login_cap.c revision 1.7
1 /* $NetBSD: login_cap.c,v 1.7 2000/09/21 10:15:32 ad Exp $ */ 2 3 /*- 4 * Copyright (c) 1995,1997 Berkeley Software Design, Inc. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. All advertising materials mentioning features or use of this software 15 * must display the following acknowledgement: 16 * This product includes software developed by Berkeley Software Design, 17 * Inc. 18 * 4. The name of Berkeley Software Design, Inc. may not be used to endorse 19 * or promote products derived from this software without specific prior 20 * written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN, INC. ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN, INC. BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * BSDI login_cap.c,v 2.13 1998/02/07 03:17:05 prb Exp 35 */ 36 37 #include <sys/cdefs.h> 38 #if defined(LIBC_SCCS) && !defined(lint) 39 __RCSID("$NetBSD: login_cap.c,v 1.7 2000/09/21 10:15:32 ad Exp $"); 40 #endif /* LIBC_SCCS and not lint */ 41 42 #include <sys/types.h> 43 #include <sys/stat.h> 44 #include <sys/time.h> 45 #include <sys/resource.h> 46 47 #include <ctype.h> 48 #include <err.h> 49 #include <errno.h> 50 #include <fcntl.h> 51 #include <limits.h> 52 #include <login_cap.h> 53 #include <paths.h> 54 #include <pwd.h> 55 #include <stdio.h> 56 #include <stdlib.h> 57 #include <string.h> 58 #include <syslog.h> 59 #include <unistd.h> 60 #include <util.h> 61 62 static char *classfiles[] = { _PATH_LOGIN_CONF, 0 }; 63 64 static void setuserpath(login_cap_t *, char *); 65 static u_quad_t multiply(u_quad_t, u_quad_t); 66 static u_quad_t strtolimit(char *, char **, int); 67 static u_quad_t strtosize(char *, char **, int); 68 static int gsetrl(login_cap_t *, int, char *, int type); 69 static int setuserenv(login_cap_t *); 70 static int isinfinite(const char *); 71 72 login_cap_t * 73 login_getclass(char *class) 74 { 75 login_cap_t *lc; 76 int res; 77 78 for (res = 0; classfiles[res]; ++res) 79 if (secure_path(classfiles[res]) < 0) 80 return (0); 81 82 if ((lc = malloc(sizeof(login_cap_t))) == NULL) { 83 syslog(LOG_ERR, "%s:%d malloc: %m", __FILE__, __LINE__); 84 return (0); 85 } 86 87 lc->lc_cap = 0; 88 lc->lc_style = 0; 89 90 if (class == NULL || class[0] == '\0') 91 class = LOGIN_DEFCLASS; 92 93 if ((lc->lc_class = strdup(class)) == NULL) { 94 syslog(LOG_ERR, "%s:%d strdup: %m", __FILE__, __LINE__); 95 free(lc); 96 return (0); 97 } 98 99 if ((res = cgetent(&lc->lc_cap, classfiles, lc->lc_class)) != 0 ) { 100 lc->lc_cap = 0; 101 switch (res) { 102 case 1: 103 syslog(LOG_ERR, "%s: couldn't resolve 'tc'", 104 lc->lc_class); 105 break; 106 case -1: 107 if ((res = open(classfiles[0], 0)) >= 0) 108 close(res); 109 if (strcmp(lc->lc_class, LOGIN_DEFCLASS) == NULL && 110 res < 0) 111 return (lc); 112 syslog(LOG_ERR, "%s: unknown class", lc->lc_class); 113 break; 114 case -2: 115 syslog(LOG_ERR, "%s: getting class information: %m", 116 lc->lc_class); 117 break; 118 case -3: 119 syslog(LOG_ERR, "%s: 'tc' reference loop", 120 lc->lc_class); 121 break; 122 default: 123 syslog(LOG_ERR, "%s: unexpected cgetent error", 124 lc->lc_class); 125 break; 126 } 127 free(lc->lc_class); 128 free(lc); 129 return (0); 130 } 131 return (lc); 132 } 133 134 login_cap_t * 135 login_getpwclass(const struct passwd *pwd) 136 { 137 return login_getclass(pwd ? pwd->pw_class : NULL); 138 } 139 140 char * 141 login_getcapstr(login_cap_t *lc, char *cap, char *def, char *e) 142 { 143 char *res; 144 int status; 145 146 errno = 0; 147 148 if (!lc || !lc->lc_cap) 149 return (def); 150 151 switch (status = cgetstr(lc->lc_cap, cap, &res)) { 152 case -1: 153 return (def); 154 case -2: 155 syslog(LOG_ERR, "%s: getting capability %s: %m", 156 lc->lc_class, cap); 157 return (e); 158 default: 159 if (status >= 0) 160 return (res); 161 syslog(LOG_ERR, "%s: unexpected error with capability %s", 162 lc->lc_class, cap); 163 return (e); 164 } 165 } 166 167 quad_t 168 login_getcaptime(login_cap_t *lc, char *cap, quad_t def, quad_t e) 169 { 170 char *ep; 171 char *res, *sres; 172 int status; 173 quad_t q, r; 174 175 errno = 0; 176 if (!lc || !lc->lc_cap) 177 return (def); 178 179 switch (status = cgetstr(lc->lc_cap, cap, &res)) { 180 case -1: 181 return (def); 182 case -2: 183 syslog(LOG_ERR, "%s: getting capability %s: %m", 184 lc->lc_class, cap); 185 errno = ERANGE; 186 return (e); 187 default: 188 if (status >= 0) 189 break; 190 syslog(LOG_ERR, "%s: unexpected error with capability %s", 191 lc->lc_class, cap); 192 errno = ERANGE; 193 return (e); 194 } 195 196 if (isinfinite(res)) 197 return (RLIM_INFINITY); 198 199 errno = 0; 200 201 q = 0; 202 sres = res; 203 while (*res) { 204 r = strtoq(res, &ep, 0); 205 if (!ep || ep == res || 206 ((r == QUAD_MIN || r == QUAD_MAX) && errno == ERANGE)) { 207 invalid: 208 syslog(LOG_ERR, "%s:%s=%s: invalid time", 209 lc->lc_class, cap, sres); 210 errno = ERANGE; 211 return (e); 212 } 213 switch (*ep++) { 214 case '\0': 215 --ep; 216 break; 217 case 's': case 'S': 218 break; 219 case 'm': case 'M': 220 r *= 60; 221 break; 222 case 'h': case 'H': 223 r *= 60 * 60; 224 break; 225 case 'd': case 'D': 226 r *= 60 * 60 * 24; 227 break; 228 case 'w': case 'W': 229 r *= 60 * 60 * 24 * 7; 230 break; 231 case 'y': case 'Y': /* Pretty absurd */ 232 r *= 60 * 60 * 24 * 365; 233 break; 234 default: 235 goto invalid; 236 } 237 res = ep; 238 q += r; 239 } 240 return (q); 241 } 242 243 quad_t 244 login_getcapnum(login_cap_t *lc, char *cap, quad_t def, quad_t e) 245 { 246 char *ep; 247 char *res; 248 int status; 249 quad_t q; 250 251 errno = 0; 252 if (!lc || !lc->lc_cap) 253 return (def); 254 255 switch (status = cgetstr(lc->lc_cap, cap, &res)) { 256 case -1: 257 return (def); 258 case -2: 259 syslog(LOG_ERR, "%s: getting capability %s: %m", 260 lc->lc_class, cap); 261 errno = ERANGE; 262 return (e); 263 default: 264 if (status >= 0) 265 break; 266 syslog(LOG_ERR, "%s: unexpected error with capability %s", 267 lc->lc_class, cap); 268 errno = ERANGE; 269 return (e); 270 } 271 272 if (isinfinite(res)) 273 return (RLIM_INFINITY); 274 275 errno = 0; 276 q = strtoq(res, &ep, 0); 277 if (!ep || ep == res || ep[0] || 278 ((q == QUAD_MIN || q == QUAD_MAX) && errno == ERANGE)) { 279 syslog(LOG_ERR, "%s:%s=%s: invalid number", 280 lc->lc_class, cap, res); 281 errno = ERANGE; 282 return (e); 283 } 284 return (q); 285 } 286 287 quad_t 288 login_getcapsize(login_cap_t *lc, char *cap, quad_t def, quad_t e) 289 { 290 char *ep; 291 char *res; 292 int status; 293 quad_t q; 294 295 errno = 0; 296 297 if (!lc || !lc->lc_cap) 298 return (def); 299 300 switch (status = cgetstr(lc->lc_cap, cap, &res)) { 301 case -1: 302 return (def); 303 case -2: 304 syslog(LOG_ERR, "%s: getting capability %s: %m", 305 lc->lc_class, cap); 306 errno = ERANGE; 307 return (e); 308 default: 309 if (status >= 0) 310 break; 311 syslog(LOG_ERR, "%s: unexpected error with capability %s", 312 lc->lc_class, cap); 313 errno = ERANGE; 314 return (e); 315 } 316 317 errno = 0; 318 q = strtolimit(res, &ep, 0); 319 if (!ep || ep == res || (ep[0] && ep[1]) || 320 ((q == QUAD_MIN || q == QUAD_MAX) && errno == ERANGE)) { 321 syslog(LOG_ERR, "%s:%s=%s: invalid size", 322 lc->lc_class, cap, res); 323 errno = ERANGE; 324 return (e); 325 } 326 return (q); 327 } 328 329 int 330 login_getcapbool(login_cap_t *lc, char *cap, u_int def) 331 { 332 if (!lc || !lc->lc_cap) 333 return (def); 334 335 return (cgetcap(lc->lc_cap, cap, ':') != NULL); 336 } 337 338 void 339 login_close(login_cap_t *lc) 340 { 341 if (lc) { 342 if (lc->lc_class) 343 free(lc->lc_class); 344 if (lc->lc_cap) 345 free(lc->lc_cap); 346 if (lc->lc_style) 347 free(lc->lc_style); 348 free(lc); 349 } 350 } 351 352 #define R_CTIME 1 353 #define R_CSIZE 2 354 #define R_CNUMB 3 355 356 static struct { 357 int what; 358 int type; 359 char * name; 360 } r_list[] = { 361 { RLIMIT_CPU, R_CTIME, "cputime", }, 362 { RLIMIT_FSIZE, R_CSIZE, "filesize", }, 363 { RLIMIT_DATA, R_CSIZE, "datasize", }, 364 { RLIMIT_STACK, R_CSIZE, "stacksize", }, 365 { RLIMIT_RSS, R_CSIZE, "memoryuse", }, 366 { RLIMIT_MEMLOCK, R_CSIZE, "memorylocked", }, 367 { RLIMIT_NPROC, R_CNUMB, "maxproc", }, 368 { RLIMIT_NOFILE, R_CNUMB, "openfiles", }, 369 { RLIMIT_CORE, R_CSIZE, "coredumpsize", }, 370 { -1, 0, 0 } 371 }; 372 373 static int 374 gsetrl(login_cap_t *lc, int what, char *name, int type) 375 { 376 struct rlimit rl; 377 struct rlimit r; 378 char name_cur[32]; 379 char name_max[32]; 380 381 sprintf(name_cur, "%s-cur", name); 382 sprintf(name_max, "%s-max", name); 383 384 if (getrlimit(what, &r)) { 385 syslog(LOG_ERR, "getting resource limit: %m"); 386 return (-1); 387 } 388 389 #define RCUR r.rlim_cur 390 #define RMAX r.rlim_max 391 392 switch (type) { 393 case R_CTIME: 394 RCUR = login_getcaptime(lc, name, RCUR, RCUR); 395 RMAX = login_getcaptime(lc, name, RMAX, RMAX); 396 rl.rlim_cur = login_getcaptime(lc, name_cur, RCUR, RCUR); 397 rl.rlim_max = login_getcaptime(lc, name_max, RMAX, RMAX); 398 break; 399 case R_CSIZE: 400 RCUR = login_getcapsize(lc, name, RCUR, RCUR); 401 RMAX = login_getcapsize(lc, name, RMAX, RMAX); 402 rl.rlim_cur = login_getcapsize(lc, name_cur, RCUR, RCUR); 403 rl.rlim_max = login_getcapsize(lc, name_max, RMAX, RMAX); 404 break; 405 case R_CNUMB: 406 RCUR = login_getcapnum(lc, name, RCUR, RCUR); 407 RMAX = login_getcapnum(lc, name, RMAX, RMAX); 408 rl.rlim_cur = login_getcapnum(lc, name_cur, RCUR, RCUR); 409 rl.rlim_max = login_getcapnum(lc, name_max, RMAX, RMAX); 410 break; 411 default: 412 return (-1); 413 } 414 415 if (setrlimit(what, &rl)) { 416 syslog(LOG_ERR, "%s: setting resource limit %s: %m", 417 lc->lc_class, name); 418 return (-1); 419 } 420 #undef RCUR 421 #undef RMAX 422 return (0); 423 } 424 425 static int 426 setuserenv(login_cap_t *lc) 427 { 428 char *stop = ", \t"; 429 int i, count; 430 char *ptr; 431 char **res; 432 char *str = login_getcapstr(lc, "setenv", NULL, NULL); 433 434 if(str == NULL || *str == '\0') 435 return 0; 436 437 /* count the sub-strings */ 438 for (i = 1, ptr = str; *ptr; i++) { 439 ptr += strcspn(ptr, stop); 440 if (*ptr) 441 ptr++; 442 } 443 444 /* allocate ptr array and string */ 445 count = i; 446 res = malloc( count * sizeof(char *) + strlen(str) + 1 ); 447 448 if(!res) 449 return -1; 450 451 ptr = (char *)res + count * sizeof(char *); 452 strcpy(ptr, str); 453 454 /* split string */ 455 for (i = 0; *ptr && i < count; i++) { 456 res[i] = ptr; 457 ptr += strcspn(ptr, stop); 458 if (*ptr) 459 *ptr++ = '\0'; 460 } 461 462 res[i] = NULL; 463 464 for (i = 0; i < count && res[i]; i++) { 465 if (*res[i] != '\0') { 466 if ((ptr = strchr(res[i], '=')) != NULL) 467 *ptr++ = '\0'; 468 else 469 ptr = ""; 470 setenv(res[i], ptr, 1); 471 } 472 } 473 474 free(res); 475 return 0; 476 } 477 478 int 479 setclasscontext(char *class, u_int flags) 480 { 481 int ret; 482 login_cap_t *lc; 483 484 flags &= LOGIN_SETRESOURCES | LOGIN_SETPRIORITY | LOGIN_SETUMASK | 485 LOGIN_SETPATH; 486 487 lc = login_getclass(class); 488 ret = lc ? setusercontext(lc, NULL, 0, flags) : -1; 489 login_close(lc); 490 return (ret); 491 } 492 493 int 494 setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid, u_int flags) 495 { 496 login_cap_t *flc; 497 quad_t p; 498 int i; 499 500 flc = NULL; 501 502 if (!lc) 503 flc = lc = login_getclass(pwd ? pwd->pw_class : NULL); 504 505 /* 506 * Without the pwd entry being passed we cannot set either 507 * the group or the login. We could complain about it. 508 */ 509 if (pwd == NULL) 510 flags &= ~(LOGIN_SETGROUP|LOGIN_SETLOGIN); 511 512 if (flags & LOGIN_SETRESOURCES) 513 for (i = 0; r_list[i].name; ++i) 514 if (gsetrl(lc, r_list[i].what, r_list[i].name, 515 r_list[i].type)) 516 /* XXX - call syslog()? */; 517 518 if (flags & LOGIN_SETPRIORITY) { 519 p = login_getcapnum(lc, "priority", 0LL, 0LL); 520 521 if (setpriority(PRIO_PROCESS, 0, (int)p) < 0) 522 syslog(LOG_ERR, "%s: setpriority: %m", lc->lc_class); 523 } 524 525 if (flags & LOGIN_SETUMASK) { 526 p = login_getcapnum(lc, "umask", (quad_t) LOGIN_DEFUMASK, 527 (quad_t) LOGIN_DEFUMASK); 528 umask((mode_t)p); 529 } 530 531 if (flags & LOGIN_SETGROUP) { 532 if (setgid(pwd->pw_gid) < 0) { 533 syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid); 534 login_close(flc); 535 return (-1); 536 } 537 538 if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) { 539 syslog(LOG_ERR, "initgroups(%s,%d): %m", 540 pwd->pw_name, pwd->pw_gid); 541 login_close(flc); 542 return (-1); 543 } 544 } 545 546 if (flags & LOGIN_SETLOGIN) 547 if (setlogin(pwd->pw_name) < 0) { 548 syslog(LOG_ERR, "setlogin(%s) failure: %m", 549 pwd->pw_name); 550 login_close(flc); 551 return (-1); 552 } 553 554 if (flags & LOGIN_SETUSER) 555 if (setuid(uid) < 0) { 556 syslog(LOG_ERR, "setuid(%d): %m", uid); 557 login_close(flc); 558 return (-1); 559 } 560 561 if (flags & LOGIN_SETENV) 562 setuserenv(lc); 563 564 if (flags & LOGIN_SETPATH) 565 setuserpath(lc, pwd ? pwd->pw_dir : ""); 566 567 login_close(flc); 568 return (0); 569 } 570 571 static void 572 setuserpath(login_cap_t *lc, char *home) 573 { 574 size_t hlen, plen; 575 int cnt = 0; 576 char *path; 577 char *p, *q; 578 579 hlen = strlen(home); 580 581 p = path = login_getcapstr(lc, "path", NULL, NULL); 582 if (p) { 583 while (*p) 584 if (*p++ == '~') 585 ++cnt; 586 plen = (p - path) + cnt * (hlen + 1) + 1; 587 p = path; 588 q = path = malloc(plen); 589 if (q) { 590 while (*p) { 591 p += strspn(p, " \t"); 592 if (*p == '\0') 593 break; 594 plen = strcspn(p, " \t"); 595 if (hlen == 0 && *p == '~') { 596 p += plen; 597 continue; 598 } 599 if (q != path) 600 *q++ = ':'; 601 if (*p == '~') { 602 strcpy(q, home); 603 q += hlen; 604 ++p; 605 --plen; 606 } 607 memcpy(q, p, plen); 608 p += plen; 609 q += plen; 610 } 611 *q = '\0'; 612 } else 613 path = _PATH_DEFPATH; 614 } else 615 path = _PATH_DEFPATH; 616 if (setenv("PATH", path, 1)) 617 warn("could not set PATH"); 618 } 619 620 /* 621 * Convert an expression of the following forms 622 * 1) A number. 623 * 2) A number followed by a b (mult by 512). 624 * 3) A number followed by a k (mult by 1024). 625 * 5) A number followed by a m (mult by 1024 * 1024). 626 * 6) A number followed by a g (mult by 1024 * 1024 * 1024). 627 * 7) A number followed by a t (mult by 1024 * 1024 * 1024 * 1024). 628 * 8) Two or more numbers (with/without k,b,m,g, or t). 629 * seperated by x (also * for backwards compatibility), specifying 630 * the product of the indicated values. 631 */ 632 static u_quad_t 633 strtosize(char *str, char **endptr, int radix) 634 { 635 u_quad_t num, num2; 636 char *expr, *expr2; 637 638 errno = 0; 639 num = strtouq(str, &expr, radix); 640 if (errno || expr == str) { 641 if (endptr) 642 *endptr = expr; 643 return (num); 644 } 645 646 switch(*expr) { 647 case 'b': case 'B': 648 num = multiply(num, (u_quad_t)512); 649 ++expr; 650 break; 651 case 'k': case 'K': 652 num = multiply(num, (u_quad_t)1024); 653 ++expr; 654 break; 655 case 'm': case 'M': 656 num = multiply(num, (u_quad_t)1024 * 1024); 657 ++expr; 658 break; 659 case 'g': case 'G': 660 num = multiply(num, (u_quad_t)1024 * 1024 * 1024); 661 ++expr; 662 break; 663 case 't': case 'T': 664 num = multiply(num, (u_quad_t)1024 * 1024); 665 num = multiply(num, (u_quad_t)1024 * 1024); 666 ++expr; 667 break; 668 } 669 670 if (errno) 671 goto erange; 672 673 switch(*expr) { 674 case '*': /* Backward compatible. */ 675 case 'x': 676 num2 = strtosize(expr+1, &expr2, radix); 677 if (errno) { 678 expr = expr2; 679 goto erange; 680 } 681 682 if (expr2 == expr + 1) { 683 if (endptr) 684 *endptr = expr; 685 return (num); 686 } 687 expr = expr2; 688 num = multiply(num, num2); 689 if (errno) 690 goto erange; 691 break; 692 } 693 if (endptr) 694 *endptr = expr; 695 return (num); 696 erange: 697 if (endptr) 698 *endptr = expr; 699 errno = ERANGE; 700 return (UQUAD_MAX); 701 } 702 703 static u_quad_t 704 strtolimit(char *str, char **endptr, int radix) 705 { 706 if (isinfinite(str)) { 707 if (endptr) 708 *endptr = str + strlen(str); 709 return ((u_quad_t)RLIM_INFINITY); 710 } 711 return (strtosize(str, endptr, radix)); 712 } 713 714 static int 715 isinfinite(const char *s) 716 { 717 static const char *infs[] = { 718 "infinity", 719 "inf", 720 "unlimited", 721 "unlimit", 722 NULL 723 }; 724 const char **i; 725 726 for(i = infs; *i; i++) { 727 if (!strcasecmp(s, *i)) 728 return 1; 729 } 730 return 0; 731 } 732 733 static u_quad_t 734 multiply(u_quad_t n1, u_quad_t n2) 735 { 736 static int bpw = 0; 737 u_quad_t m; 738 u_quad_t r; 739 int b1, b2; 740 741 /* 742 * Get rid of the simple cases 743 */ 744 if (n1 == 0 || n2 == 0) 745 return (0); 746 if (n1 == 1) 747 return (n2); 748 if (n2 == 1) 749 return (n1); 750 751 /* 752 * sizeof() returns number of bytes needed for storage. 753 * This may be different from the actual number of useful bits. 754 */ 755 if (!bpw) { 756 bpw = sizeof(u_quad_t) * 8; 757 while (((u_quad_t)1 << (bpw-1)) == 0) 758 --bpw; 759 } 760 761 /* 762 * First check the magnitude of each number. If the sum of the 763 * magnatude is way to high, reject the number. (If this test 764 * is not done then the first multiply below may overflow.) 765 */ 766 for (b1 = bpw; (((u_quad_t)1 << (b1-1)) & n1) == 0; --b1) 767 ; 768 for (b2 = bpw; (((u_quad_t)1 << (b2-1)) & n2) == 0; --b2) 769 ; 770 if (b1 + b2 - 2 > bpw) { 771 errno = ERANGE; 772 return (UQUAD_MAX); 773 } 774 775 /* 776 * Decompose the multiplication to be: 777 * h1 = n1 & ~1 778 * h2 = n2 & ~1 779 * l1 = n1 & 1 780 * l2 = n2 & 1 781 * (h1 + l1) * (h2 + l2) 782 * (h1 * h2) + (h1 * l2) + (l1 * h2) + (l1 * l2) 783 * 784 * Since h1 && h2 do not have the low bit set, we can then say: 785 * 786 * (h1>>1 * h2>>1 * 4) + ... 787 * 788 * So if (h1>>1 * h2>>1) > (1<<(bpw - 2)) then the result will 789 * overflow. 790 * 791 * Finally, if MAX - ((h1 * l2) + (l1 * h2) + (l1 * l2)) < (h1*h2) 792 * then adding in residual amout will cause an overflow. 793 */ 794 795 m = (n1 >> 1) * (n2 >> 1); 796 797 if (m >= ((u_quad_t)1 << (bpw-2))) { 798 errno = ERANGE; 799 return (UQUAD_MAX); 800 } 801 802 m *= 4; 803 804 r = (n1 & n2 & 1) 805 + (n2 & 1) * (n1 & ~(u_quad_t)1) 806 + (n1 & 1) * (n2 & ~(u_quad_t)1); 807 808 if ((u_quad_t)(m + r) < m) { 809 errno = ERANGE; 810 return (UQUAD_MAX); 811 } 812 m += r; 813 814 return (m); 815 } 816 817
Indexes created Tue Sep 23 14:10:03 GMT 2025