b6b9d458 |
1 | .\" -*-nroff-*- |
2 | .de VS |
3 | .sp 1 |
d66d7727 |
4 | .RS |
b6b9d458 |
5 | .nf |
6 | .ft B |
7 | .. |
8 | .de VE |
9 | .ft R |
10 | .fi |
11 | .RE |
12 | .sp 1 |
13 | .. |
08da152e |
14 | .de hP |
b6b9d458 |
15 | .IP |
16 | .ft B |
17 | \h'-\w'\\$1\ 'u'\\$1\ \c |
18 | .ft P |
19 | .. |
20 | .ie t .ds o \(bu |
21 | .el .ds o o |
08da152e |
22 | .TH dstr 3 "8 May 1999" "mLib" |
b6b9d458 |
23 | dstr \- a simple dynamic string type |
08da152e |
24 | .\" @dstr_create |
25 | .\" @dstr_destroy |
26 | .\" @dstr_reset |
27 | .\" @dstr_ensure |
28 | .\" @dstr_tidy |
29 | .\" |
30 | .\" @dstr_putc |
31 | .\" @dstr_putz |
32 | .\" @dstr_puts |
33 | .\" @dstr_putf |
34 | .\" @dstr_putd |
35 | .\" @dstr_putm |
36 | .\" @dstr_putline |
37 | .\" @dstr_write |
38 | .\" |
e49a7995 |
39 | .\" @DSTR_INIT |
08da152e |
40 | .\" @DCREATE |
41 | .\" @DDESTROY |
42 | .\" @DRESET |
43 | .\" @DENSURE |
44 | .\" @DPUTC |
45 | .\" @DPUTZ |
46 | .\" @DPUTS |
47 | .\" @DPUTD |
48 | .\" @DPUTM |
49 | .\" @DWRITE |
50 | .\" |
b6b9d458 |
51 | .SH SYNOPSIS |
52 | .nf |
53 | .B "#include <mLib/dstr.h>" |
54 | |
55 | .BI "void dstr_create(dstr *" d ); |
56 | .BI "void dstr_destroy(dstr *" d ); |
57 | .BI "void dstr_reset(dstr *" d ); |
58 | |
59 | .BI "void dstr_ensure(dstr *" d ", size_t " sz ); |
60 | .BI "void dstr_tidy(dstr *" d ); |
61 | |
62 | .BI "void dstr_putc(dstr *" d ", char " ch ); |
63 | .BI "void dstr_putz(dstr *" d ); |
64 | .BI "void dstr_puts(dstr *" d ", const char *" s ); |
65 | .BI "int dstr_vputf(dstr *" d ", va_list " ap ); |
d2a91066 |
66 | .BI "int dstr_putf(dstr *" d ", ...);" |
b6b9d458 |
67 | .BI "void dstr_putd(dstr *" d ", const dstr *" p ); |
68 | .BI "void dstr_putm(dstr *" d ", const void *" p ", size_t " sz ); |
69 | .BI "int dstr_putline(dstr *" d ", FILE *" fp ); |
70 | .BI "size_t dstr_write(const dstr *" d ", FILE *" fp ); |
71 | |
e49a7995 |
72 | .BI "dstr " d " = DSTR_INIT;" |
b6b9d458 |
73 | .BI "void DCREATE(dstr *" d ); |
74 | .BI "void DDESTROY(dstr *" d ); |
75 | .BI "void DRESET(dstr *" d ); |
76 | .BI "void DENSURE(dstr *" d ", size_t " sz ); |
08da152e |
77 | .BI "void DPUTC(dstr *" c ", char " ch ); |
b6b9d458 |
78 | .BI "void DPUTZ(dstr *" d ); |
79 | .BI "void DPUTS(dstr *" d ", const char *" s ); |
80 | .BI "void DPUTD(dstr *" d ", const dstr *" p ); |
81 | .BI "void DPUTM(dstr *" d ", const void *" p ", size_t " sz ); |
82 | .BI "size_t DWRITE(const dstr *" d ", FILE *" fp ); |
83 | .fi |
750e4b6c |
84 | .SH DESCRIPTION |
b6b9d458 |
85 | The header |
86 | .B dstr.h |
87 | declares a type for representing dynamically extending strings, and a |
88 | small collection of useful operations on them. None of the operations |
89 | returns a failure result on an out-of-memory condition; instead, the |
90 | exception |
91 | .B EXC_NOMEM |
92 | is raised. |
93 | .PP |
94 | Many of the functions which act on dynamic strings have macro |
95 | equivalents. These equivalent macros may evaluate their arguments |
96 | multiple times. |
750e4b6c |
97 | .SS "Underlying type" |
b6b9d458 |
98 | A |
99 | .B dstr |
100 | object is a small structure with the following members: |
101 | .VS |
102 | typedef struct dstr { |
103 | char *buf; /* Pointer to string buffer */ |
104 | size_t sz; /* Size of the buffer */ |
105 | size_t len; /* Length of the string */ |
cededfbe |
106 | arena *a; /* Pointer to arena */ |
b6b9d458 |
107 | } dstr; |
108 | .VE |
109 | The |
110 | .B buf |
111 | member points to the actual character data in the string. The data may |
112 | or may not be null terminated, depending on what operations have |
113 | recently been performed on it. None of the |
114 | .B dstr |
115 | functions depend on the string being null-terminated; indeed, all of |
116 | them work fine on strings containing arbitrary binary data. You can |
117 | force null-termination by calling the |
118 | .B dstr_putz |
119 | function, or the |
120 | .B DPUTZ |
121 | macro. |
122 | .PP |
123 | The |
124 | .B sz |
125 | member describes the current size of the buffer. This reflects the |
126 | maximum possible length of string that can be represented in |
127 | .B buf |
128 | without allocating a new buffer. |
129 | .PP |
130 | The |
131 | .B len |
132 | member describes the current length of the string. It is the number of |
133 | bytes in the string which are actually interesting. The length does |
134 | .I not |
135 | include a null-terminating byte, if there is one. |
136 | .PP |
137 | The following invariants are maintained by |
138 | .B dstr |
139 | and must hold when any function is called: |
08da152e |
140 | .hP \*o |
b6b9d458 |
141 | If |
142 | .B sz |
143 | is nonzero, then |
144 | .B buf |
145 | points to a block of memory of length |
146 | .BR sz . |
147 | If |
148 | .B sz |
149 | is zero, then |
150 | .B buf |
151 | is a null pointer. |
08da152e |
152 | .hP \*o |
b6b9d458 |
153 | At all times, |
154 | .BI sz " >= " len\fR. |
155 | .PP |
d2a91066 |
156 | Note that there is no equivalent of the standard C distinction between |
b6b9d458 |
157 | the empty string (a pointer to an array of characters whose first |
d2a91066 |
158 | element is zero) and the nonexistent string (a null pointer). Any |
b6b9d458 |
159 | .B dstr |
160 | whose |
161 | .B len |
162 | is zero is an empty string. |
cededfbe |
163 | .PP |
164 | The |
165 | .I a |
166 | member refers to the arena from which the string's buffer has been |
167 | allocated. Immediately after creation, this is set to be |
168 | .BR arena_stdlib (3); |
169 | you can set it to point to any other arena of your choice before the |
170 | buffer is allocated. |
750e4b6c |
171 | .SS "Creation and destruction" |
b6b9d458 |
172 | The caller is responsible for allocating the |
173 | .B dstr |
174 | structure. It can be initialized in any of the following ways: |
08da152e |
175 | .hP \*o |
b6b9d458 |
176 | Using the macro |
177 | .B DSTR_INIT |
178 | as an initializer in the declaration of the object. |
08da152e |
179 | .hP \*o |
b6b9d458 |
180 | Passing its address to the |
181 | .B dstr_create |
182 | function. |
08da152e |
183 | .hP \*o |
b6b9d458 |
184 | Passing its address to the (equivalent) |
185 | .B DCREATE |
186 | macro. |
187 | .PP |
188 | The initial value of a |
189 | .B dstr |
190 | is the empty string. |
191 | .PP |
192 | The additional storage space for a string's contents may be reclaimed by |
193 | passing it to the |
194 | .B dstr_destroy |
195 | function, or the |
196 | .B DDESTROY |
197 | macro. After destruction, a string's value is reset to the empty |
198 | string: |
199 | .I "it's still a valid" |
200 | .BR dstr . |
201 | However, once a string has been destroyed, it's safe to deallocate the |
202 | underlying |
203 | .B dstr |
204 | object. |
205 | .PP |
206 | The |
207 | .B dstr_reset |
208 | function empties a string |
209 | .I without |
210 | deallocating any memory. Therefore appending more characters is quick, |
d2a91066 |
211 | because the old buffer is still there and doesn't need to be allocated. |
b6b9d458 |
212 | Calling |
213 | .VS |
214 | dstr_reset(d); |
215 | .VE |
d2a91066 |
216 | is equivalent to directly assigning |
b6b9d458 |
217 | .VS |
218 | d->len = 0; |
219 | .VE |
220 | There's also a macro |
221 | .B DRESET |
222 | which does the same job as the |
223 | .B dstr_reset |
224 | function. |
750e4b6c |
225 | .SS "Extending a string" |
b6b9d458 |
226 | All memory allocation for strings is done by the function |
227 | .BR dstr_ensure . |
228 | Given a pointer |
229 | .I d |
230 | to a |
231 | .B dstr |
232 | and a size |
233 | .IR sz , |
234 | the function ensures that there are at least |
235 | .I sz |
236 | unused bytes in the string's buffer. The current algorithm for |
237 | extending the buffer is fairly unsophisticated, but seems to work |
238 | relatively well \- see the source if you really want to know what it's |
239 | doing. |
240 | .PP |
241 | Extending a string never returns a failure result. Instead, if there |
242 | isn't enough memory for a longer string, the exception |
243 | .B EXC_NOMEM |
244 | is raised. See |
08da152e |
245 | .BR exc (3) |
b6b9d458 |
246 | for more information about |
247 | .BR mLib 's |
248 | exception handling system. |
249 | .PP |
250 | Note that if an ensure operation needs to reallocate a string buffer, |
251 | any pointers you've taken into the string become invalid. |
252 | .PP |
253 | There's a macro |
254 | .B DENSURE |
255 | which does a quick inline check to see whether there's enough space in |
256 | a string's buffer. This saves a procedure call when no reallocation |
257 | needs to be done. The |
258 | .B DENSURE |
259 | macro is called in the same way as the |
260 | .B dstr_ensure |
261 | function. |
262 | .PP |
263 | The function |
264 | .B dstr_tidy |
265 | `trims' a string's buffer so that it's just large enough for the string |
266 | contents and a null terminating byte. This might raise an exception due |
267 | to lack of memory. (There are two possible ways this might happen. |
d2a91066 |
268 | Firstly, the underlying allocator might just be brain-damaged enough to |
b6b9d458 |
269 | fail on reducing a block's size. Secondly, tidying an empty string with no |
270 | buffer allocated for it causes allocation of a buffer large enough for |
271 | the terminating null byte.) |
750e4b6c |
272 | .SS "Contributing data to a string" |
b6b9d458 |
273 | There are a collection of functions which add data to a string. All of |
274 | these functions add their new data to the |
275 | .I end |
276 | of the string. This is good, because programs usually build strings |
277 | left-to-right. If you want to do something more clever, that's up to |
278 | you. |
279 | .PP |
280 | Several of these functions have equivalent macros which do the main work |
281 | inline. (There still might need to be a function call if the buffer |
282 | needs to be extended.) |
283 | .PP |
284 | Any of these functions might extend the string, causing pointers into |
285 | the string buffer to be invalidated. If you don't want that to happen, |
286 | pre-ensure enough space before you start. |
287 | .PP |
288 | The simplest function is |
289 | .B dstr_putc |
290 | which appends a single character |
291 | .I ch |
292 | to the end of the string. It has a macro equivalent called |
293 | .BR DPUTC . |
294 | .PP |
295 | The function |
296 | .B dstr_putz |
297 | places a zero byte at the end of the string. It does |
298 | .I not |
299 | affect the string's length, so any other data added to the string will |
300 | overwrite the null terminator. This is useful if you want to pass your |
301 | string to one of the standard C library string-handling functions. The |
302 | macro |
303 | .B DPUTZ |
304 | does the same thing. |
305 | .PP |
306 | The function |
307 | .B dstr_puts |
308 | writes a C-style null-terminated string to the end of a dynamic string. |
309 | A terminating zero byte is also written, as if |
310 | .B dstr_putz |
311 | were called. The macro |
312 | .B DPUTS |
313 | does the same job. |
314 | .PP |
315 | The function |
316 | .B dstr_putf |
317 | works similarly to the standard |
318 | .BR sprintf (3) |
319 | function. It accepts a |
320 | .BR print (3)-style |
321 | format string and an arbitrary number of arguments to format and writes |
322 | the resulting text to the end of a dynamic string, returning the number |
323 | of characters so written. A terminating zero byte is also appended. |
324 | The formatting is intended to be convenient and safe rather than |
325 | efficient, so don't expect blistering performance. Similarly, there may |
326 | be differences between the formatting done by |
327 | .B dstr_putf |
328 | and |
329 | .BR sprintf (3) |
330 | because the former has to do most of its work itself. In particular, |
331 | .B dstr_putf |
332 | doesn't (and probably never will) understand the |
333 | .RB ` n$ ' |
d2a91066 |
334 | positional parameter notation accepted by many Unix C libraries. There |
b6b9d458 |
335 | is no macro equivalent of |
336 | .BR dstr_putf . |
337 | .PP |
338 | The function |
339 | .B dstr_vputf |
340 | provides access to the `guts' of |
341 | .BR dstr_putf : |
342 | given a format string and a |
343 | .B va_list |
344 | pointer, it will format the arguments according to the format string, |
345 | just as |
346 | .B dstr_putf |
347 | does. |
348 | .PP |
349 | The function |
350 | .B dstr_putd |
351 | appends the contents of one dynamic string to another. A null |
352 | terminator is also appended. The macro |
353 | .B DPUTD |
354 | does the same thing. |
355 | .PP |
356 | The function |
357 | .B dstr_putm |
358 | puts an arbitrary block of memory, addressed by |
359 | .IR p , |
360 | with length |
361 | .I sz |
362 | bytes, at the end of a dynamic string. No terminating null is appended: |
363 | it's assumed that if you're playing with arbitrary chunks of memory then |
364 | you're probably not going to be using the resulting data as a normal |
365 | text string. The macro |
366 | .B DPUTM |
367 | works the same way. |
368 | .PP |
369 | The function |
370 | .B dstr_putline |
371 | reads a line from an input stream |
372 | .I fp |
373 | and appends it to a string. If an error occurs, or end-of-file is |
374 | encountered, before any characters have been read, then |
375 | .B dstr_putline |
376 | returns the value |
750e4b6c |
377 | .B EOF |
378 | and does not extend the string. Otherwise, it reads until it encounters |
379 | a newline character, an error, or end-of-file, and returns the number of |
380 | characters read. If reading was terminated by a newline character, the |
381 | newline character is |
b6b9d458 |
382 | .I not |
383 | inserted in the buffer. A terminating null is appended, as by |
384 | .BR dstr_putz . |
750e4b6c |
385 | .SS "Other functions" |
b6b9d458 |
386 | The |
387 | .B dstr_write |
388 | function writes a string to an output stream |
389 | .IR fp . |
390 | It returns the number of characters written, or |
391 | .B 0 |
392 | if an error occurred before the first write. No newline character is |
393 | written to the stream, unless the string actually contains one already. |
394 | The macro |
395 | .B DWRITE |
396 | is equivalent. |
397 | .SH "SECURITY CONSIDERATIONS" |
d2a91066 |
398 | The implementation of the |
b6b9d458 |
399 | .B dstr |
400 | functions is designed to do string handling in security-critical |
401 | programs. However, there may be bugs in the code somewhere. In |
402 | particular, the |
403 | .B dstr_putf |
f1583053 |
404 | functions are quite complicated, and could do with some checking by |
b6b9d458 |
405 | independent people who know what they're doing. |
08da152e |
406 | .SH "SEE ALSO" |
407 | .BR exc (3), |
408 | .BR mLib (3). |
b6b9d458 |
409 | .SH AUTHOR |
410 | Mark Wooding, <mdw@nsict.org> |