| Quellcodebibliothek Statistik Leitseite products/sources/formale Sprachen/C/Apache/server/ (Apache Software Stiftung Version 2.4.65©) Datei vom 26.5.2024 mit Größe 109 kB |
|
Quelle util.c Sprache: C |
|||||||||
|
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /* * util.c: string utility things * * 3/21/93 Rob McCool * 1995-96 Many changes by the Apache Software Foundation * */ /* Debugging aid: * #define DEBUG to trace all cfg_open*()/cfg_closefile() calls * #define DEBUG_CFG_LINES to trace every line read from the config files */ #include "apr.h" #include "apr_strings.h" #include "apr_lib.h" #define APR_WANT_STDIO #define APR_WANT_STRFUNC #include "apr_want.h" #if APR_HAVE_UNISTD_H #include <unistd.h> #endif #if APR_HAVE_PROCESS_H #include <process.h> /* for getpid() on Win32 */ #endif #if APR_HAVE_NETDB_H #include <netdb.h> /* for gethostbyname() */ #endif #include "ap_config.h" #include "apr_base64.h" #include "apr_fnmatch.h" #include "httpd.h" #include "http_main.h" #include "http_log.h" #include "http_protocol.h" #include "http_config.h" #include "http_core.h" #include "util_ebcdic.h" #include "util_varbuf.h" #ifdef HAVE_PWD_H #include <pwd.h> #endif #ifdef HAVE_GRP_H #include <grp.h> #endif #ifdef HAVE_SYS_LOADAVG_H #include <sys/loadavg.h> #endif #include "ap_mpm.h" /* A bunch of functions in util.c scan strings looking for certain characters. * To make that more efficient we encode a lookup table. The test_char_table * is generated automatically by gen_test_char.c. */ #include "test_char.h" /* we know core's module_index is 0 */ #undef APLOG_MODULE_INDEX #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX /* maximum nesting level for config directories */ #ifndef AP_MAX_FNMATCH_DIR_DEPTH #define AP_MAX_FNMATCH_DIR_DEPTH (128) #endif /* * Examine a field value (such as a media-/content-type) string and return * it sans any parameters; e.g., strip off any ';charset=foo' and the like. */ AP_DECLARE(char *) ap_field_noparam(apr_pool_t *p, const char *intype) { const char *semi; if (intype == NULL) return NULL; semi = ap_strchr_c(intype, ';'); if (semi == NULL) { return apr_pstrdup(p, intype); } else { while ((semi > intype) && apr_isspace(semi[-1])) { semi--; } return apr_pstrmemdup(p, intype, semi - intype); } } AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt, int gmt) { apr_size_t retcode; char ts[MAX_STRING_LEN]; char tf[MAX_STRING_LEN]; apr_time_exp_t xt; if (gmt) { const char *f; char *strp; apr_time_exp_gmt(&xt, t); /* Convert %Z to "GMT" and %z to "+0000"; * on hosts that do not have a time zone string in struct tm, * strftime must assume its argument is local time. */ for(strp = tf, f = fmt; strp < tf + sizeof(tf) - 6 && (*strp = *f) ; f++, strp++) { if (*f != '%') continue; switch (f[1]) { case '%': *++strp = *++f; break; case 'Z': *strp++ = 'G'; *strp++ = 'M'; *strp = 'T'; f++; break; case 'z': /* common extension */ *strp++ = '+'; *strp++ = '0'; *strp++ = '0'; *strp++ = '0'; *strp = '0'; f++; break; } } *strp = '\0'; fmt = tf; } else { apr_time_exp_lt(&xt, t); } /* check return code? */ apr_strftime(ts, &retcode, MAX_STRING_LEN, fmt, &xt); ts[MAX_STRING_LEN - 1] = '\0'; return apr_pstrdup(p, ts); } /* Roy owes Rob beer. */ /* Rob owes Roy dinner. */ /* These legacy comments would make a lot more sense if Roy hadn't * replaced the old later_than() routine with util_date.c. * * Well, okay, they still wouldn't make any sense. */ /* Match = 0, NoMatch = 1, Abort = -1 * Based loosely on sections of wildmat.c by Rich Salz * Hmmm... shouldn't this really go component by component? */ AP_DECLARE(int) ap_strcmp_match(const char *str, const char *expected) { apr_size_t x, y; for (x = 0, y = 0; expected[y]; ++y, ++x) { if (expected[y] == '*') { while (expected[++y] == '*'); if (!expected[y]) return 0; while (str[x]) { int ret; if ((ret = ap_strcmp_match(&str[x++], &expected[y])) != 1) return ret; } return -1; } else if (!str[x]) return -1; else if ((expected[y] != '?') && (str[x] != expected[y])) return 1; } return (str[x] != '\0'); } AP_DECLARE(int) ap_strcasecmp_match(const char *str, const char *expected) { apr_size_t x, y; for (x = 0, y = 0; expected[y]; ++y, ++x) { if (!str[x] && expected[y] != '*') return -1; if (expected[y] == '*') { while (expected[++y] == '*'); if (!expected[y]) return 0; while (str[x]) { int ret; if ((ret = ap_strcasecmp_match(&str[x++], &expected[y])) != 1) return ret; } return -1; } else if (expected[y] != '?' && apr_tolower(str[x]) != apr_tolower(expected[y])) return 1; } return (str[x] != '\0'); } /* We actually compare the canonical root to this root, (but we don't * waste time checking the case), since every use of this function in * httpd-2.1 tests if the path is 'proper', meaning we've already passed * it through apr_filepath_merge, or we haven't. */ AP_DECLARE(int) ap_os_is_path_absolute(apr_pool_t *p, const char *dir) { const char *newpath; const char *ourdir = dir; if (apr_filepath_root(&newpath, &dir, 0, p) != APR_SUCCESS || strncmp(newpath, ourdir, strlen(newpath)) != 0) { return 0; } return 1; } AP_DECLARE(int) ap_is_matchexp(const char *str) { for (; *str; str++) if ((*str == '*') || (*str == '?')) return 1; return 0; } /* * Here's a pool-based interface to the POSIX-esque ap_regcomp(). * Note that we return ap_regex_t instead of being passed one. * The reason is that if you use an already-used ap_regex_t structure, * the memory that you've already allocated gets forgotten, and * regfree() doesn't clear it. So we don't allow it. */ static apr_status_t regex_cleanup(void *preg) { ap_regfree((ap_regex_t *) preg); return APR_SUCCESS; } AP_DECLARE(ap_regex_t *) ap_pregcomp(apr_pool_t *p, const char *pattern, int cflags) { ap_regex_t *preg = apr_palloc(p, sizeof *preg); int err = ap_regcomp(preg, pattern, cflags); if (err) { if (err == AP_REG_ESPACE) ap_abort_on_oom(); return NULL; } apr_pool_cleanup_register(p, (void *) preg, regex_cleanup, apr_pool_cleanup_null); return preg; } AP_DECLARE(void) ap_pregfree(apr_pool_t *p, ap_regex_t *reg) { ap_regfree(reg); apr_pool_cleanup_kill(p, (void *) reg, regex_cleanup); } /* * Similar to standard strstr() but we ignore case in this version. * Based on the strstr() implementation further below. */ AP_DECLARE(char *) ap_strcasestr(const char *s1, const char *s2) { char *p1, *p2; if (*s2 == '\0') { /* an empty s2 */ return((char *)s1); } while(1) { for ( ; (*s1 != '\0') && (apr_tolower(*s1) != apr_tolower(*s2)); s1++); if (*s1 == '\0') { return(NULL); } /* found first character of s2, see if the rest matches */ p1 = (char *)s1; p2 = (char *)s2; for (++p1, ++p2; apr_tolower(*p1) == apr_tolower(*p2); ++p1, ++p2) { if (*p1 == '\0') { /* both strings ended together */ return((char *)s1); } } if (*p2 == '\0') { /* second string ended, a match */ break; } /* didn't find a match here, try starting at next character in s1 */ s1++; } return((char *)s1); } /* * Returns an offsetted pointer in bigstring immediately after * prefix. Returns bigstring if bigstring doesn't start with * prefix or if prefix is longer than bigstring while still matching. * NOTE: pointer returned is relative to bigstring, so we * can use standard pointer comparisons in the calling function * (eg: test if ap_stripprefix(a,b) == a) */ AP_DECLARE(const char *) ap_stripprefix(const char *bigstring, const char *prefix) { const char *p1; if (*prefix == '\0') return bigstring; p1 = bigstring; while (*p1 && *prefix) { if (*p1++ != *prefix++) return bigstring; } if (*prefix == '\0') return p1; /* hit the end of bigstring! */ return bigstring; } /* This function substitutes for $0-$9, filling in regular expression * submatches. Pass it the same nmatch and pmatch arguments that you * passed ap_regexec(). pmatch should not be greater than the maximum number * of subexpressions - i.e. one more than the re_nsub member of ap_regex_t. * * nmatch must be <=AP_MAX_REG_MATCH (10). * * input should be the string with the $-expressions, source should be the * string that was matched against. * * It returns the substituted string, or NULL if a vbuf is used. * On errors, returns the orig string. * * Parts of this code are based on Henry Spencer's regsub(), from his * AT&T V8 regexp package. */ static apr_status_t regsub_core(apr_pool_t *p, char **result, struct ap_varbuf *vb, const char *input, const char *source, apr_size_t nmatch, ap_regmatch_t pmatch[], apr_size_t maxlen) { const char *src = input; char *dst; char c; apr_size_t no; apr_size_t len = 0; AP_DEBUG_ASSERT((result && p && !vb) || (vb && !p && !result)); if (!source || nmatch>AP_MAX_REG_MATCH) return APR_EINVAL; if (!nmatch) { len = strlen(src); if (maxlen > 0 && len >= maxlen) return APR_ENOMEM; if (!vb) { *result = apr_pstrmemdup(p, src, len); return APR_SUCCESS; } else { ap_varbuf_strmemcat(vb, src, len); return APR_SUCCESS; } } /* First pass, find the size */ while ((c = *src++) != '\0') { if (c == '$' && apr_isdigit(*src)) no = *src++ - '0'; else no = AP_MAX_REG_MATCH; if (no >= AP_MAX_REG_MATCH) { /* Ordinary character. */ if (c == '\\' && *src) src++; len++; } else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) { if (APR_SIZE_MAX - len <= pmatch[no].rm_eo - pmatch[no].rm_so) return APR_ENOMEM; len += pmatch[no].rm_eo - pmatch[no].rm_so; } } if (len >= maxlen && maxlen > 0) return APR_ENOMEM; if (!vb) { *result = dst = apr_palloc(p, len + 1); } else { if (vb->strlen == AP_VARBUF_UNKNOWN) vb->strlen = strlen(vb->buf); ap_varbuf_grow(vb, vb->strlen + len); dst = vb->buf + vb->strlen; vb->strlen += len; } /* Now actually fill in the string */ src = input; while ((c = *src++) != '\0') { if (c == '$' && apr_isdigit(*src)) no = *src++ - '0'; else no = AP_MAX_REG_MATCH; if (no >= AP_MAX_REG_MATCH) { /* Ordinary character. */ if (c == '\\' && *src) c = *src++; *dst++ = c; } else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) { len = pmatch[no].rm_eo - pmatch[no].rm_so; memcpy(dst, source + pmatch[no].rm_so, len); dst += len; } } *dst = '\0'; return APR_SUCCESS; } #ifndef AP_PREGSUB_MAXLEN #define AP_PREGSUB_MAXLEN (HUGE_STRING_LEN * 8) #endif AP_DECLARE(char *) ap_pregsub(apr_pool_t *p, const char *input, const char *source, apr_size_t nmatch, ap_regmatch_t pmatch[]) { char *result; apr_status_t rc = regsub_core(p, &result, NULL, input, source, nmatch, pmatch, AP_PREGSUB_MAXLEN); if (rc != APR_SUCCESS) result = NULL; return result; } AP_DECLARE(apr_status_t) ap_pregsub_ex(apr_pool_t *p, char **result, const char *input, const char *source, apr_size_t nmatch, ap_regmatch_t pmatch[], apr_size_t maxlen) { apr_status_t rc = regsub_core(p, result, NULL, input, source, nmatch, pmatch, maxlen); if (rc != APR_SUCCESS) *result = NULL; return rc; } /* Forward declare */ static char x2c(const char *what); #define IS_SLASH_OR_NUL(s) (s == '\0' || AP_IS_SLASH(s)) /* * Inspired by mod_jk's jk_servlet_normalize(). */ AP_DECLARE(int) ap_normalize_path(char *path, unsigned int flags) { int ret = 1; apr_size_t l = 1, w = 1, n; int decode_unreserved = (flags & AP_NORMALIZE_DECODE_UNRESERVED) != 0; int merge_slashes = (flags & AP_NORMALIZE_MERGE_SLASHES) != 0; if (!AP_IS_SLASH(path[0])) { /* Besides "OPTIONS *", a request-target should start with '/' * per RFC 7230 section 5.3, so anything else is invalid. */ if (path[0] == '*' && path[1] == '\0') { return 1; } /* However, AP_NORMALIZE_ALLOW_RELATIVE can be used to bypass * this restriction (e.g. for subrequest file lookups). */ if (!(flags & AP_NORMALIZE_ALLOW_RELATIVE) || path[0] == '\0') { return 0; } l = w = 0; } while (path[l] != '\0') { /* RFC-3986 section 2.3: * For consistency, percent-encoded octets in the ranges of * ALPHA (%41-%5A and %61-%7A), DIGIT (%30-%39), hyphen (%2D), * period (%2E), underscore (%5F), or tilde (%7E) should [...] * be decoded to their corresponding unreserved characters by * URI normalizers. */ if (decode_unreserved && path[l] == '%') { if (apr_isxdigit(path[l + 1]) && apr_isxdigit(path[l + 2])) { const char c = x2c(&path[l + 1]); if (TEST_CHAR(c, T_URI_UNRESERVED)) { /* Replace last char and fall through as the current * read position */ l += 2; path[l] = c; } } else { /* Invalid encoding */ ret = 0; } } if (w == 0 || AP_IS_SLASH(path[w - 1])) { /* Collapse ///// sequences to / */ if (merge_slashes && AP_IS_SLASH(path[l])) { do { l++; } while (AP_IS_SLASH(path[l])); continue; } if (path[l] == '.') { /* Remove /./ segments */ if (IS_SLASH_OR_NUL(path[l + 1])) { l++; if (path[l]) { l++; } continue; } /* Remove /xx/../ segments (or /xx/.%2e/ when * AP_NORMALIZE_DECODE_UNRESERVED is set since we * decoded only the first dot above). */ n = l + 1; if ((path[n] == '.' || (decode_unreserved && path[n] == '%' && path[++n] == '2' && (path[++n] == 'e' || path[n] == 'E'))) && IS_SLASH_OR_NUL(path[n + 1])) { /* Wind w back to remove the previous segment */ if (w > 1) { do { w--; } while (w && !AP_IS_SLASH(path[w - 1])); } else { /* Already at root, ignore and return a failure * if asked to. */ if (flags & AP_NORMALIZE_NOT_ABOVE_ROOT) { ret = 0; } } /* Move l forward to the next segment */ l = n + 1; if (path[l]) { l++; } continue; } } } path[w++] = path[l++]; } path[w] = '\0'; return ret; } /* * Parse .. so we don't compromise security */ AP_DECLARE(void) ap_getparents(char *name) { if (!ap_normalize_path(name, AP_NORMALIZE_NOT_ABOVE_ROOT | AP_NORMALIZE_ALLOW_RELATIVE)) { name[0] = '\0'; } } AP_DECLARE(void) ap_no2slash_ex(char *name, int is_fs_path) { char *d, *s; if (!*name) { return; } s = d = name; #ifdef HAVE_UNC_PATHS /* Check for UNC names. Leave leading two slashes. */ if (is_fs_path && s[0] == '/' && s[1] == '/') *d++ = *s++; #endif while (*s) { if ((*d++ = *s) == '/') { do { ++s; } while (*s == '/'); } else { ++s; } } *d = '\0'; } AP_DECLARE(void) ap_no2slash(char *name) { ap_no2slash_ex(name, 1); } /* * copy at most n leading directories of s into d * d should be at least as large as s plus 1 extra byte * assumes n > 0 * the return value is the ever useful pointer to the trailing \0 of d * * MODIFIED FOR HAVE_DRIVE_LETTERS and NETWARE environments, * so that if n == 0, "/" is returned in d with n == 1 * and s == "e:/test.html", "e:/" is returned in d * *** See also ap_directory_walk in server/request.c * * examples: * /a/b, 0 ==> / (true for all platforms) * /a/b, 1 ==> / * /a/b, 2 ==> /a/ * /a/b, 3 ==> /a/b/ * /a/b, 4 ==> /a/b/ * * c:/a/b 0 ==> / * c:/a/b 1 ==> c:/ * c:/a/b 2 ==> c:/a/ * c:/a/b 3 ==> c:/a/b * c:/a/b 4 ==> c:/a/b */ AP_DECLARE(char *) ap_make_dirstr_prefix(char *d, const char *s, int n) { if (n < 1) { *d = '/'; *++d = '\0'; return (d); } for (;;) { if (*s == '\0' || (*s == '/' && (--n) == 0)) { *d = '/'; break; } *d++ = *s++; } *++d = 0; return (d); } /* * return the parent directory name including trailing / of the file s */ AP_DECLARE(char *) ap_make_dirstr_parent(apr_pool_t *p, const char *s) { const char *last_slash = ap_strrchr_c(s, '/'); char *d; int l; if (last_slash == NULL) { return apr_pstrdup(p, ""); } l = (last_slash - s) + 1; d = apr_pstrmemdup(p, s, l); return (d); } AP_DECLARE(int) ap_count_dirs(const char *path) { int x, n; for (x = 0, n = 0; path[x]; x++) if (path[x] == '/') n++; return n; } AP_DECLARE(char *) ap_getword_nc(apr_pool_t *atrans, char **line, char stop) { return ap_getword(atrans, (const char **) line, stop); } AP_DECLARE(char *) ap_getword(apr_pool_t *atrans, const char **line, char stop) { const char *pos = *line; int len; char *res; while ((*pos != stop) && *pos) { ++pos; } len = pos - *line; res = apr_pstrmemdup(atrans, *line, len); if (stop) { while (*pos == stop) { ++pos; } } *line = pos; return res; } AP_DECLARE(char *) ap_getword_white_nc(apr_pool_t *atrans, char **line) { return ap_getword_white(atrans, (const char **) line); } AP_DECLARE(char *) ap_getword_white(apr_pool_t *atrans, const char **line) { const char *pos = *line; int len; char *res; while (!apr_isspace(*pos) && *pos) { ++pos; } len = pos - *line; res = apr_pstrmemdup(atrans, *line, len); while (apr_isspace(*pos)) { ++pos; } *line = pos; return res; } AP_DECLARE(char *) ap_getword_nulls_nc(apr_pool_t *atrans, char **line, char stop) { return ap_getword_nulls(atrans, (const char **) line, stop); } AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *atrans, const char **line, char stop) { const char *pos = ap_strchr_c(*line, stop); char *res; if (!pos) { apr_size_t len = strlen(*line); res = apr_pstrmemdup(atrans, *line, len); *line += len; return res; } res = apr_pstrmemdup(atrans, *line, pos - *line); ++pos; *line = pos; return res; } /* Get a word, (new) config-file style --- quoted strings and backslashes * all honored */ static char *substring_conf(apr_pool_t *p, const char *start, int len, char quote) { char *result = apr_palloc(p, len + 1); char *resp = result; int i; for (i = 0; i < len; ++i) { if (start[i] == '\\' && (start[i + 1] == '\\' || (quote && start[i + 1] == quote))) *resp++ = start[++i]; else *resp++ = start[i]; } *resp++ = '\0'; #if RESOLVE_ENV_PER_TOKEN return (char *)ap_resolve_env(p,result); #else return result; #endif } AP_DECLARE(char *) ap_getword_conf_nc(apr_pool_t *p, char **line) { return ap_getword_conf(p, (const char **) line); } AP_DECLARE(char *) ap_getword_conf(apr_pool_t *p, const char **line) { const char *str = *line, *strend; char *res; char quote; while (apr_isspace(*str)) ++str; if (!*str) { *line = str; return ""; } if ((quote = *str) == '"' || quote == '\'') { strend = str + 1; while (*strend && *strend != quote) { if (*strend == '\\' && strend[1] && (strend[1] == quote || strend[1] == '\\')) { strend += 2; } else { ++strend; } } res = substring_conf(p, str + 1, strend - str - 1, quote); if (*strend == quote) ++strend; } else { strend = str; while (*strend && !apr_isspace(*strend)) ++strend; res = substring_conf(p, str, strend - str, 0); } while (apr_isspace(*strend)) ++strend; *line = strend; return res; } AP_DECLARE(char *) ap_getword_conf2_nc(apr_pool_t *p, char **line) { return ap_getword_conf2(p, (const char **) line); } AP_DECLARE(char *) ap_getword_conf2(apr_pool_t *p, const char **line) { const char *str = *line, *strend; char *res; char quote; int count = 1; while (apr_isspace(*str)) ++str; if (!*str) { *line = str; return ""; } if ((quote = *str) == '"' || quote == '\'') return ap_getword_conf(p, line); if (quote == '{') { strend = str + 1; while (*strend) { if (*strend == '}' && !--count) break; if (*strend == '{') ++count; if (*strend == '\\' && strend[1] && strend[1] == '\\') { ++strend; } ++strend; } res = substring_conf(p, str + 1, strend - str - 1, 0); if (*strend == '}') ++strend; } else { strend = str; while (*strend && !apr_isspace(*strend)) ++strend; res = substring_conf(p, str, strend - str, 0); } while (apr_isspace(*strend)) ++strend; *line = strend; return res; } AP_DECLARE(int) ap_cfg_closefile(ap_configfile_t *cfp) { #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL, APLOGNO(00551) "Done with config file %s", cfp->name); #endif return (cfp->close == NULL) ? 0 : cfp->close(cfp->param); } /* we can't use apr_file_* directly because of linking issues on Windows */ static apr_status_t cfg_close(void *param) { return apr_file_close(param); } static apr_status_t cfg_getch(char *ch, void *param) { return apr_file_getc(ch, param); } static apr_status_t cfg_getstr(void *buf, apr_size_t bufsiz, void *param) { return apr_file_gets(buf, bufsiz, param); } /* Open a ap_configfile_t as FILE, return open ap_configfile_t struct pointer */ AP_DECLARE(apr_status_t) ap_pcfg_openfile(ap_configfile_t **ret_cfg, apr_pool_t *p, const char *name) { ap_configfile_t *new_cfg; apr_file_t *file = NULL; apr_finfo_t finfo; apr_status_t status; #ifdef DEBUG char buf[120]; #endif if (name == NULL) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, APLOGNO(00552) "Internal error: pcfg_openfile() called with NULL filename"); return APR_EBADF; } status = apr_file_open(&file, name, APR_READ | APR_BUFFERED, APR_OS_DEFAULT, p); #ifdef DEBUG ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL, APLOGNO(00553) "Opening config file %s (%s)", name, (status != APR_SUCCESS) ? apr_strerror(status, buf, sizeof(buf)) : "successful"); #endif if (status != APR_SUCCESS) return status; status = apr_file_info_get(&finfo, APR_FINFO_TYPE, file); if (status != APR_SUCCESS) return status; if (finfo.filetype != APR_REG && #if defined(WIN32) || defined(OS2) || defined(NETWARE) ap_cstr_casecmp(apr_filepath_name_get(name), "nul") != 0) { #else strcmp(name, "/dev/null") != 0) { #endif /* WIN32 || OS2 */ ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, APLOGNO(00554) "Access to file %s denied by server: not a regular file", name); apr_file_close(file); return APR_EBADF; } #ifdef WIN32 /* Some twisted character [no pun intended] at MS decided that a * zero width joiner as the lead wide character would be ideal for * describing Unicode text files. This was further convoluted to * another MSism that the same character mapped into utf-8, EF BB BF * would signify utf-8 text files. * * Since MS configuration files are all protecting utf-8 encoded * Unicode path, file and resource names, we already have the correct * WinNT encoding. But at least eat the stupid three bytes up front. */ { unsigned char buf[4]; apr_size_t len = 3; status = apr_file_read(file, buf, &len); if ((status != APR_SUCCESS) || (len < 3) || memcmp(buf, "\xEF\xBB\xBF", 3) != 0) { apr_off_t zero = 0; apr_file_seek(file, APR_SET, &zero); } } #endif new_cfg = apr_palloc(p, sizeof(*new_cfg)); new_cfg->param = file; new_cfg->name = apr_pstrdup(p, name); new_cfg->getch = cfg_getch; new_cfg->getstr = cfg_getstr; new_cfg->close = cfg_close; new_cfg->line_number = 0; *ret_cfg = new_cfg; return APR_SUCCESS; } /* Allocate a ap_configfile_t handle with user defined functions and params */ AP_DECLARE(ap_configfile_t *) ap_pcfg_open_custom( apr_pool_t *p, const char *descr, void *param, apr_status_t (*getc_func) (char *ch, void *param), apr_status_t (*gets_func) (void *buf, apr_size_t bufsize, void *param), apr_status_t (*close_func) (void *param)) { ap_configfile_t *new_cfg = apr_palloc(p, sizeof(*new_cfg)); new_cfg->param = param; new_cfg->name = descr; new_cfg->getch = getc_func; new_cfg->getstr = gets_func; new_cfg->close = close_func; new_cfg->line_number = 0; return new_cfg; } /* Read one character from a configfile_t */ AP_DECLARE(apr_status_t) ap_cfg_getc(char *ch, ap_configfile_t *cfp) { apr_status_t rc = cfp->getch(ch, cfp->param); if (rc == APR_SUCCESS && *ch == LF) ++cfp->line_number; return rc; } AP_DECLARE(const char *) ap_pcfg_strerror(apr_pool_t *p, ap_configfile_t *cfp, apr_status_t rc) { if (rc == APR_SUCCESS) return NULL; if (rc == APR_ENOSPC) return apr_psprintf(p, "Error reading %s at line %d: Line too long", cfp->name, cfp->line_number); return apr_psprintf(p, "Error reading %s at line %d: %pm", cfp->name, cfp->line_number, &rc); } /* Read one line from open ap_configfile_t, strip LF, increase line number */ /* If custom handler does not define a getstr() function, read char by char */ static apr_status_t ap_cfg_getline_core(char *buf, apr_size_t bufsize, apr_size_t offset, ap_configfile_t *cfp) { apr_status_t rc; /* If a "get string" function is defined, use it */ if (cfp->getstr != NULL) { char *cp; char *cbuf = buf + offset; apr_size_t cbufsize = bufsize - offset; while (1) { ++cfp->line_number; rc = cfp->getstr(cbuf, cbufsize, cfp->param); if (rc == APR_EOF) { if (cbuf != buf + offset) { *cbuf = '\0'; break; } else { return APR_EOF; } } if (rc != APR_SUCCESS) { return rc; } /* * check for line continuation, * i.e. match [^\\]\\[\r]\n only */ cp = cbuf; cp += strlen(cp); if (cp > buf && cp[-1] == LF) { cp--; if (cp > buf && cp[-1] == CR) cp--; if (cp > buf && cp[-1] == '\\') { cp--; /* * line continuation requested - * then remove backslash and continue */ cbufsize -= (cp-cbuf); cbuf = cp; continue; } } else if (cp - buf >= bufsize - 1) { return APR_ENOSPC; } break; } } else { /* No "get string" function defined; read character by character */ apr_size_t i = offset; if (bufsize < 2) { /* too small, assume caller is crazy */ return APR_EINVAL; } buf[offset] = '\0'; while (1) { char c; rc = cfp->getch(&c, cfp->param); if (rc == APR_EOF) { if (i > offset) break; else return APR_EOF; } if (rc != APR_SUCCESS) return rc; if (c == LF) { ++cfp->line_number; /* check for line continuation */ if (i > 0 && buf[i-1] == '\\') { i--; continue; } else { break; } } buf[i] = c; ++i; if (i >= bufsize - 1) { return APR_ENOSPC; } } buf[i] = '\0'; } return APR_SUCCESS; } static int cfg_trim_line(char *buf) { char *start, *end; /* * Leading and trailing white space is eliminated completely */ start = buf; while (apr_isspace(*start)) ++start; /* blast trailing whitespace */ end = &start[strlen(start)]; while (--end >= start && apr_isspace(*end)) *end = '\0'; /* Zap leading whitespace by shifting */ if (start != buf) memmove(buf, start, end - start + 2); #ifdef DEBUG_CFG_LINES ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, APLOGNO(00555) "Read config: '%s'", bu #endif return end - start + 1; } /* Read one line from open ap_configfile_t, strip LF, increase line number */ /* If custom handler does not define a getstr() function, read char by char */ AP_DECLARE(apr_status_t) ap_cfg_getline(char *buf, apr_size_t bufsize, ap_configfile_t *cfp) { apr_status_t rc = ap_cfg_getline_core(buf, bufsize, 0, cfp); if (rc == APR_SUCCESS) cfg_trim_line(buf); return rc; } AP_DECLARE(apr_status_t) ap_varbuf_cfg_getline(struct ap_varbuf *vb, ap_configfile_t *cfp, apr_size_t max_len) { apr_status_t rc; apr_size_t new_len; vb->strlen = 0; *vb->buf = '\0'; if (vb->strlen == AP_VARBUF_UNKNOWN) vb->strlen = strlen(vb->buf); if (vb->avail - vb->strlen < 3) { new_len = vb->avail * 2; if (new_len > max_len) new_len = max_len; else if (new_len < 3) new_len = 3; ap_varbuf_grow(vb, new_len); } for (;;) { rc = ap_cfg_getline_core(vb->buf, vb->avail, vb->strlen, cfp); if (rc == APR_ENOSPC || rc == APR_SUCCESS) vb->strlen += strlen(vb->buf + vb->strlen); if (rc != APR_ENOSPC) break; if (vb->avail >= max_len) return APR_ENOSPC; new_len = vb->avail * 2; if (new_len > max_len) new_len = max_len; ap_varbuf_grow(vb, new_len); --cfp->line_number; } if (vb->strlen > max_len) return APR_ENOSPC; if (rc == APR_SUCCESS) vb->strlen = cfg_trim_line(vb->buf); return rc; } /* Size an HTTP header field list item, as separated by a comma. * The return value is a pointer to the beginning of the non-empty list item * within the original string (or NULL if there is none) and the address * of field is shifted to the next non-comma, non-whitespace character. * len is the length of the item excluding any beginning whitespace. */ AP_DECLARE(const char *) ap_size_list_item(const char **field, int *len) { const unsigned char *ptr = (const unsigned char *)*field; const unsigned char *token; int in_qpair, in_qstr, in_com; /* Find first non-comma, non-whitespace byte */ while (*ptr == ',' || apr_isspace(*ptr)) ++ptr; token = ptr; /* Find the end of this item, skipping over dead bits */ for (in_qpair = in_qstr = in_com = 0; *ptr && (in_qpair || in_qstr || in_com || *ptr != ','); ++ptr) { if (in_qpair) { in_qpair = 0; } else { switch (*ptr) { case '\\': in_qpair = 1; /* quoted-pair */ break; case '"' : if (!in_com) /* quoted string delim */ in_qstr = !in_qstr; break; case '(' : if (!in_qstr) /* comment (may nest) */ ++in_com; break; case ')' : if (in_com) /* end comment */ --in_com; break; default : break; } } } if ((*len = (ptr - token)) == 0) { *field = (const char *)ptr; return NULL; } /* Advance field pointer to the next non-comma, non-white byte */ while (*ptr == ',' || apr_isspace(*ptr)) ++ptr; *field = (const char *)ptr; return (const char *)token; } /* Retrieve an HTTP header field list item, as separated by a comma, * while stripping insignificant whitespace and lowercasing anything not in * a quoted string or comment. The return value is a new string containing * the converted list item (or NULL if none) and the address pointed to by * field is shifted to the next non-comma, non-whitespace. */ AP_DECLARE(char *) ap_get_list_item(apr_pool_t *p, const char **field) { const char *tok_start; const unsigned char *ptr; unsigned char *pos; char *token; int addspace = 0, in_qpair = 0, in_qstr = 0, in_com = 0, tok_len = 0; /* Find the beginning and maximum length of the list item so that * we can allocate a buffer for the new string and reset the field. */ if ((tok_start = ap_size_list_item(field, &tok_len)) == NULL) { return NULL; } token = apr_palloc(p, tok_len + 1); /* Scan the token again, but this time copy only the good bytes. * We skip extra whitespace and any whitespace around a '=', '/', * or ';' and lowercase normal characters not within a comment, * quoted-string or quoted-pair. */ for (ptr = (const unsigned char *)tok_start, pos = (unsigned char *)token; *ptr && (in_qpair || in_qstr || in_com || *ptr != ','); ++ptr) { if (in_qpair) { in_qpair = 0; *pos++ = *ptr; } else { switch (*ptr) { case '\\': in_qpair = 1; if (addspace == 1) *pos++ = ' '; *pos++ = *ptr; addspace = 0; break; case '"' : if (!in_com) in_qstr = !in_qstr; if (addspace == 1) *pos++ = ' '; *pos++ = *ptr; addspace = 0; break; case '(' : if (!in_qstr) ++in_com; if (addspace == 1) *pos++ = ' '; *pos++ = *ptr; addspace = 0; break; case ')' : if (in_com) --in_com; *pos++ = *ptr; addspace = 0; break; case ' ' : case '\t': if (addspace) break; if (in_com || in_qstr) *pos++ = *ptr; else addspace = 1; break; case '=' : case '/' : case ';' : if (!(in_com || in_qstr)) addspace = -1; *pos++ = *ptr; break; default : if (addspace == 1) *pos++ = ' '; *pos++ = (in_com || in_qstr) ? *ptr : apr_tolower(*ptr); addspace = 0; break; } } } *pos = '\0'; return token; } typedef enum ap_etag_e { AP_ETAG_NONE, AP_ETAG_WEAK, AP_ETAG_STRONG } ap_etag_e; /* Find an item in canonical form (lowercase, no extra spaces) within * an HTTP field value list. Returns 1 if found, 0 if not found. * This would be much more efficient if we stored header fields as * an array of list items as they are received instead of a plain string. */ static int find_list_item(apr_pool_t *p, const char *line, const char *tok, ap_etag_e type) { const unsigned char *pos; const unsigned char *ptr = (const unsigned char *)line; int good = 0, addspace = 0, in_qpair = 0, in_qstr = 0, in_com = 0; if (!line || !tok) { return 0; } if (type == AP_ETAG_STRONG && *tok != '\"') { return 0; } if (type == AP_ETAG_WEAK) { if (*tok == 'W' && (*(tok+1)) == '/' && (*(tok+2)) == '\"') { tok += 2; } else if (*tok != '\"') { return 0; } } do { /* loop for each item in line's list */ /* Find first non-comma, non-whitespace byte */ while (*ptr == ',' || apr_isspace(*ptr)) { ++ptr; } /* Account for strong or weak Etags, depending on our search */ if (type == AP_ETAG_STRONG && *ptr != '\"') { break; } if (type == AP_ETAG_WEAK) { if (*ptr == 'W' && (*(ptr+1)) == '/' && (*(ptr+2)) == '\"') { ptr += 2; } else if (*ptr != '\"') { break; } } if (*ptr) good = 1; /* until proven otherwise for this item */ else break; /* no items left and nothing good found */ /* We skip extra whitespace and any whitespace around a '=', '/', * or ';' and lowercase normal characters not within a comment, * quoted-string or quoted-pair. */ for (pos = (const unsigned char *)tok; *ptr && (in_qpair || in_qstr || in_com || *ptr != ','); ++ptr) { if (in_qpair) { in_qpair = 0; if (good) good = (*pos++ == *ptr); } else { switch (*ptr) { case '\\': in_qpair = 1; if (addspace == 1) good = good && (*pos++ == ' '); good = good && (*pos++ == *ptr); addspace = 0; break; case '"' : if (!in_com) in_qstr = !in_qstr; if (addspace == 1) good = good && (*pos++ == ' '); good = good && (*pos++ == *ptr); addspace = 0; break; case '(' : if (!in_qstr) ++in_com; if (addspace == 1) good = good && (*pos++ == ' '); good = good && (*pos++ == *ptr); addspace = 0; break; case ')' : if (in_com) --in_com; good = good && (*pos++ == *ptr); addspace = 0; break; case ' ' : case '\t': if (addspace || !good) break; if (in_com || in_qstr) good = (*pos++ == *ptr); else addspace = 1; break; case '=' : case '/' : case ';' : if (!(in_com || in_qstr)) addspace = -1; good = good && (*pos++ == *ptr); break; default : if (!good) break; if (addspace == 1) good = (*pos++ == ' '); if (in_com || in_qstr) good = good && (*pos++ == *ptr); else good = good && (apr_tolower(*pos++) == apr_tolower(*ptr)); addspace = 0; break; } } } if (good && *pos) good = 0; /* not good if only a prefix was matched */ } while (*ptr && !good); return good; } /* Find an item in canonical form (lowercase, no extra spaces) within * an HTTP field value list. Returns 1 if found, 0 if not found. * This would be much more efficient if we stored header fields as * an array of list items as they are received instead of a plain string. */ AP_DECLARE(int) ap_find_list_item(apr_pool_t *p, const char *line, const char *tok) { return find_list_item(p, line, tok, AP_ETAG_NONE); } /* Find a strong Etag in canonical form (lowercase, no extra spaces) within * an HTTP field value list. Returns 1 if found, 0 if not found. */ AP_DECLARE(int) ap_find_etag_strong(apr_pool_t *p, const char *line, const char *tok) { return find_list_item(p, line, tok, AP_ETAG_STRONG); } /* Find a weak ETag in canonical form (lowercase, no extra spaces) within * an HTTP field value list. Returns 1 if found, 0 if not found. */ AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line, const char *tok) { return find_list_item(p, line, tok, AP_ETAG_WEAK); } /* Grab a list of tokens of the format 1#token (from RFC7230) */ AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p, const char *str_in, apr_array_header_t **tokens, int skip_invalid) { int in_leading_space = 1; int in_trailing_space = 0; int string_end = 0; const char *tok_begin; const char *cur; if (!str_in) { return NULL; } tok_begin = cur = str_in; while (!string_end) { const unsigned char c = (unsigned char)*cur; if (!TEST_CHAR(c, T_HTTP_TOKEN_STOP)) { /* Non-separator character; we are finished with leading * whitespace. We must never have encountered any trailing * whitespace before the delimiter (comma) */ in_leading_space = 0; if (in_trailing_space) { return "Encountered illegal whitespace in token"; } } else if (c == ' ' || c == '\t') { /* "Linear whitespace" only includes ASCII CRLF, space, and tab; * we can't get a CRLF since headers are split on them already, * so only look for a space or a tab */ if (in_leading_space) { /* We're still in leading whitespace */ ++tok_begin; } else { /* We must be in trailing whitespace */ ++in_trailing_space; } } else if (c == ',' || c == '\0') { if (!in_leading_space) { /* If we're out of the leading space, we know we've read some * characters of a token */ if (*tokens == NULL) { *tokens = apr_array_make(p, 4, sizeof(char *)); } APR_ARRAY_PUSH(*tokens, char *) = apr_pstrmemdup((*tokens)->pool, tok_begin, (cur - tok_begin) - in_trailing_space); } /* We're allowed to have null elements, just don't add them to the * array */ tok_begin = cur + 1; in_leading_space = 1; in_trailing_space = 0; string_end = (c == '\0'); } else { /* Encountered illegal separator char */ if (skip_invalid) { /* Skip to the next separator */ const char *temp; temp = ap_strchr_c(cur, ','); if(!temp) { temp = ap_strchr_c(cur, '\0'); } /* Act like we haven't seen a token so we reset */ cur = temp - 1; in_leading_space = 1; in_trailing_space = 0; } else { return apr_psprintf(p, "Encountered illegal separator " "'\\x%.2x'", (unsigned int)c); } } ++cur; } return NULL; } /* Scan a string for HTTP VCHAR/obs-text characters including HT and SP * (as used in header values, for example, in RFC 7230 section 3.2) * returning the pointer to the first non-HT ASCII ctrl character. */ AP_DECLARE(const char *) ap_scan_http_field_content(const char *ptr) { for ( ; !TEST_CHAR(*ptr, T_HTTP_CTRLS); ++ptr) ; return ptr; } /* Scan a string for HTTP token characters, returning the pointer to * the first non-token character. */ AP_DECLARE(const char *) ap_scan_http_token(const char *ptr) { for ( ; !TEST_CHAR(*ptr, T_HTTP_TOKEN_STOP); ++ptr) ; return ptr; } /* Scan a string for visible ASCII (0x21-0x7E) or obstext (0x80+) * and return a pointer to the first ctrl/space character encountered. */ AP_DECLARE(const char *) ap_scan_vchar_obstext(const char *ptr) { for ( ; TEST_CHAR(*ptr, T_VCHAR_OBSTEXT); ++ptr) ; return ptr; } /* Retrieve a token, spacing over it and returning a pointer to * the first non-white byte afterwards. Note that these tokens * are delimited by semis and commas; and can also be delimited * by whitespace at the caller's option. */ AP_DECLARE(char *) ap_get_token(apr_pool_t *p, const char **accept_line, int accept_white) { const char *ptr = *accept_line; const char *tok_start; char *token; /* Find first non-white byte */ while (apr_isspace(*ptr)) ++ptr; tok_start = ptr; /* find token end, skipping over quoted strings. * (comments are already gone). */ while (*ptr && (accept_white || !apr_isspace(*ptr)) && *ptr != ';' && *ptr != ',') { if (*ptr++ == '"') while (*ptr) if (*ptr++ == '"') break; } token = apr_pstrmemdup(p, tok_start, ptr - tok_start); /* Advance accept_line pointer to the next non-white byte */ while (apr_isspace(*ptr)) ++ptr; *accept_line = ptr; return token; } /* find http tokens, see the definition of token from RFC2068 */ AP_DECLARE(int) ap_find_token(apr_pool_t *p, const char *line, const char *tok) { const unsigned char *start_token; const unsigned char *s; if (!line) return 0; s = (const unsigned char *)line; for (;;) { /* find start of token, skip all stop characters */ while (*s && TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) { ++s; } if (!*s) { return 0; } start_token = s; /* find end of the token */ while (*s && !TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) { ++s; } if (!ap_cstr_casecmpn((const char *)start_token, (const char *)tok, s - start_token)) { return 1; } if (!*s) { return 0; } } } static const char *find_last_token(apr_pool_t *p, const char *line, const char *tok) { int llen, tlen, lidx; if (!line) return NULL; llen = strlen(line); tlen = strlen(tok); lidx = llen - tlen; if (lidx < 0 || (lidx > 0 && !(apr_isspace(line[lidx - 1]) || line[lidx - 1] == ','))) return NULL; if (ap_cstr_casecmpn(&line[lidx], tok, tlen) == 0) { return &line[lidx]; } return NULL; } AP_DECLARE(int) ap_find_last_token(apr_pool_t *p, const char *line, const char *tok) { return find_last_token(p, line, tok) != NULL; } AP_DECLARE(int) ap_is_chunked(apr_pool_t *p, const char *line) { const char *s; if (!line) return 0; if (!ap_cstr_casecmp(line, "chunked")) { return 1; } s = find_last_token(p, line, "chunked"); if (!s) return 0; /* eat spaces right-to-left to see what precedes "chunked" */ while (--s > line) { if (*s != ' ') break; } /* found delim, or leading ws (input wasn't parsed by httpd as a header) */ if (*s == ',' || *s == ' ') { return 1; } return 0; } AP_DECLARE(char *) ap_escape_shell_cmd(apr_pool_t *p, const char *str) { char *cmd; unsigned char *d; const unsigned char *s; cmd = apr_palloc(p, 2 * strlen(str) + 1); /* Be safe */ d = (unsigned char *)cmd; s = (const unsigned char *)str; for (; *s; ++s) { #if defined(OS2) || defined(WIN32) /* * Newlines to Win32/OS2 CreateProcess() are ill advised. * Convert them to spaces since they are effectively white * space to most applications */ if (*s == '\r' || *s == '\n') { *d++ = ' '; continue; } #endif if (TEST_CHAR(*s, T_ESCAPE_SHELL_CMD)) { *d++ = '\\'; } *d++ = *s; } *d = '\0'; return cmd; } static char x2c(const char *what) { char digit; #if !APR_CHARSET_EBCDIC digit = ((what[0] >= 'A') ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); digit *= 16; digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0')); #else /*APR_CHARSET_EBCDIC*/ char xstr[5]; xstr[0]='0'; xstr[1]='x'; xstr[2]=what[0]; xstr[3]=what[1]; xstr[4]='\0'; digit = apr_xlate_conv_byte(ap_hdrs_from_ascii, 0xFF & strtol(xstr, NULL, 16)); #endif /*APR_CHARSET_EBCDIC*/ return (digit); } /* * Unescapes a URL, leaving reserved characters intact. * Returns 0 on success, non-zero on error * Failure is due to * bad % escape returns HTTP_BAD_REQUEST * * decoding %00 or a forbidden character returns HTTP_NOT_FOUND */ static int unescape_url(char *url, const char *forbid, const char *reserved, unsigned int flags) { const int keep_slashes = (flags & AP_UNESCAPE_URL_KEEP_SLASHES) != 0, forbid_slashes = (flags & AP_UNESCAPE_URL_FORBID_SLASHES) != 0, keep_unreserved = (flags & AP_UNESCAPE_URL_KEEP_UNRESERVED) != 0; int badesc, badpath; char *x, *y; badesc = 0; badpath = 0; /* Initial scan for first '%'. Don't bother writing values before * seeing a '%' */ y = strchr(url, '%'); if (y == NULL) { return OK; } for (x = y; *y; ++x, ++y) { if (*y != '%') { *x = *y; } else { if (!apr_isxdigit(*(y + 1)) || !apr_isxdigit(*(y + 2))) { badesc = 1; *x = '%'; } else { char decoded; decoded = x2c(y + 1); if ((decoded == '\0') || (forbid_slashes && AP_IS_SLASH(decoded)) || (forbid && ap_strchr_c(forbid, decoded))) { badpath = 1; *x = decoded; y += 2; } else if ((keep_unreserved && TEST_CHAR(decoded, T_URI_UNRESERVED)) || (keep_slashes && AP_IS_SLASH(decoded)) || (reserved && ap_strchr_c(reserved, decoded))) { *x++ = *y++; *x++ = *y++; *x = *y; } else { *x = decoded; y += 2; } } } } *x = '\0'; if (badesc) { return HTTP_BAD_REQUEST; } else if (badpath) { return HTTP_NOT_FOUND; } else { return OK; } } AP_DECLARE(int) ap_unescape_url(char *url) { /* Traditional */ return unescape_url(url, AP_SLASHES, NULL, 0); } AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes) { /* AllowEncodedSlashes (corrected) */ if (decode_slashes) { /* no chars reserved */ return unescape_url(url, NULL, NULL, 0); } else { /* reserve (do not decode) encoded slashes */ return unescape_url(url, NULL, AP_SLASHES, 0); } } AP_DECLARE(int) ap_unescape_url_ex(char *url, unsigned int flags) { return unescape_url(url, NULL, NULL, flags); } #ifdef NEW_APIS /* IFDEF these out until they've been thought through. * Just a germ of an API extension for now */ AP_DECLARE(int) ap_unescape_url_proxy(char *url) { /* leave RFC1738 reserved characters intact, * so proxied URLs * don't get mangled. Where does that leave encoded '&' ? */ return unescape_url(url, NULL, "/;?", 0); } AP_DECLARE(int) ap_unescape_url_reserved(char *url, const char *reserved) { return unescape_url(url, NULL, reserved); } #endif AP_DECLARE(int) ap_unescape_urlencoded(char *query) { char *slider; /* replace plus with a space */ if (query) { for (slider = query; *slider; slider++) { if (*slider == '+') { *slider = ' '; } } } /* unescape everything else */ return unescape_url(query, NULL, NULL, 0); } AP_DECLARE(char *) ap_construct_server(apr_pool_t *p, const char *hostname, apr_port_t port, const request_rec *r) { if (ap_is_default_port(port, r)) { return apr_pstrdup(p, hostname); } else { return apr_psprintf(p, "%s:%u", hostname, port); } } AP_DECLARE(int) ap_unescape_all(char *url) { return unescape_url(url, NULL, NULL, 0); } /* c2x takes an unsigned, and expects the caller has guaranteed that * 0 <= what < 256... which usually means that you have to cast to * unsigned char first, because (unsigned)(char)(x) first goes through * signed extension to an int before the unsigned cast. * * The reason for this assumption is to assist gcc code generation -- * the unsigned char -> unsigned extension is already done earlier in * both uses of this code, so there's no need to waste time doing it * again. */ static const char c2x_table[] = "0123456789abcdef"; static APR_INLINE unsigned char *c2x(unsigned what, unsigned char prefix, unsigned char *where) { #if APR_CHARSET_EBCDIC what = apr_xlate_conv_byte(ap_hdrs_to_ascii, (unsigned char)what); #endif /*APR_CHARSET_EBCDIC*/ *where++ = prefix; *where++ = c2x_table[what >> 4]; *where++ = c2x_table[what & 0xf]; return where; } /* * escape_path_segment() escapes a path segment, as defined in RFC 1808. This * routine is (should be) OS independent. * * os_escape_path() converts an OS path to a URL, in an OS dependent way. In all * cases if a ':' occurs before the first '/' in the URL, the URL should be * prefixed with "./" (or the ':' escaped). In the case of Unix, this means * leaving '/' alone, but otherwise doing what escape_path_segment() does. For * efficiency reasons, we don't use escape_path_segment(), which is provided for * reference. Again, RFC 1808 is where this stuff is defined. * * If partial is set, os_escape_path() assumes that the path will be appended to * something with a '/' in it (and thus does not prefix "./"). */ AP_DECLARE(char *) ap_escape_path_segment_buffer(char *copy, const char *segment) { const unsigned char *s = (const unsigned char *)segment; unsigned char *d = (unsigned char *)copy; unsigned c; while ((c = *s)) { if (TEST_CHAR(c, T_ESCAPE_PATH_SEGMENT)) { d = c2x(c, '%', d); } else { *d++ = c; } ++s; } *d = '\0'; return copy; } AP_DECLARE(char *) ap_escape_path_segment(apr_pool_t *p, const char *segment) { return ap_escape_path_segment_buffer(apr_palloc(p, 3 * strlen(segment) + 1), segment); } AP_DECLARE(char *) ap_os_escape_path(apr_pool_t *p, const char *path, int partial) { char *copy = apr_palloc(p, 3 * strlen(path) + 3); const unsigned char *s = (const unsigned char *)path; unsigned char *d = (unsigned char *)copy; unsigned c; if (!partial) { const char *colon = ap_strchr_c(path, ':'); const char *slash = ap_strchr_c(path, '/'); if (colon && (!slash || colon < slash)) { *d++ = '.'; *d++ = '/'; } } while ((c = *s)) { if (TEST_CHAR(c, T_OS_ESCAPE_PATH)) { d = c2x(c, '%', d); } else { *d++ = c; } ++s; } *d = '\0'; return copy; } AP_DECLARE(char *) ap_escape_urlencoded_buffer(char *copy, const char *buffer) { const unsigned char *s = (const unsigned char *)buffer; unsigned char *d = (unsigned char *)copy; unsigned c; while ((c = *s)) { if (TEST_CHAR(c, T_ESCAPE_URLENCODED)) { d = c2x(c, '%', d); } else if (c == ' ') { *d++ = '+'; } else { *d++ = c; } ++s; } *d = '\0'; return copy; } AP_DECLARE(char *) ap_escape_urlencoded(apr_pool_t *p, const char *buffer) { return ap_escape_urlencoded_buffer(apr_palloc(p, 3 * strlen(buffer) + 1), buffer); } /* ap_escape_uri is now a macro for os_escape_path */ AP_DECLARE(char *) ap_escape_html2(apr_pool_t *p, const char *s, int toasc) { apr_size_t i, j; char *x; /* first, count the number of extra characters */ for (i = 0, j = 0; s[i] != '\0'; i++) { if (i + j > APR_SIZE_MAX - 6) { abort(); } if (s[i] == '<' || s[i] == '>') j += 3; else if (s[i] == '&') j += 4; else if (s[i] == '"') j += 5; else if (toasc && !apr_isascii(s[i])) j += 5; } if (j == 0) return apr_pstrmemdup(p, s, i); x = apr_palloc(p, i + j + 1); for (i = 0, j = 0; s[i] != '\0'; i++, j++) if (s[i] == '<') { memcpy(&x[j], "<", 4); j += 3; } else if (s[i] == '>') { memcpy(&x[j], ">", 4); j += 3; } else if (s[i] == '&') { memcpy(&x[j], "&", 5); j += 4; } else if (s[i] == '"') { memcpy(&x[j], """, 6); j += 5; } else if (toasc && !apr_isascii(s[i])) { char *esc = apr_psprintf(p, "&#%3.3d;", (unsigned char)s[i]); memcpy(&x[j], esc, 6); j += 5; } else x[j] = s[i]; x[j] = '\0'; return x; } AP_DECLARE(char *) ap_escape_logitem(apr_pool_t *p, const char *str) { char *ret; unsigned char *d; const unsigned char *s; apr_size_t length, escapes = 0; if (!str) { return NULL; } /* Compute how many characters need to be escaped */ s = (const unsigned char *)str; for (; *s; ++s) { if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) { escapes++; } } /* Compute the length of the input string, including NULL */ length = s - (const unsigned char *)str + 1; /* Fast path: nothing to escape */ if (escapes == 0) { return apr_pmemdup(p, str, length); } /* Each escaped character needs up to 3 extra bytes (0 --> \x00) */ ret = apr_palloc(p, length + 3 * escapes); d = (unsigned char *)ret; s = (const unsigned char *)str; for (; *s; ++s) { if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) { *d++ = '\\'; switch(*s) { case '\b': *d++ = 'b'; break; case '\n': *d++ = 'n'; break; case '\r': *d++ = 'r'; break; case '\t': *d++ = 't'; break; case '\v': *d++ = 'v'; break; case '\\': case '"': *d++ = *s; break; default: c2x(*s, 'x', d); d += 3; } } else { *d++ = *s; } } *d = '\0'; return ret; } AP_DECLARE(apr_size_t) ap_escape_errorlog_item(char *dest, const char *source, apr_size_t buflen) { unsigned char *d, *ep; const unsigned char *s; if (!source || !buflen) { /* be safe */ return 0; } d = (unsigned char *)dest; s = (const unsigned char *)source; --> -------------------- --> maximum size reached --> -------------------- ¤ Dauer der Verarbeitung: 0.43 Sekunden (vorverarbeitet) ¤*© Formatika GbR, Deutschland |
|
2026-03-28