score.c send.c sendlib.c signal.c sort.c \
status.c system.c thread.c charset.c history.c lib.c \
muttlib.c editmsg.c mbyte.c \
- url.c ascii.c crypt-mod.c crypt-mod.h
+ url.c ascii.c crypt-mod.c crypt-mod.h safe_asprintf.c
nodist_mutt_SOURCES = $(BUILT_SOURCES)
if (mutt_bit_isset (idata->capabilities,IMAP4REV1))
{
- hdrreq = mutt_sprintf ("BODY.PEEK[HEADER.FIELDS (%s%s%s)]",
+ safe_asprintf (&hdrreq, "BODY.PEEK[HEADER.FIELDS (%s%s%s)]",
want_headers, ImapHeaders ? " " : "", NONULL (ImapHeaders));
}
else if (mutt_bit_isset (idata->capabilities,IMAP4))
{
- hdrreq = mutt_sprintf ("RFC822.HEADER.LINES (%s%s%s)",
+ safe_asprintf (&hdrreq, "RFC822.HEADER.LINES (%s%s%s)",
want_headers, ImapHeaders ? " " : "", NONULL (ImapHeaders));
}
else
char *cmd;
fetchlast = msgend + 1;
- cmd = mutt_sprintf ("FETCH %d:%d (UID FLAGS INTERNALDATE RFC822.SIZE %s)",
- msgno + 1, fetchlast, hdrreq);
+ safe_asprintf (&cmd, "FETCH %d:%d (UID FLAGS INTERNALDATE RFC822.SIZE %s)",
+ msgno + 1, fetchlast, hdrreq);
imap_cmd_start (idata, cmd);
FREE (&cmd);
}
return -1;
return 0;
}
-
-/* Allocate a C-string large enough to contain the formatted string.
- * This is essentially malloc+sprintf in one.
- */
-char *mutt_sprintf (const char *fmt, ...)
-{
- size_t rlen = STRING;
- char *r = safe_malloc (rlen);
- for (;;)
- {
- va_list ap;
- va_start (ap, fmt);
- size_t n = vsnprintf (r, rlen, fmt, ap);
- va_end (ap);
- if (n < rlen)
- {
- /* reduce space to just that which was used. note that 'n' does not
- * include the terminal nul char.
- */
- if (n == 0) /* convention is to use NULL for zero-length strings. */
- FREE (&r);
- else if (n != rlen - 1)
- safe_realloc (&r, n + 1);
- return r;
- }
- /* increase size and try again */
- rlen = n + 1;
- safe_realloc(&r, rlen);
- }
- /* not reached */
-}
char *mutt_concat_path (char *, const char *, const char *, size_t);
char *mutt_read_line (char *, size_t *, FILE *, int *, int);
char *mutt_skip_whitespace (char *);
-char *mutt_sprintf (const char *, ...);
char *mutt_strlower (char *);
char *mutt_substrcpy (char *, const char *, const char *, size_t);
char *mutt_substrdup (const char *, const char *);
int mutt_strncasecmp (const char *, const char *, size_t);
int mutt_strncmp (const char *, const char *, size_t);
int mutt_strcoll (const char *, const char *);
+int safe_asprintf (char **, const char *, ...);
int safe_open (const char *, int);
int safe_rename (const char *, const char *);
int safe_symlink (const char *, const char *);
--- /dev/null
+/*
+ * Copyright (C) 2010 Michael R. Elkins <me@mutt.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+#include <stdio.h>
+#include "lib.h"
+
+/* NOTE: Currently there is no check in configure.ac for vasprintf(3). the
+ * undefined behavior of the error condition makes it difficult to write a safe
+ * version using it.
+ */
+
+#ifdef HAVE_VASPRINTF
+int safe_asprintf (char **strp, const char *fmt, ...)
+{
+ va_list ap;
+ int n;
+
+ va_start (ap, fmt);
+ n = vasprintf (strp, fmt, ap);
+ va_end (ap);
+
+ /* GNU libc man page for vasprintf(3) states that the value of *strp
+ * is undefined when the return code is -1.
+ */
+ if (n < 0)
+ {
+ mutt_error _("Out of memory!");
+ sleep (1);
+ mutt_exit (1);
+ }
+
+ if (n == 0)
+ {
+ /* Mutt convention is to use NULL for 0-length strings */
+ FREE (strp);
+ }
+
+ return n;
+}
+#else
+/* Allocate a C-string large enough to contain the formatted string.
+ * This is essentially malloc+sprintf in one.
+ */
+int safe_asprintf (char **strp, const char *fmt, ...)
+{
+ int rlen = STRING;
+ int n;
+
+ *strp = safe_malloc (rlen);
+ for (;;)
+ {
+ va_list ap;
+ va_start (ap, fmt);
+ n = vsnprintf (*strp, rlen, fmt, ap);
+ if (n < 0)
+ {
+ FREE (strp);
+ return n;
+ }
+ va_end (ap);
+
+ if (n < rlen)
+ {
+ /* reduce space to just that which was used. note that 'n' does not
+ * include the terminal nul char.
+ */
+ if (n == 0) /* convention is to use NULL for zero-length strings. */
+ FREE (strp);
+ else if (n != rlen - 1)
+ safe_realloc (strp, n + 1);
+ return n;
+ }
+ /* increase size and try again */
+ rlen = n + 1;
+ safe_realloc (strp, rlen);
+ }
+ /* not reached */
+}
+#endif /* HAVE_ASPRINTF */
+
projects / neomutt / commitdiff