proftpd / proftpd / 26127302613

/*

 * ProFTPD - FTP server daemon

 * Copyright (c) 2008-2026 The ProFTPD Project team

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 2 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, see <https://www.gnu.org/licenses/>.

 *

 * As a special exemption, Public Flood Software/MacGyver aka Habeeb J. Dihu

 * and other respective copyright holders give permission to link this program

 * with OpenSSL, and distribute the resulting executable, without including

 * the source code for OpenSSL in the source distribution.

 */

/* String manipulation functions. */

#include "conf.h"

/* Maximum number of matches that we will do in a given string. */

#define PR_STR_MAX_MATCHES                        128

static const char *str_vreplace(pool *p, unsigned int max_replaces,

  const char *src;

  src = s;

  memset(matches, 0, sizeof(matches));

  blen = strlen(src) + 1;

  while ((m = va_arg(args, char *)) != NULL &&

    char *tmp = NULL;

    r = va_arg(args, char *);

    }

    /* Increase the length of the needed buffer by the difference between

     * the given match and replacement strings, multiplied by the number

     * of times the match string occurs in the source string.

     */

    tmp = strstr(s, m);

      /* Be sure to increment the pointer returned by strstr(3), to

       * advance past the beginning of the substring for which we are

       * looking.  Otherwise, we just loop endlessly, seeing the same

       * value for tmp over and over.

       */

      tmp += strlen(m);

    /* We are only concerned about match/replacement strings that actually

     * occur in the given string.

     */

    if (count) {

         * doing something very strange. The possibility still exists that

         * we might not catch this overflow in extreme corner cases, but

         * massive amounts of data (gigabytes) would need to be in s to

         * trigger this, easily larger than any buffer we might use.

         */

        return s;

      }

      matches[nmatches] = m;

  }

  /* If there are no matches, then there is nothing to replace. */

  if (nmatches == 0) {

  }

  /* Try to handle large buffer situations (i.e. escaping of PR_TUNABLE_PATH_MAX

   * (>2048) correctly, but do not allow very big buffer sizes, that may

   * be dangerous (BUFSIZ may be defined in stdio.h) in some library

   * functions.

   */

#ifndef BUFSIZ

# define BUFSIZ 8192

#endif

  if (blen >= BUFSIZ) {

  cp = pbuf = (char *) pcalloc(p, ++blen);

  while (*src) {

    for (mptr = matches, rptr = replaces; *mptr; mptr++, rptr++) {

      pr_signals_handle();

      mlen = strlen(*mptr);

      if (strncmp(src, *mptr, mlen) == 0) {

        if (((cp + rlen) - pbuf + 1) > blen) {

          cp = pbuf;

          cp += (blen - 1);

        } else {

          cp += rlen;

        src += mlen;

    }

    if (!*mptr) {

        cp = pbuf;

        cp += (blen - 1);

      *cp++ = *src++;

  }

 done:

  return pbuf;

const char *pr_str_quote(pool *p, const char *str) {

  return sreplace(p, str, "\"", "\"\"", NULL);

const char *quote_dir(pool *p, char *path) {

const char *pr_str_replace(pool *p, unsigned int max_replaces,

  va_list args;

  if (p == NULL ||

    errno = EINVAL;

  va_start(args, s);

  return res;

const char *sreplace(pool *p, const char *s, ...) {

  if (p == NULL ||

  va_start(args, s);

  if (res == NULL &&

    return s;

  return res;

}

/* "safe" strcat, saves room for NUL at end of dst, and refuses to copy more

 * than "n" bytes.

 */

char *sstrcat(char *dst, const char *src, size_t n) {

  if (dst == NULL ||

    errno = EINVAL;

  /* Edge case short circuit; strlcat(3) doesn't do what I think it should

   * do for this particular case.

   */

  if (n > 1) {

    strlcat(dst, src, n);

#else

    for (; *d && n > 1; d++, n--) {

    while (n-- > 1 && *src) {

    *d = '\0';

  } else {

    *d = '\0';

  return dst;

}

char *pstrdup(pool *p, const char *str) {

  if (p == NULL ||

  len = strlen(str) + 1;

  res = palloc(p, len);

  return res;

}

char *pstrndup(pool *p, const char *str, size_t n) {

  if (!p || !str) {

  res = palloc(p, n + 1);

char *pdircat(pool *p, ...) {

  if (p == NULL) {

  va_start(ap, p);

  last = 0;

  while ((res = va_arg(ap, char *)) != NULL) {

     * which must be added.

     */

    if (!count++ && !*res) {

    } else if (last && last != '/' && *res != '/') {

    } else if (last && last == '/' && *res == '/') {

    res_len = strlen(res);

  va_end(ap);

  va_start(ap, p);

  last = res_len = 0;

  while ((argp = va_arg(ap, char *)) != NULL) {

    if (last && last == '/' && *argp == '/') {

    } else if (last && last != '/' && *argp != '/') {

    arglen = strlen(argp);

    last = (*res ? res[res_len-1] : 0);

  va_end(ap);

  return res;

char *pstrcat(pool *p, ...) {

  if (p == NULL) {

  va_start(ap, p);

  while ((res = va_arg(ap, char *)) != NULL) {

  va_end(ap);

  ptr = res = pcalloc(p, len + 1);

  va_start(ap, p);

  while ((argp = va_arg(ap, char *)) != NULL) {

    arglen = strlen(argp);

  va_end(ap);

  return res;

int pr_strnrstr(const char *s, size_t slen, const char *suffix,

  int res = FALSE;

  if (s == NULL ||

  if (slen == 0) {

  if (suffixlen == 0) {

  if (slen == 0 &&

    return TRUE;

  }

  if (slen == 0 ||

  }

  if (suffixlen > slen) {

  }

  if (flags & PR_STR_FL_IGNORE_CASE) {

  } else {

    if (strncmp(s + (slen - suffixlen), suffix, suffixlen) == 0) {

  }

  return res;

}

const char *pr_str_strip(pool *p, const char *str) {

  if (p == NULL ||

  /* First, find the non-whitespace start of the given string */

  for (start = str; PR_ISSPACE(*start); start++) {

  /* Now, find the non-whitespace end of the given string */

  for (finish = &str[strlen(str)-1]; PR_ISSPACE(*finish); finish--) {

  /* Include for the last byte, of course. */

  len = finish - start + 1;

  /* The space-stripped string is, then, everything from start to finish. */

  dup_str = pstrndup(p, start, len);

  return dup_str;

char *pr_str_strip_end(char *s, const char *ch) {

  if (s == NULL ||

  len = strlen(s);

  while (len && strchr(ch, *(s+len - 1))) {

    *(s+len - 1) = '\0';

  return s;

}

#if defined(HAVE_STRTOULL) && \

  (SIZEOF_UID_T == SIZEOF_LONG_LONG && SIZEOF_GID_T == SIZEOF_LONG_LONG)

static int parse_ull(const char *val, unsigned long long *num) {

  char *endp = NULL;

  unsigned long long res;

  res = strtoull(val, &endp, 10);

  if (endp && *endp) {

    errno = EINVAL;

    return -1;

  }

  *num = res;

  return 0;

}

#endif /* HAVE_STRTOULL */

static int parse_ul(const char *val, unsigned long *num) {

  res = strtoul(val, &endp, 10);

  *num = res;

char *pr_str_bin2hex(pool *p, const unsigned char *buf, size_t len, int flags) {

  if (p == NULL ||

  if (len == 0) {

  /* By default, we use lowercase hex values. */

  hex_vals = hex_lc;

  hex_len = (len * 2) + 1;

  ptr = hex;

  *ptr = '\0';

  return hex;

static int c2h(char c, unsigned char *h) {

    *h = c - '0';

  if (c >= 'a' &&

    *h = c - 'a' + 10;

  if (c >= 'A' &&

    *h = c - 'A' + 10;

  return FALSE;

}

unsigned char *pr_str_hex2bin(pool *p, const unsigned char *hex, size_t hex_len,

  register unsigned int i, j;

  if (p == NULL ||

  if (hex_len == 0) {

  if (hex_len == 0) {

  data_len = hex_len / 2;

  for (i = 0, j = 0; i < hex_len; i += 2) {

    if (c2h(hex[i], &v1) == FALSE) {

    if (c2h(hex[i+1], &v2) == FALSE) {

    data[j++] = ((v1 << 4) | v2);

  if (len != NULL) {

  return data;

}

/* Calculate the Damerau-Levenshtein distance between strings `a' and `b'.

 * This implementation borrows from the git implementation; see

 * git/src/levenshtein.c.

 */

int pr_str_levenshtein(pool *p, const char *a, const char *b, int swap_cost,

  size_t alen, blen;

  if (p == NULL ||

    errno = EINVAL;

  alen = strlen(a);

  tmp_pool = make_sub_pool(p);

  if (flags & PR_STR_FL_IGNORE_CASE) {

    a2 = pstrdup(tmp_pool, a);

    b2 = pstrdup(tmp_pool, b);

    a = a2;

    b = b2;

  }

  row0 = pcalloc(tmp_pool, sizeof(int) * (blen + 1));

  for (j = 0; j <= blen; j++) {

  for (i = 0; i < alen; i++) {

    row2[0] = (i + 1) * del_cost;

      row2[j + 1] = row1[j] + (subst_cost * (a[i] != b[j]));

      /* Swap */

      if (i > 0 &&

      /* Deletion */

      if (row2[j+1] > (row1[j+1] + del_cost)) {

      /* Insertion */

      if (row2[j+1] > (row2[j] + insert_cost)) {

    }

    ptr = row0;

    row0 = row1;

    row1 = row2;

    row2 = ptr;

  }

  res = row2[blen];

  destroy_pool(tmp_pool);

/* For tracking the Levenshtein distance for a string. */

struct candidate {

  const char *s;

  int distance;

  int flags;

};

static int distance_cmp(const void *a, const void *b) {

  cand1 = *((const struct candidate **) a);

  cand2 = *((const struct candidate **) b);

  if (distance1 != distance2) {

  if (cand1->flags & PR_STR_FL_IGNORE_CASE) {

  return strcmp(s1, s2);

array_header *pr_str_get_similars(pool *p, const char *s,

  register unsigned int i;

  if (p == NULL ||

    errno = EINVAL;

  if (candidates->nelts == 0) {

  if (max_distance <= 0) {

  tmp_pool = make_sub_pool(p);

  /* In order to use qsort(3), we need a contiguous block of memory, not

   * one of our array_headers.

   */

  distances = pcalloc(tmp_pool, candidates->nelts * sizeof(struct candidate *));

  len = strlen(s);

    c = ((const char **) candidates->elts)[i];

    /* Give prefix matches a higher score */

    if (flags & PR_STR_FL_IGNORE_CASE) {

      }

    } else {

      if (strncmp(c, s, len) == 0) {

      }

    }

    if (prefix_match == TRUE) {

      cand->distance = 0;

    } else {

      /* Note: We arbitrarily add one to the edit distance, in order to

       * distinguish a distance of zero from our prefix match "distances" of

       * zero above.

       */

      cand->distance = pr_str_levenshtein(tmp_pool, s, c, 0, 2, 1, 3,

    distances[i] = cand;

  qsort(distances, candidates->nelts, sizeof(struct candidate *), distance_cmp);

  similars = make_array(p, candidates->nelts, sizeof(const char *));

    cand = distances[i];

  }

  destroy_pool(tmp_pool);

array_header *pr_str_text_to_array(pool *p, const char *text, char delimiter) {

  if (p == NULL ||

  text_len = strlen(text);

  if (text_len == 0) {

  }

  ptr = memchr(text, delimiter, text_len);

    pr_signals_handle();

    item_len = ptr - text;

      item = palloc(p, item_len + 1);

    text = ++ptr;

    /* Include one byte for the delimiter character being skipped over. */

    text_len = text_len - item_len - 1;

    if (text_len == 0) {

    }

    ptr = memchr(text, delimiter, text_len);

  if (text_len > 0) {

  return items;

}

char *pr_str_array_to_text(pool *p, const array_header *items,

  register unsigned int i;

  if (p == NULL ||

    errno = EINVAL;

  if (items->nelts == 0) {

  elts = items->elts;

    elt = elts[i];

  return text;

}

int pr_str2uid(const char *val, uid_t *uid) {

  unsigned long long ull = 0ULL;

  unsigned long ul = 0UL;

  if (val == NULL ||

#if SIZEOF_UID_T == SIZEOF_LONG_LONG

# ifdef HAVE_STRTOULL

  if (parse_ull(val, &ull) < 0) {

    return -1;

  }

  *uid = ull;

# else

  if (parse_ul(val, &ul) < 0) {

    return -1;

  }

  *uid = ul;

# endif /* HAVE_STRTOULL */

#else

  (void) ull;

  }

  *uid = ul;

  return 0;

int pr_str2gid(const char *val, gid_t *gid) {

  unsigned long long ull = 0ULL;

  unsigned long ul = 0UL;

  if (val == NULL ||