Fix overflow in nss files parser
[glibc.git] / string / memchr.c
blobf3098c775af12df57e49047420bf354899ecaa81
1 /* Copyright (C) 1991,93,96,97,99,2000,2003 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3 Based on strlen implementation by Torbjorn Granlund (tege@sics.se),
4 with help from Dan Sahlin (dan@sics.se) and
5 commentary by Jim Blandy (jimb@ai.mit.edu);
6 adaptation to memchr suggested by Dick Karpinski (dick@cca.ucsf.edu),
7 and implemented by Roland McGrath (roland@ai.mit.edu).
9 The GNU C Library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
14 The GNU C Library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
19 You should have received a copy of the GNU Lesser General Public
20 License along with the GNU C Library; if not, write to the Free
21 Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
22 02111-1307 USA. */
24 #ifdef HAVE_CONFIG_H
25 #include <config.h>
26 #endif
28 #undef __ptr_t
29 #if defined (__cplusplus) || (defined (__STDC__) && __STDC__)
30 # define __ptr_t void *
31 #else /* Not C++ or ANSI C. */
32 # define __ptr_t char *
33 #endif /* C++ or ANSI C. */
35 #if defined _LIBC
36 # include <string.h>
37 # include <memcopy.h>
38 #else
39 # define reg_char char
40 #endif
42 #if HAVE_STDLIB_H || defined _LIBC
43 # include <stdlib.h>
44 #endif
46 #if HAVE_LIMITS_H || defined _LIBC
47 # include <limits.h>
48 #endif
50 #define LONG_MAX_32_BITS 2147483647
52 #ifndef LONG_MAX
53 #define LONG_MAX LONG_MAX_32_BITS
54 #endif
56 #include <sys/types.h>
57 #if HAVE_BP_SYM_H || defined _LIBC
58 #include <bp-sym.h>
59 #else
60 # define BP_SYM(sym) sym
61 #endif
63 #undef memchr
64 #undef __memchr
66 /* Search no more than N bytes of S for C. */
67 __ptr_t
68 __memchr (s, c_in, n)
69 const __ptr_t s;
70 int c_in;
71 size_t n;
73 const unsigned char *char_ptr;
74 const unsigned long int *longword_ptr;
75 unsigned long int longword, magic_bits, charmask;
76 unsigned reg_char c;
78 c = (unsigned char) c_in;
80 /* Handle the first few characters by reading one character at a time.
81 Do this until CHAR_PTR is aligned on a longword boundary. */
82 for (char_ptr = (const unsigned char *) s;
83 n > 0 && ((unsigned long int) char_ptr
84 & (sizeof (longword) - 1)) != 0;
85 --n, ++char_ptr)
86 if (*char_ptr == c)
87 return (__ptr_t) char_ptr;
89 /* All these elucidatory comments refer to 4-byte longwords,
90 but the theory applies equally well to 8-byte longwords. */
92 longword_ptr = (unsigned long int *) char_ptr;
94 /* Bits 31, 24, 16, and 8 of this number are zero. Call these bits
95 the "holes." Note that there is a hole just to the left of
96 each byte, with an extra at the end:
98 bits: 01111110 11111110 11111110 11111111
99 bytes: AAAAAAAA BBBBBBBB CCCCCCCC DDDDDDDD
101 The 1-bits make sure that carries propagate to the next 0-bit.
102 The 0-bits provide holes for carries to fall into. */
104 if (sizeof (longword) != 4 && sizeof (longword) != 8)
105 abort ();
107 #if LONG_MAX <= LONG_MAX_32_BITS
108 magic_bits = 0x7efefeff;
109 #else
110 magic_bits = ((unsigned long int) 0x7efefefe << 32) | 0xfefefeff;
111 #endif
113 /* Set up a longword, each of whose bytes is C. */
114 charmask = c | (c << 8);
115 charmask |= charmask << 16;
116 #if LONG_MAX > LONG_MAX_32_BITS
117 charmask |= charmask << 32;
118 #endif
120 /* Instead of the traditional loop which tests each character,
121 we will test a longword at a time. The tricky part is testing
122 if *any of the four* bytes in the longword in question are zero. */
123 while (n >= sizeof (longword))
125 /* We tentatively exit the loop if adding MAGIC_BITS to
126 LONGWORD fails to change any of the hole bits of LONGWORD.
128 1) Is this safe? Will it catch all the zero bytes?
129 Suppose there is a byte with all zeros. Any carry bits
130 propagating from its left will fall into the hole at its
131 least significant bit and stop. Since there will be no
132 carry from its most significant bit, the LSB of the
133 byte to the left will be unchanged, and the zero will be
134 detected.
136 2) Is this worthwhile? Will it ignore everything except
137 zero bytes? Suppose every byte of LONGWORD has a bit set
138 somewhere. There will be a carry into bit 8. If bit 8
139 is set, this will carry into bit 16. If bit 8 is clear,
140 one of bits 9-15 must be set, so there will be a carry
141 into bit 16. Similarly, there will be a carry into bit
142 24. If one of bits 24-30 is set, there will be a carry
143 into bit 31, so all of the hole bits will be changed.
145 The one misfire occurs when bits 24-30 are clear and bit
146 31 is set; in this case, the hole at bit 31 is not
147 changed. If we had access to the processor carry flag,
148 we could close this loophole by putting the fourth hole
149 at bit 32!
151 So it ignores everything except 128's, when they're aligned
152 properly.
154 3) But wait! Aren't we looking for C, not zero?
155 Good point. So what we do is XOR LONGWORD with a longword,
156 each of whose bytes is C. This turns each byte that is C
157 into a zero. */
159 longword = *longword_ptr++ ^ charmask;
161 /* Add MAGIC_BITS to LONGWORD. */
162 if ((((longword + magic_bits)
164 /* Set those bits that were unchanged by the addition. */
165 ^ ~longword)
167 /* Look at only the hole bits. If any of the hole bits
168 are unchanged, most likely one of the bytes was a
169 zero. */
170 & ~magic_bits) != 0)
172 /* Which of the bytes was C? If none of them were, it was
173 a misfire; continue the search. */
175 const unsigned char *cp = (const unsigned char *) (longword_ptr - 1);
177 if (cp[0] == c)
178 return (__ptr_t) cp;
179 if (cp[1] == c)
180 return (__ptr_t) &cp[1];
181 if (cp[2] == c)
182 return (__ptr_t) &cp[2];
183 if (cp[3] == c)
184 return (__ptr_t) &cp[3];
185 #if LONG_MAX > 2147483647
186 if (cp[4] == c)
187 return (__ptr_t) &cp[4];
188 if (cp[5] == c)
189 return (__ptr_t) &cp[5];
190 if (cp[6] == c)
191 return (__ptr_t) &cp[6];
192 if (cp[7] == c)
193 return (__ptr_t) &cp[7];
194 #endif
197 n -= sizeof (longword);
200 char_ptr = (const unsigned char *) longword_ptr;
202 while (n-- > 0)
204 if (*char_ptr == c)
205 return (__ptr_t) char_ptr;
206 else
207 ++char_ptr;
210 return 0;
212 #ifdef weak_alias
213 weak_alias (__memchr, BP_SYM (memchr))
214 #endif
215 libc_hidden_builtin_def (memchr)