![[BACK]](/icons/back.gif){kind=icon}
Return to login_cap.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / lib / libutil|
Return to login_cap.c CVS log | Up to [cvs.NetBSD.org] / src / lib / libutil |
1.5.4.1 ! tv 1: /* $NetBSD: login_cap.c,v 1.9 2000/10/12 00:28:33 itojun Exp $ */
1.1 mjl 2:
3: /*-
4: * Copyright (c) 1995,1997 Berkeley Software Design, Inc. All rights reserved.
5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions
8: * are met:
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: * 2. Redistributions in binary form must reproduce the above copyright
12: * notice, this list of conditions and the following disclaimer in the
13: * documentation and/or other materials provided with the distribution.
14: * 3. All advertising materials mentioning features or use of this software
15: * must display the following acknowledgement:
16: * This product includes software developed by Berkeley Software Design,
17: * Inc.
18: * 4. The name of Berkeley Software Design, Inc. may not be used to endorse
19: * or promote products derived from this software without specific prior
20: * written permission.
21: *
22: * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND
23: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25: * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE
26: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32: * SUCH DAMAGE.
33: *
34: * BSDI login_cap.c,v 2.13 1998/02/07 03:17:05 prb Exp
35: */
1.5.4.1 ! tv 36:
! 37: #include <sys/cdefs.h>
! 38: #if defined(LIBC_SCCS) && !defined(lint)
! 39: __RCSID("$NetBSD: login_cap.c,v 1.9 2000/10/12 00:28:33 itojun Exp $");
! 40: #endif /* LIBC_SCCS and not lint */
1.1 mjl 41:
42: #include <sys/types.h>
43: #include <sys/stat.h>
44: #include <sys/time.h>
45: #include <sys/resource.h>
46:
1.4 mjl 47: #include <ctype.h>
1.1 mjl 48: #include <err.h>
49: #include <errno.h>
50: #include <fcntl.h>
51: #include <limits.h>
52: #include <login_cap.h>
53: #include <paths.h>
54: #include <pwd.h>
55: #include <stdio.h>
56: #include <stdlib.h>
57: #include <string.h>
58: #include <syslog.h>
59: #include <unistd.h>
1.5.4.1 ! tv 60: #include <util.h>
1.1 mjl 61:
1.5.4.1 ! tv 62: static void setuserpath(login_cap_t *, char *);
! 63: static u_quad_t multiply(u_quad_t, u_quad_t);
! 64: static u_quad_t strtolimit(char *, char **, int);
! 65: static u_quad_t strtosize(char *, char **, int);
! 66: static int gsetrl(login_cap_t *, int, char *, int type);
! 67: static int setuserenv(login_cap_t *);
! 68: static int isinfinite(const char *);
1.1 mjl 69:
70: login_cap_t *
1.5.4.1 ! tv 71: login_getclass(char *class)
1.1 mjl 72: {
1.5.4.1 ! tv 73: char *classfiles[2];
1.1 mjl 74: login_cap_t *lc;
75: int res;
76:
1.5.4.1 ! tv 77: if (secure_path(_PATH_LOGIN_CONF) == 0) {
! 78: classfiles[0] = _PATH_LOGIN_CONF;
! 79: classfiles[1] = NULL;
! 80: } else {
! 81: classfiles[0] = NULL;
! 82: }
1.1 mjl 83:
84: if ((lc = malloc(sizeof(login_cap_t))) == NULL) {
85: syslog(LOG_ERR, "%s:%d malloc: %m", __FILE__, __LINE__);
86: return (0);
87: }
88:
89: lc->lc_cap = 0;
90: lc->lc_style = 0;
91:
92: if (class == NULL || class[0] == '\0')
93: class = LOGIN_DEFCLASS;
94:
95: if ((lc->lc_class = strdup(class)) == NULL) {
96: syslog(LOG_ERR, "%s:%d strdup: %m", __FILE__, __LINE__);
97: free(lc);
98: return (0);
99: }
100:
1.5.4.1 ! tv 101: /*
! 102: * Not having a login.conf file is not an error condition.
! 103: * The individual routines deal reasonably with missing
! 104: * capabilities and use default values.
! 105: */
! 106: if (classfiles[0] == NULL)
! 107: return(lc);
! 108:
! 109: if ((res = cgetent(&lc->lc_cap, classfiles, lc->lc_class)) != 0) {
1.1 mjl 110: lc->lc_cap = 0;
111: switch (res) {
112: case 1:
113: syslog(LOG_ERR, "%s: couldn't resolve 'tc'",
114: lc->lc_class);
115: break;
116: case -1:
117: if ((res = open(classfiles[0], 0)) >= 0)
118: close(res);
119: if (strcmp(lc->lc_class, LOGIN_DEFCLASS) == NULL &&
120: res < 0)
121: return (lc);
122: syslog(LOG_ERR, "%s: unknown class", lc->lc_class);
123: break;
124: case -2:
125: syslog(LOG_ERR, "%s: getting class information: %m",
126: lc->lc_class);
127: break;
128: case -3:
129: syslog(LOG_ERR, "%s: 'tc' reference loop",
130: lc->lc_class);
131: break;
132: default:
133: syslog(LOG_ERR, "%s: unexpected cgetent error",
134: lc->lc_class);
135: break;
136: }
137: free(lc->lc_class);
138: free(lc);
139: return (0);
140: }
141: return (lc);
142: }
143:
1.4 mjl 144: login_cap_t *
1.5.4.1 ! tv 145: login_getpwclass(const struct passwd *pwd)
1.4 mjl 146: {
147: return login_getclass(pwd ? pwd->pw_class : NULL);
148: }
149:
1.1 mjl 150: char *
1.5.4.1 ! tv 151: login_getcapstr(login_cap_t *lc, char *cap, char *def, char *e)
1.1 mjl 152: {
153: char *res;
154: int status;
155:
156: errno = 0;
157:
1.2 mjl 158: if (!lc || !lc->lc_cap)
1.1 mjl 159: return (def);
160:
161: switch (status = cgetstr(lc->lc_cap, cap, &res)) {
162: case -1:
163: return (def);
164: case -2:
165: syslog(LOG_ERR, "%s: getting capability %s: %m",
166: lc->lc_class, cap);
167: return (e);
168: default:
169: if (status >= 0)
170: return (res);
171: syslog(LOG_ERR, "%s: unexpected error with capability %s",
172: lc->lc_class, cap);
173: return (e);
174: }
175: }
176:
177: quad_t
1.5.4.1 ! tv 178: login_getcaptime(login_cap_t *lc, char *cap, quad_t def, quad_t e)
1.1 mjl 179: {
180: char *ep;
181: char *res, *sres;
182: int status;
183: quad_t q, r;
184:
185: errno = 0;
1.2 mjl 186: if (!lc || !lc->lc_cap)
1.1 mjl 187: return (def);
188:
189: switch (status = cgetstr(lc->lc_cap, cap, &res)) {
190: case -1:
191: return (def);
192: case -2:
193: syslog(LOG_ERR, "%s: getting capability %s: %m",
194: lc->lc_class, cap);
195: errno = ERANGE;
196: return (e);
197: default:
198: if (status >= 0)
199: break;
200: syslog(LOG_ERR, "%s: unexpected error with capability %s",
201: lc->lc_class, cap);
202: errno = ERANGE;
203: return (e);
204: }
205:
1.5 mjl 206: if (isinfinite(res))
1.1 mjl 207: return (RLIM_INFINITY);
208:
209: errno = 0;
210:
211: q = 0;
212: sres = res;
213: while (*res) {
214: r = strtoq(res, &ep, 0);
215: if (!ep || ep == res ||
216: ((r == QUAD_MIN || r == QUAD_MAX) && errno == ERANGE)) {
217: invalid:
218: syslog(LOG_ERR, "%s:%s=%s: invalid time",
219: lc->lc_class, cap, sres);
220: errno = ERANGE;
221: return (e);
222: }
223: switch (*ep++) {
224: case '\0':
225: --ep;
226: break;
227: case 's': case 'S':
228: break;
229: case 'm': case 'M':
230: r *= 60;
231: break;
232: case 'h': case 'H':
233: r *= 60 * 60;
234: break;
235: case 'd': case 'D':
236: r *= 60 * 60 * 24;
237: break;
238: case 'w': case 'W':
239: r *= 60 * 60 * 24 * 7;
240: break;
241: case 'y': case 'Y': /* Pretty absurd */
242: r *= 60 * 60 * 24 * 365;
243: break;
244: default:
245: goto invalid;
246: }
247: res = ep;
248: q += r;
249: }
250: return (q);
251: }
252:
253: quad_t
1.5.4.1 ! tv 254: login_getcapnum(login_cap_t *lc, char *cap, quad_t def, quad_t e)
1.1 mjl 255: {
256: char *ep;
257: char *res;
258: int status;
259: quad_t q;
260:
261: errno = 0;
1.2 mjl 262: if (!lc || !lc->lc_cap)
1.1 mjl 263: return (def);
264:
265: switch (status = cgetstr(lc->lc_cap, cap, &res)) {
266: case -1:
267: return (def);
268: case -2:
269: syslog(LOG_ERR, "%s: getting capability %s: %m",
270: lc->lc_class, cap);
271: errno = ERANGE;
272: return (e);
273: default:
274: if (status >= 0)
275: break;
276: syslog(LOG_ERR, "%s: unexpected error with capability %s",
277: lc->lc_class, cap);
278: errno = ERANGE;
279: return (e);
280: }
281:
1.5 mjl 282: if (isinfinite(res))
1.1 mjl 283: return (RLIM_INFINITY);
284:
285: errno = 0;
286: q = strtoq(res, &ep, 0);
287: if (!ep || ep == res || ep[0] ||
288: ((q == QUAD_MIN || q == QUAD_MAX) && errno == ERANGE)) {
289: syslog(LOG_ERR, "%s:%s=%s: invalid number",
290: lc->lc_class, cap, res);
291: errno = ERANGE;
292: return (e);
293: }
294: return (q);
295: }
296:
297: quad_t
1.5.4.1 ! tv 298: login_getcapsize(login_cap_t *lc, char *cap, quad_t def, quad_t e)
1.1 mjl 299: {
300: char *ep;
301: char *res;
302: int status;
303: quad_t q;
304:
305: errno = 0;
306:
1.2 mjl 307: if (!lc || !lc->lc_cap)
1.1 mjl 308: return (def);
309:
310: switch (status = cgetstr(lc->lc_cap, cap, &res)) {
311: case -1:
312: return (def);
313: case -2:
314: syslog(LOG_ERR, "%s: getting capability %s: %m",
315: lc->lc_class, cap);
316: errno = ERANGE;
317: return (e);
318: default:
319: if (status >= 0)
320: break;
321: syslog(LOG_ERR, "%s: unexpected error with capability %s",
322: lc->lc_class, cap);
323: errno = ERANGE;
324: return (e);
325: }
326:
327: errno = 0;
328: q = strtolimit(res, &ep, 0);
329: if (!ep || ep == res || (ep[0] && ep[1]) ||
330: ((q == QUAD_MIN || q == QUAD_MAX) && errno == ERANGE)) {
331: syslog(LOG_ERR, "%s:%s=%s: invalid size",
332: lc->lc_class, cap, res);
333: errno = ERANGE;
334: return (e);
335: }
336: return (q);
337: }
338:
339: int
1.5.4.1 ! tv 340: login_getcapbool(login_cap_t *lc, char *cap, u_int def)
1.1 mjl 341: {
1.2 mjl 342: if (!lc || !lc->lc_cap)
1.1 mjl 343: return (def);
344:
345: return (cgetcap(lc->lc_cap, cap, ':') != NULL);
346: }
347:
348: void
1.5.4.1 ! tv 349: login_close(login_cap_t *lc)
1.1 mjl 350: {
351: if (lc) {
352: if (lc->lc_class)
353: free(lc->lc_class);
354: if (lc->lc_cap)
355: free(lc->lc_cap);
356: if (lc->lc_style)
357: free(lc->lc_style);
358: free(lc);
359: }
360: }
361:
1.5.4.1 ! tv 362: #define R_CTIME 1
! 363: #define R_CSIZE 2
! 364: #define R_CNUMB 3
1.1 mjl 365:
366: static struct {
367: int what;
368: int type;
369: char * name;
370: } r_list[] = {
1.5.4.1 ! tv 371: { RLIMIT_CPU, R_CTIME, "cputime", },
! 372: { RLIMIT_FSIZE, R_CSIZE, "filesize", },
! 373: { RLIMIT_DATA, R_CSIZE, "datasize", },
! 374: { RLIMIT_STACK, R_CSIZE, "stacksize", },
! 375: { RLIMIT_RSS, R_CSIZE, "memoryuse", },
! 376: { RLIMIT_MEMLOCK, R_CSIZE, "memorylocked", },
! 377: { RLIMIT_NPROC, R_CNUMB, "maxproc", },
! 378: { RLIMIT_NOFILE, R_CNUMB, "openfiles", },
! 379: { RLIMIT_CORE, R_CSIZE, "coredumpsize", },
1.1 mjl 380: { -1, 0, 0 }
381: };
382:
383: static int
1.5.4.1 ! tv 384: gsetrl(login_cap_t *lc, int what, char *name, int type)
1.1 mjl 385: {
386: struct rlimit rl;
387: struct rlimit r;
388: char name_cur[32];
389: char name_max[32];
390:
391: sprintf(name_cur, "%s-cur", name);
392: sprintf(name_max, "%s-max", name);
393:
394: if (getrlimit(what, &r)) {
395: syslog(LOG_ERR, "getting resource limit: %m");
396: return (-1);
397: }
398:
399: #define RCUR r.rlim_cur
400: #define RMAX r.rlim_max
401:
402: switch (type) {
1.5.4.1 ! tv 403: case R_CTIME:
1.1 mjl 404: RCUR = login_getcaptime(lc, name, RCUR, RCUR);
405: RMAX = login_getcaptime(lc, name, RMAX, RMAX);
406: rl.rlim_cur = login_getcaptime(lc, name_cur, RCUR, RCUR);
407: rl.rlim_max = login_getcaptime(lc, name_max, RMAX, RMAX);
408: break;
1.5.4.1 ! tv 409: case R_CSIZE:
1.1 mjl 410: RCUR = login_getcapsize(lc, name, RCUR, RCUR);
411: RMAX = login_getcapsize(lc, name, RMAX, RMAX);
412: rl.rlim_cur = login_getcapsize(lc, name_cur, RCUR, RCUR);
413: rl.rlim_max = login_getcapsize(lc, name_max, RMAX, RMAX);
414: break;
1.5.4.1 ! tv 415: case R_CNUMB:
1.1 mjl 416: RCUR = login_getcapnum(lc, name, RCUR, RCUR);
417: RMAX = login_getcapnum(lc, name, RMAX, RMAX);
418: rl.rlim_cur = login_getcapnum(lc, name_cur, RCUR, RCUR);
419: rl.rlim_max = login_getcapnum(lc, name_max, RMAX, RMAX);
420: break;
421: default:
422: return (-1);
423: }
424:
425: if (setrlimit(what, &rl)) {
426: syslog(LOG_ERR, "%s: setting resource limit %s: %m",
427: lc->lc_class, name);
428: return (-1);
429: }
430: #undef RCUR
431: #undef RMAX
432: return (0);
433: }
434:
1.4 mjl 435: static int
1.5.4.1 ! tv 436: setuserenv(login_cap_t *lc)
1.4 mjl 437: {
438: char *stop = ", \t";
439: int i, count;
440: char *ptr;
441: char **res;
442: char *str = login_getcapstr(lc, "setenv", NULL, NULL);
443:
1.5.4.1 ! tv 444: if (str == NULL || *str == '\0')
1.4 mjl 445: return 0;
446:
447: /* count the sub-strings */
448: for (i = 1, ptr = str; *ptr; i++) {
449: ptr += strcspn(ptr, stop);
450: if (*ptr)
451: ptr++;
1.5.4.1 ! tv 452: }
1.4 mjl 453:
454: /* allocate ptr array and string */
455: count = i;
1.5.4.1 ! tv 456: res = malloc(count * sizeof(char *) + strlen(str) + 1);
1.4 mjl 457:
1.5.4.1 ! tv 458: if (!res)
1.4 mjl 459: return -1;
460:
461: ptr = (char *)res + count * sizeof(char *);
462: strcpy(ptr, str);
463:
464: /* split string */
465: for (i = 0; *ptr && i < count; i++) {
466: res[i] = ptr;
467: ptr += strcspn(ptr, stop);
468: if (*ptr)
469: *ptr++ = '\0';
1.5.4.1 ! tv 470: }
1.4 mjl 471:
472: res[i] = NULL;
473:
474: for (i = 0; i < count && res[i]; i++) {
475: if (*res[i] != '\0') {
1.5.4.1 ! tv 476: if ((ptr = strchr(res[i], '=')) != NULL)
1.4 mjl 477: *ptr++ = '\0';
478: else
479: ptr = "";
480: setenv(res[i], ptr, 1);
481: }
482: }
483:
1.5 mjl 484: free(res);
1.4 mjl 485: return 0;
486: }
487:
1.1 mjl 488: int
1.5.4.1 ! tv 489: setclasscontext(char *class, u_int flags)
1.1 mjl 490: {
491: int ret;
492: login_cap_t *lc;
493:
494: flags &= LOGIN_SETRESOURCES | LOGIN_SETPRIORITY | LOGIN_SETUMASK |
495: LOGIN_SETPATH;
496:
497: lc = login_getclass(class);
498: ret = lc ? setusercontext(lc, NULL, 0, flags) : -1;
499: login_close(lc);
500: return (ret);
501: }
502:
503: int
1.5.4.1 ! tv 504: setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid, u_int flags)
1.1 mjl 505: {
506: login_cap_t *flc;
507: quad_t p;
508: int i;
509:
510: flc = NULL;
511:
1.3 mjl 512: if (!lc)
513: flc = lc = login_getclass(pwd ? pwd->pw_class : NULL);
1.1 mjl 514:
515: /*
516: * Without the pwd entry being passed we cannot set either
517: * the group or the login. We could complain about it.
518: */
519: if (pwd == NULL)
520: flags &= ~(LOGIN_SETGROUP|LOGIN_SETLOGIN);
521:
522: if (flags & LOGIN_SETRESOURCES)
523: for (i = 0; r_list[i].name; ++i)
524: if (gsetrl(lc, r_list[i].what, r_list[i].name,
525: r_list[i].type))
526: /* XXX - call syslog()? */;
527:
528: if (flags & LOGIN_SETPRIORITY) {
529: p = login_getcapnum(lc, "priority", 0LL, 0LL);
530:
531: if (setpriority(PRIO_PROCESS, 0, (int)p) < 0)
532: syslog(LOG_ERR, "%s: setpriority: %m", lc->lc_class);
533: }
534:
535: if (flags & LOGIN_SETUMASK) {
536: p = login_getcapnum(lc, "umask", (quad_t) LOGIN_DEFUMASK,
537: (quad_t) LOGIN_DEFUMASK);
538: umask((mode_t)p);
539: }
540:
541: if (flags & LOGIN_SETGROUP) {
542: if (setgid(pwd->pw_gid) < 0) {
543: syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid);
544: login_close(flc);
545: return (-1);
546: }
547:
548: if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) {
549: syslog(LOG_ERR, "initgroups(%s,%d): %m",
550: pwd->pw_name, pwd->pw_gid);
551: login_close(flc);
552: return (-1);
553: }
554: }
555:
556: if (flags & LOGIN_SETLOGIN)
557: if (setlogin(pwd->pw_name) < 0) {
558: syslog(LOG_ERR, "setlogin(%s) failure: %m",
559: pwd->pw_name);
560: login_close(flc);
561: return (-1);
562: }
563:
564: if (flags & LOGIN_SETUSER)
565: if (setuid(uid) < 0) {
566: syslog(LOG_ERR, "setuid(%d): %m", uid);
567: login_close(flc);
568: return (-1);
569: }
1.4 mjl 570:
571: if (flags & LOGIN_SETENV)
572: setuserenv(lc);
1.1 mjl 573:
574: if (flags & LOGIN_SETPATH)
575: setuserpath(lc, pwd ? pwd->pw_dir : "");
576:
577: login_close(flc);
578: return (0);
579: }
580:
581: static void
1.5.4.1 ! tv 582: setuserpath(login_cap_t *lc, char *home)
1.1 mjl 583: {
584: size_t hlen, plen;
585: int cnt = 0;
586: char *path;
587: char *p, *q;
588:
589: hlen = strlen(home);
590:
591: p = path = login_getcapstr(lc, "path", NULL, NULL);
592: if (p) {
593: while (*p)
594: if (*p++ == '~')
595: ++cnt;
596: plen = (p - path) + cnt * (hlen + 1) + 1;
597: p = path;
598: q = path = malloc(plen);
599: if (q) {
600: while (*p) {
601: p += strspn(p, " \t");
602: if (*p == '\0')
603: break;
604: plen = strcspn(p, " \t");
605: if (hlen == 0 && *p == '~') {
606: p += plen;
607: continue;
608: }
609: if (q != path)
610: *q++ = ':';
611: if (*p == '~') {
612: strcpy(q, home);
613: q += hlen;
614: ++p;
615: --plen;
616: }
617: memcpy(q, p, plen);
618: p += plen;
619: q += plen;
620: }
621: *q = '\0';
622: } else
623: path = _PATH_DEFPATH;
624: } else
625: path = _PATH_DEFPATH;
626: if (setenv("PATH", path, 1))
627: warn("could not set PATH");
628: }
629:
630: /*
631: * Convert an expression of the following forms
632: * 1) A number.
633: * 2) A number followed by a b (mult by 512).
634: * 3) A number followed by a k (mult by 1024).
635: * 5) A number followed by a m (mult by 1024 * 1024).
636: * 6) A number followed by a g (mult by 1024 * 1024 * 1024).
637: * 7) A number followed by a t (mult by 1024 * 1024 * 1024 * 1024).
638: * 8) Two or more numbers (with/without k,b,m,g, or t).
639: * seperated by x (also * for backwards compatibility), specifying
640: * the product of the indicated values.
641: */
1.5.4.1 ! tv 642: static u_quad_t
! 643: strtosize(char *str, char **endptr, int radix)
1.1 mjl 644: {
645: u_quad_t num, num2;
646: char *expr, *expr2;
647:
648: errno = 0;
649: num = strtouq(str, &expr, radix);
650: if (errno || expr == str) {
651: if (endptr)
652: *endptr = expr;
653: return (num);
654: }
655:
656: switch(*expr) {
657: case 'b': case 'B':
658: num = multiply(num, (u_quad_t)512);
659: ++expr;
660: break;
661: case 'k': case 'K':
662: num = multiply(num, (u_quad_t)1024);
663: ++expr;
664: break;
665: case 'm': case 'M':
666: num = multiply(num, (u_quad_t)1024 * 1024);
667: ++expr;
668: break;
669: case 'g': case 'G':
670: num = multiply(num, (u_quad_t)1024 * 1024 * 1024);
671: ++expr;
672: break;
673: case 't': case 'T':
674: num = multiply(num, (u_quad_t)1024 * 1024);
675: num = multiply(num, (u_quad_t)1024 * 1024);
676: ++expr;
677: break;
678: }
679:
680: if (errno)
681: goto erange;
682:
683: switch(*expr) {
684: case '*': /* Backward compatible. */
685: case 'x':
686: num2 = strtosize(expr+1, &expr2, radix);
687: if (errno) {
688: expr = expr2;
689: goto erange;
690: }
691:
692: if (expr2 == expr + 1) {
693: if (endptr)
694: *endptr = expr;
695: return (num);
696: }
697: expr = expr2;
698: num = multiply(num, num2);
699: if (errno)
700: goto erange;
701: break;
702: }
703: if (endptr)
704: *endptr = expr;
705: return (num);
706: erange:
707: if (endptr)
708: *endptr = expr;
709: errno = ERANGE;
710: return (UQUAD_MAX);
711: }
712:
1.5.4.1 ! tv 713: static u_quad_t
! 714: strtolimit(char *str, char **endptr, int radix)
1.1 mjl 715: {
1.5 mjl 716: if (isinfinite(str)) {
1.1 mjl 717: if (endptr)
718: *endptr = str + strlen(str);
719: return ((u_quad_t)RLIM_INFINITY);
720: }
721: return (strtosize(str, endptr, radix));
1.5 mjl 722: }
723:
724: static int
725: isinfinite(const char *s)
726: {
727: static const char *infs[] = {
728: "infinity",
729: "inf",
730: "unlimited",
731: "unlimit",
732: NULL
733: };
734: const char **i;
735:
1.5.4.1 ! tv 736: for (i = infs; *i; i++) {
1.5 mjl 737: if (!strcasecmp(s, *i))
738: return 1;
739: }
740: return 0;
1.1 mjl 741: }
742:
743: static u_quad_t
1.5.4.1 ! tv 744: multiply(u_quad_t n1, u_quad_t n2)
1.1 mjl 745: {
746: static int bpw = 0;
747: u_quad_t m;
748: u_quad_t r;
749: int b1, b2;
750:
751: /*
752: * Get rid of the simple cases
753: */
754: if (n1 == 0 || n2 == 0)
755: return (0);
756: if (n1 == 1)
757: return (n2);
758: if (n2 == 1)
759: return (n1);
760:
761: /*
762: * sizeof() returns number of bytes needed for storage.
763: * This may be different from the actual number of useful bits.
764: */
765: if (!bpw) {
766: bpw = sizeof(u_quad_t) * 8;
767: while (((u_quad_t)1 << (bpw-1)) == 0)
768: --bpw;
769: }
770:
771: /*
772: * First check the magnitude of each number. If the sum of the
773: * magnatude is way to high, reject the number. (If this test
774: * is not done then the first multiply below may overflow.)
775: */
776: for (b1 = bpw; (((u_quad_t)1 << (b1-1)) & n1) == 0; --b1)
777: ;
778: for (b2 = bpw; (((u_quad_t)1 << (b2-1)) & n2) == 0; --b2)
779: ;
780: if (b1 + b2 - 2 > bpw) {
781: errno = ERANGE;
782: return (UQUAD_MAX);
783: }
784:
785: /*
786: * Decompose the multiplication to be:
787: * h1 = n1 & ~1
788: * h2 = n2 & ~1
789: * l1 = n1 & 1
790: * l2 = n2 & 1
791: * (h1 + l1) * (h2 + l2)
792: * (h1 * h2) + (h1 * l2) + (l1 * h2) + (l1 * l2)
793: *
794: * Since h1 && h2 do not have the low bit set, we can then say:
795: *
796: * (h1>>1 * h2>>1 * 4) + ...
797: *
798: * So if (h1>>1 * h2>>1) > (1<<(bpw - 2)) then the result will
799: * overflow.
800: *
801: * Finally, if MAX - ((h1 * l2) + (l1 * h2) + (l1 * l2)) < (h1*h2)
802: * then adding in residual amout will cause an overflow.
803: */
804:
805: m = (n1 >> 1) * (n2 >> 1);
806:
807: if (m >= ((u_quad_t)1 << (bpw-2))) {
808: errno = ERANGE;
809: return (UQUAD_MAX);
810: }
811:
812: m *= 4;
813:
814: r = (n1 & n2 & 1)
815: + (n2 & 1) * (n1 & ~(u_quad_t)1)
816: + (n1 & 1) * (n2 & ~(u_quad_t)1);
817:
818: if ((u_quad_t)(m + r) < m) {
819: errno = ERANGE;
820: return (UQUAD_MAX);
821: }
822: m += r;
823:
824: return (m);
825: }