1 /*
2 * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * @OSF_COPYRIGHT@
30 */
31 /*
32 *(C)UNIX System Laboratories, Inc. all or some portions of this file are
33 * derived from material licensed to the University of California by
34 * American Telephone and Telegraph Co. or UNIX System Laboratories,
35 * Inc. and are reproduced herein with the permission of UNIX System
36 * Laboratories, Inc.
37 */
38
39 /*
40 * Mach Operating System
41 * Copyright (c) 1993,1991,1990,1989,1988 Carnegie Mellon University
42 * All Rights Reserved.
43 *
44 * Permission to use, copy, modify and distribute this software and its
45 * documentation is hereby granted, provided that both the copyright
46 * notice and this permission notice appear in all copies of the
47 * software, derivative works or modified versions, and any portions
48 * thereof, and that both notices appear in supporting documentation.
49 *
50 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
51 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
52 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
53 *
54 * Carnegie Mellon requests users of this software to return to
55 *
56 * Software Distribution Coordinator or [email protected]
57 * School of Computer Science
58 * Carnegie Mellon University
59 * Pittsburgh PA 15213-3890
60 *
61 * any improvements or extensions that they make and grant Carnegie Mellon
62 * the rights to redistribute these changes.
63 */
64 /*
65 */
66 /*
67 * Copyright (c) 1988 Regents of the University of California.
68 * All rights reserved.
69 *
70 * Redistribution and use in source and binary forms, with or without
71 * modification, are permitted provided that the following conditions
72 * are met:
73 * 1. Redistributions of source code must retain the above copyright
74 * notice, this list of conditions and the following disclaimer.
75 * 2. Redistributions in binary form must reproduce the above copyright
76 * notice, this list of conditions and the following disclaimer in the
77 * documentation and/or other materials provided with the distribution.
78 * 3. All advertising materials mentioning features or use of this software
79 * must display the following acknowledgement:
80 * This product includes software developed by the University of
81 * California, Berkeley and its contributors.
82 * 4. Neither the name of the University nor the names of its contributors
83 * may be used to endorse or promote products derived from this software
84 * without specific prior written permission.
85 *
86 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
87 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
88 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
89 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
90 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
91 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
92 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
93 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
94 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
95 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
96 * SUCH DAMAGE.
97 */
98
99 /*
100 * Copyright (c) 1998 Todd C. Miller <[email protected]>
101 * All rights reserved.
102 *
103 * Redistribution and use in source and binary forms, with or without
104 * modification, are permitted provided that the following conditions
105 * are met:
106 * 1. Redistributions of source code must retain the above copyright
107 * notice, this list of conditions and the following disclaimer.
108 * 2. Redistributions in binary form must reproduce the above copyright
109 * notice, this list of conditions and the following disclaimer in the
110 * documentation and/or other materials provided with the distribution.
111 * 3. The name of the author may not be used to endorse or promote products
112 * derived from this software without specific prior written permission.
113 *
114 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
115 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
116 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
117 * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
118 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
119 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
120 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
121 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
122 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
123 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
124 */
125
126 /*
127 * NOTICE: This file was modified by McAfee Research in 2004 to introduce
128 * support for mandatory and extensible security protections. This notice
129 * is included in support of clause 2.2 (b) of the Apple Public License,
130 * Version 2.0.
131 */
132 /*
133 * Random device subroutines and stubs.
134 */
135
136 #include <vm/vm_kern.h>
137 #include <kern/misc_protos.h>
138 #include <libsa/stdlib.h>
139 #include <sys/malloc.h>
140 #include <libkern/section_keywords.h>
141
142 /* String routines, from CMU */
143 #ifdef strcpy
144 #undef strcmp
145 #undef strncmp
146 #undef strcpy
147 #undef strlen
148 #endif
149
150 /* to prevent recursion in the _chk functions */
151 #undef strcat
152 #undef strncpy
153 #undef strncat
154 #undef memcpy
155 #undef memset
156 #undef memmove
157 #undef strlcpy
158 #undef strlcat
159 /*
160 * Abstract:
161 * strcmp (s1, s2) compares the strings "s1" and "s2".
162 * It returns 0 if the strings are identical. It returns
163 * > 0 if the first character that differs in the two strings
164 * is larger in s1 than in s2 or if s1 is longer than s2 and
165 * the contents are identical up to the length of s2.
166 * It returns < 0 if the first differing character is smaller
167 * in s1 than in s2 or if s1 is shorter than s2 and the
168 * contents are identical upto the length of s1.
169 * Deprecation Warning:
170 * strcmp() is being deprecated. Please use strncmp() instead.
171 */
172
173 int
strcmp(const char * s1,const char * s2)174 strcmp(
175 const char *s1,
176 const char *s2)
177 {
178 unsigned int a, b;
179
180 do {
181 a = *s1++;
182 b = *s2++;
183 if (a != b) {
184 return a - b; /* includes case when
185 * 'a' is zero and 'b' is not zero
186 * or vice versa */
187 }
188 } while (a != '\0');
189
190 return 0; /* both are zero */
191 }
192
193 /*
194 * Abstract:
195 * strncmp (s1, s2, n) compares the strings "s1" and "s2"
196 * in exactly the same way as strcmp does. Except the
197 * comparison runs for at most "n" characters.
198 */
199
200 #if !defined __arm__ && !defined __arm64__
201 // ARM implementation in ../arm/strncmp.s
202 // ARM64 implementation in ../arm64/strncmp.s
203 int
strncmp(const char * s1,const char * s2,size_t n)204 strncmp(
205 const char *s1,
206 const char *s2,
207 size_t n)
208 {
209 unsigned int a, b;
210
211 while (n != 0) {
212 a = *s1++;
213 b = *s2++;
214 if (a != b) {
215 return a - b; /* includes case when
216 * 'a' is zero and 'b' is not zero
217 * or vice versa */
218 }
219 if (a == '\0') {
220 return 0; /* both are zero */
221 }
222 n--;
223 }
224
225 return 0;
226 }
227 #endif // #ifndef __arm__
228
229
230 //
231 // Lame implementation just for use by strcasecmp/strncasecmp
232 //
233 static int
tolower(unsigned char ch)234 tolower(unsigned char ch)
235 {
236 if (ch >= 'A' && ch <= 'Z') {
237 ch = 'a' + (ch - 'A');
238 }
239
240 return ch;
241 }
242
243 int
strcasecmp(const char * s1,const char * s2)244 strcasecmp(const char *s1, const char *s2)
245 {
246 const unsigned char *us1 = (const u_char *)s1,
247 *us2 = (const u_char *)s2;
248
249 while (tolower(*us1) == tolower(*us2++)) {
250 if (*us1++ == '\0') {
251 return 0;
252 }
253 }
254 return tolower(*us1) - tolower(*--us2);
255 }
256
257 int
strncasecmp(const char * s1,const char * s2,size_t n)258 strncasecmp(const char *s1, const char *s2, size_t n)
259 {
260 if (n != 0) {
261 const unsigned char *us1 = (const u_char *)s1,
262 *us2 = (const u_char *)s2;
263
264 do {
265 if (tolower(*us1) != tolower(*us2++)) {
266 return tolower(*us1) - tolower(*--us2);
267 }
268 if (*us1++ == '\0') {
269 break;
270 }
271 } while (--n != 0);
272 }
273 return 0;
274 }
275
276 char *
strchr(const char * s,int c)277 strchr(const char *s, int c)
278 {
279 if (!s) {
280 return NULL;
281 }
282
283 do {
284 if (*s == c) {
285 return __CAST_AWAY_QUALIFIER(s, const, char *);
286 }
287 } while (*s++);
288
289 return NULL;
290 }
291
292 char *
strrchr(const char * s,int c)293 strrchr(const char *s, int c)
294 {
295 const char *found = NULL;
296
297 if (!s) {
298 return NULL;
299 }
300
301 do {
302 if (*s == c) {
303 found = s;
304 }
305 } while (*s++);
306
307 return __CAST_AWAY_QUALIFIER(found, const, char *);
308 }
309
310 #if CONFIG_VSPRINTF
311 /*
312 * Abstract:
313 * strcpy copies the contents of the string "from" including
314 * the null terminator to the string "to". A pointer to "to"
315 * is returned.
316 * Deprecation Warning:
317 * strcpy() is being deprecated. Please use strlcpy() instead.
318 */
319 char *
strcpy(char * to,const char * from)320 strcpy(
321 char *to,
322 const char *from)
323 {
324 char *ret = to;
325
326 while ((*to++ = *from++) != '\0') {
327 continue;
328 }
329
330 return ret;
331 }
332 #endif
333
334 /*
335 * Abstract:
336 * strncpy copies "count" characters from the "from" string to
337 * the "to" string. If "from" contains less than "count" characters
338 * "to" will be padded with null characters until exactly "count"
339 * characters have been written. The return value is a pointer
340 * to the "to" string.
341 */
342
343 #if !defined __arm__ && !defined __arm64__
344 // ARM and ARM64 implementation in ../arm/strncpy.c
345 #undef strncpy
346 char *
strncpy(char * s1,const char * s2,size_t n)347 strncpy(
348 char *s1,
349 const char *s2,
350 size_t n)
351 {
352 char *os1 = s1;
353 unsigned long i;
354
355 for (i = 0; i < n;) {
356 if ((*s1++ = *s2++) == '\0') {
357 for (i++; i < n; i++) {
358 *s1++ = '\0';
359 }
360 } else {
361 i++;
362 }
363 }
364 return os1;
365 }
366 #endif // #ifndef __arm__
367
368 /*
369 * atoi:
370 *
371 * This function converts an ascii string into an integer.
372 *
373 * input : string
374 * output : a number
375 */
376
377 int
atoi(const char * cp)378 atoi(const char *cp)
379 {
380 int number;
381
382 for (number = 0; ('0' <= *cp) && (*cp <= '9'); cp++) {
383 number = (number * 10) + (*cp - '0');
384 }
385
386 return number;
387 }
388
389 /*
390 * Does the same thing as strlen, except only looks up
391 * to max chars inside the buffer.
392 * Taken from archive/kern-stuff/sbf_machine.c in
393 * seatbelt.
394 * inputs:
395 * s string whose length is to be measured
396 * max maximum length of string to search for null
397 * outputs:
398 * length of s or max; whichever is smaller
399 */
400
401 #if !defined __arm__ && !defined __arm64__
402 // ARM implementation in ../arm/strnlen.s
403 // ARM64 implementation in ../arm64/strnlen.s
404 #undef strnlen
405 size_t
strnlen(const char * s,size_t max)406 strnlen(const char *s, size_t max)
407 {
408 const char *es = s + max, *p = s;
409 while (p != es && *p) {
410 p++;
411 }
412
413 return p - s;
414 }
415 #endif // #ifndef __arm__
416
417 /*
418 * convert an integer to an ASCII string.
419 * inputs:
420 * num integer to be converted
421 * str string pointer.
422 *
423 * outputs:
424 * pointer to string start.
425 */
426
427 char *
itoa(int num,char * str)428 itoa(
429 int num,
430 char *str)
431 {
432 char digits[11];
433 char *dp;
434 char *cp = str;
435
436 if (num == 0) {
437 *cp++ = '0';
438 } else {
439 dp = digits;
440 while (num) {
441 *dp++ = '0' + num % 10;
442 num /= 10;
443 }
444 while (dp != digits) {
445 *cp++ = *--dp;
446 }
447 }
448 *cp++ = '\0';
449
450 return str;
451 }
452
453 #if CONFIG_VSPRINTF
454 /*
455 * Deprecation Warning:
456 * strcat() is being deprecated. Please use strlcat() instead.
457 */
458 char *
strcat(char * dest,const char * src)459 strcat(
460 char *dest,
461 const char *src)
462 {
463 char *old = dest;
464
465 while (*dest) {
466 ++dest;
467 }
468 while ((*dest++ = *src++)) {
469 ;
470 }
471 return old;
472 }
473 #endif
474
475 /*
476 * Appends src to string dst of size siz (unlike strncat, siz is the
477 * full size of dst, not space left). At most siz-1 characters
478 * will be copied. Always NUL terminates (unless siz <= strlen(dst)).
479 * Returns strlen(src) + MIN(siz, strlen(initial dst)).
480 * If retval >= siz, truncation occurred.
481 */
482 #undef strlcat
483 size_t
strlcat(char * dst,const char * src,size_t siz)484 strlcat(char *dst, const char *src, size_t siz)
485 {
486 char *d = dst;
487 const char *s = src;
488 size_t n = siz;
489 size_t dlen;
490
491 /* Find the end of dst and adjust bytes left but don't go past end */
492 while (n-- != 0 && *d != '\0') {
493 d++;
494 }
495 dlen = d - dst;
496 n = siz - dlen;
497
498 if (n == 0) {
499 return dlen + strlen(s);
500 }
501 while (*s != '\0') {
502 if (n != 1) {
503 *d++ = *s;
504 n--;
505 }
506 s++;
507 }
508 *d = '\0';
509
510 return dlen + (s - src); /* count does not include NUL */
511 }
512
513 /*
514 * Copy src to string dst of size siz. At most siz-1 characters
515 * will be copied. Always NUL terminates (unless siz == 0).
516 * Returns strlen(src); if retval >= siz, truncation occurred.
517 */
518
519 #if !defined __arm__ && !defined __arm64__
520 // ARM and ARM64 implementation in ../arm/strlcpy.c
521 #undef strlcpy
522 size_t
strlcpy(char * dst,const char * src,size_t siz)523 strlcpy(char *dst, const char *src, size_t siz)
524 {
525 char *d = dst;
526 const char *s = src;
527 size_t n = siz;
528
529 /* Copy as many bytes as will fit */
530 if (n != 0 && --n != 0) {
531 do {
532 if ((*d++ = *s++) == 0) {
533 break;
534 }
535 } while (--n != 0);
536 }
537
538 /* Not enough room in dst, add NUL and traverse rest of src */
539 if (n == 0) {
540 if (siz != 0) {
541 *d = '\0'; /* NUL-terminate dst */
542 }
543 while (*s++) {
544 ;
545 }
546 }
547
548 return s - src - 1; /* count does not include NUL */
549 }
550 #endif
551
552 /*
553 * Return TRUE(1) if string 2 is a prefix of string 1.
554 */
555 int
strprefix(const char * s1,const char * s2)556 strprefix(const char *s1, const char *s2)
557 {
558 int c;
559
560 while ((c = *s2++) != '\0') {
561 if (c != *s1++) {
562 return 0;
563 }
564 }
565 return 1;
566 }
567
568 const char *
strnstr(const char * s,const char * find,size_t slen)569 strnstr(const char *s, const char *find, size_t slen)
570 {
571 char c, sc;
572 size_t len;
573
574 if ((c = *find++) != '\0') {
575 len = strlen(find);
576 do {
577 do {
578 if ((sc = *s++) == '\0' || slen-- < 1) {
579 return NULL;
580 }
581 } while (sc != c);
582 if (len > slen) {
583 return NULL;
584 }
585 } while (strncmp(s, find, len) != 0);
586 s--;
587 }
588 return s;
589 }
590
591 void * __memcpy_chk(void *dst, void const *src, size_t s, size_t chk_size);
592 void * __memmove_chk(void *dst, void const *src, size_t s, size_t chk_size);
593 void * __memset_chk(void *dst, int c, size_t s, size_t chk_size);
594 size_t __strlcpy_chk(char *dst, char const *src, size_t s, size_t chk_size);
595 size_t __strlcat_chk(char *dst, char const *src, size_t s, size_t chk_size);
596 char * __strncpy_chk(char *restrict dst, char *restrict src, size_t len, size_t chk_size);
597 char * __strncat_chk(char *restrict dst, const char *restrict src, size_t len, size_t chk_size);
598 char * __strcpy_chk(char *restrict dst, const char *restrict src, size_t chk_size);
599 char * __strcat_chk(char *restrict dst, const char *restrict src, size_t chk_size);
600
601 MARK_AS_HIBERNATE_TEXT
602 void *
__memcpy_chk(void * dst,void const * src,size_t s,size_t chk_size)603 __memcpy_chk(void *dst, void const *src, size_t s, size_t chk_size)
604 {
605 if (__improbable(chk_size < s)) {
606 panic("__memcpy_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
607 }
608 return memcpy(dst, src, s);
609 }
610
611 void *
__memmove_chk(void * dst,void const * src,size_t s,size_t chk_size)612 __memmove_chk(void *dst, void const *src, size_t s, size_t chk_size)
613 {
614 if (__improbable(chk_size < s)) {
615 panic("__memmove_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
616 }
617 return memmove(dst, src, s);
618 }
619
620 MARK_AS_HIBERNATE_TEXT
621 void *
__memset_chk(void * dst,int c,size_t s,size_t chk_size)622 __memset_chk(void *dst, int c, size_t s, size_t chk_size)
623 {
624 if (__improbable(chk_size < s)) {
625 panic("__memset_chk object size check failed: dst %p, c %c, (%zu < %zu)", dst, c, chk_size, s);
626 }
627 return memset(dst, c, s);
628 }
629
630 size_t
__strlcat_chk(char * dst,char const * src,size_t s,size_t chk_size)631 __strlcat_chk(char *dst, char const *src, size_t s, size_t chk_size)
632 {
633 if (__improbable(chk_size < s)) {
634 panic("__strlcat_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
635 }
636 return strlcat(dst, src, s);
637 }
638
639 size_t
__strlcpy_chk(char * dst,char const * src,size_t s,size_t chk_size)640 __strlcpy_chk(char *dst, char const *src, size_t s, size_t chk_size)
641 {
642 if (__improbable(chk_size < s)) {
643 panic("__strlcpy_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
644 }
645 return strlcpy(dst, src, s);
646 }
647
648 char *
__strncpy_chk(char * restrict dst,char * restrict src,size_t len,size_t chk_size)649 __strncpy_chk(char *restrict dst, char *restrict src,
650 size_t len, size_t chk_size)
651 {
652 if (__improbable(chk_size < len)) {
653 panic("__strncpy_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, len);
654 }
655 return strncpy(dst, src, len);
656 }
657
658 char *
__strncat_chk(char * restrict dst,const char * restrict src,size_t len,size_t chk_size)659 __strncat_chk(char *restrict dst, const char *restrict src,
660 size_t len, size_t chk_size)
661 {
662 size_t len1 = strlen(dst);
663 size_t len2 = strnlen(src, len);
664 if (__improbable(chk_size < len1 + len2 + 1)) {
665 panic("__strncat_chk object size check failed: dst %p, src %p, (%zu < %zu + %zu + 1)", dst, src, chk_size, len1, len2);
666 }
667 return strncat(dst, src, len);
668 }
669
670 char *
__strcpy_chk(char * restrict dst,const char * restrict src,size_t chk_size)671 __strcpy_chk(char *restrict dst, const char *restrict src, size_t chk_size)
672 {
673 size_t len = strlen(src);
674 if (__improbable(chk_size < len + 1)) {
675 panic("__strcpy_chk object size check failed: dst %p, src %p, (%zu < %zu + 1)", dst, src, chk_size, len);
676 }
677 memcpy(dst, src, len + 1);
678 return dst;
679 }
680
681 char *
__strcat_chk(char * restrict dst,const char * restrict src,size_t chk_size)682 __strcat_chk(char *restrict dst, const char *restrict src, size_t chk_size)
683 {
684 size_t len1 = strlen(dst);
685 size_t len2 = strlen(src);
686 size_t required_len = len1 + len2 + 1;
687 if (__improbable(chk_size < required_len)) {
688 panic("__strcat_chk object size check failed: dst %p, src %p, (%zu < %zu + %zu + 1)", dst, src, chk_size, len1, len2);
689 }
690 memcpy(dst + len1, src, len2 + 1);
691 return dst;
692 }
693