1 /* $Header: str.c,v 3.0.1.12 91/01/11 18:26:54 lwall Locked $
3 * Copyright (c) 1989, Larry Wall
5 * You may distribute under the terms of the GNU General Public License
6 * as specified in the README file that comes with the perl 3.0 kit.
9 * Revision 3.0.1.12 91/01/11 18:26:54 lwall
10 * patch42: s/^foo/bar/ occasionally brought on core dumps
11 * patch42: undid unwarranted assumptions about memcmp() return value
12 * patch42: ('a' .. 'z') could lose its value in a loop
14 * Revision 3.0.1.11 90/11/13 15:27:14 lwall
15 * patch41: fixed a couple of malloc/free problems
17 * Revision 3.0.1.10 90/11/10 02:06:29 lwall
18 * patch38: temp string values are now copied less often
19 * patch38: array slurps are now faster and take less memory
20 * patch38: fixed a memory leakage on local(*foo)
22 * Revision 3.0.1.9 90/10/16 10:41:21 lwall
23 * patch29: the undefined value could get defined by devious means
24 * patch29: undefined values compared inconsistently
25 * patch29: taintperl now checks for world writable PATH components
27 * Revision 3.0.1.8 90/08/09 05:22:18 lwall
28 * patch19: the number to string converter wasn't allocating enough space
29 * patch19: tainting didn't work on setgid scripts
31 * Revision 3.0.1.7 90/03/27 16:24:11 lwall
32 * patch16: strings with prefix chopped off sometimes freed wrong
33 * patch16: taint check blows up on undefined array element
35 * Revision 3.0.1.6 90/03/12 17:02:14 lwall
36 * patch13: substr as lvalue didn't invalidate old numeric value
38 * Revision 3.0.1.5 90/02/28 18:30:38 lwall
39 * patch9: you may now undef $/ to have no input record separator
40 * patch9: nested evals clobbered their longjmp environment
41 * patch9: sometimes perl thought ordinary data was a symbol table entry
42 * patch9: insufficient space allocated for numeric string on sun4
43 * patch9: underscore in an array name in a double-quoted string not recognized
44 * patch9: "@foo{}" not recognized unless %foo defined
45 * patch9: "$foo[$[]" gives error
47 * Revision 3.0.1.4 89/12/21 20:21:35 lwall
48 * patch7: errno may now be a macro with an lvalue
49 * patch7: made nested or recursive foreach work right
51 * Revision 3.0.1.3 89/11/17 15:38:23 lwall
52 * patch5: some machines typedef unchar too
53 * patch5: substitution on leading components occasionally caused <> corruption
55 * Revision 3.0.1.2 89/11/11 04:56:22 lwall
56 * patch2: uchar gives Crays fits
58 * Revision 3.0.1.1 89/10/26 23:23:41 lwall
59 * patch1: string ordering tests were wrong
60 * patch1: $/ now works even when STDSTDIO undefined
62 * Revision 3.0 89/10/18 15:23:38 lwall
71 extern char **environ;
79 tainted |= str->str_tainted;
81 return str->str_pok ? str->str_ptr : str_2ptr(str);
85 /* dlb ... guess we have a "crippled cc".
86 * dlb the following functions are usually macros.
93 if (*Str->str_ptr > '0' ||
95 (Str->str_cur && *Str->str_ptr != '0'))
100 return (Str->str_u.str_nval != 0.0);
103 #endif /* str_true */
110 tainted |= Str->str_tainted;
113 return Str->str_u.str_nval;
114 return str_2num(Str);
116 #endif /* str_gnum */
117 /* dlb ... end of crutch */
125 unsigned long newlen;
128 register char *s = str->str_ptr;
131 if (newlen >= 0x10000) {
132 fprintf(stderr, "Allocation too large: %lx\n", newlen);
136 if (str->str_state == SS_INCR) { /* data before str_ptr? */
137 str->str_len += str->str_u.str_useful;
138 str->str_ptr -= str->str_u.str_useful;
139 str->str_u.str_useful = 0L;
140 bcopy(s, str->str_ptr, str->str_cur+1);
142 str->str_state = SS_NORM; /* normal again */
143 if (newlen > str->str_len)
144 newlen += 10 * (newlen - str->str_cur); /* avoid copy each time */
146 if (newlen > str->str_len) { /* need more room? */
148 Renew(s,newlen,char);
150 New(703,s,newlen,char);
152 str->str_len = newlen;
162 str->str_pok = 0; /* invalidate pointer */
163 if (str->str_state == SS_INCR)
166 str->str_u.str_nval = num;
167 str->str_state = SS_NORM;
168 str->str_nok = 1; /* validate number */
170 str->str_tainted = tainted;
186 olderrno = errno; /* some Xenix systems wipe out errno here */
187 #if defined(scs) && defined(ns32000)
188 gcvt(str->str_u.str_nval,20,s);
191 if (str->str_u.str_nval == 0.0)
195 (void)sprintf(s,"%.20g",str->str_u.str_nval);
205 if (str == &str_undef)
208 warn("Use of uninitialized variable");
213 str->str_cur = s - str->str_ptr;
217 fprintf(stderr,"0x%lx ptr(%s)\n",str,str->str_ptr);
228 if (str->str_state == SS_INCR)
229 Str_Grow(str,0); /* just force copy down */
230 str->str_state = SS_NORM;
231 if (str->str_len && str->str_pok)
232 str->str_u.str_nval = atof(str->str_ptr);
234 if (str == &str_undef)
237 warn("Use of uninitialized variable");
238 str->str_u.str_nval = 0.0;
243 fprintf(stderr,"0x%lx num(%g)\n",str,str->str_u.str_nval);
245 return str->str_u.str_nval;
248 /* Note: str_sset() should not be called with a source string that needs
249 * be reused, since it may destroy the source string if it is marked
259 tainted |= sstr->str_tainted;
261 if (sstr == dstr || dstr == &str_undef)
264 dstr->str_pok = dstr->str_nok = 0;
265 else if (sstr->str_pok) {
268 * Check to see if we can just swipe the string. If so, it's a
269 * possible small lose on short strings, but a big win on long ones.
270 * It might even be a win on short strings if dstr->str_ptr
271 * has to be allocated and sstr->str_ptr has to be freed.
274 if (sstr->str_pok & SP_TEMP) { /* slated for free anyway? */
276 if (dstr->str_state == SS_INCR)
277 dstr->str_ptr -= dstr->str_u.str_useful;
278 Safefree(dstr->str_ptr);
280 dstr->str_ptr = sstr->str_ptr;
281 dstr->str_len = sstr->str_len;
282 dstr->str_cur = sstr->str_cur;
283 dstr->str_state = sstr->str_state;
284 dstr->str_pok = sstr->str_pok & ~SP_TEMP;
286 dstr->str_tainted = sstr->str_tainted;
288 sstr->str_ptr = Nullch;
290 sstr->str_pok = 0; /* wipe out any weird flags */
291 sstr->str_state = 0; /* so sstr frees uneventfully */
293 else { /* have to copy actual string */
295 if (dstr->str_state == SS_INCR) {
299 str_nset(dstr,sstr->str_ptr,sstr->str_cur);
301 if (dstr->str_nok = sstr->str_nok)
302 dstr->str_u.str_nval = sstr->str_u.str_nval;
305 dstr->str_u = sstr->str_u;
307 dstr->str_u.str_nval = sstr->str_u.str_nval;
309 if (dstr->str_cur == sizeof(STBP)) {
310 char *tmps = dstr->str_ptr;
312 if (*tmps == 'S' && bcmp(tmps,"StB",4) == 0) {
313 if (!dstr->str_magic) {
314 dstr->str_magic = str_smake(sstr->str_magic);
315 dstr->str_magic->str_rare = 'X';
321 else if (sstr->str_nok)
322 str_numset(dstr,sstr->str_u.str_nval);
324 if (dstr->str_state == SS_INCR)
325 Str_Grow(dstr,0); /* just force copy down */
328 dstr->str_u = sstr->str_u;
330 dstr->str_u.str_nval = sstr->str_u.str_nval;
332 dstr->str_pok = dstr->str_nok = 0;
336 str_nset(str,ptr,len)
341 if (str == &str_undef)
343 STR_GROW(str, len + 1);
345 (void)bcopy(ptr,str->str_ptr,len);
347 *(str->str_ptr+str->str_cur) = '\0';
348 str->str_nok = 0; /* invalidate number */
349 str->str_pok = 1; /* validate pointer */
351 str->str_tainted = tainted;
361 if (str == &str_undef)
366 STR_GROW(str, len + 1);
367 (void)bcopy(ptr,str->str_ptr,len+1);
369 str->str_nok = 0; /* invalidate number */
370 str->str_pok = 1; /* validate pointer */
372 str->str_tainted = tainted;
376 str_chop(str,ptr) /* like set but assuming ptr is in str */
380 register STRLEN delta;
383 fatal("str_chop: internal inconsistency");
384 delta = ptr - str->str_ptr;
385 str->str_len -= delta;
386 str->str_cur -= delta;
387 str->str_ptr += delta;
388 if (str->str_state == SS_INCR)
389 str->str_u.str_useful += delta;
391 str->str_u.str_useful = delta;
392 str->str_state = SS_INCR;
394 str->str_nok = 0; /* invalidate number */
395 str->str_pok = 1; /* validate pointer (and unstudy str) */
398 str_ncat(str,ptr,len)
403 if (str == &str_undef)
407 STR_GROW(str, str->str_cur + len + 1);
408 (void)bcopy(ptr,str->str_ptr+str->str_cur,len);
410 *(str->str_ptr+str->str_cur) = '\0';
411 str->str_nok = 0; /* invalidate number */
412 str->str_pok = 1; /* validate pointer */
414 str->str_tainted |= tainted;
423 tainted |= sstr->str_tainted;
427 if (!(sstr->str_pok))
428 (void)str_2ptr(sstr);
430 str_ncat(dstr,sstr->str_ptr,sstr->str_cur);
439 if (str == &str_undef)
446 STR_GROW(str, str->str_cur + len + 1);
447 (void)bcopy(ptr,str->str_ptr+str->str_cur,len+1);
449 str->str_nok = 0; /* invalidate number */
450 str->str_pok = 1; /* validate pointer */
452 str->str_tainted |= tainted;
457 str_append_till(str,from,fromend,delim,keeplist)
460 register char *fromend;
467 if (str == &str_undef)
471 len = fromend - from;
472 STR_GROW(str, str->str_cur + len + 1);
473 str->str_nok = 0; /* invalidate number */
474 str->str_pok = 1; /* validate pointer */
475 to = str->str_ptr+str->str_cur;
476 for (; from < fromend; from++,to++) {
477 if (*from == '\\' && from+1 < fromend && delim != '\\') {
479 if (from[1] == delim || from[1] == '\\')
484 else if (from[1] && index(keeplist,from[1]))
489 else if (*from == delim)
494 str->str_cur = to - str->str_ptr;
511 freestrroot = str->str_magic;
512 str->str_magic = Nullstr;
513 str->str_state = SS_NORM;
516 Newz(700+x,str,1,STR);
519 STR_GROW(str, len + 1);
524 str_magic(str, stab, how, name, namlen)
531 if (str == &str_undef || str->str_magic)
533 str->str_magic = Str_new(75,namlen);
534 str = str->str_magic;
535 str->str_u.str_stab = stab;
538 str_nset(str,name,namlen);
542 str_insert(bigstr,offset,len,little,littlelen)
551 register char *midend;
552 register char *bigend;
555 if (bigstr == &str_undef)
558 bigstr->str_pok = SP_VALID; /* disable possible screamer */
561 if (i > 0) { /* string might grow */
562 STR_GROW(bigstr, bigstr->str_cur + i + 1);
563 big = bigstr->str_ptr;
564 mid = big + offset + len;
565 midend = bigend = big + bigstr->str_cur;
568 while (midend > mid) /* shove everything down */
569 *--bigend = *--midend;
570 (void)bcopy(little,big+offset,littlelen);
571 bigstr->str_cur += i;
575 (void)bcopy(little,bigstr->str_ptr+offset,len);
579 big = bigstr->str_ptr;
582 bigend = big + bigstr->str_cur;
585 fatal("panic: str_insert");
587 if (mid - big > bigend - midend) { /* faster to shorten from end */
589 (void)bcopy(little, mid, littlelen);
594 (void)bcopy(midend, mid, i);
598 bigstr->str_cur = mid - big;
600 else if (i = mid - big) { /* faster from front */
603 str_chop(bigstr,midend-i);
608 (void)bcopy(little, mid, littlelen);
610 else if (littlelen) {
612 str_chop(bigstr,midend);
613 (void)bcopy(little,midend,littlelen);
616 str_chop(bigstr,midend);
621 /* make str point to what nstr did */
624 str_replace(str,nstr)
628 if (str == &str_undef)
630 if (str->str_state == SS_INCR)
631 Str_Grow(str,0); /* just force copy down */
632 if (nstr->str_state == SS_INCR)
635 Safefree(str->str_ptr);
636 str->str_ptr = nstr->str_ptr;
637 str->str_len = nstr->str_len;
638 str->str_cur = nstr->str_cur;
639 str->str_pok = nstr->str_pok;
640 str->str_nok = nstr->str_nok;
642 str->str_u = nstr->str_u;
644 str->str_u.str_nval = nstr->str_u.str_nval;
647 str->str_tainted = nstr->str_tainted;
650 str_free(nstr->str_magic);
658 if (!str || str == &str_undef)
660 if (str->str_state) {
661 if (str->str_state == SS_FREE) /* already freed */
663 if (str->str_state == SS_INCR && !(str->str_pok & 2)) {
664 str->str_ptr -= str->str_u.str_useful;
665 str->str_len += str->str_u.str_useful;
669 str_free(str->str_magic);
672 Safefree(str->str_ptr);
673 if ((str->str_pok & SP_INTRP) && str->str_u.str_args)
674 arg_free(str->str_u.str_args);
678 if (str->str_len > 127) { /* next user not likely to want more */
679 Safefree(str->str_ptr); /* so give it back to malloc */
680 str->str_ptr = Nullch;
684 str->str_ptr[0] = '\0';
686 if ((str->str_pok & SP_INTRP) && str->str_u.str_args)
687 arg_free(str->str_u.str_args);
691 str->str_state = SS_FREE;
693 str->str_tainted = 0;
695 str->str_magic = freestrroot;
697 #endif /* LEAKTEST */
718 if (!str1 || str1 == &str_undef)
719 return (str2 == Nullstr || str2 == &str_undef || !str2->str_cur);
720 if (!str2 || str2 == &str_undef)
721 return !str1->str_cur;
724 (void)str_2ptr(str1);
726 (void)str_2ptr(str2);
728 if (str1->str_cur != str2->str_cur)
731 return !bcmp(str1->str_ptr, str2->str_ptr, str1->str_cur);
740 if (!str1 || str1 == &str_undef)
741 return (str2 == Nullstr || str2 == &str_undef || !str2->str_cur)?0:-1;
742 if (!str2 || str2 == &str_undef)
743 return str1->str_cur != 0;
746 (void)str_2ptr(str1);
748 (void)str_2ptr(str2);
750 if (str1->str_cur < str2->str_cur) {
751 if (retval = memcmp(str1->str_ptr, str2->str_ptr, str1->str_cur))
752 return retval < 0 ? -1 : 1;
756 else if (retval = memcmp(str1->str_ptr, str2->str_ptr, str2->str_cur))
757 return retval < 0 ? -1 : 1;
758 else if (str1->str_cur == str2->str_cur)
765 str_gets(str,fp,append)
770 register char *bp; /* we're going to steal some values */
771 register int cnt; /* from the stdio struct and put EVERYTHING */
772 register STDCHAR *ptr; /* in the innermost loop into registers */
773 register int newline = record_separator;/* (assuming >= 6 registers) */
777 register int get_paragraph;
778 register char *oldbp;
781 if (str == &str_undef)
783 if (get_paragraph = !rslen) { /* yes, that's an assignment */
785 oldbp = Nullch; /* remember last \n position (none) */
787 #ifdef STDSTDIO /* Here is some breathtakingly efficient cheating */
788 cnt = fp->_cnt; /* get count into register */
789 str->str_nok = 0; /* invalidate number */
790 str->str_pok = 1; /* validate pointer */
791 if (str->str_len <= cnt + 1) { /* make sure we have the room */
792 if (cnt > 80 && str->str_len > 0) {
793 shortbuffered = cnt - str->str_len + 1;
794 cnt = str->str_len - 1;
798 STR_GROW(str, append+cnt+2);/* (remembering cnt can be -1) */
803 bp = str->str_ptr + append; /* move these two too to registers */
807 while (--cnt >= 0) { /* this */ /* eat */
808 if ((*bp++ = *ptr++) == newline) /* really */ /* dust */
809 goto thats_all_folks; /* screams */ /* sed :-) */
812 if (shortbuffered) { /* oh well, must extend */
815 if (get_paragraph && oldbp)
816 obpx = oldbp - str->str_ptr;
817 bpx = bp - str->str_ptr; /* prepare for possible relocation */
819 STR_GROW(str, str->str_len + append + cnt + 2);
820 bp = str->str_ptr + bpx; /* reconstitute our pointer */
821 if (get_paragraph && oldbp)
822 oldbp = str->str_ptr + obpx;
826 fp->_cnt = cnt; /* deregisterize cnt and ptr */
828 i = _filbuf(fp); /* get more characters */
830 ptr = fp->_ptr; /* reregisterize cnt and ptr */
832 bpx = bp - str->str_ptr; /* prepare for possible relocation */
833 if (get_paragraph && oldbp)
834 obpx = oldbp - str->str_ptr;
836 STR_GROW(str, bpx + cnt + 2);
837 bp = str->str_ptr + bpx; /* reconstitute our pointer */
838 if (get_paragraph && oldbp)
839 oldbp = str->str_ptr + obpx;
841 if (i == newline) { /* all done for now? */
843 goto thats_all_folks;
845 else if (i == EOF) /* all done for ever? */
846 goto thats_really_all_folks;
847 *bp++ = i; /* now go back to screaming loop */
851 if (get_paragraph && bp - 1 != oldbp) {
852 oldbp = bp; /* remember where this newline was */
853 goto screamer; /* and go back to the fray */
855 thats_really_all_folks:
857 cnt += shortbuffered;
858 fp->_cnt = cnt; /* put these back or we're in trouble */
861 str->str_cur = bp - str->str_ptr; /* set length */
863 #else /* !STDSTDIO */ /* The big, slow, and stupid way */
866 static char buf[8192];
867 char * bpe = buf + sizeof(buf) - 3;
872 while ((i = getc(fp)) != EOF && (*bp++ = i) != newline && bp < bpe);
873 if (i == newline && get_paragraph &&
874 (i = getc(fp)) != EOF && (*bp++ = i) != newline && bp < bpe)
882 if (i != newline && i != EOF) {
888 #endif /* STDSTDIO */
890 return str->str_cur - append ? str->str_ptr : Nullch;
899 CMD *oldcurcmd = curcmd;
900 int oldperldb = perldb;
904 str_sset(linestr,str);
906 oldoldbufptr = oldbufptr = bufptr = str_get(linestr);
907 bufend = bufptr + linestr->str_cur;
908 if (++loop_ptr >= loop_max) {
910 Renew(loop_stack, loop_max, struct loop);
912 loop_stack[loop_ptr].loop_label = "_EVAL_";
913 loop_stack[loop_ptr].loop_sp = 0;
916 deb("(Pushing label #%d _EVAL_)\n", loop_ptr);
919 if (setjmp(loop_stack[loop_ptr].loop_env)) {
923 fatal("%s\n",stab_val(stabent("@",TRUE))->str_ptr);
927 char *tmps = loop_stack[loop_ptr].loop_label;
928 deb("(Popping label #%d %s)\n",loop_ptr,
935 curcmd->c_line = oldcurcmd->c_line;
940 if (retval || error_count)
941 fatal("Invalid component in string or format");
944 if (cmd->c_type != C_EXPR || cmd->c_next || arg->arg_type != O_LIST)
945 fatal("panic: error in parselist %d %x %d", cmd->c_type,
946 cmd->c_next, arg ? arg->arg_type : -1);
955 register char *s = str_get(src);
956 register char *send = s + src->str_cur;
961 register int brackets;
966 toparse = Str_new(76,0);
970 str_nset(toparse,"",0);
973 if (*s == '\\' && s[1] && index("$@[{\\]}",s[1])) {
974 str_ncat(str, t, s - t);
976 if (*nointrp && s+1 < send)
977 if (*s != '@' && (*s != '$' || index(nointrp,s[1])))
979 str_ncat(str, "$b", 2);
984 else if ((*s == '@' || (*s == '$' && !index(nointrp,s[1]))) &&
988 if (*s == '$' && s[1] == '#' && (isalpha(s[2]) || s[2] == '_'))
990 s = scanreg(s,send,tokenbuf);
992 (!(stab = stabent(tokenbuf,FALSE)) ||
993 (*s == '{' ? !stab_xhash(stab) : !stab_xarray(stab)) )) {
996 continue; /* grandfather @ from old scripts */
998 str_ncat(str,"$a",2);
999 str_ncat(toparse,",",1);
1000 if (t[1] != '{' && (*s == '[' || *s == '{' /* }} */ ) &&
1001 (stab = stabent(tokenbuf,FALSE)) &&
1002 ((*s == '[') ? (stab_xarray(stab) != 0) : (stab_xhash(stab) != 0)) ) {
1024 s = cpytill(tokenbuf,s+1,send,*s,&len);
1026 fatal("Unterminated string");
1031 } while (brackets > 0 && s < send);
1033 fatal("Unmatched brackets in string");
1034 if (*nointrp) { /* we're in a regular expression */
1036 if (*d == '{' && s[-1] == '}') { /* maybe {n,m} */
1038 if (isdigit(*d)) { /* matches /^{\d,?\d*}$/ */
1044 s = checkpoint; /* Is {n,m}! Backoff! */
1047 else if (*d == '[' && s[-1] == ']') { /* char class? */
1048 int weight = 2; /* let's weigh the evidence */
1050 unsigned char un_char = 0, last_un_char;
1052 Zero(seen,256,char);
1056 else if (d[1] == '$')
1058 if (isdigit(d[1])) {
1060 if (isdigit(d[2]) && !d[3])
1066 for (d++; d < s; d++) {
1067 last_un_char = un_char;
1068 un_char = (unsigned char)*d;
1072 weight -= seen[un_char] * 10;
1073 if (isalpha(d[1]) || isdigit(d[1]) ||
1075 d = scanreg(d,s,tokenbuf);
1076 if (stabent(tokenbuf,FALSE))
1081 else if (*d == '$' && d[1] &&
1082 index("[#!%*<>()-=",d[1])) {
1083 if (!d[2] || /*{*/ index("])} =",d[2]))
1092 if (index("wds",d[1]))
1094 else if (seen['\''] || seen['"'])
1096 else if (index("rnftb",d[1]))
1098 else if (isdigit(d[1])) {
1100 while (d[1] && isdigit(d[1]))
1108 if (last_un_char < (unsigned char) d[1]
1110 if (index("aA01! ",last_un_char))
1112 if (index("zZ79~",d[1]))
1118 if (isalpha(*d) && d[1] && isalpha(d[1])) {
1120 if (yylex() != WORD)
1124 if (un_char == last_un_char + 1)
1126 weight -= seen[un_char];
1133 fprintf(stderr,"[%s] weight %d\n",
1134 checkpoint+1,weight);
1137 if (weight >= 0) /* probably a character class */
1143 str_ncat(toparse, "join($\",", 8);
1144 if (t[1] == '{' && s[-1] == '}') {
1145 str_ncat(toparse, t, 1);
1146 str_ncat(toparse, t+2, s - t - 3);
1149 str_ncat(toparse, t, s - t);
1151 str_ncat(toparse, ")", 1);
1157 str_ncat(str,t,s-t);
1158 if (toparse->str_ptr && *toparse->str_ptr == ',') {
1159 *toparse->str_ptr = '(';
1160 str_ncat(toparse,",$$);",5);
1161 str->str_u.str_args = parselist(toparse);
1162 str->str_u.str_args->arg_len--; /* ignore $$ reference */
1165 str->str_u.str_args = Nullarg;
1167 str->str_pok |= SP_INTRP;
1169 str_replace(src,str);
1180 register char *send;
1181 register STR **elem;
1183 if (str == &str_undef)
1185 if (!(src->str_pok & SP_INTRP)) {
1186 int oldsave = savestack->ary_fill;
1188 (void)savehptr(&curstash);
1189 curstash = curcmd->c_stash; /* so stabent knows right package */
1191 restorelist(oldsave);
1193 s = src->str_ptr; /* assumed valid since str_pok set */
1195 send = s + src->str_cur;
1197 if (src->str_u.str_args) {
1198 (void)eval(src->str_u.str_args,G_ARRAY,sp);
1199 /* Assuming we have correct # of args */
1200 elem = stack->ary_array + sp;
1205 if (*s == '$' && s+1 < send) {
1206 str_ncat(str,t,s-t);
1209 str_scat(str,*++elem);
1212 str_ncat(str,++s,1);
1220 str_ncat(str,t,s-t);
1230 if (!str || str == &str_undef)
1233 str->str_u.str_nval += 1.0;
1237 if (!str->str_pok || !*str->str_ptr) {
1238 str->str_u.str_nval = 1.0;
1244 while (isalpha(*d)) d++;
1245 while (isdigit(*d)) d++;
1247 str_numset(str,atof(str->str_ptr) + 1.0); /* punt */
1251 while (d >= str->str_ptr) {
1261 *(d--) -= 'z' - 'a' + 1;
1264 /* oh,oh, the number grew */
1265 STR_GROW(str, str->str_cur + 2);
1267 for (d = str->str_ptr + str->str_cur; d > str->str_ptr; d--)
1279 if (!str || str == &str_undef)
1282 str->str_u.str_nval -= 1.0;
1286 if (!str->str_pok) {
1287 str->str_u.str_nval = -1.0;
1291 str_numset(str,atof(str->str_ptr) - 1.0);
1294 /* Make a string that will exist for the duration of the expression
1295 * evaluation. Actually, it may have to last longer than that, but
1296 * hopefully cmd_exec won't free it until it has been assigned to a
1297 * permanent location. */
1299 static long tmps_size = -1;
1305 register STR *str = Str_new(78,0);
1307 str_sset(str,oldstr);
1308 if (++tmps_max > tmps_size) {
1309 tmps_size = tmps_max;
1310 if (!(tmps_size & 127)) {
1312 Renew(tmps_list, tmps_size + 128, STR*);
1314 New(702,tmps_list, 128, STR*);
1317 tmps_list[tmps_max] = str;
1319 str->str_pok |= SP_TEMP;
1323 /* same thing without the copying */
1329 if (str == &str_undef)
1331 if (++tmps_max > tmps_size) {
1332 tmps_size = tmps_max;
1333 if (!(tmps_size & 127)) {
1335 Renew(tmps_list, tmps_size + 128, STR*);
1337 New(704,tmps_list, 128, STR*);
1340 tmps_list[tmps_max] = str;
1342 str->str_pok |= SP_TEMP;
1351 register STR *str = Str_new(79,0);
1355 str_nset(str,s,len);
1363 register STR *str = Str_new(80,0);
1369 /* make an exact duplicate of old */
1375 register STR *new = Str_new(81,0);
1379 if (old->str_state == SS_FREE) {
1380 warn("semi-panic: attempt to dup freed string");
1383 if (old->str_state == SS_INCR && !(old->str_pok & 2))
1386 Safefree(new->str_ptr);
1387 Copy(old,new,1,STR);
1389 new->str_ptr = nsavestr(old->str_ptr,old->str_len);
1390 new->str_pok &= ~SP_TEMP;
1399 register HENT *entry;
1400 register STAB *stab;
1403 register SPAT *spat;
1406 if (!*s) { /* reset ?? searches */
1407 for (spat = stash->tbl_spatroot;
1409 spat = spat->spat_next) {
1410 spat->spat_flags &= ~SPAT_USED;
1415 /* reset variables */
1417 if (!stash->tbl_array)
1425 for ( ; i <= max; i++) {
1426 for (entry = stash->tbl_array[i];
1428 entry = entry->hent_next) {
1429 stab = (STAB*)entry->hent_val;
1430 str = stab_val(stab);
1434 str->str_tainted = tainted;
1436 if (str->str_ptr != Nullch)
1437 str->str_ptr[0] = '\0';
1438 if (stab_xarray(stab)) {
1439 aclear(stab_xarray(stab));
1441 if (stab_xhash(stab)) {
1442 hclear(stab_xhash(stab), FALSE);
1443 if (stab == envstab)
1444 environ[0] = Nullch;
1457 fprintf(stderr,"%s %d %d %d\n",s,tainted,uid, euid);
1459 if (tainted && (!euid || euid != uid || egid != gid)) {
1469 register STR *envstr;
1471 envstr = hfetch(stab_hash(envstab),"PATH",4,FALSE);
1472 if (envstr == &str_undef || envstr->str_tainted) {
1474 if (envstr->str_tainted == 2)
1475 taintproper("Insecure directory in PATH");
1477 taintproper("Insecure PATH");
1479 envstr = hfetch(stab_hash(envstab),"IFS",3,FALSE);
1480 if (envstr != &str_undef && envstr->str_tainted) {
1482 taintproper("Insecure IFS");