--- parser3/src/main/untaint.C 2003/03/26 13:46:59 1.115.2.12.2.17 +++ parser3/src/main/untaint.C 2003/04/08 08:10:26 1.115.2.12.2.22 @@ -5,7 +5,7 @@ Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char* IDENT_UNTAINT_C="$Date: 2003/03/26 13:46:59 $"; +static const char* IDENT_UNTAINT_C="$Date: 2003/04/08 08:10:26 $"; #include "pa_string.h" @@ -17,6 +17,7 @@ static const char* IDENT_UNTAINT_C="$Dat #include "pa_common.h" #include "pa_charset.h" #include "pa_request_charsets.h" +#include "pa_sapi.h" extern "C" { // author forgot to do that #include "ec.h" @@ -28,10 +29,6 @@ extern "C" { // author forgot to do that #include "pa_sql_connection.h" #endif -// forwards - -void CORD_ec_flush_buf_optimize_whitespace(CORD_ec x); - // defines @@ -193,7 +190,7 @@ String& String::append_to(String& dest, else if(lang&L_OPTIMIZE_BIT) { Array_iterator i(fragments); while(i.has_next()) { - const Fragment& fragment=i.next(); + const Fragment fragment=i.next(); // main idea here: // tainted piece would get OPTIMIZED bit from 'lang' // clean piece would be marked OPTIMIZED manually @@ -207,7 +204,7 @@ String& String::append_to(String& dest, } else { // The core idea: tainted pieces got marked with context's lang Array_iterator i(fragments); while(i.has_next()) { - const Fragment& fragment=i.next(); + const Fragment fragment=i.next(); dest.fragments+=Fragment( fragment.lang==L_TAINTED?lang:fragment.lang, fragment.length); @@ -259,12 +256,28 @@ inline bool mail_header_char_valid_withi inline bool mail_header_nonspace_char(char c) { return c != 0x20; } -inline void ec_append(CORD_ec& result, bool& optimize, bool& whitespace, CORD_pos& pos, size_t size) { +inline void ec_append(CORD_ec& result, bool& optimize, bool& whitespace, CORD_pos pos, size_t size) { while(size--) { CORD_ec_append(result, CORD_pos_fetch(pos)); CORD_next(pos); } } +inline void pa_CORD_pos_advance(CORD_pos pos, size_t size) { + while(true) { + size_t avail=CORD_pos_chars_left(pos); + if(avail==0) { + CORD_next(pos); + if(!--size) + break; + } else if(avail=size + CORD_pos_advance(pos, size); + break; + } + } +} StringBody String::cstr_to_string_body(Language lang, SQL_Connection* connection, const Request_charsets *charsets) const { @@ -276,7 +289,7 @@ StringBody String::cstr_to_string_body(L size_t fragment_begin=0; size_t fragment_end; for(Array_iterator i(fragments); i.has_next(); fragment_begin=fragment_end) { - const Fragment& fragment=i.next(); + const Fragment fragment=i.next(); size_t fragment_length=fragment.length; fragment_end=fragment_begin+fragment_length; //fprintf(stderr, "%d, %d\n", fragment.lang, fragment.length); @@ -285,7 +298,7 @@ StringBody String::cstr_to_string_body(L bool optimize=(to_lang & L_OPTIMIZE_BIT)!=0; if(!optimize) whitespace=false; - + switch(to_lang & ~L_OPTIMIZE_BIT) { case L_CLEAN: case L_TAINTED: @@ -315,7 +328,7 @@ StringBody String::cstr_to_string_body(L { const char *fragment_str=body.mid(fragment_begin, fragment_length).cstr(); // skip source [we use recoded version] - CORD_pos_advance(pos, fragment_length); + pa_CORD_pos_advance(pos, fragment_length); const void *client_ptr; size_t client_size; if(charsets) @@ -346,7 +359,7 @@ StringBody String::cstr_to_string_body(L const char *mail_ptr= body.mid(fragment_begin, mail_size=fragment_length).cstr(); // skip source [we use recoded version] - CORD_pos_advance(pos, mail_size); + pa_CORD_pos_advance(pos, mail_size); const char* charset_name=charsets->mail().name().cstr(); @@ -398,7 +411,7 @@ StringBody String::cstr_to_string_body(L if(connection) { const char *fragment_str=body.mid(fragment_begin, fragment_length).cstr(); // skip source [we use recoded version] - CORD_pos_advance(pos, fragment_length); + pa_CORD_pos_advance(pos, fragment_length); to_string(connection->quote(fragment_str, fragment_length)); } else @@ -437,10 +450,8 @@ StringBody String::cstr_to_string_body(L }); break; default: - throw Exception(0, - 0, - "unknown untaint language #%d", - static_cast(to_lang)); // should never + SAPI::die("unknown untaint language #%d", + static_cast(to_lang)); // should never break; // never } }