1 /*
2 * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * @OSF_COPYRIGHT@
30 */
31 /*
32 *(C)UNIX System Laboratories, Inc. all or some portions of this file are
33 * derived from material licensed to the University of California by
34 * American Telephone and Telegraph Co. or UNIX System Laboratories,
35 * Inc. and are reproduced herein with the permission of UNIX System
36 * Laboratories, Inc.
37 */
38
39 /*
40 * Mach Operating System
41 * Copyright (c) 1993,1991,1990,1989,1988 Carnegie Mellon University
42 * All Rights Reserved.
43 *
44 * Permission to use, copy, modify and distribute this software and its
45 * documentation is hereby granted, provided that both the copyright
46 * notice and this permission notice appear in all copies of the
47 * software, derivative works or modified versions, and any portions
48 * thereof, and that both notices appear in supporting documentation.
49 *
50 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
51 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
52 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
53 *
54 * Carnegie Mellon requests users of this software to return to
55 *
56 * Software Distribution Coordinator or [email protected]
57 * School of Computer Science
58 * Carnegie Mellon University
59 * Pittsburgh PA 15213-3890
60 *
61 * any improvements or extensions that they make and grant Carnegie Mellon
62 * the rights to redistribute these changes.
63 */
64 /*
65 */
66 /*
67 * Copyright (c) 1988 Regents of the University of California.
68 * All rights reserved.
69 *
70 * Redistribution and use in source and binary forms, with or without
71 * modification, are permitted provided that the following conditions
72 * are met:
73 * 1. Redistributions of source code must retain the above copyright
74 * notice, this list of conditions and the following disclaimer.
75 * 2. Redistributions in binary form must reproduce the above copyright
76 * notice, this list of conditions and the following disclaimer in the
77 * documentation and/or other materials provided with the distribution.
78 * 3. All advertising materials mentioning features or use of this software
79 * must display the following acknowledgement:
80 * This product includes software developed by the University of
81 * California, Berkeley and its contributors.
82 * 4. Neither the name of the University nor the names of its contributors
83 * may be used to endorse or promote products derived from this software
84 * without specific prior written permission.
85 *
86 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
87 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
88 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
89 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
90 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
91 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
92 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
93 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
94 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
95 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
96 * SUCH DAMAGE.
97 */
98
99 /*
100 * Copyright (c) 1998 Todd C. Miller <[email protected]>
101 * All rights reserved.
102 *
103 * Redistribution and use in source and binary forms, with or without
104 * modification, are permitted provided that the following conditions
105 * are met:
106 * 1. Redistributions of source code must retain the above copyright
107 * notice, this list of conditions and the following disclaimer.
108 * 2. Redistributions in binary form must reproduce the above copyright
109 * notice, this list of conditions and the following disclaimer in the
110 * documentation and/or other materials provided with the distribution.
111 * 3. The name of the author may not be used to endorse or promote products
112 * derived from this software without specific prior written permission.
113 *
114 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
115 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
116 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
117 * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
118 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
119 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
120 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
121 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
122 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
123 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
124 */
125
126 /*
127 * NOTICE: This file was modified by McAfee Research in 2004 to introduce
128 * support for mandatory and extensible security protections. This notice
129 * is included in support of clause 2.2 (b) of the Apple Public License,
130 * Version 2.0.
131 */
132 /*
133 * Random device subroutines and stubs.
134 */
135
136 #include <vm/vm_kern.h>
137 #include <kern/misc_protos.h>
138 #include <libsa/stdlib.h>
139 #include <sys/malloc.h>
140 #include <libkern/section_keywords.h>
141
142 /* String routines, from CMU */
143 #ifdef strcpy
144 #undef strcmp
145 #undef strncmp
146 #undef strcpy
147 #undef strlen
148 #endif
149
150 /* to prevent recursion in the _chk functions */
151 #undef strcat
152 #undef strncpy
153 #undef strncat
154 #undef memcpy
155 #undef memset
156 #undef memmove
157 #undef strlcpy
158 #undef strlcat
159 /*
160 * Abstract:
161 * strcmp (s1, s2) compares the strings "s1" and "s2".
162 * It returns 0 if the strings are identical. It returns
163 * > 0 if the first character that differs in the two strings
164 * is larger in s1 than in s2 or if s1 is longer than s2 and
165 * the contents are identical up to the length of s2.
166 * It returns < 0 if the first differing character is smaller
167 * in s1 than in s2 or if s1 is shorter than s2 and the
168 * contents are identical upto the length of s1.
169 * Deprecation Warning:
170 * strcmp() is being deprecated. Please use strncmp() instead.
171 */
172
173 int
strcmp(const char * s1,const char * s2)174 strcmp(
175 const char *s1,
176 const char *s2)
177 {
178 unsigned int a, b;
179
180 do {
181 a = *s1++;
182 b = *s2++;
183 if (a != b) {
184 return a - b; /* includes case when
185 * 'a' is zero and 'b' is not zero
186 * or vice versa */
187 }
188 } while (a != '\0');
189
190 return 0; /* both are zero */
191 }
192
193 /*
194 * Abstract:
195 * strncmp (s1, s2, n) compares the strings "s1" and "s2"
196 * in exactly the same way as strcmp does. Except the
197 * comparison runs for at most "n" characters.
198 */
199
200 #if !defined(__arm64__)
201 // ARM64 implementation in ../arm64/strncmp.s
202 int
strncmp(const char * s1,const char * s2,size_t n)203 strncmp(
204 const char *s1,
205 const char *s2,
206 size_t n)
207 {
208 unsigned int a, b;
209
210 while (n != 0) {
211 a = *s1++;
212 b = *s2++;
213 if (a != b) {
214 return a - b; /* includes case when
215 * 'a' is zero and 'b' is not zero
216 * or vice versa */
217 }
218 if (a == '\0') {
219 return 0; /* both are zero */
220 }
221 n--;
222 }
223
224 return 0;
225 }
226 #endif // #ifndef __arm64__
227
228
229 //
230 // Lame implementation just for use by strcasecmp/strncasecmp
231 //
232 static int
tolower(unsigned char ch)233 tolower(unsigned char ch)
234 {
235 if (ch >= 'A' && ch <= 'Z') {
236 ch = 'a' + (ch - 'A');
237 }
238
239 return ch;
240 }
241
242 int
strcasecmp(const char * s1,const char * s2)243 strcasecmp(const char *s1, const char *s2)
244 {
245 const unsigned char *us1 = (const u_char *)s1,
246 *us2 = (const u_char *)s2;
247
248 while (tolower(*us1) == tolower(*us2++)) {
249 if (*us1++ == '\0') {
250 return 0;
251 }
252 }
253 return tolower(*us1) - tolower(*--us2);
254 }
255
256 int
strncasecmp(const char * s1,const char * s2,size_t n)257 strncasecmp(const char *s1, const char *s2, size_t n)
258 {
259 if (n != 0) {
260 const unsigned char *us1 = (const u_char *)s1,
261 *us2 = (const u_char *)s2;
262
263 do {
264 if (tolower(*us1) != tolower(*us2++)) {
265 return tolower(*us1) - tolower(*--us2);
266 }
267 if (*us1++ == '\0') {
268 break;
269 }
270 } while (--n != 0);
271 }
272 return 0;
273 }
274
275 char *
strchr(const char * s,int c)276 strchr(const char *s, int c)
277 {
278 if (!s) {
279 return NULL;
280 }
281
282 do {
283 if (*s == c) {
284 return __CAST_AWAY_QUALIFIER(s, const, char *);
285 }
286 } while (*s++);
287
288 return NULL;
289 }
290
291 char *
strrchr(const char * s,int c)292 strrchr(const char *s, int c)
293 {
294 const char *found = NULL;
295
296 if (!s) {
297 return NULL;
298 }
299
300 do {
301 if (*s == c) {
302 found = s;
303 }
304 } while (*s++);
305
306 return __CAST_AWAY_QUALIFIER(found, const, char *);
307 }
308
309 #if CONFIG_VSPRINTF
310 /*
311 * Abstract:
312 * strcpy copies the contents of the string "from" including
313 * the null terminator to the string "to". A pointer to "to"
314 * is returned.
315 * Deprecation Warning:
316 * strcpy() is being deprecated. Please use strlcpy() instead.
317 */
318 char *
strcpy(char * to,const char * from)319 strcpy(
320 char *to,
321 const char *from)
322 {
323 char *ret = to;
324
325 while ((*to++ = *from++) != '\0') {
326 continue;
327 }
328
329 return ret;
330 }
331 #endif
332
333 /*
334 * Abstract:
335 * strncpy copies "count" characters from the "from" string to
336 * the "to" string. If "from" contains less than "count" characters
337 * "to" will be padded with null characters until exactly "count"
338 * characters have been written. The return value is a pointer
339 * to the "to" string.
340 */
341
342 #if !defined(__arm64__)
343 // ARM64 implementation in ../arm/strncpy.c
344 #undef strncpy
345 char *
strncpy(char * s1,const char * s2,size_t n)346 strncpy(
347 char *s1,
348 const char *s2,
349 size_t n)
350 {
351 char *os1 = s1;
352 unsigned long i;
353
354 for (i = 0; i < n;) {
355 if ((*s1++ = *s2++) == '\0') {
356 for (i++; i < n; i++) {
357 *s1++ = '\0';
358 }
359 } else {
360 i++;
361 }
362 }
363 return os1;
364 }
365 #endif // #ifndef __arm64__
366
367 /*
368 * atoi:
369 *
370 * This function converts an ascii string into an integer.
371 *
372 * input : string
373 * output : a number
374 */
375
376 int
atoi(const char * cp)377 atoi(const char *cp)
378 {
379 int number;
380
381 for (number = 0; ('0' <= *cp) && (*cp <= '9'); cp++) {
382 number = (number * 10) + (*cp - '0');
383 }
384
385 return number;
386 }
387
388 /*
389 * Does the same thing as strlen, except only looks up
390 * to max chars inside the buffer.
391 * Taken from archive/kern-stuff/sbf_machine.c in
392 * seatbelt.
393 * inputs:
394 * s string whose length is to be measured
395 * max maximum length of string to search for null
396 * outputs:
397 * length of s or max; whichever is smaller
398 */
399
400 #if !defined(__arm64__)
401 // ARM64 implementation in ../arm64/strnlen.s
402 #undef strnlen
403 size_t
strnlen(const char * s,size_t max)404 strnlen(const char *s, size_t max)
405 {
406 const char *es = s + max, *p = s;
407 while (p != es && *p) {
408 p++;
409 }
410
411 return p - s;
412 }
413 #endif // #ifndef __arm64__
414
415 /*
416 * convert an integer to an ASCII string.
417 * inputs:
418 * num integer to be converted
419 * str string pointer.
420 *
421 * outputs:
422 * pointer to string start.
423 */
424
425 char *
itoa(int num,char * str)426 itoa(
427 int num,
428 char *str)
429 {
430 char digits[11];
431 char *dp;
432 char *cp = str;
433
434 if (num == 0) {
435 *cp++ = '0';
436 } else {
437 dp = digits;
438 while (num) {
439 *dp++ = '0' + num % 10;
440 num /= 10;
441 }
442 while (dp != digits) {
443 *cp++ = *--dp;
444 }
445 }
446 *cp++ = '\0';
447
448 return str;
449 }
450
451 #if CONFIG_VSPRINTF
452 /*
453 * Deprecation Warning:
454 * strcat() is being deprecated. Please use strlcat() instead.
455 */
456 char *
strcat(char * dest,const char * src)457 strcat(
458 char *dest,
459 const char *src)
460 {
461 char *old = dest;
462
463 while (*dest) {
464 ++dest;
465 }
466 while ((*dest++ = *src++)) {
467 ;
468 }
469 return old;
470 }
471 #endif
472
473 /*
474 * Appends src to string dst of size siz (unlike strncat, siz is the
475 * full size of dst, not space left). At most siz-1 characters
476 * will be copied. Always NUL terminates (unless siz <= strlen(dst)).
477 * Returns strlen(src) + MIN(siz, strlen(initial dst)).
478 * If retval >= siz, truncation occurred.
479 */
480 #undef strlcat
481 size_t
strlcat(char * dst,const char * src,size_t siz)482 strlcat(char *dst, const char *src, size_t siz)
483 {
484 char *d = dst;
485 const char *s = src;
486 size_t n = siz;
487 size_t dlen;
488
489 /* Find the end of dst and adjust bytes left but don't go past end */
490 while (n-- != 0 && *d != '\0') {
491 d++;
492 }
493 dlen = d - dst;
494 n = siz - dlen;
495
496 if (n == 0) {
497 return dlen + strlen(s);
498 }
499 while (*s != '\0') {
500 if (n != 1) {
501 *d++ = *s;
502 n--;
503 }
504 s++;
505 }
506 *d = '\0';
507
508 return dlen + (s - src); /* count does not include NUL */
509 }
510
511 /*
512 * Copy src to string dst of size siz. At most siz-1 characters
513 * will be copied. Always NUL terminates (unless siz == 0).
514 * Returns strlen(src); if retval >= siz, truncation occurred.
515 */
516
517 #if !defined(__arm64__)
518 // ARM64 implementation in ../arm/strlcpy.c
519 #undef strlcpy
520 size_t
strlcpy(char * dst,const char * src,size_t siz)521 strlcpy(char *dst, const char *src, size_t siz)
522 {
523 char *d = dst;
524 const char *s = src;
525 size_t n = siz;
526
527 /* Copy as many bytes as will fit */
528 if (n != 0 && --n != 0) {
529 do {
530 if ((*d++ = *s++) == 0) {
531 break;
532 }
533 } while (--n != 0);
534 }
535
536 /* Not enough room in dst, add NUL and traverse rest of src */
537 if (n == 0) {
538 if (siz != 0) {
539 *d = '\0'; /* NUL-terminate dst */
540 }
541 while (*s++) {
542 ;
543 }
544 }
545
546 return s - src - 1; /* count does not include NUL */
547 }
548 #endif /* !defined(__arm64) */
549
550 /*
551 * Return TRUE(1) if string 2 is a prefix of string 1.
552 */
553 int
strprefix(const char * s1,const char * s2)554 strprefix(const char *s1, const char *s2)
555 {
556 int c;
557
558 while ((c = *s2++) != '\0') {
559 if (c != *s1++) {
560 return 0;
561 }
562 }
563 return 1;
564 }
565
566 const char *
strnstr(const char * s,const char * find,size_t slen)567 strnstr(const char *s, const char *find, size_t slen)
568 {
569 char c, sc;
570 size_t len;
571
572 if ((c = *find++) != '\0') {
573 len = strlen(find);
574 do {
575 do {
576 if ((sc = *s++) == '\0' || slen-- < 1) {
577 return NULL;
578 }
579 } while (sc != c);
580 if (len > slen) {
581 return NULL;
582 }
583 } while (strncmp(s, find, len) != 0);
584 s--;
585 }
586 return s;
587 }
588
589 void * __memcpy_chk(void *dst, void const *src, size_t s, size_t chk_size);
590 void * __memmove_chk(void *dst, void const *src, size_t s, size_t chk_size);
591 void * __memset_chk(void *dst, int c, size_t s, size_t chk_size);
592 size_t __strlcpy_chk(char *dst, char const *src, size_t s, size_t chk_size);
593 size_t __strlcat_chk(char *dst, char const *src, size_t s, size_t chk_size);
594 char * __strncpy_chk(char *restrict dst, char *restrict src, size_t len, size_t chk_size);
595 char * __strncat_chk(char *restrict dst, const char *restrict src, size_t len, size_t chk_size);
596 char * __strcpy_chk(char *restrict dst, const char *restrict src, size_t chk_size);
597 char * __strcat_chk(char *restrict dst, const char *restrict src, size_t chk_size);
598
599 MARK_AS_HIBERNATE_TEXT
600 void *
__memcpy_chk(void * dst,void const * src,size_t s,size_t chk_size)601 __memcpy_chk(void *dst, void const *src, size_t s, size_t chk_size)
602 {
603 if (__improbable(chk_size < s)) {
604 panic("__memcpy_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
605 }
606 return memcpy(dst, src, s);
607 }
608
609 void *
__memmove_chk(void * dst,void const * src,size_t s,size_t chk_size)610 __memmove_chk(void *dst, void const *src, size_t s, size_t chk_size)
611 {
612 if (__improbable(chk_size < s)) {
613 panic("__memmove_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
614 }
615 return memmove(dst, src, s);
616 }
617
618 MARK_AS_HIBERNATE_TEXT
619 void *
__memset_chk(void * dst,int c,size_t s,size_t chk_size)620 __memset_chk(void *dst, int c, size_t s, size_t chk_size)
621 {
622 if (__improbable(chk_size < s)) {
623 panic("__memset_chk object size check failed: dst %p, c %c, (%zu < %zu)", dst, c, chk_size, s);
624 }
625 return memset(dst, c, s);
626 }
627
628 size_t
__strlcat_chk(char * dst,char const * src,size_t s,size_t chk_size)629 __strlcat_chk(char *dst, char const *src, size_t s, size_t chk_size)
630 {
631 if (__improbable(chk_size < s)) {
632 panic("__strlcat_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
633 }
634 return strlcat(dst, src, s);
635 }
636
637 size_t
__strlcpy_chk(char * dst,char const * src,size_t s,size_t chk_size)638 __strlcpy_chk(char *dst, char const *src, size_t s, size_t chk_size)
639 {
640 if (__improbable(chk_size < s)) {
641 panic("__strlcpy_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, s);
642 }
643 return strlcpy(dst, src, s);
644 }
645
646 char *
__strncpy_chk(char * restrict dst,char * restrict src,size_t len,size_t chk_size)647 __strncpy_chk(char *restrict dst, char *restrict src,
648 size_t len, size_t chk_size)
649 {
650 if (__improbable(chk_size < len)) {
651 panic("__strncpy_chk object size check failed: dst %p, src %p, (%zu < %zu)", dst, src, chk_size, len);
652 }
653 return strncpy(dst, src, len);
654 }
655
656 char *
__strncat_chk(char * restrict dst,const char * restrict src,size_t len,size_t chk_size)657 __strncat_chk(char *restrict dst, const char *restrict src,
658 size_t len, size_t chk_size)
659 {
660 size_t len1 = strlen(dst);
661 size_t len2 = strnlen(src, len);
662 if (__improbable(chk_size < len1 + len2 + 1)) {
663 panic("__strncat_chk object size check failed: dst %p, src %p, (%zu < %zu + %zu + 1)", dst, src, chk_size, len1, len2);
664 }
665 return strncat(dst, src, len);
666 }
667
668 char *
__strcpy_chk(char * restrict dst,const char * restrict src,size_t chk_size)669 __strcpy_chk(char *restrict dst, const char *restrict src, size_t chk_size)
670 {
671 size_t len = strlen(src);
672 if (__improbable(chk_size < len + 1)) {
673 panic("__strcpy_chk object size check failed: dst %p, src %p, (%zu < %zu + 1)", dst, src, chk_size, len);
674 }
675 memcpy(dst, src, len + 1);
676 return dst;
677 }
678
679 char *
__strcat_chk(char * restrict dst,const char * restrict src,size_t chk_size)680 __strcat_chk(char *restrict dst, const char *restrict src, size_t chk_size)
681 {
682 size_t len1 = strlen(dst);
683 size_t len2 = strlen(src);
684 size_t required_len = len1 + len2 + 1;
685 if (__improbable(chk_size < required_len)) {
686 panic("__strcat_chk object size check failed: dst %p, src %p, (%zu < %zu + %zu + 1)", dst, src, chk_size, len1, len2);
687 }
688 memcpy(dst + len1, src, len2 + 1);
689 return dst;
690 }
691