MINOR: sample: implement smp_is_safe() and smp_make_safe()

These functions ensure that the designated sample is "safe for use",
which means that its size is known, its length is correct regarding its
size, and that strings are properly zero-terminated.

smp_is_safe() only checks (and optionally sets the trailing zero when
needed and possible). smp_make_safe() will call smp_dup() after
smp_is_safe() fails.

include/proto/sample.h

@@ -74,4 +74,48 @@ struct sample *smp_set_owner(struct sample *smp, struct proxy *px,
 	return smp;
 }
 
+
+/* Returns 1 if a sample may be safely used. It performs a few checks on the
+ * string length versus size, same for the binary version, and ensures that
+ * strings are properly terminated by a zero. If this last point is not granted
+ * but the string is not const, then the \0 is appended. Otherwise it returns 0,
+ * meaning the caller may need to call smp_dup() before going further.
+ */
+static inline
+int smp_is_safe(struct sample *smp)
+{
+	switch (smp->data.type) {
+	case SMP_T_STR:
+		if ((smp->data.u.str.len < 0) ||
+		    (smp->data.u.str.size && smp->data.u.str.len >= smp->data.u.str.size))
+			return 0;
+
+		if (smp->data.u.str.str[smp->data.u.str.len] == 0)
+			return 1;
+
+		if (!smp->data.u.str.size || (smp->flags & SMP_F_CONST))
+			return 0;
+
+		smp->data.u.str.str[smp->data.u.str.len] = 0;
+		return 1;
+
+	case SMP_T_BIN:
+		return (smp->data.u.str.len >= 0) &&
+		       (!smp->data.u.str.size || smp->data.u.str.len <= smp->data.u.str.size);
+
+	default:
+		return 1;
+	}
+}
+
+/* checks that a sample may freely be used, or duplicates it to normalize it.
+ * Returns 1 on success, 0 if the sample must not be used. The function also
+ * checks for NULL to simplify the calling code.
+ */
+static inline
+int smp_make_safe(struct sample *smp)
+{
+	return smp && (smp_is_safe(smp) || smp_dup(smp));
+}
+
 #endif /* _PROTO_SAMPLE_H */