--- parser3/src/classes/file.C 2009/04/22 04:41:32 1.185 +++ parser3/src/classes/file.C 2010/09/08 02:57:10 1.211 @@ -5,7 +5,7 @@ Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char * const IDENT_FILE_C="$Date: 2009/04/22 04:41:32 $"; +static const char * const IDENT_FILE_C="$Date: 2010/09/08 02:57:10 $"; #include "pa_config_includes.h" @@ -25,11 +25,10 @@ static const char * const IDENT_FILE_C=" #include "pa_sql_connection.h" #include "pa_md5.h" #include "pa_vregex.h" +#include "pa_version.h" // defines -#define TEXT_MODE_NAME "text" -#define BINARY_MODE_NAME "binary" #define STDIN_EXEC_PARAM_NAME "stdin" #define CHARSET_EXEC_PARAM_NAME "charset" @@ -45,7 +44,7 @@ extern String sql_offset_name; class MFile: public Methoded { public: // VStateless_class - Value* create_new_value(Pool&, HashStringValue&) { return new VFile(); } + Value* create_new_value(Pool&) { return new VFile(); } public: // Methoded bool used_directly() { return true; } @@ -114,13 +113,13 @@ static const String::Body cdate_name("cd // methods static bool is_valid_mode (const String& mode) { - return (mode==TEXT_MODE_NAME || mode==BINARY_MODE_NAME); + return (mode==text_mode_name || mode==binary_mode_name); } -static bool is_text_mode(const String& mode) { - if(mode==TEXT_MODE_NAME) +bool is_text_mode(const String& mode) { + if(mode==text_mode_name) return true; - if(mode==BINARY_MODE_NAME) + if(mode==binary_mode_name) return false; throw Exception(PARSER_RUNTIME, &mode, @@ -128,12 +127,23 @@ static bool is_text_mode(const String& m } static void _save(Request& r, MethodParams& params) { - Value& vmode_name=params.as_no_junction(0, MODE_MUST_NOT_BE_CODE); + bool is_text=is_text_mode(params.as_no_junction(0, MODE_MUST_NOT_BE_CODE).as_string()); Value& vfile_name=params.as_no_junction(1, FILE_NAME_MUST_NOT_BE_CODE); + Charset* asked_charset=0; + if(params.count()>2) + if(HashStringValue* options=params.as_no_junction(2, OPTIONS_MUST_NOT_BE_CODE).get_hash()){ + int valid_options=0; + if(Value* vcharset_name=options->get(PA_CHARSET_NAME)){ + asked_charset=&::charsets.get(vcharset_name->as_string().change_case(r.charsets.source(), String::CC_UPPER)); + valid_options++; + } + if(valid_options != options->count()) + throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); + } + // save - GET_SELF(r, VFile).save(r.absolute(vfile_name.as_string()), - is_text_mode(vmode_name.as_string())); + GET_SELF(r, VFile).save(r.charsets, r.absolute(vfile_name.as_string()), is_text, asked_charset); } static void _delete(Request& r, MethodParams& params) { @@ -216,11 +226,11 @@ static void _load(Request& r, MethodPara if(param_index>1){ const String& luser_file_name=params.as_string(param_index, FILE_NAME_MUST_BE_STRING); if(!luser_file_name.is_empty()) - user_file_name=luser_file_name.cstr(String::L_FILE_SPEC); + user_file_name=luser_file_name.taint_cstr(String::L_FILE_SPEC); } } if(!user_file_name) - user_file_name=lfile_name.cstr(String::L_FILE_SPEC); + user_file_name=lfile_name.taint_cstr(String::L_FILE_SPEC); size_t offset=0; size_t limit=0; @@ -250,6 +260,8 @@ static void _load(Request& r, MethodPara VFile& self=GET_SELF(r, VFile); self.set(true/*tainted*/, file.str, file.length, user_file_name, vcontent_type); + self.set_mode(as_text); + if(file.headers){ file.headers->for_each(_load_pass_param, &self.fields()); } else { @@ -263,26 +275,49 @@ static void _load(Request& r, MethodPara ff.put(mdate_name, new VDate(mtime)); ff.put(cdate_name, new VDate(ctime)); } - } static void _create(Request& r, MethodParams& params) { - Value& vmode_name=params.as_no_junction(0, MODE_MUST_NOT_BE_CODE); - if(!is_text_mode(vmode_name.as_string())) + const String& mode_name=params.as_no_junction(0, MODE_MUST_NOT_BE_CODE).as_string(); + if(!is_text_mode(mode_name)) throw Exception(PARSER_RUNTIME, 0, "only text mode is currently supported"); const char* user_file_name_cstr=r.absolute( - params.as_no_junction(1, FILE_NAME_MUST_NOT_BE_CODE).as_string()).cstr(String::L_FILE_SPEC); + params.as_no_junction(1, FILE_NAME_MUST_NOT_BE_CODE).as_string()).taint_cstr(String::L_FILE_SPEC); const String& content=params.as_string(2, "content must be string"); - const char* content_cstr=content.cstr(String::L_UNSPECIFIED); // explode content, honor tainting changes + String::Body content_body=content.cstr_to_string_body_untaint(String::L_AS_IS); // explode content, honor tainting changes + + VString* vcontent_type=0; + if(params.count()>3) + if(HashStringValue* options=params.as_hash(3)){ + Charset* asked_charset=0; + + int valid_options=0; + if(Value* vcharset_name=options->get(PA_CHARSET_NAME)){ + asked_charset=&::charsets.get(vcharset_name->as_string().change_case(r.charsets.source(), String::CC_UPPER)); + valid_options++; + } + if(Value* value=options->get(CONTENT_TYPE_NAME)) { + vcontent_type=new VString(value->as_string()); + valid_options++; + } + if(valid_options != options->count()) + throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); - VString* vcontent_type=new VString(r.mime_type_of(user_file_name_cstr)); + if(asked_charset) + content_body=Charset::transcode(content_body, r.charsets.source(), *asked_charset); + } + + if(!vcontent_type) + vcontent_type=new VString(r.mime_type_of(user_file_name_cstr)); VFile& self=GET_SELF(r, VFile); - self.set(true/*tainted*/, content_cstr, strlen(content_cstr), user_file_name_cstr, vcontent_type); + self.set(true/*tainted*/, content_body.cstr(), content_body.length(), user_file_name_cstr, vcontent_type); + + self.set_mode(true/*as_text*/); } static void _stat(Request& r, MethodParams& params) { @@ -296,7 +331,7 @@ static void _stat(Request& r, MethodPara size, atime, mtime, ctime); - const char* user_file_name=lfile_name.cstr(String::L_FILE_SPEC); + const char* user_file_name=lfile_name.taint_cstr(String::L_FILE_SPEC); VFile& self=GET_SELF(r, VFile); @@ -313,6 +348,7 @@ static bool is_safe_env_key(const char* if(!(c>='A' && c<='Z' || c>='0' && c<='9' || c=='_' || c=='-')) return false; } +#ifdef PA_SAFE_MODE if(strncasecmp(key, "HTTP_", 5)==0) return true; if(strncasecmp(key, "CGI_", 4)==0) @@ -322,6 +358,9 @@ static bool is_safe_env_key(const char* return true; } return false; +#else + return true; +#endif } #ifndef DOXYGEN struct Append_env_pair_info { @@ -343,7 +382,7 @@ static void append_env_pair( throw Exception(PARSER_RUNTIME, new String(akey, String::L_TAINTED), "not safe environment variable"); - info->env->put(akey, avalue->as_string().cstr_to_string_body(String::L_UNSPECIFIED, 0, info->charsets)); + info->env->put(akey, avalue->as_string().cstr_to_string_body_untaint(String::L_AS_IS, 0, info->charsets)); } } #ifndef DOXYGEN @@ -368,23 +407,18 @@ static void pass_cgi_header_attribute( } static void append_to_argv(Request& r, ArrayString& argv, const String* str){ - if( str->length() ){ - argv+=new String(str->cstr_to_string_body(String::L_UNSPECIFIED, 0, &r.charsets), String::L_AS_IS); - } + if(!str->is_empty()) + argv+=new String(str->cstr_to_string_body_untaint(String::L_AS_IS, 0, &r.charsets), String::L_AS_IS); } /// @todo fix `` in perl - they produced flipping consoles and no output to perl -static void _exec_cgi(Request& r, MethodParams& params, - bool cgi) { - - Value& first_param=params.as_no_junction(0, FIRST_ARG_MUST_NOT_BE_CODE); - - bool is_mode_specified=is_valid_mode(first_param.as_string()); - const String& mode_name=(is_mode_specified) ? first_param.as_string() : *new String(TEXT_MODE_NAME); - - size_t param_index=1; - if(!is_mode_specified){ - --param_index; +static void _exec_cgi(Request& r, MethodParams& params, bool cgi) { + bool as_text=true; + size_t param_index=0; + const String& mode_name=params.as_no_junction(0, FIRST_ARG_MUST_NOT_BE_CODE).as_string(); + if(is_valid_mode(mode_name)){ + as_text=is_text_mode(mode_name); + param_index++; } if(param_index>=params.count()) @@ -402,7 +436,7 @@ static void _exec_cgi(Request& r, Method if(value_cstr) \ env.put( \ String::Body(#name), \ - String::Body(value_cstr, 0)); \ + String::Body(*value_cstr?value_cstr:0)); \ // passing SAPI::environment if(const char *const *pairs=SAPI::environment(r.sapi_info)) { while(const char* pair=*pairs++) @@ -415,6 +449,7 @@ static void _exec_cgi(Request& r, Method // const ECSTR(GATEWAY_INTERFACE, "CGI/1.1"); + ECSTR(PARSER_VARSION, PARSER_VERSION); // from Request.info ECSTR(DOCUMENT_ROOT, r.request_info.document_root); ECSTR(PATH_TRANSLATED, r.request_info.path_translated); @@ -422,10 +457,7 @@ static void _exec_cgi(Request& r, Method ECSTR(QUERY_STRING, r.request_info.query_string); ECSTR(REQUEST_URI, r.request_info.uri); ECSTR(CONTENT_TYPE, r.request_info.content_type); - char content_length_cstr[MAX_NUMBER]; - snprintf(content_length_cstr, MAX_NUMBER, "%u", r.request_info.content_length); - //String content_length(content_length_cstr); - ECSTR(CONTENT_LENGTH, content_length_cstr); + ECSTR(CONTENT_LENGTH, format(r.request_info.content_length, "%u")); // SCRIPT_* env.put(String::Body("SCRIPT_NAME"), script_name); //env.put(String::Body("SCRIPT_FILENAME"), ??&script_name); @@ -456,7 +488,7 @@ static void _exec_cgi(Request& r, Method if(const String* sstdin=info.vstdin->get_string()) { in->append(*sstdin, String::L_CLEAN, true); } else - if(VFile* vfile=static_cast(info.vstdin->as("file", false))) + if(VFile* vfile=static_cast(info.vstdin->as("file"))) in->append_know_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED); else throw Exception(PARSER_RUNTIME, @@ -470,7 +502,6 @@ static void _exec_cgi(Request& r, Method ArrayString argv; if(param_index < params.count()) { // influence tainting - // main target -- URLencoding of tainted pieces to String::L_URI lang Temp_client_charset temp(r.charsets, charset? *charset: r.charsets.source()); for(size_t i=param_index; ilength && is_text_mode(mode_name)){ + if(file_out->length && as_text){ fix_line_breaks(file_out->str, file_out->length); // treat output as string - String *real_out = new String(file_out->str, file_out->length); + String *real_out = new String(file_out->str); // transcode out if necessary if(charset) @@ -556,8 +587,8 @@ static void _exec_cgi(Request& r, Method "output does not contain CGI header; " "exit status=%d; stdoutsize=%u; stdout: \"%s\"; stderrsize=%u; stderr: \"%s\"", execution.status, - (size_t)file_out->length, (file_out->length) ? (file_out->str) : "", - (size_t)real_err->length(), real_err->cstr()); + file_out->length, (file_out->length) ? (file_out->str) : "", + real_err->length(), real_err->cstr()); break; //never reached } @@ -573,7 +604,7 @@ static void _exec_cgi(Request& r, Method } file_out->str[header_break_pos] = 0; - String *header=new String(file_out->str, header_break_pos); + String *header=new String(file_out->str); unsigned long headersize = header_break_pos+eol_marker_size*2; file_out->str += headersize; file_out->length -= headersize; @@ -582,7 +613,7 @@ static void _exec_cgi(Request& r, Method self.set(false/*not tainted*/, file_out->str, file_out->length); // $fields << header - if(header && eol_marker) { + if(header) { ArrayString rows; size_t pos_after=0; header->split(rows, pos_after, eol_marker); @@ -598,11 +629,13 @@ static void _exec_cgi(Request& r, Method self.set(false/*not tainted*/, file_out->str, file_out->length); } + self.set_mode(as_text); + // $status self.fields().put(file_status_name, new VInt(execution.status)); // $stderr - if(real_err->length()) + if(!real_err->is_empty()) self.fields().put( String::Body("stderr"), new VString(*real_err)); @@ -617,22 +650,22 @@ static void _cgi(Request& r, MethodParam static void _list(Request& r, MethodParams& params) { Value& relative_path=params.as_no_junction(0, "path must not be code"); - VRegex* vregex; + VRegex* vregex=0; VRegexCleaner vrcleaner; if(params.count()>1){ Value& regexp=params.as_no_junction(1, "regexp must not be code"); - if(Value* value=regexp.as(VREGEX_TYPE, false)){ - vregex=static_cast(value); - } else { - vregex=new VRegex(r.charsets.source(), ®exp.as_string(), 0/*options*/); - vrcleaner.vregex=vregex; + if(regexp.is_defined()){ + if(Value* value=regexp.as(VREGEX_TYPE)){ + vregex=static_cast(value); + } else { + vregex=new VRegex(r.charsets.source(), ®exp.as_string(), 0/*options*/); + vregex->study(); + vrcleaner.vregex=vregex; + } } - vregex->study(); - } else { - vregex=0; } - const char* absolute_path_cstr=r.absolute(relative_path.as_string()).cstr(String::L_FILE_SPEC); + const char* absolute_path_cstr=r.absolute(relative_path.as_string()).taint_cstr(String::L_FILE_SPEC); Table::columns_type columns(new ArrayString); *columns+=new String("name"); @@ -647,7 +680,7 @@ static void _list(Request& r, MethodPara if(!vregex || vregex->exec(ffblk.ff_name, file_name_size, ovector, ovector_size)>=0) { Table::element_type row(new ArrayString); - *row+=new String(pa_strdup(file_name_cstr, file_name_size), file_name_size, true/*tainted*/); + *row+=new String(pa_strdup(file_name_cstr, file_name_size), String::L_TAINTED); table+=row; } ); @@ -681,21 +714,6 @@ static void _lock(Request& r, MethodPara &info); } -static int lastposafter(const String& s, size_t after, const char* substr, size_t substr_size, bool beforelast=false) { - size_t size=0; // just to calm down compiler - if(beforelast) - size=s.length(); - size_t at; - while((at=s.pos(String::Body(substr, substr_size), after))!=STRING_NOT_FOUND) { - size_t newafter=at+substr_size/*skip substr*/; - if(beforelast && newafter==size) - break; - after=newafter; - } - - return after; -} - static void _find(Request& r, MethodParams& params) { const String& file_name=params.as_no_junction(0, FILE_NAME_MUST_NOT_BE_CODE).as_string(); const String* file_spec; @@ -741,7 +759,7 @@ static void _dirname(Request& r, MethodP if(afterslash>0) r.write_assign_lang(file_spec.mid(0, afterslash==1?1:afterslash-1)); else - r.write_assign_lang(String(".", 1)); + r.write_assign_lang(String(".")); } static void _basename(Request& r, MethodParams& params) { @@ -828,14 +846,14 @@ public: break; case 1: if(!user_file_name) // user not specified? - user_file_name=new String(str, length, true); + user_file_name=new String(str, String::L_TAINTED); break; case 2: if(!user_content_type) // user not specified? - user_content_type=new String(str, length, true); + user_content_type=new String(str, String::L_TAINTED); break; default: - error=SQL_Error(PARSER_RUNTIME, "result must not contain more then one row, three rows"); + error=SQL_Error(PARSER_RUNTIME, "result must not contain more then one row, three columns"); return true; } return false; @@ -851,8 +869,8 @@ static void _sql(Request& r, MethodParam Temp_lang temp_lang(r, String::L_SQL); const String& statement_string=r.process_to_string(statement); - const char* statement_cstr= - statement_string.cstr(String::L_UNSPECIFIED, r.connection()); + const char* statement_cstr=statement_string.untaint_cstr(r.flang, r.connection()); + File_sql_event_handlers handlers(statement_string, statement_cstr); ulong limit=SQL_NO_LIMIT; @@ -878,9 +896,7 @@ static void _sql(Request& r, MethodParam offset=(ulong)r.process_to_value(*voffset).as_double(); } if(valid_options!=options->count()) - throw Exception(PARSER_RUNTIME, - 0, - "called with invalid option"); + throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); } @@ -905,30 +921,72 @@ static void _sql(Request& r, MethodParam : 0; VFile& self=GET_SELF(r, VFile); self.set(true/*tainted*/, handlers.value.str, handlers.value.length, user_file_name_cstr, vcontent_type); + self.set_mode(false/*binary*/); } static void _base64(Request& r, MethodParams& params) { - bool dynamic = !(&r.get_self() == file_class); - if(dynamic){ + bool dynamic=!(&r.get_self() == file_class); + if(dynamic) { VFile& self=GET_SELF(r, VFile); if(params.count()) { - // decode: ^file::base64[encoded] - const char* cstr=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); + // decode: + // ^file::base64[encoded] // backward + // ^file::base64[mode;user-file-name;encoded[;$.content-type[...]]] + bool is_text=false; + VString* vcontent_type=0; + const char* user_file_name_cstr=0; + size_t param_index=0; + + if(params.count() > 1) { + if(params.count() < 3) + throw Exception(PARSER_RUNTIME, + 0, + "constructor can't have less then 3 parameters (has %d parameters)", + params.count()); // actually it accepts 1 parameter (backward) + + is_text=is_text_mode(params.as_no_junction(0, MODE_MUST_NOT_BE_CODE).as_string()); + user_file_name_cstr=params.as_string(1, FILE_NAME_MUST_BE_STRING).taint_cstr(String::L_FILE_SPEC); + + if(params.count() == 4) + if(HashStringValue* options=params.as_hash(3)) { + int valid_options=0; + if(Value* value=options->get(CONTENT_TYPE_NAME)) { + vcontent_type=new VString(value->as_string()); + valid_options++; + } + if(valid_options!=options->count()) + throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); + } + + if(!vcontent_type) + vcontent_type=new VString(r.mime_type_of(user_file_name_cstr)); + + param_index=2; + } + + const char* encoded=params.as_string(param_index, PARAMETER_MUST_BE_STRING).cstr(); + char* decoded=0; size_t length=0; - pa_base64_decode(cstr, strlen(cstr), decoded, length); - if(decoded && length) - self.set(true/*tainted*/, decoded, length); + pa_base64_decode(encoded, strlen(encoded), decoded, length); + + if(length && is_text) + fix_line_breaks(decoded, length); + + self.set(true/*tainted*/, decoded, length, user_file_name_cstr, vcontent_type); + + if(params.count() > 1) + self.set_mode(is_text); } else { // encode: ^f.base64[] const char* encoded=pa_base64_encode(self.value_ptr(), self.value_size()); - r.write_assign_lang(*new String(encoded, 0, true/*tainted. once ?param=base64(something) was needed**/)); + r.write_assign_lang(*new String(encoded, String::L_TAINTED/*once ?param=base64(something) was needed**/)); } } else { // encode: ^file:base64[filespec] const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING); const char* encoded=pa_base64_encode(r.absolute(file_spec)); - r.write_assign_lang(*new String(encoded, 0, true/*tainted. once ?param=base64(something) was needed*/)); + r.write_assign_lang(*new String(encoded, String::L_TAINTED/*once ?param=base64(something) was needed*/)); } } @@ -1019,11 +1077,14 @@ static void _md5(Request& r, MethodParam MFile::MFile(): Methoded("file") { // ^file::create[text;user-name;string] + // ^file::create[text;user-name;string;options hash] // ^file::create[binary;user-name;SOMEDAY SOMETHING] - add_native_method("create", Method::CT_DYNAMIC, _create, 3, 3); + // ^file::create[binary;user-name;SOMEDAY SOMETHING;options hash] + add_native_method("create", Method::CT_DYNAMIC, _create, 3, 4); // ^file.save[mode;file-name] - add_native_method("save", Method::CT_DYNAMIC, _save, 2, 2); + // ^file.save[mode;file-name;$.charset[...]] + add_native_method("save", Method::CT_DYNAMIC, _save, 2, 3); // ^file:delete[file-name] add_native_method("delete", Method::CT_STATIC, _delete, 1, 1); @@ -1033,6 +1094,8 @@ MFile::MFile(): Methoded("file") { // ^file::load[mode;disk-name] // ^file::load[mode;disk-name;user-name] + // ^file::load[mode;disk-name;user-name;options hash] + // ^file::load[mode;disk-name;options hash] add_native_method("load", Method::CT_DYNAMIC, _load, 2, 4); // ^file::stat[disk-name] @@ -1059,28 +1122,33 @@ MFile::MFile(): Methoded("file") { // ^file:find[file-name]{when-not-found} add_native_method("find", Method::CT_STATIC, _find, 1, 2); - // ^file:dirname[/a/some.tar.gz]=/a + // ^file:dirname[/a/some.tar.gz]=/a // ^file:dirname[/a/b/]=/a add_native_method("dirname", Method::CT_STATIC, _dirname, 1, 1); - // ^file:basename[/a/some.tar.gz]=some.tar.gz - add_native_method("basename", Method::CT_STATIC, _basename, 1, 1); - // ^file:justname[/a/some.tar.gz]=some.tar + // ^file:basename[/a/some.tar.gz]=some.tar.gz + add_native_method("basename", Method::CT_STATIC, _basename, 1, 1); + // ^file:justname[/a/some.tar.gz]=some.tar add_native_method("justname", Method::CT_STATIC, _justname, 1, 1); - // ^file:justext[/a/some.tar.gz]=gz + // ^file:justext[/a/some.tar.gz]=gz add_native_method("justext", Method::CT_STATIC, _justext, 1, 1); - // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif + // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif add_native_method("fullpath", Method::CT_STATIC, _fullpath, 1, 1); - // ^file.sql-string[] + // ^file.sql-string[] add_native_method("sql-string", Method::CT_DYNAMIC, _sql_string, 0, 0); - // ^file::sql[[alt_name]]{} + // ^file::sql{} + // ^file::sql{}[options hash] add_native_method("sql", Method::CT_DYNAMIC, _sql, 1, 2); - // ^file::base64[string] << decode - // ^file.base64[] << encode - // ^file:base64[file-name] << encode - add_native_method("base64", Method::CT_ANY, _base64, 0, 1); + // encode: + // ^file.base64[] + // ^file:base64[file-name] + // decode: + // ^file::base64[encoded] // backward + // ^file::base64[mode;user-file-name;encoded] + // ^file::base64[mode;user-file-name;encoded;$.content-type[...]] + add_native_method("base64", Method::CT_ANY, _base64, 0, 4); // ^file.crc32[] // ^file:crc32[file-name]