1 /* $RCSfile: str.c,v $$Revision: 4.0.1.5 $$Date: 92/06/08 15:40:43 $
3 * Copyright (c) 1991, Larry Wall
5 * You may distribute under the terms of either the GNU General Public
6 * License or the Artistic License, as specified in the README file.
9 * Revision 4.0.1.5 92/06/08 15:40:43 lwall
10 * patch20: removed implicit int declarations on functions
11 * patch20: Perl now distinguishes overlapped copies from non-overlapped
12 * patch20: paragraph mode now skips extra newlines automatically
13 * patch20: fixed memory leak in doube-quote interpretation
14 * patch20: made /\$$foo/ look for literal '$foo'
15 * patch20: "$var{$foo'bar}" didn't scan subscript correctly
16 * patch20: a splice on non-existent array elements could dump core
17 * patch20: running taintperl explicitly now does checks even if $< == $>
19 * Revision 4.0.1.4 91/11/05 18:40:51 lwall
20 * patch11: $foo .= <BAR> could overrun malloced memory
21 * patch11: \$ didn't always make it through double-quoter to regexp routines
22 * patch11: prepared for ctype implementations that don't define isascii()
24 * Revision 4.0.1.3 91/06/10 01:27:54 lwall
25 * patch10: $) and $| incorrectly handled in run-time patterns
27 * Revision 4.0.1.2 91/06/07 11:58:13 lwall
28 * patch4: new copyright notice
29 * patch4: taint check on undefined string could cause core dump
31 * Revision 4.0.1.1 91/04/12 09:15:30 lwall
32 * patch1: fixed undefined environ problem
33 * patch1: substr($ENV{"PATH"},0,0) = "/foo:" didn't modify environment
34 * patch1: $foo .= <BAR> could cause core dump for certain lengths of $foo
36 * Revision 4.0 91/03/20 01:39:55 lwall
54 tainted |= str->str_tainted;
56 return str->str_pok ? str->str_ptr : str_2ptr(str);
60 /* dlb ... guess we have a "crippled cc".
61 * dlb the following functions are usually macros.
69 if (*Str->str_ptr > '0' ||
71 (Str->str_cur && *Str->str_ptr != '0'))
76 return (Str->str_u.str_nval != 0.0);
86 tainted |= Str->str_tainted;
89 return Str->str_u.str_nval;
93 /* dlb ... end of crutch */
101 unsigned long newlen;
104 register char *s = str->str_ptr;
107 if (newlen >= 0x10000) {
108 fprintf(stderr, "Allocation too large: %lx\n", newlen);
112 if (str->str_state == SS_INCR) { /* data before str_ptr? */
113 str->str_len += str->str_u.str_useful;
114 str->str_ptr -= str->str_u.str_useful;
115 str->str_u.str_useful = 0L;
116 Move(s, str->str_ptr, str->str_cur+1, char);
118 str->str_state = SS_NORM; /* normal again */
119 if (newlen > str->str_len)
120 newlen += 10 * (newlen - str->str_cur); /* avoid copy each time */
122 if (newlen > str->str_len) { /* need more room? */
124 Renew(s,newlen,char);
126 New(703,s,newlen,char);
128 str->str_len = newlen;
139 str->str_pok = 0; /* invalidate pointer */
140 if (str->str_state == SS_INCR)
143 str->str_u.str_nval = num;
144 str->str_state = SS_NORM;
145 str->str_nok = 1; /* validate number */
147 str->str_tainted = tainted;
163 olderrno = errno; /* some Xenix systems wipe out errno here */
164 #if defined(scs) && defined(ns32000)
165 gcvt(str->str_u.str_nval,20,s);
168 if (str->str_u.str_nval == 0.0)
172 (void)sprintf(s,"%.20g",str->str_u.str_nval);
182 if (str == &str_undef)
185 warn("Use of uninitialized variable");
190 str->str_cur = s - str->str_ptr;
194 fprintf(stderr,"0x%lx ptr(%s)\n",str,str->str_ptr);
205 if (str->str_state == SS_INCR)
206 Str_Grow(str,0); /* just force copy down */
207 str->str_state = SS_NORM;
208 if (str->str_len && str->str_pok)
209 str->str_u.str_nval = atof(str->str_ptr);
211 if (str == &str_undef)
214 warn("Use of uninitialized variable");
215 str->str_u.str_nval = 0.0;
220 fprintf(stderr,"0x%lx num(%g)\n",str,str->str_u.str_nval);
222 return str->str_u.str_nval;
225 /* Note: str_sset() should not be called with a source string that needs
226 * be reused, since it may destroy the source string if it is marked
237 tainted |= sstr->str_tainted;
239 if (sstr == dstr || dstr == &str_undef)
242 dstr->str_pok = dstr->str_nok = 0;
243 else if (sstr->str_pok) {
246 * Check to see if we can just swipe the string. If so, it's a
247 * possible small lose on short strings, but a big win on long ones.
248 * It might even be a win on short strings if dstr->str_ptr
249 * has to be allocated and sstr->str_ptr has to be freed.
252 if (sstr->str_pok & SP_TEMP) { /* slated for free anyway? */
254 if (dstr->str_state == SS_INCR)
255 dstr->str_ptr -= dstr->str_u.str_useful;
256 Safefree(dstr->str_ptr);
258 dstr->str_ptr = sstr->str_ptr;
259 dstr->str_len = sstr->str_len;
260 dstr->str_cur = sstr->str_cur;
261 dstr->str_state = sstr->str_state;
262 dstr->str_pok = sstr->str_pok & ~SP_TEMP;
264 dstr->str_tainted = sstr->str_tainted;
266 sstr->str_ptr = Nullch;
268 sstr->str_pok = 0; /* wipe out any weird flags */
269 sstr->str_state = 0; /* so sstr frees uneventfully */
271 else { /* have to copy actual string */
273 if (dstr->str_state == SS_INCR) {
277 str_nset(dstr,sstr->str_ptr,sstr->str_cur);
280 if (dstr->str_nok = sstr->str_nok)
281 dstr->str_u.str_nval = sstr->str_u.str_nval;
284 dstr->str_u = sstr->str_u;
286 dstr->str_u.str_nval = sstr->str_u.str_nval;
288 if (dstr->str_cur == sizeof(STBP)) {
289 char *tmps = dstr->str_ptr;
291 if (*tmps == 'S' && bcmp(tmps,"StB",4) == 0) {
292 if (dstr->str_magic && dstr->str_magic->str_rare == 'X') {
293 str_free(dstr->str_magic);
294 dstr->str_magic = Nullstr;
296 if (!dstr->str_magic) {
297 dstr->str_magic = str_smake(sstr->str_magic);
298 dstr->str_magic->str_rare = 'X';
304 else if (sstr->str_nok)
305 str_numset(dstr,sstr->str_u.str_nval);
307 if (dstr->str_state == SS_INCR)
308 Str_Grow(dstr,0); /* just force copy down */
311 dstr->str_u = sstr->str_u;
313 dstr->str_u.str_nval = sstr->str_u.str_nval;
315 dstr->str_pok = dstr->str_nok = 0;
320 str_nset(str,ptr,len)
325 if (str == &str_undef)
327 STR_GROW(str, len + 1);
329 Move(ptr,str->str_ptr,len,char);
331 *(str->str_ptr+str->str_cur) = '\0';
332 str->str_nok = 0; /* invalidate number */
333 str->str_pok = 1; /* validate pointer */
335 str->str_tainted = tainted;
346 if (str == &str_undef)
351 STR_GROW(str, len + 1);
352 Move(ptr,str->str_ptr,len+1,char);
354 str->str_nok = 0; /* invalidate number */
355 str->str_pok = 1; /* validate pointer */
357 str->str_tainted = tainted;
362 str_chop(str,ptr) /* like set but assuming ptr is in str */
366 register STRLEN delta;
368 if (!ptr || !(str->str_pok))
370 delta = ptr - str->str_ptr;
371 str->str_len -= delta;
372 str->str_cur -= delta;
373 str->str_ptr += delta;
374 if (str->str_state == SS_INCR)
375 str->str_u.str_useful += delta;
377 str->str_u.str_useful = delta;
378 str->str_state = SS_INCR;
380 str->str_nok = 0; /* invalidate number */
381 str->str_pok = 1; /* validate pointer (and unstudy str) */
385 str_ncat(str,ptr,len)
390 if (str == &str_undef)
394 STR_GROW(str, str->str_cur + len + 1);
395 Move(ptr,str->str_ptr+str->str_cur,len,char);
397 *(str->str_ptr+str->str_cur) = '\0';
398 str->str_nok = 0; /* invalidate number */
399 str->str_pok = 1; /* validate pointer */
401 str->str_tainted |= tainted;
413 tainted |= sstr->str_tainted;
415 if (!(sstr->str_pok))
416 (void)str_2ptr(sstr);
418 str_ncat(dstr,sstr->str_ptr,sstr->str_cur);
428 if (str == &str_undef)
435 STR_GROW(str, str->str_cur + len + 1);
436 Move(ptr,str->str_ptr+str->str_cur,len+1,char);
438 str->str_nok = 0; /* invalidate number */
439 str->str_pok = 1; /* validate pointer */
441 str->str_tainted |= tainted;
446 str_append_till(str,from,fromend,delim,keeplist)
449 register char *fromend;
456 if (str == &str_undef)
460 len = fromend - from;
461 STR_GROW(str, str->str_cur + len + 1);
462 str->str_nok = 0; /* invalidate number */
463 str->str_pok = 1; /* validate pointer */
464 to = str->str_ptr+str->str_cur;
465 for (; from < fromend; from++,to++) {
466 if (*from == '\\' && from+1 < fromend && delim != '\\') {
468 if (from[1] == delim || from[1] == '\\')
473 else if (from[1] && index(keeplist,from[1]))
478 else if (*from == delim)
483 str->str_cur = to - str->str_ptr;
500 freestrroot = str->str_magic;
501 str->str_magic = Nullstr;
502 str->str_state = SS_NORM;
505 Newz(700+x,str,1,STR);
508 STR_GROW(str, len + 1);
513 str_magic(str, stab, how, name, namlen)
520 if (str == &str_undef || str->str_magic)
522 str->str_magic = Str_new(75,namlen);
523 str = str->str_magic;
524 str->str_u.str_stab = stab;
527 str_nset(str,name,namlen);
531 str_insert(bigstr,offset,len,little,littlelen)
540 register char *midend;
541 register char *bigend;
544 if (bigstr == &str_undef)
547 bigstr->str_pok = SP_VALID; /* disable possible screamer */
550 if (i > 0) { /* string might grow */
551 STR_GROW(bigstr, bigstr->str_cur + i + 1);
552 big = bigstr->str_ptr;
553 mid = big + offset + len;
554 midend = bigend = big + bigstr->str_cur;
557 while (midend > mid) /* shove everything down */
558 *--bigend = *--midend;
559 Move(little,big+offset,littlelen,char);
560 bigstr->str_cur += i;
565 Move(little,bigstr->str_ptr+offset,len,char);
570 big = bigstr->str_ptr;
573 bigend = big + bigstr->str_cur;
576 fatal("panic: str_insert");
578 if (mid - big > bigend - midend) { /* faster to shorten from end */
580 Move(little, mid, littlelen,char);
585 Move(midend, mid, i,char);
589 bigstr->str_cur = mid - big;
592 else if (i = mid - big) { /* faster from front */
595 str_chop(bigstr,midend-i);
600 Move(little, mid, littlelen,char);
602 else if (littlelen) {
604 str_chop(bigstr,midend);
605 Move(little,midend,littlelen,char);
608 str_chop(bigstr,midend);
613 /* make str point to what nstr did */
616 str_replace(str,nstr)
620 if (str == &str_undef)
622 if (str->str_state == SS_INCR)
623 Str_Grow(str,0); /* just force copy down */
624 if (nstr->str_state == SS_INCR)
627 Safefree(str->str_ptr);
628 str->str_ptr = nstr->str_ptr;
629 str->str_len = nstr->str_len;
630 str->str_cur = nstr->str_cur;
631 str->str_pok = nstr->str_pok;
632 str->str_nok = nstr->str_nok;
634 str->str_u = nstr->str_u;
636 str->str_u.str_nval = nstr->str_u.str_nval;
639 str->str_tainted = nstr->str_tainted;
642 str_free(nstr->str_magic);
650 if (!str || str == &str_undef)
652 if (str->str_state) {
653 if (str->str_state == SS_FREE) /* already freed */
655 if (str->str_state == SS_INCR && !(str->str_pok & 2)) {
656 str->str_ptr -= str->str_u.str_useful;
657 str->str_len += str->str_u.str_useful;
661 str_free(str->str_magic);
662 str->str_magic = freestrroot;
665 Safefree(str->str_ptr);
666 str->str_ptr = Nullch;
668 if ((str->str_pok & SP_INTRP) && str->str_u.str_args)
669 arg_free(str->str_u.str_args);
673 if (str->str_len > 127) { /* next user not likely to want more */
674 Safefree(str->str_ptr); /* so give it back to malloc */
675 str->str_ptr = Nullch;
679 str->str_ptr[0] = '\0';
681 if ((str->str_pok & SP_INTRP) && str->str_u.str_args)
682 arg_free(str->str_u.str_args);
686 str->str_state = SS_FREE;
688 str->str_tainted = 0;
691 #endif /* LEAKTEST */
713 if (!str1 || str1 == &str_undef)
714 return (str2 == Nullstr || str2 == &str_undef || !str2->str_cur);
715 if (!str2 || str2 == &str_undef)
716 return !str1->str_cur;
719 (void)str_2ptr(str1);
721 (void)str_2ptr(str2);
723 if (str1->str_cur != str2->str_cur)
726 return !bcmp(str1->str_ptr, str2->str_ptr, str1->str_cur);
736 if (!str1 || str1 == &str_undef)
737 return (str2 == Nullstr || str2 == &str_undef || !str2->str_cur)?0:-1;
738 if (!str2 || str2 == &str_undef)
739 return str1->str_cur != 0;
742 (void)str_2ptr(str1);
744 (void)str_2ptr(str2);
746 if (str1->str_cur < str2->str_cur) {
748 if (retval = memcmp(str1->str_ptr, str2->str_ptr, str1->str_cur))
749 return retval < 0 ? -1 : 1;
754 else if (retval = memcmp(str1->str_ptr, str2->str_ptr, str2->str_cur))
755 return retval < 0 ? -1 : 1;
756 else if (str1->str_cur == str2->str_cur)
763 str_gets(str,fp,append)
768 register char *bp; /* we're going to steal some values */
769 register int cnt; /* from the stdio struct and put EVERYTHING */
770 register STDCHAR *ptr; /* in the innermost loop into registers */
771 register int newline = rschar;/* (assuming >= 6 registers) */
776 if (str == &str_undef)
778 if (rspara) { /* have to do this both before and after */
779 do { /* to make sure file boundaries work right */
787 #ifdef STDSTDIO /* Here is some breathtakingly efficient cheating */
788 cnt = fp->_cnt; /* get count into register */
789 str->str_nok = 0; /* invalidate number */
790 str->str_pok = 1; /* validate pointer */
791 if (str->str_len - append <= cnt + 1) { /* make sure we have the room */
792 if (cnt > 80 && str->str_len > append) {
793 shortbuffered = cnt - str->str_len + append + 1;
794 cnt -= shortbuffered;
798 STR_GROW(str, append+cnt+2);/* (remembering cnt can be -1) */
803 bp = str->str_ptr + append; /* move these two too to registers */
807 while (--cnt >= 0) { /* this */ /* eat */
808 if ((*bp++ = *ptr++) == newline) /* really */ /* dust */
809 goto thats_all_folks; /* screams */ /* sed :-) */
812 if (shortbuffered) { /* oh well, must extend */
815 bpx = bp - str->str_ptr; /* prepare for possible relocation */
817 STR_GROW(str, str->str_len + append + cnt + 2);
818 bp = str->str_ptr + bpx; /* reconstitute our pointer */
822 fp->_cnt = cnt; /* deregisterize cnt and ptr */
824 i = _filbuf(fp); /* get more characters */
826 ptr = fp->_ptr; /* reregisterize cnt and ptr */
828 bpx = bp - str->str_ptr; /* prepare for possible relocation */
830 STR_GROW(str, bpx + cnt + 2);
831 bp = str->str_ptr + bpx; /* reconstitute our pointer */
833 if (i == newline) { /* all done for now? */
835 goto thats_all_folks;
837 else if (i == EOF) /* all done for ever? */
838 goto thats_really_all_folks;
839 *bp++ = i; /* now go back to screaming loop */
843 if (rslen > 1 && (bp - str->str_ptr < rslen || bcmp(bp - rslen, rs, rslen)))
844 goto screamer; /* go back to the fray */
845 thats_really_all_folks:
847 cnt += shortbuffered;
848 fp->_cnt = cnt; /* put these back or we're in trouble */
851 str->str_cur = bp - str->str_ptr; /* set length */
853 #else /* !STDSTDIO */ /* The big, slow, and stupid way */
856 static char buf[8192];
857 char * bpe = buf + sizeof(buf) - 3;
861 while ((i = getc(fp)) != EOF && (*bp++ = i) != newline && bp < bpe) ;
868 if (i != EOF /* joy */
874 (str->str_cur < rslen
876 bcmp(str->str_ptr + str->str_cur - rslen, rs, rslen)
887 #endif /* STDSTDIO */
898 return str->str_cur - append ? str->str_ptr : Nullch;
907 CMD *oldcurcmd = curcmd;
908 int oldperldb = perldb;
912 str_sset(linestr,str);
914 oldoldbufptr = oldbufptr = bufptr = str_get(linestr);
915 bufend = bufptr + linestr->str_cur;
916 if (++loop_ptr >= loop_max) {
918 Renew(loop_stack, loop_max, struct loop);
920 loop_stack[loop_ptr].loop_label = "_EVAL_";
921 loop_stack[loop_ptr].loop_sp = 0;
924 deb("(Pushing label #%d _EVAL_)\n", loop_ptr);
927 if (setjmp(loop_stack[loop_ptr].loop_env)) {
931 fatal("%s\n",stab_val(stabent("@",TRUE))->str_ptr);
935 char *tmps = loop_stack[loop_ptr].loop_label;
936 deb("(Popping label #%d %s)\n",loop_ptr,
943 curcmd->c_line = oldcurcmd->c_line;
948 if (retval || error_count)
949 fatal("Invalid component in string or format");
952 if (cmd->c_type != C_EXPR || cmd->c_next || arg->arg_type != O_LIST)
953 fatal("panic: error in parselist %d %x %d", cmd->c_type,
954 cmd->c_next, arg ? arg->arg_type : -1);
955 cmd->c_expr = Nullarg;
965 register char *s = str_get(src);
966 register char *send = s + src->str_cur;
971 register int brackets;
977 toparse = Str_new(76,0);
981 str_nset(toparse,"",0);
984 if (*s == '\\' && s[1] && index("$@[{\\]}lLuUE",s[1])) {
985 str_ncat(str, t, s - t);
988 str_ncat(str, "$c", 2);
989 sawcase = (*s != 'E');
992 if (*nointrp) { /* in a regular expression */
993 if (*s == '@') /* always strip \@ */ /*SUPPRESS 530*/
995 else /* don't strip \\, \[, \{ etc. */
998 str_ncat(str, "$b", 2);
1000 str_ncat(str, s, 1);
1004 else if (*s == '$' && s+1 < send && *nointrp && index(nointrp,s[1])) {
1005 str_ncat(str, t, s - t);
1006 str_ncat(str, "$b", 2);
1007 str_ncat(str, s, 2);
1011 else if ((*s == '@' || *s == '$') && s+1 < send) {
1012 str_ncat(str,t,s-t);
1014 if (*s == '$' && s[1] == '#' && (isALPHA(s[2]) || s[2] == '_'))
1016 s = scanident(s,send,tokenbuf);
1018 (!(stab = stabent(tokenbuf,FALSE)) ||
1019 (*s == '{' ? !stab_xhash(stab) : !stab_xarray(stab)) )) {
1020 str_ncat(str,"@",1);
1022 continue; /* grandfather @ from old scripts */
1024 str_ncat(str,"$a",2);
1025 str_ncat(toparse,",",1);
1026 if (t[1] != '{' && (*s == '[' || *s == '{' /* }} */ ) &&
1027 (stab = stabent(tokenbuf,FALSE)) &&
1028 ((*s == '[') ? (stab_xarray(stab) != 0) : (stab_xhash(stab) != 0)) ) {
1050 s = scanident(s,send,tokenbuf);
1055 s = cpytill(tokenbuf,s+1,send,*s,&len);
1057 fatal("Unterminated string");
1061 } while (brackets > 0 && s < send);
1063 fatal("Unmatched brackets in string");
1064 if (*nointrp) { /* we're in a regular expression */
1066 if (*d == '{' && s[-1] == '}') { /* maybe {n,m} */
1068 if (isDIGIT(*d)) { /* matches /^{\d,?\d*}$/ */
1074 s = checkpoint; /* Is {n,m}! Backoff! */
1077 else if (*d == '[' && s[-1] == ']') { /* char class? */
1078 int weight = 2; /* let's weigh the evidence */
1080 unsigned char un_char = 0, last_un_char;
1082 Zero(seen,256,char);
1086 else if (d[1] == '$')
1088 if (isDIGIT(d[1])) {
1090 if (isDIGIT(d[2]) && !d[3])
1096 for (d++; d < s; d++) {
1097 last_un_char = un_char;
1098 un_char = (unsigned char)*d;
1102 weight -= seen[un_char] * 10;
1103 if (isALNUM(d[1])) {
1104 d = scanident(d,s,tokenbuf);
1105 if (stabent(tokenbuf,FALSE))
1110 else if (*d == '$' && d[1] &&
1111 index("[#!%*<>()-=",d[1])) {
1112 if (!d[2] || /*{*/ index("])} =",d[2]))
1121 if (index("wds",d[1]))
1123 else if (seen['\''] || seen['"'])
1125 else if (index("rnftb",d[1]))
1127 else if (isDIGIT(d[1])) {
1129 while (d[1] && isDIGIT(d[1]))
1137 if (last_un_char < (unsigned char) d[1]
1139 if (index("aA01! ",last_un_char))
1141 if (index("zZ79~",d[1]))
1147 if (isALPHA(*d) && d[1] && isALPHA(d[1])) {
1149 if (yylex() != WORD)
1153 if (un_char == last_un_char + 1)
1155 weight -= seen[un_char];
1162 fprintf(stderr,"[%s] weight %d\n",
1163 checkpoint+1,weight);
1166 if (weight >= 0) /* probably a character class */
1172 str_ncat(toparse, "join($\",", 8);
1173 if (t[1] == '{' && s[-1] == '}') {
1174 str_ncat(toparse, t, 1);
1175 str_ncat(toparse, t+2, s - t - 3);
1178 str_ncat(toparse, t, s - t);
1180 str_ncat(toparse, ")", 1);
1186 str_ncat(str,t,s-t);
1188 str_ncat(str, "$cE", 3);
1189 if (toparse->str_ptr && *toparse->str_ptr == ',') {
1190 *toparse->str_ptr = '(';
1191 str_ncat(toparse,",$$);",5);
1192 str->str_u.str_args = parselist(toparse);
1193 str->str_u.str_args->arg_len--; /* ignore $$ reference */
1196 str->str_u.str_args = Nullarg;
1198 str->str_pok |= SP_INTRP;
1200 str_replace(src,str);
1211 register char *send;
1212 register STR **elem;
1219 if (str == &str_undef)
1221 if (!(src->str_pok & SP_INTRP)) {
1222 int oldsave = savestack->ary_fill;
1224 (void)savehptr(&curstash);
1225 curstash = curcmd->c_stash; /* so stabent knows right package */
1227 restorelist(oldsave);
1229 s = src->str_ptr; /* assumed valid since str_pok set */
1231 send = s + src->str_cur;
1233 if (src->str_u.str_args) {
1234 (void)eval(src->str_u.str_args,G_ARRAY,sp);
1235 /* Assuming we have correct # of args */
1236 elem = stack->ary_array + sp;
1241 if (*s == '$' && s+1 < send) {
1243 str_ncat(str,t,s-t);
1246 fatal("panic: unknown interp cookie\n");
1249 str_scat(str,*++elem);
1252 str_ncat(str,++s,1);
1255 if (docase && str->str_cur >= docase) {
1256 char *b = str->str_ptr + --docase;
1259 lcase(b, str->str_ptr + str->str_cur);
1261 ucase(b, str->str_ptr + str->str_cur);
1263 if (u) /* note that l & u are independent of L & U */
1269 docase = str->str_cur + 1;
1288 docase = L = U = l = u = 0;
1299 str_ncat(str,t,s-t);
1306 register char *send;
1318 register char *send;
1333 if (!str || str == &str_undef)
1336 str->str_u.str_nval += 1.0;
1340 if (!str->str_pok || !*str->str_ptr) {
1341 str->str_u.str_nval = 1.0;
1347 while (isALPHA(*d)) d++;
1348 while (isDIGIT(*d)) d++;
1350 str_numset(str,atof(str->str_ptr) + 1.0); /* punt */
1354 while (d >= str->str_ptr) {
1364 *(d--) -= 'z' - 'a' + 1;
1367 /* oh,oh, the number grew */
1368 STR_GROW(str, str->str_cur + 2);
1370 for (d = str->str_ptr + str->str_cur; d > str->str_ptr; d--)
1382 if (!str || str == &str_undef)
1385 str->str_u.str_nval -= 1.0;
1389 if (!str->str_pok) {
1390 str->str_u.str_nval = -1.0;
1394 str_numset(str,atof(str->str_ptr) - 1.0);
1397 /* Make a string that will exist for the duration of the expression
1398 * evaluation. Actually, it may have to last longer than that, but
1399 * hopefully cmd_exec won't free it until it has been assigned to a
1400 * permanent location. */
1402 static long tmps_size = -1;
1408 register STR *str = Str_new(78,0);
1410 str_sset(str,oldstr);
1411 if (++tmps_max > tmps_size) {
1412 tmps_size = tmps_max;
1413 if (!(tmps_size & 127)) {
1415 Renew(tmps_list, tmps_size + 128, STR*);
1417 New(702,tmps_list, 128, STR*);
1420 tmps_list[tmps_max] = str;
1422 str->str_pok |= SP_TEMP;
1426 /* same thing without the copying */
1432 if (!str || str == &str_undef)
1434 if (++tmps_max > tmps_size) {
1435 tmps_size = tmps_max;
1436 if (!(tmps_size & 127)) {
1438 Renew(tmps_list, tmps_size + 128, STR*);
1440 New(704,tmps_list, 128, STR*);
1443 tmps_list[tmps_max] = str;
1445 str->str_pok |= SP_TEMP;
1454 register STR *str = Str_new(79,0);
1458 str_nset(str,s,len);
1466 register STR *str = Str_new(80,0);
1472 /* make an exact duplicate of old */
1478 register STR *new = Str_new(81,0);
1482 if (old->str_state == SS_FREE) {
1483 warn("semi-panic: attempt to dup freed string");
1486 if (old->str_state == SS_INCR && !(old->str_pok & 2))
1489 Safefree(new->str_ptr);
1490 StructCopy(old,new,STR);
1492 new->str_ptr = nsavestr(old->str_ptr,old->str_len);
1493 new->str_pok &= ~SP_TEMP;
1503 register HENT *entry;
1504 register STAB *stab;
1507 register SPAT *spat;
1510 if (!*s) { /* reset ?? searches */
1511 for (spat = stash->tbl_spatroot;
1513 spat = spat->spat_next) {
1514 spat->spat_flags &= ~SPAT_USED;
1519 /* reset variables */
1521 if (!stash->tbl_array)
1529 for ( ; i <= max; i++) {
1530 for (entry = stash->tbl_array[i];
1532 entry = entry->hent_next) {
1533 stab = (STAB*)entry->hent_val;
1534 str = stab_val(stab);
1538 str->str_tainted = tainted;
1540 if (str->str_ptr != Nullch)
1541 str->str_ptr[0] = '\0';
1542 if (stab_xarray(stab)) {
1543 aclear(stab_xarray(stab));
1545 if (stab_xhash(stab)) {
1546 hclear(stab_xhash(stab), FALSE);
1547 if (stab == envstab)
1548 environ[0] = Nullch;
1562 fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid);
1564 if (tainted && (!euid || euid != uid || egid != gid || taintanyway)) {
1575 register STR *envstr;
1577 envstr = hfetch(stab_hash(envstab),"PATH",4,FALSE);
1578 if (envstr == &str_undef || envstr->str_tainted) {
1580 if (envstr->str_tainted == 2)
1581 taintproper("Insecure directory in PATH");
1583 taintproper("Insecure PATH");
1585 envstr = hfetch(stab_hash(envstab),"IFS",3,FALSE);
1586 if (envstr != &str_undef && envstr->str_tainted) {
1588 taintproper("Insecure IFS");