wcsmbs: Ensure wcstr worst-case linear execution time (BZ 23865)

It uses the same two-way algorithm used on strstr, strcasestr, and
memmem.  Different than strstr, neither the "shift table" optimization
nor the self-adapting filtering check is used because it would result in
a too-large shift table (and it also simplifies the implementation bit).

Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Reviewed-by: DJ Delorie <dj@redhat.com>
This commit is contained in:
Adhemerval Zanella 2024-03-19 10:15:28 -03:00
parent 4b717562c4
commit cf11e74b0d
3 changed files with 505 additions and 70 deletions

View File

@ -59,6 +59,9 @@
# undef weak_alias # undef weak_alias
# define weak_alias(a, b) # define weak_alias(a, b)
# define WCSSTR c_wcsstr # define WCSSTR c_wcsstr
# define __wmemcmp wmemcmp
# define __wcsnlen wcsnlen
# define __wcslen wcslen
# include "wcsstr.c" # include "wcsstr.c"
# define C_IMPL WCSSTR # define C_IMPL WCSSTR
#endif #endif
@ -217,6 +220,31 @@ check2 (void)
} }
} }
static void
check3 (void)
{
/* Check that a long periodic needle does not cause false positives. */
{
const CHAR input[] = L("F_BD_CE_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD"
"_C3_88_20_EF_BF_BD_EF_BF_BD_EF_BF_BD"
"_C3_A7_20_EF_BF_BD");
const CHAR need[] = L("_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD");
FOR_EACH_IMPL (impl, 0)
check_result (impl, input, need, NULL);
}
{
const CHAR input[] = L("F_BD_CE_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD"
"_C3_88_20_EF_BF_BD_EF_BF_BD_EF_BF_BD"
"_C3_A7_20_EF_BF_BD_DA_B5_C2_A6_20"
"_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD");
const CHAR need[] = L("_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD_EF_BF_BD");
FOR_EACH_IMPL (impl, 0)
check_result (impl, input, need, (CHAR *) input + 115);
}
}
#define N 1024 #define N 1024
static void static void
@ -243,6 +271,148 @@ pr23637 (void)
check_result (impl, h, n, exp_result); check_result (impl, h, n, exp_result);
} }
static void
pr23865 (void)
{
/* Check that a very long haystack is handled quickly if the needle is
short and occurs near the beginning. */
{
size_t m = 1000000;
const CHAR *needle =
L("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA");
CHAR *haystack = xmalloc ((m + 1) * sizeof (CHAR));
MEMSET (haystack, L('A'), m);
haystack[0] = L('B');
haystack[m] = L('\0');
FOR_EACH_IMPL (impl, 0)
check_result (impl, haystack, needle, haystack + 1);
free (haystack);
}
/* Check that a very long needle is discarded quickly if the haystack is
short. */
{
size_t m = 1000000;
const CHAR *haystack =
L("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
"ABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABAB");
CHAR *needle = xmalloc ((m + 1) * sizeof (CHAR));
MEMSET (needle, L'A', m);
needle[m] = L('\0');
FOR_EACH_IMPL (impl, 0)
check_result (impl, haystack, needle, NULL);
free (needle);
}
/* Check that the asymptotic worst-case complexity is not quadratic. */
{
size_t m = 1000000;
CHAR *haystack = xmalloc ((2 * m + 2) * sizeof (CHAR));
CHAR *needle = xmalloc ((m + 2) * sizeof (CHAR));
MEMSET (haystack, L('A'), 2 * m);
haystack[2 * m] = L('B');
haystack[2 * m + 1] = L('\0');
MEMSET (needle, L('A'), m);
needle[m] = L('B');
needle[m + 1] = L('\0');
FOR_EACH_IMPL (impl, 0)
check_result (impl, haystack, needle, haystack + m);
free (needle);
free (haystack);
}
{
/* Ensure that with a barely periodic "short" needle, STRSTR's
search does not mistakenly skip just past the match point. */
const CHAR *haystack =
L("\n"
"with_build_libsubdir\n"
"with_local_prefix\n"
"with_gxx_include_dir\n"
"with_cpp_install_dir\n"
"enable_generated_files_in_srcdir\n"
"with_gnu_ld\n"
"with_ld\n"
"with_demangler_in_ld\n"
"with_gnu_as\n"
"with_as\n"
"enable_largefile\n"
"enable_werror_always\n"
"enable_checking\n"
"enable_coverage\n"
"enable_gather_detailed_mem_stats\n"
"enable_build_with_cxx\n"
"with_stabs\n"
"enable_multilib\n"
"enable___cxa_atexit\n"
"enable_decimal_float\n"
"enable_fixed_point\n"
"enable_threads\n"
"enable_tls\n"
"enable_objc_gc\n"
"with_dwarf2\n"
"enable_shared\n"
"with_build_sysroot\n"
"with_sysroot\n"
"with_specs\n"
"with_pkgversion\n"
"with_bugurl\n"
"enable_languages\n"
"with_multilib_list\n");
const CHAR *needle =
L("\n"
"with_gnu_ld\n");
FOR_EACH_IMPL (impl, 0)
check_result (impl, haystack, needle, (CHAR*) haystack + 114);
}
{
/* Same bug, shorter trigger. */
const CHAR *haystack = L("..wi.d.");
const CHAR *needle = L(".d.");
FOR_EACH_IMPL (impl, 0)
check_result (impl, haystack, needle, (CHAR*) haystack + 4);
}
/* Test case from Yves Bastide.
<https://www.openwall.com/lists/musl/2014/04/18/2> */
{
const CHAR *input = L("playing play play play always");
const CHAR *needle = L("play play play");
FOR_EACH_IMPL (impl, 0)
check_result (impl, input, needle, (CHAR*) input + 8);
}
/* Test long needles. */
{
size_t m = 1024;
CHAR *haystack = xmalloc ((2 * m + 1) * sizeof (CHAR));
CHAR *needle = xmalloc ((m + 1) * sizeof (CHAR));
haystack[0] = L('x');
MEMSET (haystack + 1, L(' '), m - 1);
MEMSET (haystack + m, L('x'), m);
haystack[2 * m] = L('\0');
MEMSET (needle, L('x'), m);
needle[m] = L('\0');
FOR_EACH_IMPL (impl, 0)
check_result (impl, haystack, needle, haystack + m);
free (needle);
free (haystack);
}
}
static int static int
test_main (void) test_main (void)
{ {
@ -250,7 +420,9 @@ test_main (void)
check1 (); check1 ();
check2 (); check2 ();
check3 ();
pr23637 (); pr23637 ();
pr23865 ();
printf ("%23s", ""); printf ("%23s", "");
FOR_EACH_IMPL (impl, 0) FOR_EACH_IMPL (impl, 0)

312
wcsmbs/wcs-two-way.h Normal file
View File

@ -0,0 +1,312 @@
/* Wide character substring search, using the Two-Way algorithm.
Copyright (C) 2008-2024 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
/* Before including this file, you need to include <string.h> (and
<config.h> before that, if not part of libc), and define:
AVAILABLE(h, h_l, j, n_l)
A macro that returns nonzero if there are
at least N_L characters left starting at H[J].
H is 'wchar_t *', H_L, J, and N_L are 'size_t';
H_L is an lvalue. For NUL-terminated searches,
H_L can be modified each iteration to avoid
having to compute the end of H up front.
For case-insensitivity, you may optionally define:
CMP_FUNC(p1, p2, l) A macro that returns 0 iff the first L
characters of P1 and P2 are equal.
CANON_ELEMENT(c) A macro that canonicalizes an element right after
it has been fetched from one of the two strings.
The argument is an 'wchar_t'; the result must
be an 'wchar_t' as well.
*/
#include <limits.h>
#include <stdint.h>
#include <sys/param.h> /* Defines MAX. */
/* We use the Two-Way string matching algorithm, which guarantees
linear complexity with constant space.
See http://www-igm.univ-mlv.fr/~lecroq/string/node26.html#SECTION00260
and http://en.wikipedia.org/wiki/Boyer-Moore_string_search_algorithm
*/
#ifndef CANON_ELEMENT
# define CANON_ELEMENT(c) c
#endif
#ifndef CMP_FUNC
# define CMP_FUNC __wmemcmp
#endif
/* Perform a critical factorization of NEEDLE, of length NEEDLE_LEN.
Return the index of the first character in the right half, and set
*PERIOD to the global period of the right half.
The global period of a string is the smallest index (possibly its
length) at which all remaining bytes in the string are repetitions
of the prefix (the last repetition may be a subset of the prefix).
When NEEDLE is factored into two halves, a local period is the
length of the smallest word that shares a suffix with the left half
and shares a prefix with the right half. All factorizations of a
non-empty NEEDLE have a local period of at least 1 and no greater
than NEEDLE_LEN.
A critical factorization has the property that the local period
equals the global period. All strings have at least one critical
factorization with the left half smaller than the global period.
Given an ordered alphabet, a critical factorization can be computed
in linear time, with 2 * NEEDLE_LEN comparisons, by computing the
larger of two ordered maximal suffixes. The ordered maximal
suffixes are determined by lexicographic comparison of
periodicity. */
static size_t
critical_factorization (const wchar_t *needle, size_t needle_len,
size_t *period)
{
/* Index of last character of left half, or SIZE_MAX. */
size_t max_suffix, max_suffix_rev;
size_t j; /* Index into NEEDLE for current candidate suffix. */
size_t k; /* Offset into current period. */
size_t p; /* Intermediate period. */
wchar_t a, b; /* Current comparison bytes. */
/* Special case NEEDLE_LEN of 1 or 2 (all callers already filtered
out 0-length needles. */
if (needle_len < 3)
{
*period = 1;
return needle_len - 1;
}
/* Invariants:
0 <= j < NEEDLE_LEN - 1
-1 <= max_suffix{,_rev} < j (treating SIZE_MAX as if it were signed)
min(max_suffix, max_suffix_rev) < global period of NEEDLE
1 <= p <= global period of NEEDLE
p == global period of the substring NEEDLE[max_suffix{,_rev}+1...j]
1 <= k <= p
*/
/* Perform lexicographic search. */
max_suffix = SIZE_MAX;
j = 0;
k = p = 1;
while (j + k < needle_len)
{
a = CANON_ELEMENT (needle[j + k]);
b = CANON_ELEMENT (needle[max_suffix + k]);
if (a < b)
{
/* Suffix is smaller, period is entire prefix so far. */
j += k;
k = 1;
p = j - max_suffix;
}
else if (a == b)
{
/* Advance through repetition of the current period. */
if (k != p)
++k;
else
{
j += p;
k = 1;
}
}
else /* b < a */
{
/* Suffix is larger, start over from current location. */
max_suffix = j++;
k = p = 1;
}
}
*period = p;
/* Perform reverse lexicographic search. */
max_suffix_rev = SIZE_MAX;
j = 0;
k = p = 1;
while (j + k < needle_len)
{
a = CANON_ELEMENT (needle[j + k]);
b = CANON_ELEMENT (needle[max_suffix_rev + k]);
if (b < a)
{
/* Suffix is smaller, period is entire prefix so far. */
j += k;
k = 1;
p = j - max_suffix_rev;
}
else if (a == b)
{
/* Advance through repetition of the current period. */
if (k != p)
++k;
else
{
j += p;
k = 1;
}
}
else /* a < b */
{
/* Suffix is larger, start over from current location. */
max_suffix_rev = j++;
k = p = 1;
}
}
/* Choose the shorter suffix. Return the first character of the right
half, rather than the last character of the left half. */
if (max_suffix_rev + 1 < max_suffix + 1)
return max_suffix + 1;
*period = p;
return max_suffix_rev + 1;
}
/* Return the first location of non-empty NEEDLE within HAYSTACK, or
NULL. HAYSTACK_LEN is the minimum known length of HAYSTACK.
If AVAILABLE does not modify HAYSTACK_LEN (as in memmem), then at
most 2 * HAYSTACK_LEN - NEEDLE_LEN comparisons occur in searching.
If AVAILABLE modifies HAYSTACK_LEN (as in strstr), then at most 3 *
HAYSTACK_LEN - NEEDLE_LEN comparisons occur in searching. */
static inline wchar_t *
two_way_short_needle (const wchar_t *haystack, size_t haystack_len,
const wchar_t *needle, size_t needle_len)
{
size_t i; /* Index into current character of NEEDLE. */
size_t j; /* Index into current window of HAYSTACK. */
size_t period; /* The period of the right half of needle. */
size_t suffix; /* The index of the right half of needle. */
/* Factor the needle into two halves, such that the left half is
smaller than the global period, and the right half is
periodic (with a period as large as NEEDLE_LEN - suffix). */
suffix = critical_factorization (needle, needle_len, &period);
/* Perform the search. Each iteration compares the right half
first. */
if (CMP_FUNC (needle, needle + period, suffix) == 0)
{
/* Entire needle is periodic; a mismatch can only advance by the
period, so use memory to avoid rescanning known occurrences
of the period. */
size_t memory = 0;
j = 0;
while (AVAILABLE (haystack, haystack_len, j, needle_len))
{
const wchar_t *pneedle;
const wchar_t *phaystack;
/* Scan for matches in right half. */
i = MAX (suffix, memory);
pneedle = &needle[i];
phaystack = &haystack[i + j];
while (i < needle_len && (CANON_ELEMENT (*pneedle++)
== CANON_ELEMENT (*phaystack++)))
++i;
if (needle_len <= i)
{
/* Scan for matches in left half. */
i = suffix - 1;
pneedle = &needle[i];
phaystack = &haystack[i + j];
while (memory < i + 1 && (CANON_ELEMENT (*pneedle--)
== CANON_ELEMENT (*phaystack--)))
--i;
if (i + 1 < memory + 1)
return (wchar_t *) (haystack + j);
/* No match, so remember how many repetitions of period
on the right half were scanned. */
j += period;
memory = needle_len - period;
}
else
{
j += i - suffix + 1;
memory = 0;
}
}
}
else
{
const wchar_t *phaystack;
/* The comparison always starts from needle[suffix], so cache it
and use an optimized first-character loop. */
wchar_t needle_suffix = CANON_ELEMENT (needle[suffix]);
/* The two halves of needle are distinct; no extra memory is
required, and any mismatch results in a maximal shift. */
period = MAX (suffix, needle_len - suffix) + 1;
j = 0;
while (AVAILABLE (haystack, haystack_len, j, needle_len))
{
wchar_t haystack_char;
const wchar_t *pneedle;
phaystack = &haystack[suffix + j];
while (needle_suffix
!= (haystack_char = CANON_ELEMENT (*phaystack++)))
{
++j;
if (!AVAILABLE (haystack, haystack_len, j, needle_len))
goto ret0;
}
/* Scan for matches in right half. */
i = suffix + 1;
pneedle = &needle[i];
while (i < needle_len)
{
if (CANON_ELEMENT (*pneedle++)
!= (haystack_char = CANON_ELEMENT (*phaystack++)))
break;
++i;
}
if (needle_len <= i)
{
/* Scan for matches in left half. */
i = suffix - 1;
pneedle = &needle[i];
phaystack = &haystack[i + j];
while (i != SIZE_MAX)
{
if (CANON_ELEMENT (*pneedle--)
!= (haystack_char = CANON_ELEMENT (*phaystack--)))
break;
--i;
}
if (i == SIZE_MAX)
return (wchar_t *) (haystack + j);
j += period;
}
else
j += i - suffix + 1;
}
}
ret0: __attribute__ ((unused))
return NULL;
}
#undef AVAILABLE
#undef CANON_ELEMENT
#undef CMP_FUNC

View File

@ -1,4 +1,5 @@
/* Copyright (C) 1995-2024 Free Software Foundation, Inc. /* Locate a substring in a wide-character string.
Copyright (C) 1995-2024 Free Software Foundation, Inc.
This file is part of the GNU C Library. This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or The GNU C Library is free software; you can redistribute it and/or
@ -15,18 +16,14 @@
License along with the GNU C Library; if not, see License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */ <https://www.gnu.org/licenses/>. */
/*
* The original strstr() file contains the following comment:
*
* My personal strstr() implementation that beats most other algorithms.
* Until someone tells me otherwise, I assume that this is the
* fastest implementation of strstr() in C.
* I deliberately chose not to comment it. You should have at least
* as much fun trying to understand it, as I had to write it :-).
*
* Stephen R. van den Berg, berg@pool.informatik.rwth-aachen.de */
#include <wchar.h> #include <wchar.h>
#include <string.h>
#define AVAILABLE(h, h_l, j, n_l) \
(((j) + (n_l) <= (h_l)) \
|| ((h_l) += __wcsnlen ((void*)((h) + (h_l)), (n_l) + 128), \
(j) + (n_l) <= (h_l)))
#include "wcs-two-way.h"
#ifndef WCSSTR #ifndef WCSSTR
# define WCSSTR wcsstr # define WCSSTR wcsstr
@ -35,66 +32,20 @@
wchar_t * wchar_t *
WCSSTR (const wchar_t *haystack, const wchar_t *needle) WCSSTR (const wchar_t *haystack, const wchar_t *needle)
{ {
wchar_t b, c; /* Ensure haystack length is at least as long as needle length.
Since a match may occur early on in a huge haystack, use strnlen
if ((b = *needle) != L'\0') and read ahead a few cachelines for improved performance. */
{ size_t ne_len = __wcslen (needle);
haystack--; /* possible ANSI violation */ size_t hs_len = __wcsnlen (haystack, ne_len | 128);
do if (hs_len < ne_len)
if ((c = *++haystack) == L'\0')
goto ret0;
while (c != b);
if (!(c = *++needle))
goto foundneedle;
++needle;
goto jin;
for (;;)
{
wchar_t a;
const wchar_t *rhaystack, *rneedle;
do
{
if (!(a = *++haystack))
goto ret0;
if (a == b)
break;
if ((a = *++haystack) == L'\0')
goto ret0;
shloop: ;
}
while (a != b);
jin: if (!(a = *++haystack))
goto ret0;
if (a != c)
goto shloop;
if (*(rhaystack = haystack-- + 1) == (a = *(rneedle = needle)))
do
{
if (a == L'\0')
goto foundneedle;
if (*++rhaystack != (a = *++needle))
break;
if (a == L'\0')
goto foundneedle;
}
while (*++rhaystack == (a = *++needle));
needle = rneedle; /* took the register-poor approach */
if (a == L'\0')
break;
}
}
foundneedle:
return (wchar_t*) haystack;
ret0:
return NULL; return NULL;
/* Check whether we have a match. This improves performance since we
avoid initialization overheads. */
if (__wmemcmp (haystack, needle, ne_len) == 0)
return (wchar_t *) haystack;
return two_way_short_needle (haystack, hs_len, needle, ne_len);
} }
/* This alias is for backward compatibility with drafts of the ISO C /* This alias is for backward compatibility with drafts of the ISO C
standard. Unfortunately the Unix(TM) standard requires this name. */ standard. Unfortunately the Unix(TM) standard requires this name. */