]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/basic/parse-util.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: Record ExecMainStartTimestamp before forking
[thirdparty/systemd.git] / src / basic / parse-util.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <errno.h>
4 #include <inttypes.h>
5 #include <net/if.h>
6 #include <stdio.h>
7 #include <stdlib.h>
8 #include <sys/socket.h>
9
10 #include "alloc-util.h"
11 #include "errno-list.h"
12 #include "extract-word.h"
13 #include "locale-util.h"
14 #include "macro.h"
15 #include "missing_network.h"
16 #include "parse-util.h"
17 #include "process-util.h"
18 #include "stat-util.h"
19 #include "string-util.h"
20 #include "strv.h"
21
22 int parse_boolean(const char *v) {
23 if (!v)
24 return -EINVAL;
25
26 if (STRCASE_IN_SET(v,
27 "1",
28 "yes",
29 "y",
30 "true",
31 "t",
32 "on"))
33 return 1;
34
35 if (STRCASE_IN_SET(v,
36 "0",
37 "no",
38 "n",
39 "false",
40 "f",
41 "off"))
42 return 0;
43
44 return -EINVAL;
45 }
46
47 int parse_tristate_full(const char *v, const char *third, int *ret) {
48 int r;
49
50 if (isempty(v) || streq_ptr(v, third)) { /* Empty string is always taken as the third/invalid/auto state */
51 if (ret)
52 *ret = -1;
53 } else {
54 r = parse_boolean(v);
55 if (r < 0)
56 return r;
57
58 if (ret)
59 *ret = r;
60 }
61
62 return 0;
63 }
64
65 int parse_pid(const char *s, pid_t* ret_pid) {
66 unsigned long ul = 0;
67 pid_t pid;
68 int r;
69
70 assert(s);
71
72 r = safe_atolu(s, &ul);
73 if (r < 0)
74 return r;
75
76 pid = (pid_t) ul;
77
78 if ((unsigned long) pid != ul)
79 return -ERANGE;
80
81 if (!pid_is_valid(pid))
82 return -ERANGE;
83
84 if (ret_pid)
85 *ret_pid = pid;
86 return 0;
87 }
88
89 int parse_mode(const char *s, mode_t *ret) {
90 unsigned m;
91 int r;
92
93 assert(s);
94
95 r = safe_atou_full(s, 8 |
96 SAFE_ATO_REFUSE_PLUS_MINUS, /* Leading '+' or even '-' char? that's just weird,
97 * refuse. User might have wanted to add mode flags or
98 * so, but this parser doesn't allow that, so let's
99 * better be safe. */
100 &m);
101 if (r < 0)
102 return r;
103 if (m > 07777)
104 return -ERANGE;
105
106 if (ret)
107 *ret = m;
108 return 0;
109 }
110
111 int parse_ifindex(const char *s) {
112 int ifi, r;
113
114 assert(s);
115
116 r = safe_atoi(s, &ifi);
117 if (r < 0)
118 return r;
119 if (ifi <= 0)
120 return -EINVAL;
121
122 return ifi;
123 }
124
125 int parse_mtu(int family, const char *s, uint32_t *ret) {
126 uint64_t u, m;
127 int r;
128
129 r = parse_size(s, 1024, &u);
130 if (r < 0)
131 return r;
132
133 if (u > UINT32_MAX)
134 return -ERANGE;
135
136 switch (family) {
137 case AF_INET:
138 m = IPV4_MIN_MTU; /* This is 68 */
139 break;
140 case AF_INET6:
141 m = IPV6_MIN_MTU; /* This is 1280 */
142 break;
143 default:
144 m = 0;
145 }
146
147 if (u < m)
148 return -ERANGE;
149
150 *ret = (uint32_t) u;
151 return 0;
152 }
153
154 int parse_size(const char *t, uint64_t base, uint64_t *size) {
155
156 /* Soo, sometimes we want to parse IEC binary suffixes, and
157 * sometimes SI decimal suffixes. This function can parse
158 * both. Which one is the right way depends on the
159 * context. Wikipedia suggests that SI is customary for
160 * hardware metrics and network speeds, while IEC is
161 * customary for most data sizes used by software and volatile
162 * (RAM) memory. Hence be careful which one you pick!
163 *
164 * In either case we use just K, M, G as suffix, and not Ki,
165 * Mi, Gi or so (as IEC would suggest). That's because that's
166 * frickin' ugly. But this means you really need to make sure
167 * to document which base you are parsing when you use this
168 * call. */
169
170 struct table {
171 const char *suffix;
172 unsigned long long factor;
173 };
174
175 static const struct table iec[] = {
176 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
177 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
178 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
179 { "G", 1024ULL*1024ULL*1024ULL },
180 { "M", 1024ULL*1024ULL },
181 { "K", 1024ULL },
182 { "B", 1ULL },
183 { "", 1ULL },
184 };
185
186 static const struct table si[] = {
187 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
188 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
189 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
190 { "G", 1000ULL*1000ULL*1000ULL },
191 { "M", 1000ULL*1000ULL },
192 { "K", 1000ULL },
193 { "B", 1ULL },
194 { "", 1ULL },
195 };
196
197 const struct table *table;
198 const char *p;
199 unsigned long long r = 0;
200 unsigned n_entries, start_pos = 0;
201
202 assert(t);
203 assert(IN_SET(base, 1000, 1024));
204 assert(size);
205
206 if (base == 1000) {
207 table = si;
208 n_entries = ELEMENTSOF(si);
209 } else {
210 table = iec;
211 n_entries = ELEMENTSOF(iec);
212 }
213
214 p = t;
215 do {
216 unsigned long long l, tmp;
217 double frac = 0;
218 char *e;
219 unsigned i;
220
221 p += strspn(p, WHITESPACE);
222
223 errno = 0;
224 l = strtoull(p, &e, 10);
225 if (errno > 0)
226 return -errno;
227 if (e == p)
228 return -EINVAL;
229 if (*p == '-')
230 return -ERANGE;
231
232 if (*e == '.') {
233 e++;
234
235 /* strtoull() itself would accept space/+/- */
236 if (ascii_isdigit(*e)) {
237 unsigned long long l2;
238 char *e2;
239
240 l2 = strtoull(e, &e2, 10);
241 if (errno > 0)
242 return -errno;
243
244 /* Ignore failure. E.g. 10.M is valid */
245 frac = l2;
246 for (; e < e2; e++)
247 frac /= 10;
248 }
249 }
250
251 e += strspn(e, WHITESPACE);
252
253 for (i = start_pos; i < n_entries; i++)
254 if (startswith(e, table[i].suffix))
255 break;
256
257 if (i >= n_entries)
258 return -EINVAL;
259
260 if (l + (frac > 0) > ULLONG_MAX / table[i].factor)
261 return -ERANGE;
262
263 tmp = l * table[i].factor + (unsigned long long) (frac * table[i].factor);
264 if (tmp > ULLONG_MAX - r)
265 return -ERANGE;
266
267 r += tmp;
268 if ((unsigned long long) (uint64_t) r != r)
269 return -ERANGE;
270
271 p = e + strlen(table[i].suffix);
272
273 start_pos = i + 1;
274
275 } while (*p);
276
277 *size = r;
278
279 return 0;
280 }
281
282 int parse_sector_size(const char *t, uint64_t *ret) {
283 int r;
284
285 assert(t);
286 assert(ret);
287
288 uint64_t ss;
289
290 r = safe_atou64(t, &ss);
291 if (r < 0)
292 return log_error_errno(r, "Failed to parse sector size parameter %s", t);
293 if (ss < 512 || ss > 4096) /* Allow up to 4K due to dm-crypt support and 4K alignment by the homed LUKS backend */
294 return log_error_errno(SYNTHETIC_ERRNO(ERANGE), "Sector size not between 512 and 4096: %s", t);
295 if (!ISPOWEROF2(ss))
296 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Sector size not power of 2: %s", t);
297
298 *ret = ss;
299 return 0;
300 }
301
302 int parse_range(const char *t, unsigned *lower, unsigned *upper) {
303 _cleanup_free_ char *word = NULL;
304 unsigned l, u;
305 int r;
306
307 assert(lower);
308 assert(upper);
309
310 /* Extract the lower bound. */
311 r = extract_first_word(&t, &word, "-", EXTRACT_DONT_COALESCE_SEPARATORS);
312 if (r < 0)
313 return r;
314 if (r == 0)
315 return -EINVAL;
316
317 r = safe_atou(word, &l);
318 if (r < 0)
319 return r;
320
321 /* Check for the upper bound and extract it if needed */
322 if (!t)
323 /* Single number with no dashes. */
324 u = l;
325 else if (!*t)
326 /* Trailing dash is an error. */
327 return -EINVAL;
328 else {
329 r = safe_atou(t, &u);
330 if (r < 0)
331 return r;
332 }
333
334 *lower = l;
335 *upper = u;
336 return 0;
337 }
338
339 int parse_errno(const char *t) {
340 int r, e;
341
342 assert(t);
343
344 r = errno_from_name(t);
345 if (r > 0)
346 return r;
347
348 r = safe_atoi(t, &e);
349 if (r < 0)
350 return r;
351
352 /* 0 is also allowed here */
353 if (!errno_is_valid(e) && e != 0)
354 return -ERANGE;
355
356 return e;
357 }
358
359 int parse_fd(const char *t) {
360 int r, fd;
361
362 assert(t);
363
364 r = safe_atoi(t, &fd);
365 if (r < 0)
366 return r;
367
368 if (fd < 0)
369 return -EBADF;
370
371 return fd;
372 }
373
374 static const char *mangle_base(const char *s, unsigned *base) {
375 const char *k;
376
377 assert(s);
378 assert(base);
379
380 /* Base already explicitly specified, then don't do anything. */
381 if (SAFE_ATO_MASK_FLAGS(*base) != 0)
382 return s;
383
384 /* Support Python 3 style "0b" and 0x" prefixes, because they truly make sense, much more than C's "0" prefix for octal. */
385 k = STARTSWITH_SET(s, "0b", "0B");
386 if (k) {
387 *base = 2 | (*base & SAFE_ATO_ALL_FLAGS);
388 return k;
389 }
390
391 k = STARTSWITH_SET(s, "0o", "0O");
392 if (k) {
393 *base = 8 | (*base & SAFE_ATO_ALL_FLAGS);
394 return k;
395 }
396
397 return s;
398 }
399
400 int safe_atou_full(const char *s, unsigned base, unsigned *ret_u) {
401 char *x = NULL;
402 unsigned long l;
403
404 assert(s);
405 assert(SAFE_ATO_MASK_FLAGS(base) <= 16);
406
407 /* strtoul() is happy to parse negative values, and silently converts them to unsigned values without
408 * generating an error. We want a clean error, hence let's look for the "-" prefix on our own, and
409 * generate an error. But let's do so only after strtoul() validated that the string is clean
410 * otherwise, so that we return EINVAL preferably over ERANGE. */
411
412 if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_WHITESPACE) &&
413 strchr(WHITESPACE, s[0]))
414 return -EINVAL;
415
416 s += strspn(s, WHITESPACE);
417
418 if (FLAGS_SET(base, SAFE_ATO_REFUSE_PLUS_MINUS) &&
419 IN_SET(s[0], '+', '-'))
420 return -EINVAL; /* Note that we check the "-" prefix again a second time below, but return a
421 * different error. I.e. if the SAFE_ATO_REFUSE_PLUS_MINUS flag is set we
422 * blanket refuse +/- prefixed integers, while if it is missing we'll just
423 * return ERANGE, because the string actually parses correctly, but doesn't
424 * fit in the return type. */
425
426 if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_ZERO) &&
427 s[0] == '0' && !streq(s, "0"))
428 return -EINVAL; /* This is particularly useful to avoid ambiguities between C's octal
429 * notation and assumed-to-be-decimal integers with a leading zero. */
430
431 s = mangle_base(s, &base);
432
433 errno = 0;
434 l = strtoul(s, &x, SAFE_ATO_MASK_FLAGS(base) /* Let's mask off the flags bits so that only the actual
435 * base is left */);
436 if (errno > 0)
437 return -errno;
438 if (!x || x == s || *x != 0)
439 return -EINVAL;
440 if (l != 0 && s[0] == '-')
441 return -ERANGE;
442 if ((unsigned long) (unsigned) l != l)
443 return -ERANGE;
444
445 if (ret_u)
446 *ret_u = (unsigned) l;
447
448 return 0;
449 }
450
451 int safe_atou_bounded(const char *s, unsigned min, unsigned max, unsigned *ret) {
452 unsigned v;
453 int r;
454
455 r = safe_atou(s, &v);
456 if (r < 0)
457 return r;
458
459 if (v < min || v > max)
460 return -ERANGE;
461
462 *ret = v;
463 return 0;
464 }
465
466 int safe_atoi(const char *s, int *ret_i) {
467 unsigned base = 0;
468 char *x = NULL;
469 long l;
470
471 assert(s);
472
473 s += strspn(s, WHITESPACE);
474 s = mangle_base(s, &base);
475
476 errno = 0;
477 l = strtol(s, &x, base);
478 if (errno > 0)
479 return -errno;
480 if (!x || x == s || *x != 0)
481 return -EINVAL;
482 if ((long) (int) l != l)
483 return -ERANGE;
484
485 if (ret_i)
486 *ret_i = (int) l;
487
488 return 0;
489 }
490
491 int safe_atollu_full(const char *s, unsigned base, unsigned long long *ret_llu) {
492 char *x = NULL;
493 unsigned long long l;
494
495 assert(s);
496 assert(SAFE_ATO_MASK_FLAGS(base) <= 16);
497
498 if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_WHITESPACE) &&
499 strchr(WHITESPACE, s[0]))
500 return -EINVAL;
501
502 s += strspn(s, WHITESPACE);
503
504 if (FLAGS_SET(base, SAFE_ATO_REFUSE_PLUS_MINUS) &&
505 IN_SET(s[0], '+', '-'))
506 return -EINVAL;
507
508 if (FLAGS_SET(base, SAFE_ATO_REFUSE_LEADING_ZERO) &&
509 s[0] == '0' && s[1] != 0)
510 return -EINVAL;
511
512 s = mangle_base(s, &base);
513
514 errno = 0;
515 l = strtoull(s, &x, SAFE_ATO_MASK_FLAGS(base));
516 if (errno > 0)
517 return -errno;
518 if (!x || x == s || *x != 0)
519 return -EINVAL;
520 if (l != 0 && s[0] == '-')
521 return -ERANGE;
522
523 if (ret_llu)
524 *ret_llu = l;
525
526 return 0;
527 }
528
529 int safe_atolli(const char *s, long long int *ret_lli) {
530 unsigned base = 0;
531 char *x = NULL;
532 long long l;
533
534 assert(s);
535
536 s += strspn(s, WHITESPACE);
537 s = mangle_base(s, &base);
538
539 errno = 0;
540 l = strtoll(s, &x, base);
541 if (errno > 0)
542 return -errno;
543 if (!x || x == s || *x != 0)
544 return -EINVAL;
545
546 if (ret_lli)
547 *ret_lli = l;
548
549 return 0;
550 }
551
552 int safe_atou8_full(const char *s, unsigned base, uint8_t *ret) {
553 unsigned u;
554 int r;
555
556 r = safe_atou_full(s, base, &u);
557 if (r < 0)
558 return r;
559 if (u > UINT8_MAX)
560 return -ERANGE;
561
562 *ret = (uint8_t) u;
563 return 0;
564 }
565
566 int safe_atou16_full(const char *s, unsigned base, uint16_t *ret) {
567 unsigned u;
568 int r;
569
570 r = safe_atou_full(s, base, &u);
571 if (r < 0)
572 return r;
573 if (u > UINT16_MAX)
574 return -ERANGE;
575
576 *ret = (uint16_t) u;
577 return 0;
578 }
579
580 int safe_atoi16(const char *s, int16_t *ret) {
581 unsigned base = 0;
582 char *x = NULL;
583 long l;
584
585 assert(s);
586
587 s += strspn(s, WHITESPACE);
588 s = mangle_base(s, &base);
589
590 errno = 0;
591 l = strtol(s, &x, base);
592 if (errno > 0)
593 return -errno;
594 if (!x || x == s || *x != 0)
595 return -EINVAL;
596 if ((long) (int16_t) l != l)
597 return -ERANGE;
598
599 if (ret)
600 *ret = (int16_t) l;
601
602 return 0;
603 }
604
605 int safe_atod(const char *s, double *ret_d) {
606 _cleanup_(freelocalep) locale_t loc = (locale_t) 0;
607 char *x = NULL;
608 double d = 0;
609
610 assert(s);
611
612 loc = newlocale(LC_NUMERIC_MASK, "C", (locale_t) 0);
613 if (loc == (locale_t) 0)
614 return -errno;
615
616 errno = 0;
617 d = strtod_l(s, &x, loc);
618 if (errno > 0)
619 return -errno;
620 if (!x || x == s || *x != 0)
621 return -EINVAL;
622
623 if (ret_d)
624 *ret_d = (double) d;
625
626 return 0;
627 }
628
629 int parse_fractional_part_u(const char **p, size_t digits, unsigned *res) {
630 unsigned val = 0;
631 const char *s;
632
633 s = *p;
634
635 /* accept any number of digits, strtoull is limited to 19 */
636 for (size_t i = 0; i < digits; i++, s++) {
637 if (!ascii_isdigit(*s)) {
638 if (i == 0)
639 return -EINVAL;
640
641 /* too few digits, pad with 0 */
642 for (; i < digits; i++)
643 val *= 10;
644
645 break;
646 }
647
648 val *= 10;
649 val += *s - '0';
650 }
651
652 /* maybe round up */
653 if (*s >= '5' && *s <= '9')
654 val++;
655
656 s += strspn(s, DIGITS);
657
658 *p = s;
659 *res = val;
660
661 return 0;
662 }
663
664 int parse_nice(const char *p, int *ret) {
665 int n, r;
666
667 r = safe_atoi(p, &n);
668 if (r < 0)
669 return r;
670
671 if (!nice_is_valid(n))
672 return -ERANGE;
673
674 *ret = n;
675 return 0;
676 }
677
678 int parse_ip_port(const char *s, uint16_t *ret) {
679 uint16_t l;
680 int r;
681
682 r = safe_atou16_full(s, SAFE_ATO_REFUSE_LEADING_WHITESPACE, &l);
683 if (r < 0)
684 return r;
685
686 if (l == 0)
687 return -EINVAL;
688
689 *ret = (uint16_t) l;
690
691 return 0;
692 }
693
694 int parse_ip_port_range(const char *s, uint16_t *low, uint16_t *high, bool allow_zero) {
695 unsigned l, h;
696 int r;
697
698 r = parse_range(s, &l, &h);
699 if (r < 0)
700 return r;
701
702 if (l > 65535 || h > 65535)
703 return -EINVAL;
704
705 if (!allow_zero && (l == 0 || h == 0))
706 return -EINVAL;
707
708 if (h < l)
709 return -EINVAL;
710
711 *low = l;
712 *high = h;
713
714 return 0;
715 }
716
717 int parse_ip_prefix_length(const char *s, int *ret) {
718 unsigned l;
719 int r;
720
721 r = safe_atou(s, &l);
722 if (r < 0)
723 return r;
724
725 if (l > 128)
726 return -ERANGE;
727
728 *ret = (int) l;
729
730 return 0;
731 }
732
733 int parse_oom_score_adjust(const char *s, int *ret) {
734 int r, v;
735
736 assert(s);
737 assert(ret);
738
739 r = safe_atoi(s, &v);
740 if (r < 0)
741 return r;
742
743 if (!oom_score_adjust_is_valid(v))
744 return -ERANGE;
745
746 *ret = v;
747 return 0;
748 }
749
750 int store_loadavg_fixed_point(unsigned long i, unsigned long f, loadavg_t *ret) {
751 assert(ret);
752
753 if (i >= (~0UL << LOADAVG_PRECISION_BITS))
754 return -ERANGE;
755
756 i = i << LOADAVG_PRECISION_BITS;
757 f = DIV_ROUND_UP((f << LOADAVG_PRECISION_BITS), 100);
758
759 if (f >= LOADAVG_FIXED_POINT_1_0)
760 return -ERANGE;
761
762 *ret = i | f;
763 return 0;
764 }
765
766 int parse_loadavg_fixed_point(const char *s, loadavg_t *ret) {
767 const char *d, *f_str, *i_str;
768 unsigned long i, f;
769 int r;
770
771 assert(s);
772 assert(ret);
773
774 d = strchr(s, '.');
775 if (!d)
776 return -EINVAL;
777
778 i_str = strndupa_safe(s, d - s);
779 f_str = d + 1;
780
781 r = safe_atolu_full(i_str, 10, &i);
782 if (r < 0)
783 return r;
784
785 r = safe_atolu_full(f_str, 10, &f);
786 if (r < 0)
787 return r;
788
789 return store_loadavg_fixed_point(i, f, ret);
790 }
791
792 /* Limitations are described in https://www.netfilter.org/projects/nftables/manpage.html and
793 * https://bugzilla.netfilter.org/show_bug.cgi?id=1175 */
794 bool nft_identifier_valid(const char *id) {
795 if (!id)
796 return false;
797
798 size_t len = strlen(id);
799 if (len == 0 || len > 31)
800 return false;
801
802 if (!ascii_isalpha(id[0]))
803 return false;
804
805 for (size_t i = 1; i < len; i++)
806 if (!ascii_isalpha(id[i]) && !ascii_isdigit(id[i]) && !IN_SET(id[i], '/', '\\', '_', '.'))
807 return false;
808 return true;
809 }
Unnamed repository; edit this file 'description' to name the repository.