--- parser3/src/main/untaint.C 2001/03/18 13:22:07 1.3 +++ parser3/src/main/untaint.C 2001/03/19 20:46:38 1.9 @@ -1,9 +1,11 @@ -/* - Parser +/** @file + Parser: String class part: untaint mechanizm. + Copyright (c) 2001 ArtLebedev Group (http://www.artlebedev.com) + Author: Alexander Petrosyan (http://design.ru/paf) - $Id: untaint.C,v 1.3 2001/03/18 13:22:07 paf Exp $ + $Id: untaint.C,v 1.9 2001/03/19 20:46:38 paf Exp $ */ #include @@ -19,26 +21,54 @@ for (int size=row->item.size; size--; ptr++) \ switch(*ptr) { \ cases \ - default: *copy_here++=*ptr; break; \ } \ } -#define escape_value(a, c) case a: *copy_here++=c; break; +#define escape_value(a, c) case a: *copy_here++=c; break +#define escape_default default: *copy_here++=*ptr; break #define escape_subst(a, b, bsize) \ - case a: \ - { \ + case a: \ strncpy(copy_here, b, bsize); \ copy_here+=bsize; \ - } \ - break; + break +#define escape_encode(need_encode_func, prefix) \ + default: \ + if(need_encode_func(*ptr)) { \ + static const char *hex="0123456789ABCDEF"; \ + char chunk[3]={prefix}; \ + chunk[1]=hex[((unsigned char)*ptr)/0x10]; \ + chunk[2]=hex[((unsigned char)*ptr)%0x10]; \ + strncpy(copy_here, chunk, 3); copy_here+=3; \ + } else \ + *copy_here++=*ptr; \ + break + +inline bool need_file_encode(unsigned char c){ + if ((c>='0') && (c<='9') || (c>='A') && (c<='Z') || (c>='a') && (c<='z')) + return false; + + return !strchr("./\\", c); +} +inline bool need_uri_encode(unsigned char c){ + if ((c>='0') && (c<='9') || (c>='A') && (c<='Z') || (c>='a') && (c<='z')) + return false; + + return !strchr("_-./", c); +} +inline bool need_header_encode(unsigned char c){ + if(strchr(" ,:", c)) + return false; + + return need_uri_encode(c); +} // String +/// @todo optimize whitespaces for all but 'html' char *String::cstr() const { char *result=(char *)malloc(size()*UNTAINT_TIMES_BIGGER+1); char *copy_here=result; const Chunk *chunk=&head; - // TODO: оптимизировать whitespaces для всех, кроме 'html' do { const Chunk::Row *row=chunk->rows; for(int i=0; icount; i++) { @@ -59,10 +89,31 @@ char *String::cstr() const { memcpy(copy_here, row->item.ptr, row->item.size); copy_here+=row->item.size; break; + case FILE: + // tainted, untaint language: file [name] + escape( + escape_value(' ', '_'); + escape_encode(need_file_encode, '-'); + ); + break; + case URI: + // tainted, untaint language: uri + escape( + escape_value(' ', '+'); + escape_encode(need_uri_encode, '%'); + ); + break; + case HEADER: + // tainted, untaint language: header + escape( + escape_encode(need_header_encode, '%'); + ); + break; case TABLE: escape( - escape_value('\t', ' ') - escape_value('\n', ' ') + escape_value('\t', ' '); + escape_value('\n', ' '); + escape_default; ); break; case SQL: @@ -73,33 +124,36 @@ char *String::cstr() const { break; case JS: escape( - escape_subst('"', "\\\"", 2) - escape_subst('\'', "\\'", 2) - escape_subst('\n', "\\n", 2) - escape_subst('\r', "\\r", 2) - escape_subst('\\', "\\\\", 2) - escape_subst('я', "\\я", 2) + escape_subst('"', "\\\"", 2); + escape_subst('\'', "\\'", 2); + escape_subst('\n', "\\n", 2); + escape_subst('\r', "\\r", 2); + escape_subst('\\', "\\\\", 2); + escape_subst('я', "\\я", 2); + escape_default; ); break; case HTML: escape( - escape_subst('&', "&", 5) // BEFORE consequent relpaces yelding '&' - escape_subst('>', ">", 4) - escape_subst('<', "<",4) - escape_subst('"', """,6) - escape_value('\t', ' ') + escape_subst('&', "&", 5); // BEFORE consequent relpaces yelding '&' + escape_subst('>', ">", 4); + escape_subst('<', "<",4); + escape_subst('"', """,6); + escape_value('\t', ' '); //TODO: XSLT escape_subst('\'', "'", 6) + escape_default; ); break; case HTML_TYPO: // tainted, untaint language: html-typo escape( - escape_subst('&', "&", 5) // BEFORE consequent relpaces yelding '&' - escape_subst('>', ">", 4) - escape_subst('<', "<",4) - escape_subst('"', """,6) - escape_value('\t', ' ') + escape_subst('&', "&", 5); // BEFORE consequent relpaces yelding '&' + escape_subst('>', ">", 4); + escape_subst('<', "<",4); + escape_subst('"', """,6); + escape_value('\t', ' '); //TODO: $MAIN:html-type table replace, max length(b)==UNTAINT_TIMES_BIGGER*length(a) + escape_default; ); break; default: