-23 06:02:47 +00:00
Bruce Evans
b966cc2394 Sorted lists. 1997-10-21 08:41:15 +00:00
Bruce Evans
2bc3b4d735 Removed the subdirectory paths from the definitions of MAN[1-9]. They
were a workaround for limitations in bsd.man.mk that were fixed about
2 years ago.
1997-10-15 16:16:41 +00:00
Peter Wemm
e48f3cfbfc Rework previous commit.. I was confused by the number of diffs in the PR
and forgot what I was trying to do originally and accidently zapped
a feature. :-]  The problem is that we are converting a counted buffer in
a malloc pool into a null terminated C-style string.  I was calling realloc
originally to shrink the buffer to the desired size.  If realloc failed, we
still returned the valid buffer - the only thing wrong was it was a tad
too large.  The previous commit disabled this.

This commit now handles the three cases..
1: the buffer is exactly right for the null byte to terminate the
string (we don't call realloc).
2: it's got h.left = 0, so we must expand it to make room. If realloc
fails here, it's fatal.
3: if there's too much room, we realloc to shrink it - a failed realloc
is not fatal, we use the original buffer which is still valid.
1997-07-06 08:42:37 +00:00