--- parser3/src/classes/file.C 2003/03/27 14:51:27 1.107.2.16.2.12 +++ parser3/src/classes/file.C 2003/11/20 17:07:43 1.116 @@ -5,7 +5,7 @@ Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char* IDENT_FILE_C="$Date: 2003/03/27 14:51:27 $"; +static const char * const IDENT_FILE_C="$Date: 2003/11/20 17:07:43 $"; #include "pa_config_includes.h" @@ -23,18 +23,20 @@ static const char* IDENT_FILE_C="$Date: #include "pa_dir.h" #include "pa_vtable.h" #include "pa_charset.h" +#include "pa_charsets.h" // defines #define TEXT_MODE_NAME "text" #define STDIN_EXEC_PARAM_NAME "stdin" +#define CHARSET_EXEC_PARAM_NAME "charset" // class class MFile: public Methoded { public: // VStateless_class - Value* create_new_value() { return new VFile(); } + Value* create_new_value(Pool&) { return new VFile(); } public: // Methoded bool used_directly() { return true; } @@ -96,31 +98,31 @@ static const char* suexec_safe_env_lst[] // statics -static const StringBody adate_name("adate"); -static const StringBody mdate_name("mdate"); -static const StringBody cdate_name("cdate"); +static const String::Body adate_name("adate"); +static const String::Body mdate_name("mdate"); +static const String::Body cdate_name("cdate"); // methods -static void _save(Request& r, MethodParams* params) { - Value& vmode_name=params-> as_no_junction(0, "mode must not be code"); - Value& vfile_name=params->as_no_junction(1, "file name must not be code"); +static void _save(Request& r, MethodParams& params) { + Value& vmode_name=params. as_no_junction(0, "mode must not be code"); + Value& vfile_name=params.as_no_junction(1, "file name must not be code"); // save GET_SELF(r, VFile).save(r.absolute(vfile_name.as_string()), vmode_name.as_string()==TEXT_MODE_NAME); } -static void _delete(Request& r, MethodParams* params) { - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); +static void _delete(Request& r, MethodParams& params) { + Value& vfile_name=params.as_no_junction(0, "file name must not be code"); // unlink file_delete(r.absolute(vfile_name.as_string())); } -static void _move(Request& r, MethodParams* params) { - Value& vfrom_file_name=params->as_no_junction(0, "from file name must not be code"); - Value& vto_file_name=params->as_no_junction(1, "to file name must not be code"); +static void _move(Request& r, MethodParams& params) { + Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code"); + Value& vto_file_name=params.as_no_junction(1, "to file name must not be code"); // move file_move( @@ -134,23 +136,23 @@ static void _load_pass_param( HashStringValue *dest) { dest->put(key, value); } -static void _load(Request& r, MethodParams* params) { - Value& vmode_name=params-> as_no_junction(0, "mode must not be code"); - const String& lfile_name=r.absolute(params->as_no_junction(1, "file name must not be code").as_string()); - Value* third_param=params->count()>2?¶ms->as_no_junction(2, "filename or options must not be code") +static void _load(Request& r, MethodParams& params) { + Value& vmode_name=params. as_no_junction(0, "mode must not be code"); + const String& lfile_name=r.absolute(params.as_no_junction(1, "file name must not be code").as_string()); + Value* third_param=params.count()>2?¶ms.as_no_junction(2, "filename or options must not be code") :0; HashStringValue* third_param_hash=third_param?third_param->get_hash():0; size_t alt_filename_param_index=2; if(third_param_hash) alt_filename_param_index++; - File_read_result file=file_read(r.charsets.source(), lfile_name, + File_read_result file=file_read(r.charsets, lfile_name, vmode_name.as_string()==TEXT_MODE_NAME, third_param_hash ); - const char *user_file_name=params->count()>alt_filename_param_index? - params->as_string(alt_filename_param_index, "filename must be string").cstr() + const char *user_file_name=params.count()>alt_filename_param_index? + params.as_string(alt_filename_param_index, "filename must be string").cstr() :lfile_name.cstr(String::L_FILE_SPEC); Value* vcontent_type=0; @@ -165,8 +167,8 @@ static void _load(Request& r, MethodPara file.headers->for_each(_load_pass_param, &self.fields()); } -static void _stat(Request& r, MethodParams* params) { - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); +static void _stat(Request& r, MethodParams& params) { + Value& vfile_name=params.as_no_junction(0, "file name must not be code"); const String& lfile_name=vfile_name.as_string(); @@ -186,6 +188,11 @@ static void _stat(Request& r, MethodPara } static bool is_safe_env_key(const char* key) { + for(const char* validator=key; *validator; validator++) { + char c=*validator; + if(!(c>='A' && c<='Z' || c>='0' && c<='9' || c=='_' || c=='-')) + return false; + } if(strncasecmp(key, "HTTP_", 5)==0) return true; if(strncasecmp(key, "CGI_", 4)==0) @@ -200,6 +207,7 @@ static bool is_safe_env_key(const char* struct Append_env_pair_info { HashStringString* env; Value* vstdin; + Value* vcharset; }; #endif static void append_env_pair( @@ -208,6 +216,8 @@ static void append_env_pair( Append_env_pair_info *info) { if(akey==STDIN_EXEC_PARAM_NAME) { info->vstdin=avalue; + } else if(akey==CHARSET_EXEC_PARAM_NAME) { + info->vcharset=avalue; } else { if(!is_safe_env_key(akey.cstr())) throw Exception("parser.runtime", @@ -237,10 +247,10 @@ static void pass_cgi_header_attribute( } } /// @todo fix `` in perl - they produced flipping consoles and no output to perl -static void _exec_cgi(Request& r, MethodParams* params, +static void _exec_cgi(Request& r, MethodParams& params, bool cgi) { - Value& vfile_name=params->as_no_junction(0, "file name must not be code"); + Value& vfile_name=params.as_no_junction(0, "file name must not be code"); const String& script_name=r.absolute(vfile_name.as_string()); @@ -248,15 +258,16 @@ static void _exec_cgi(Request& r, Method #define ECSTR(name, value_cstr) \ if(value_cstr) \ env.put( \ - StringBody(#name), \ - StringBody(value_cstr)); \ + String::Body(#name), \ + String::Body(value_cstr, 0)); \ // passing SAPI::environment if(const char *const *pairs=SAPI::environment(r.sapi_info)) { while(const char* pair=*pairs++) if(const char* eq_at=strchr(pair, '=')) - env.put( - StringBody(pair, eq_at-pair), - StringBody(eq_at+1)); + if(eq_at[1]) // has value + env.put( + pa_strdup(pair, eq_at-pair), + pa_strdup(eq_at+1, 0)); } // const @@ -273,58 +284,76 @@ static void _exec_cgi(Request& r, Method //String content_length(content_length_cstr); ECSTR(CONTENT_LENGTH, content_length_cstr); // SCRIPT_* - env.put(StringBody("SCRIPT_NAME"), script_name); - //env.put(StringBody("SCRIPT_FILENAME"), ??&script_name); + env.put(String::Body("SCRIPT_NAME"), script_name); + //env.put(String::Body("SCRIPT_FILENAME"), ??&script_name); bool stdin_specified=false; // environment & stdin from param - String in; - if(params->count()>1) { - Value& venv=params->as_no_junction(1, "env must not be code"); + String *in=new String(); + Charset *charset=0; // default script works raw_in 'source' charset = no transcoding needed + if(params.count()>1) { + Value& venv=params.as_no_junction(1, "env must not be code"); if(HashStringValue* user_env=venv.get_hash()) { - Append_env_pair_info info; - info.env=&env; + Append_env_pair_info info={&env, 0, 0}; user_env->for_each(append_env_pair, &info); + // $.stdin if(info.vstdin) { stdin_specified=true; if(const String* sstdin=info.vstdin->get_string()) { - in.append(*sstdin, String::L_CLEAN, true); + in->append(*sstdin, String::L_CLEAN, true); } else if(VFile* vfile=static_cast(info.vstdin->as("file", false))) - in.append_help_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED); + in->append_know_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED); else throw Exception("parser.runtime", 0, STDIN_EXEC_PARAM_NAME " parameter must be string or file"); } + // $.charset + if(info.vcharset) + charset=&charsets.get(info.vcharset->as_string() + .change_case(r.charsets.source(), String::CC_UPPER)); } } // argv from params ArrayString argv; - if(params->count()>2) { - for(size_t i=2; icount(); i++) - argv+=¶ms->as_string(i, "parameter must be string"); + if(params.count()>2) { + for(size_t i=2; iANSI transcode on some(.cmd?) programs to + // match silent conversion in OS // exec! PA_exec_result execution= - pa_exec(false/*forced_allow*/, script_name, &env, argv, in); + pa_exec(false/*forced_allow*/, script_name, &env, argv, *in); + + String *real_out=&execution.out; + String *real_err=&execution.err; + // transcode if necessary + if(charset) { + real_out=&Charset::transcode(*real_out, *charset, r.charsets.source()); + real_err=&Charset::transcode(*real_err, *charset, r.charsets.source()); + } VFile& self=GET_SELF(r, VFile); - const String* body=&execution.out; // ^file:exec - Value* content_type=0; + const String* body=real_out; // ^file:exec const char* eol_marker=0; size_t eol_marker_size; const String* header=0; if(cgi) { // ^file:cgi // construct with 'out' body and header - size_t dos_pos=execution.out.pos("\r\n\r\n", 4); - size_t unix_pos=execution.out.pos("\n\n", 2); + size_t dos_pos=real_out->pos("\r\n\r\n", 4); + size_t unix_pos=real_out->pos("\n\n", 2); bool unix_header_break; switch((dos_pos!=STRING_NOT_FOUND?10:00) + (unix_pos!=STRING_NOT_FOUND?01:00)) { @@ -344,8 +373,8 @@ static void _exec_cgi(Request& r, Method "output does not contain CGI header; " "exit status=%d; stdoutsize=%u; stdout: \"%s\"; stderrsize=%u; stderr: \"%s\"", execution.status, - (uint)execution.out.length(), execution.out.cstr(), - (uint)execution.err.length(), execution.err.cstr()); + (uint)real_out->length(), real_out->cstr(), + (uint)real_err->length(), real_err->cstr()); break; //never reached } @@ -358,8 +387,8 @@ static void _exec_cgi(Request& r, Method eol_marker="\r\n"; eol_marker_size=2; } - header=&execution.out.mid(0, header_break_pos); - body=&execution.out.mid(header_break_pos+eol_marker_size*2, execution.out.length()); + header=&real_out->mid(0, header_break_pos); + body=&real_out->mid(header_break_pos+eol_marker_size*2, real_out->length()); } // body self.set(false/*not tainted*/, body->cstr(), body->length()); @@ -369,7 +398,7 @@ static void _exec_cgi(Request& r, Method ArrayString rows; size_t pos_after=0; header->split(rows, pos_after, eol_marker); - Pass_cgi_header_attribute_info info; + Pass_cgi_header_attribute_info info={0, 0, 0}; info.charset=&r.charsets.source(); info.fields=&self.fields(); rows.for_each(pass_cgi_header_attribute, &info); @@ -381,27 +410,27 @@ static void _exec_cgi(Request& r, Method self.fields().put(file_status_name, new VInt(execution.status)); // $stderr - if(execution.err.length()) + if(real_err->length()) self.fields().put( - StringBody("stderr"), - new VString(execution.err)); + String::Body("stderr"), + new VString(*real_err)); } -static void _exec(Request& r, MethodParams* params) { +static void _exec(Request& r, MethodParams& params) { _exec_cgi(r, params, false); } -static void _cgi(Request& r, MethodParams* params) { +static void _cgi(Request& r, MethodParams& params) { _exec_cgi(r, params, true); } -static void _list(Request& r, MethodParams* params) { - Value& relative_path=params->as_no_junction(0, "path must not be code"); +static void _list(Request& r, MethodParams& params) { + Value& relative_path=params.as_no_junction(0, "path must not be code"); const String* regexp; pcre *regexp_code; const int ovecsize=(1/*match*/)*3; int ovector[ovecsize]; - if(params->count()>1) { - regexp=¶ms->as_no_junction(1, "regexp must not be code").as_string(); + if(params.count()>1) { + regexp=¶ms.as_no_junction(1, "regexp must not be code").as_string(); const char* pattern=regexp->cstr(); const char* errptr; @@ -414,8 +443,10 @@ static void _list(Request& r, MethodPara throw Exception(0, ®exp->mid(erroffset, regexp->length()), "regular expression syntax error - %s", errptr); - } else + } else { + regexp=0; // not used, just to calm down compiler regexp_code=0; + } const char* absolute_path_cstr=r.absolute(relative_path.as_string()).cstr(String::L_FILE_SPEC); @@ -469,21 +500,22 @@ static void lock_execute_body(int , void // execute body info.r->write_assign_lang(info.r->process(*info.body_code)); }; -static void _lock(Request& r, MethodParams* params) { - Lock_execute_body_info info; - info.r=&r; - const String& file_spec=r.absolute(params->as_string(0, "file name must be string")); - info.body_code=¶ms->as_junction(1, "body must be code"); +static void _lock(Request& r, MethodParams& params) { + const String& file_spec=r.absolute(params.as_string(0, "file name must be string")); + Lock_execute_body_info info={ + &r, + ¶ms.as_junction(1, "body must be code"); + }; file_write_action_under_lock(file_spec, "lock", lock_execute_body, &info); } static int lastposafter(const String& s, size_t after, const char* substr, size_t substr_size, bool beforelast=false) { - size_t size; + size_t size=0; // just to calm down compiler if(beforelast) size=s.length(); - int at; - while((at=s.pos(StringBody(substr, substr_size), after))>=0) { + size_t at; + while((at=s.pos(String::Body(substr, substr_size), after))!=STRING_NOT_FOUND) { size_t newafter=at+substr_size/*skip substr*/; if(beforelast && newafter==size) break; @@ -493,8 +525,8 @@ static int lastposafter(const String& s, return after; } -static void _find(Request& r, MethodParams* params) { - const String& file_name=params->as_no_junction(0, "file name must not be code").as_string(); +static void _find(Request& r, MethodParams& params) { + const String& file_name=params.as_no_junction(0, "file name must not be code").as_string(); const String* file_spec; if(file_name.first_char()=='/') file_spec=&file_name; @@ -524,14 +556,14 @@ static void _find(Request& r, MethodPara } // no way, not found - if(params->count()==2) { - Value& not_found_code=params->as_junction(1, "not-found param must be code"); + if(params.count()==2) { + Value& not_found_code=params.as_junction(1, "not-found param must be code"); r.write_pass_lang(r.process(not_found_code)); } } -static void _dirname(Request& r, MethodParams* params) { - const String& file_spec=params->as_string(0, "file name must be string"); +static void _dirname(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); // /a/some.tar.gz > /a // /a/b/ > /a int afterslash=lastposafter(file_spec, 0, "/", 1, true); @@ -541,30 +573,30 @@ static void _dirname(Request& r, MethodP r.write_assign_lang(String(".", 1)); } -static void _basename(Request& r, MethodParams* params) { - const String& file_spec=params->as_string(0, "file name must be string"); +static void _basename(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); // /a/some.tar.gz > some.tar.gz int afterslash=lastposafter(file_spec, 0, "/", 1); r.write_assign_lang(file_spec.mid(afterslash, file_spec.length())); } -static void _justname(Request& r, MethodParams* params) { - const String& file_spec=params->as_string(0, "file name must be string"); +static void _justname(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); // /a/some.tar.gz > some.tar int afterslash=lastposafter(file_spec, 0, "/", 1); int afterdot=lastposafter(file_spec, afterslash, ".", 1); r.write_assign_lang(file_spec.mid(afterslash, afterdot!=afterslash?afterdot-1:file_spec.length())); } -static void _justext(Request& r, MethodParams* params) { - const String& file_spec=params->as_string(0, "file name must be string"); +static void _justext(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); // /a/some.tar.gz > gz int afterdot=lastposafter(file_spec, 0, ".", 1); if(afterdot>0) r.write_assign_lang(file_spec.mid(afterdot, file_spec.length())); } -static void _fullpath(Request& r, MethodParams* params) { - const String& file_spec=params->as_string(0, "file name must be string"); +static void _fullpath(Request& r, MethodParams& params) { + const String& file_spec=params.as_string(0, "file name must be string"); const String* result; if(file_spec.first_char()=='/') result=&file_spec;