--- parser3/src/classes/math.C	2019/11/13 21:29:51	1.89
+++ parser3/src/classes/math.C	2024/10/27 17:50:59	1.107
@@ -1,8 +1,8 @@
 /** @file
 	Parser: @b math parser class.
 
-	Copyright (c) 2001-2017 Art. Lebedev Studio (http://www.artlebedev.com)
-	Author: Alexandr Petrosian <paf@design.ru>(http://paf.design.ru)
+	Copyright (c) 2001-2023 Art. Lebedev Studio (http://www.artlebedev.com)
+	Authors: Konstantin Morshnev <moko@design.ru>, Alexandr Petrosian <paf@design.ru>
 
 	portions from gen_uuid.c,
 	Copyright (C) 1996, 1997, 1998, 1999 Theodore Ts'o.
@@ -10,6 +10,7 @@
 
 #include "pa_vmethod_frame.h"
 #include "pa_common.h"
+#include "pa_base64.h"
 #include "pa_vint.h"
 #include "pa_vmath.h"
 #include "pa_vfile.h"
@@ -22,7 +23,7 @@
 extern "C" char *crypt(const char* , const char* );
 #endif
 
-volatile const char * IDENT_MATH_C="$Id: math.C,v 1.89 2019/11/13 21:29:51 moko Exp $";
+volatile const char * IDENT_MATH_C="$Id: math.C,v 1.107 2024/10/27 17:50:59 moko Exp $";
 
 // defines
 
@@ -46,8 +47,8 @@ DECLARE_CLASS_VAR(math, new MMath);
 
 static void _random(Request& r, MethodParams& params) {
 	double top=params.as_double(0, "range must be expression", r);
-	if(top<1 || top>INT32_MAX)
-		throw Exception(PARSER_RUNTIME, 0, "top(%.15g) must be [1..%u]", top, INT32_MAX);
+	if(top<1 || top>INT_MAX)
+		throw Exception(PARSER_RUNTIME, 0, "top(%.15g) must be [1..%u]", top, INT_MAX);
 	r.write(*new VInt(_random(uint(top))));
 }
 
@@ -108,6 +109,7 @@ static void math2(Request& r, MethodPara
 	}
 
 MATH2(pow)
+MATH2(atan2)
 
 inline bool is_salt_body_char(unsigned char c) {
 	return pa_isalnum(c) || c == '.' || c=='/';
@@ -133,7 +135,7 @@ static void _crypt(Request& r, MethodPar
 	const char* normal_salt;
 	char normalize_buf[MAX_STRING];
 	if(prefix_size==strlen(maybe_bodyless_salt)) { // bodyless?
-		strncpy(normalize_buf, maybe_bodyless_salt, MAX_STRING-MAX_SALT-1);
+		pa_strncpy(normalize_buf, maybe_bodyless_salt, MAX_STRING-MAX_SALT);
 		char *cur=normalize_buf+strlen(normalize_buf);
 		// sould add up MAX_SALT random chars
 		static unsigned char itoa64[] =         /* 0 ... 63 => ASCII - 64 */
@@ -316,7 +318,7 @@ void SHA1PadMessage(SHA1Context *context
 void SHA1ReadDigest(void *buf, SHA1Context *c)
 {
 	if(!SHA1Result(c))
-		throw Exception (PARSER_RUNTIME, 0, "Can not compute SHA1");
+		throw Exception (PARSER_RUNTIME, 0, "Cannot compute SHA1");
 
 	((uint32_t *)buf)[0] = SWAP(c->Message_Digest[0]);
 	((uint32_t *)buf)[1] = SWAP(c->Message_Digest[1]);
@@ -342,7 +344,7 @@ String::C getData(Value& vdata, Request&
 		String::Body body=sdata->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes
 		return String::C(body.cstr(), body.length());
 	} else {
-		VFile *file=vdata.as_vfile(String::L_AS_IS);
+		VFile *file=vdata.as_vfile();
 		return String::C(file->value_ptr(),file->value_size());
 	}
 }
@@ -473,24 +475,77 @@ static void _digest(Request& r, MethodPa
 		r.write(*new String(hex_string((unsigned char *)digest.str, digest.length, false)));
 	}
 	if(format == F_BASE64){
-		r.write(*new String(pa_base64_encode(digest.str, digest.length)));
+		r.write(*new String(pa_base64_encode(digest.str, digest.length, Base64Options(false /*no wrap*/))));
 	}
 }
 
-static void _uuid(Request& r, MethodParams& /*params*/) {
-	r.write(*new String(get_uuid_cstr()));
+static void _uuid(Request& r, MethodParams& params) {
+	bool lower=false;
+	bool solid=false;
+
+	if (params.count() == 1)
+		if (HashStringValue* options = params.as_hash(0)) {
+			int valid_options = 0;
+			if (Value* vlower = options->get("lower")) {
+				lower = r.process(*vlower).as_bool();
+				valid_options++;
+			}
+			if (Value* vsolid = options->get("solid")) {
+				solid = r.process(*vsolid).as_bool();
+				valid_options++;
+			}
+			if (valid_options != options->count())
+				throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION);
+		}
+	
+	r.write(*new String(get_uuid_cstr(lower, solid)));
+}
+
+static void _uuid7(Request& r, MethodParams& params) {
+	bool lower=false;
+	bool solid=false;
+
+	if (params.count() == 1)
+		if (HashStringValue* options = params.as_hash(0)) {
+			int valid_options = 0;
+			if (Value* vlower = options->get("lower")) {
+				lower = r.process(*vlower).as_bool();
+				valid_options++;
+			}
+			if (Value* vsolid = options->get("solid")) {
+				solid = r.process(*vsolid).as_bool();
+				valid_options++;
+			}
+			if (valid_options != options->count())
+				throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION);
+		}
+
+	r.write(*new String(get_uuid7_cstr(lower, solid)));
 }
 
-static void _uid64(Request& r, MethodParams& /*params*/) {
+static void _uid64(Request& r, MethodParams& params) {
+	bool lower = false;
+
+	if (params.count() == 1)
+		if (HashStringValue* options = params.as_hash(0)) {
+			int valid_options = 0;
+			if (Value* vlower = options->get("lower")) {
+				lower = r.process(*vlower).as_bool();
+				valid_options++;
+			}
+			if (valid_options != options->count())
+				throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION);
+		}
+
 	unsigned char id[64/8];
 	random(&id, sizeof(id));
 
-	r.write(*new String(hex_string(id, sizeof(id), true)));
+	r.write(*new String(hex_string(id, sizeof(id), !lower)));
 }
 
 static void _crc32(Request& r, MethodParams& params) {
 	const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr();
-	r.write(*new VInt(pa_crc32(string, strlen(string))));
+	r.write(*new VDouble((uint)pa_crc32(string, strlen(string))));
 }
 
 static const char* abc_hex = "0123456789ABCDEF";
@@ -579,7 +634,6 @@ static void _convert(Request& r, MethodP
 		}
 
 	bool negative=false;
-	bool sign=false;
 
 	// converting digits to their numeric values
 
@@ -593,7 +647,7 @@ static void _convert(Request& r, MethodP
 		for(c=src;c<src_end;c++) {
 			unsigned char digit=lookup[*c];
 			if(!digit && *c != abc_from[0])
-				throw Exception("number.format", 0, "'%c' is invalid digit", *c);
+				throw Exception("number.format", 0, "'%c' is an invalid digit", *c);
 			*c=digit;
 		}
 
@@ -605,11 +659,13 @@ static void _convert(Request& r, MethodP
 
 		if(src[0]=='-') {
 			negative=true;
-			sign=true;
 			src++;
+			if(!*src || isspace(*src))
+				throw Exception("number.format", 0,  "'-' is an invalid number");
 		} else if(src[0]=='+') {
-			sign=true;
 			src++;
+			if(!*src || isspace(*src))
+				throw Exception("number.format", 0,  "'+' is an invalid number");
 		}
 
 		for(c=src;c<src_end;c++) {
@@ -617,7 +673,7 @@ static void _convert(Request& r, MethodP
 			if(!digit && *c != abc_from[0] || digit>=base_from) {
 				for(unsigned char *s=c;s<src_end;s++)
 					if(!isspace(*s))
-						throw Exception("number.format", 0, "'%c' is invalid digit", *s);
+						throw Exception("number.format", 0, "'%c' is an invalid digit", *s);
 				src_end=c;
 				break;
 			}
@@ -627,16 +683,14 @@ static void _convert(Request& r, MethodP
 	}
 
 	if(src==src_end) {
-		if(sign)
-			throw Exception("number.format", 0,  "'%c' is invalid number", negative ? '-' : '+');
 		if(result_file)
 			r.write(*result_file);
 		return;
 	}
 
-	// core
+	// core, using log since log2 is not present in FreeBSD < 8.X
 
-	Array<char> remainders(round(data.length * log2(base_from) / log2(base_to)) + 1);
+	Array<char> remainders((size_t)round(data.length * log((double)base_from) / log((double)base_to)) + 1);
 
 	do {
 		int carry = 0;
@@ -644,7 +698,7 @@ static void _convert(Request& r, MethodP
 		for (c=src; c<src_end; c++) {
 			carry = carry * base_from + *c;
 			if (carry >= base_to) {
-				*(dst++) = carry / base_to;
+				*(dst++) = (unsigned char)(carry / base_to);
 				carry %= base_to;
 			} else if (dst > src) {
 				*(dst++) = 0;
@@ -660,7 +714,7 @@ static void _convert(Request& r, MethodP
 	char *result_str = (char *)pa_malloc_atomic(result_length+1);
 	if(negative)
 		result_str[0] = '-';
-	for(int i=0; i<remainders.count(); i++)
+	for(size_t i=0; i<remainders.count(); i++)
 		result_str[result_length - 1 - i] = remainders[i];
 	result_str[result_length]='\0';
 
@@ -668,7 +722,13 @@ static void _convert(Request& r, MethodP
 		result_file->set(true /*tainted*/, 0 /*binary*/, result_str, result_length, 0, 0, &r);
 		r.write(*result_file);
 	} else {
-		r.write(*new String(result_str, String::L_TAINTED)); // note: there can be '\0' inside
+		if(memchr(result_str, 0, result_length))
+			throw Exception(PARSER_RUNTIME, 0, "Invalid \\x00 character found while converting to string. Convert to file instead.");
+
+		fix_line_breaks(result_str, result_length);
+
+		if(result_length)
+			r.write(*new String(result_str, String::L_TAINTED));
 	}
 }
 
@@ -676,11 +736,9 @@ static void _convert(Request& r, MethodP
 
 MMath::MMath(): Methoded("math") {
 	// ^FUNC(expr)	
-#define ADDX(name, X) \
-	add_native_method(#name, Method::CT_STATIC, _##name, X, X)
-#define ADD0(name) ADDX(name, 0)
-#define ADD1(name) ADDX(name, 1)
-#define ADD2(name) ADDX(name, 2)
+#define ADDN(name, N) \
+	add_native_method(#name, Method::CT_STATIC, _##name, N, N)
+#define ADD1(name) ADDN(name, 1)
 
 	ADD1(round);	ADD1(floor);	ADD1(ceiling);
 	ADD1(trunc);	ADD1(frac);
@@ -689,16 +747,16 @@ MMath::MMath(): Methoded("math") {
 	ADD1(log);	ADD1(log10);
 	ADD1(sin);	ADD1(asin);
 	ADD1(cos);	ADD1(acos);
-	ADD1(tan);	ADD1(atan);
+	ADD1(tan);	ADD1(atan);	ADDN(atan2, 2);
 	ADD1(degrees);	ADD1(radians);
 	ADD1(sqrt);
 	ADD1(random);
 
 	// ^math:pow(x;y)
-	ADD2(pow);
+	ADDN(pow, 2);
 
 	// ^math:crypt[password;salt]
-	ADD2(crypt);
+	ADDN(crypt, 2);
 
 	// ^math:md5[string]
 	ADD1(md5);
@@ -713,10 +771,16 @@ MMath::MMath(): Methoded("math") {
 	ADD1(crc32);
 
 	// ^math:uuid[]
-	ADD0(uuid);
+	// ^math:uuid[options hash]
+	add_native_method("uuid", Method::CT_STATIC, _uuid, 0, 1);
+
+	// ^math:uuid7[]
+	// ^math:uuid7[options hash]
+	add_native_method("uuid7", Method::CT_STATIC, _uuid7, 0, 1);
 
 	// ^math:uid64[]
-	ADD0(uid64);
+	// ^math:uid64[options hash]
+	add_native_method("uid64", Method::CT_STATIC, _uid64, 0, 1);
 
 	// ^math:convert[number|file](base-from)|[abc_from](base-to)|[abc_to][options]
 	add_native_method("convert", Method::CT_STATIC, _convert, 3, 4);