Annotation of parser3/src/classes/file.C, revision 1.164
1.17 paf 1: /** @file
2: Parser: @b file parser class.
3:
1.136 paf 4: Copyright (c) 2001-2005 ArtLebedev Group (http://www.artlebedev.com)
1.72 paf 5: Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru)
1.91 paf 6: */
1.17 paf 7:
1.164 ! misha 8: static const char * const IDENT_FILE_C="$Date: 2007/11/15 17:10:08 $";
1.47 parser 9:
10: #include "pa_config_includes.h"
11:
12: #include "pcre.h"
1.1 paf 13:
1.35 paf 14: #include "classes.h"
1.111 paf 15: #include "pa_vmethod_frame.h"
16:
1.1 paf 17: #include "pa_request.h"
18: #include "pa_vfile.h"
1.11 paf 19: #include "pa_table.h"
1.21 paf 20: #include "pa_vint.h"
1.24 paf 21: #include "pa_exec.h"
1.40 parser 22: #include "pa_vdate.h"
1.47 parser 23: #include "pa_dir.h"
24: #include "pa_vtable.h"
1.67 paf 25: #include "pa_charset.h"
1.109 paf 26: #include "pa_charsets.h"
1.121 paf 27: #include "pa_sql_connection.h"
1.147 misha 28: #include "pa_md5.h"
1.1 paf 29:
1.32 paf 30: // defines
31:
1.48 parser 32: #define TEXT_MODE_NAME "text"
1.125 paf 33: #define BINARY_MODE_NAME "binary"
1.90 paf 34: #define STDIN_EXEC_PARAM_NAME "stdin"
1.109 paf 35: #define CHARSET_EXEC_PARAM_NAME "charset"
1.48 parser 36:
1.131 paf 37: #define NAME_NAME "name"
38:
1.132 paf 39: // externs
40:
41: extern String sql_limit_name;
42: extern String sql_offset_name;
43:
1.111 paf 44: // class
45:
46: class MFile: public Methoded {
47: public: // VStateless_class
48:
1.134 paf 49: Value* create_new_value(Pool&, HashStringValue&) { return new VFile(); }
1.111 paf 50:
51: public: // Methoded
52: bool used_directly() { return true; }
53:
54: public:
55: MFile();
56:
57: };
58:
59: // global variable
60:
61: DECLARE_CLASS_VAR(file, new MFile, 0);
62:
1.83 paf 63: // consts
64:
65: /// from apache-1.3|src|support|suexec.c
1.111 paf 66: static const char* suexec_safe_env_lst[]={
1.83 paf 67: "AUTH_TYPE",
68: "CONTENT_LENGTH",
69: "CONTENT_TYPE",
70: "DATE_GMT",
71: "DATE_LOCAL",
72: "DOCUMENT_NAME",
73: "DOCUMENT_PATH_INFO",
74: "DOCUMENT_ROOT",
75: "DOCUMENT_URI",
76: "FILEPATH_INFO",
77: "GATEWAY_INTERFACE",
78: "LAST_MODIFIED",
79: "PATH_INFO",
80: "PATH_TRANSLATED",
81: "QUERY_STRING",
82: "QUERY_STRING_UNESCAPED",
83: "REMOTE_ADDR",
84: "REMOTE_HOST",
85: "REMOTE_IDENT",
86: "REMOTE_PORT",
87: "REMOTE_USER",
88: "REDIRECT_QUERY_STRING",
89: "REDIRECT_STATUS",
90: "REDIRECT_URL",
91: "REQUEST_METHOD",
92: "REQUEST_URI",
93: "SCRIPT_FILENAME",
94: "SCRIPT_NAME",
95: "SCRIPT_URI",
96: "SCRIPT_URL",
97: "SERVER_ADMIN",
98: "SERVER_NAME",
99: "SERVER_ADDR",
100: "SERVER_PORT",
101: "SERVER_PROTOCOL",
102: "SERVER_SOFTWARE",
103: "UNIQUE_ID",
104: "USER_NAME",
105: "TZ",
106: NULL
107: };
108:
1.111 paf 109: // statics
1.33 paf 110:
1.112 paf 111: static const String::Body adate_name("adate");
112: static const String::Body mdate_name("mdate");
113: static const String::Body cdate_name("cdate");
1.32 paf 114:
1.1 paf 115: // methods
116:
1.161 misha 117: static bool is_valid_mode (const String& mode) {
118: return (mode==TEXT_MODE_NAME || mode==BINARY_MODE_NAME);
119: }
120:
1.125 paf 121: static bool is_text_mode(const String& mode) {
122: if(mode==TEXT_MODE_NAME)
123: return true;
124: if(mode==BINARY_MODE_NAME)
125: return false;
1.156 misha 126: throw Exception(PARSER_RUNTIME,
1.125 paf 127: &mode,
128: "is invalid mode, must be either '"TEXT_MODE_NAME"' or '"BINARY_MODE_NAME"'");
129: }
130:
1.111 paf 131: static void _save(Request& r, MethodParams& params) {
1.161 misha 132: Value& vmode_name=params.as_no_junction(0, MODE_MUST_NOT_BE_CODE);
1.152 misha 133: Value& vfile_name=params.as_no_junction(1, FILE_NAME_MUST_NOT_BE_CODE);
1.4 paf 134:
1.7 paf 135: // save
1.111 paf 136: GET_SELF(r, VFile).save(r.absolute(vfile_name.as_string()),
1.125 paf 137: is_text_mode(vmode_name.as_string()));
1.7 paf 138: }
139:
1.111 paf 140: static void _delete(Request& r, MethodParams& params) {
1.152 misha 141: Value& vfile_name=params.as_no_junction(0, FILE_NAME_MUST_NOT_BE_CODE);
1.7 paf 142:
143: // unlink
1.68 paf 144: file_delete(r.absolute(vfile_name.as_string()));
1.1 paf 145: }
146:
1.111 paf 147: static void _move(Request& r, MethodParams& params) {
148: Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code");
149: Value& vto_file_name=params.as_no_junction(1, "to file name must not be code");
1.45 parser 150:
1.51 parser 151: // move
1.68 paf 152: file_move(
1.45 parser 153: r.absolute(vfrom_file_name.as_string()),
154: r.absolute(vto_file_name.as_string()));
155: }
156:
1.148 misha 157: static void copy_process_source(
158: struct stat& ,
159: int from_file,
160: const String& , const char* /*fname*/, bool,
161: void *context) {
162: int& to_file=*static_cast<int *>(context);
163:
164: int nCount=0;
165: do {
166: unsigned char buffer[FILE_BUFFER_SIZE];
1.150 misha 167: nCount = file_block_read(from_file, buffer, sizeof(buffer));
1.148 misha 168: int written=write(to_file, buffer, nCount);
169: if( written < 0 )
170: throw Exception(0,
171: 0,
172: "write failed: %s (%d)", strerror(errno), errno);
173:
174: } while(nCount > 0);
175: }
176:
177: static void copy_open_target(int f, void *from_spec) {
178: String& file_spec=*static_cast<String *>(from_spec);
179: file_read_action_under_lock(file_spec, "copy", copy_process_source, &f);
180: };
181:
182: static void _copy(Request& r, MethodParams& params) {
183: Value& vfrom_file_name=params.as_no_junction(0, "from file name must not be code");
184: Value& vto_file_name=params.as_no_junction(1, "to file name must not be code");
185:
186: String from_spec = r.absolute(vfrom_file_name.as_string());
187: const String& to_spec = r.absolute(vto_file_name.as_string());
188:
189: file_write_action_under_lock(
190: to_spec,
191: "copy",
192: copy_open_target,
1.149 misha 193: &from_spec);
1.148 misha 194: }
195:
1.111 paf 196: static void _load_pass_param(
197: HashStringValue::key_type key,
198: HashStringValue::value_type value,
199: HashStringValue *dest) {
200: dest->put(key, value);
201: }
202: static void _load(Request& r, MethodParams& params) {
1.161 misha 203: Value& vmode_name=params.as_no_junction(0, MODE_MUST_NOT_BE_CODE);
1.152 misha 204: const String& lfile_name=r.absolute(params.as_no_junction(1, FILE_NAME_MUST_NOT_BE_CODE).as_string());
1.111 paf 205: Value* third_param=params.count()>2?¶ms.as_no_junction(2, "filename or options must not be code")
206: :0;
207: HashStringValue* third_param_hash=third_param?third_param->get_hash():0;
208: size_t alt_filename_param_index=2;
1.104 paf 209: if(third_param_hash)
210: alt_filename_param_index++;
1.9 paf 211:
1.132 paf 212: HashStringValue* options=third_param_hash;
213: size_t offset=0;
214: size_t limit=0;
215: if(options) {
216: options=new HashStringValue(*options);
217: if(Value *voffset=(Value *)options->get(sql_offset_name)) {
218: offset=r.process_to_value(*voffset).as_int();
219: }
220: if(Value *vlimit=(Value *)options->get(sql_limit_name)) {
221: limit=r.process_to_value(*vlimit).as_int();
222: }
223: // no check on options count here, see file_read
224: }
1.111 paf 225: File_read_result file=file_read(r.charsets, lfile_name,
1.125 paf 226: is_text_mode(vmode_name.as_string()),
1.132 paf 227: options, true, 0, offset, limit
1.104 paf 228: );
1.9 paf 229:
1.111 paf 230: const char *user_file_name=params.count()>alt_filename_param_index?
1.152 misha 231: params.as_string(alt_filename_param_index, FILE_NAME_MUST_BE_STRING).cstr()
1.111 paf 232: :lfile_name.cstr(String::L_FILE_SPEC);
233:
234: Value* vcontent_type=0;
235: if(file.headers)
1.129 paf 236: {
237: if(Value* remote_content_type=file.headers->get("CONTENT-TYPE"))
238: vcontent_type=new VString(*new String(remote_content_type->as_string().cstr()));
239: }
1.104 paf 240: if(!vcontent_type)
1.111 paf 241: vcontent_type=new VString(r.mime_type_of(user_file_name));
1.10 paf 242:
1.111 paf 243: VFile& self=GET_SELF(r, VFile);
244: self.set(true/*tainted*/, file.str, file.length, user_file_name, vcontent_type);
245: if(file.headers)
1.143 paf 246: file.headers->for_each<HashStringValue*>(_load_pass_param, &self.fields());
1.9 paf 247: }
248:
1.138 paf 249: static void _create(Request& r, MethodParams& params) {
1.161 misha 250: Value& vmode_name=params.as_no_junction(0, MODE_MUST_NOT_BE_CODE);
1.138 paf 251: if(!is_text_mode(vmode_name.as_string()))
1.156 misha 252: throw Exception(PARSER_RUNTIME,
1.138 paf 253: 0,
254: "only text mode is currently supported");
255:
256: const char* user_file_name_cstr=r.absolute(
1.152 misha 257: params.as_no_junction(1, FILE_NAME_MUST_NOT_BE_CODE).as_string()).cstr(String::L_FILE_SPEC);
1.138 paf 258:
259: const String& content=params.as_string(2, "content must be string");
260: const char* content_cstr=content.cstr(String::L_UNSPECIFIED); // explode content, honor tainting changes
261:
262: VString* vcontent_type=new VString(r.mime_type_of(user_file_name_cstr));
263:
264: VFile& self=GET_SELF(r, VFile);
265: self.set(true/*tainted*/, content_cstr, strlen(content_cstr), user_file_name_cstr, vcontent_type);
266: }
267:
1.111 paf 268: static void _stat(Request& r, MethodParams& params) {
1.152 misha 269: Value& vfile_name=params.as_no_junction(0, FILE_NAME_MUST_NOT_BE_CODE);
1.25 paf 270:
271: const String& lfile_name=vfile_name.as_string();
272:
1.40 parser 273: size_t size;
274: time_t atime, mtime, ctime;
275: file_stat(r.absolute(lfile_name),
276: size,
277: atime, mtime, ctime);
1.25 paf 278:
1.111 paf 279: VFile& self=GET_SELF(r, VFile);
280: self.set(true/*tainted*/, 0/*no bytes*/, size);
281: HashStringValue& ff=self.fields();
282: ff.put(adate_name, new VDate(atime));
283: ff.put(mdate_name, new VDate(mtime));
284: ff.put(cdate_name, new VDate(ctime));
285: ff.put(content_type_name, new VString(r.mime_type_of(lfile_name.cstr(String::L_FILE_SPEC))));
1.25 paf 286: }
287:
1.111 paf 288: static bool is_safe_env_key(const char* key) {
289: for(const char* validator=key; *validator; validator++) {
290: char c=*validator;
291: if(!(c>='A' && c<='Z' || c>='0' && c<='9' || c=='_' || c=='-'))
292: return false;
293: }
1.88 paf 294: if(strncasecmp(key, "HTTP_", 5)==0)
1.83 paf 295: return true;
1.87 paf 296: if(strncasecmp(key, "CGI_", 4)==0)
1.83 paf 297: return true;
298: for(int i=0; suexec_safe_env_lst[i]; i++) {
1.87 paf 299: if(strcasecmp(key, suexec_safe_env_lst[i])==0)
1.83 paf 300: return true;
301: }
302: return false;
303: }
1.90 paf 304: #ifndef DOXYGEN
305: struct Append_env_pair_info {
1.141 paf 306: Request_charsets* charsets;
1.111 paf 307: HashStringString* env;
1.100 paf 308: Value* vstdin;
1.90 paf 309: };
310: #endif
1.111 paf 311: static void append_env_pair(
312: HashStringValue::key_type akey,
313: HashStringValue::value_type avalue,
314: Append_env_pair_info *info) {
315: if(akey==STDIN_EXEC_PARAM_NAME) {
316: info->vstdin=avalue;
317: } else if(akey==CHARSET_EXEC_PARAM_NAME) {
1.141 paf 318: // ignore, already processed
1.90 paf 319: } else {
1.111 paf 320: if(!is_safe_env_key(akey.cstr()))
1.156 misha 321: throw Exception(PARSER_RUNTIME,
1.111 paf 322: new String(akey, String::L_TAINTED),
1.90 paf 323: "not safe environment variable");
1.141 paf 324: info->env->put(akey, avalue->as_string().cstr_to_string_body(String::L_UNSPECIFIED, 0, info->charsets));
1.90 paf 325: }
1.22 paf 326: }
1.94 paf 327: #ifndef DOXYGEN
328: struct Pass_cgi_header_attribute_info {
1.111 paf 329: Charset* charset;
330: HashStringValue* fields;
331: Value* content_type;
1.94 paf 332: };
333: #endif
1.111 paf 334: static void pass_cgi_header_attribute(
335: ArrayString::element_type astring,
336: Pass_cgi_header_attribute_info* info) {
337: size_t colon_pos=astring->pos(':');
1.130 paf 338: if(colon_pos!=STRING_NOT_FOUND) {
1.111 paf 339: const String& key=astring->mid(0, colon_pos).change_case(
340: *info->charset, String::CC_UPPER);
1.130 paf 341: Value* value=new VString(astring->mid(colon_pos+1, astring->length()).trim());
1.111 paf 342: info->fields->put(key, value);
1.94 paf 343: if(key=="CONTENT-TYPE")
1.111 paf 344: info->content_type=value;
1.94 paf 345: }
1.29 paf 346: }
1.155 misha 347:
348: static void append_to_argv(Request& r, ArrayString& argv, const String* str){
349: if( str->length() ){
350: argv+=new String(str->cstr_to_string_body(String::L_UNSPECIFIED, 0, &r.charsets), String::L_AS_IS);
351: }
352: }
353:
1.162 misha 354: inline size_t strpos(const char *s1, const char *s2) {
355: const char *p = strstr(s1, s2);
356: return (p==0)?(size_t)-1:p-s1;
357: }
358:
1.90 paf 359: /// @todo fix `` in perl - they produced flipping consoles and no output to perl
1.111 paf 360: static void _exec_cgi(Request& r, MethodParams& params,
1.41 parser 361: bool cgi) {
1.21 paf 362:
1.162 misha 363: Value& first_param=params.as_no_junction(0, FIRST_ARG_MUST_NOT_BE_CODE);
364:
365: bool is_mode_specified=is_valid_mode(first_param.as_string());
366: const String& mode_name=(is_mode_specified) ? first_param.as_string() : *new String(TEXT_MODE_NAME);
367:
368: size_t param_index=1;
369: if(!is_mode_specified){
370: --param_index;
371: }
372:
373: if(param_index>=params.count())
374: throw Exception(PARSER_RUNTIME,
375: 0,
376: "file name must be specified");
377:
378:
379: Value& vfile_name=params.as_no_junction(param_index++, FILE_NAME_MUST_NOT_BE_CODE);
1.21 paf 380:
1.23 paf 381: const String& script_name=r.absolute(vfile_name.as_string());
382:
1.111 paf 383: HashStringString env;
1.62 paf 384: #define ECSTR(name, value_cstr) \
1.111 paf 385: if(value_cstr) \
386: env.put( \
1.112 paf 387: String::Body(#name), \
388: String::Body(value_cstr, 0)); \
1.82 paf 389: // passing SAPI::environment
1.111 paf 390: if(const char *const *pairs=SAPI::environment(r.sapi_info)) {
391: while(const char* pair=*pairs++)
392: if(const char* eq_at=strchr(pair, '='))
393: if(eq_at[1]) // has value
394: env.put(
395: pa_strdup(pair, eq_at-pair),
396: pa_strdup(eq_at+1, 0));
1.82 paf 397: }
398:
1.23 paf 399: // const
1.63 paf 400: ECSTR(GATEWAY_INTERFACE, "CGI/1.1");
1.23 paf 401: // from Request.info
1.111 paf 402: ECSTR(DOCUMENT_ROOT, r.request_info.document_root);
403: ECSTR(PATH_TRANSLATED, r.request_info.path_translated);
404: ECSTR(REQUEST_METHOD, r.request_info.method);
405: ECSTR(QUERY_STRING, r.request_info.query_string);
406: ECSTR(REQUEST_URI, r.request_info.uri);
407: ECSTR(CONTENT_TYPE, r.request_info.content_type);
1.23 paf 408: char content_length_cstr[MAX_NUMBER];
1.111 paf 409: snprintf(content_length_cstr, MAX_NUMBER, "%u", r.request_info.content_length);
410: //String content_length(content_length_cstr);
1.62 paf 411: ECSTR(CONTENT_LENGTH, content_length_cstr);
1.82 paf 412: // SCRIPT_*
1.119 paf 413: env.put(String::Body("SCRIPT_NAME"), script_name);
414: //env.put(String::Body("SCRIPT_FILENAME"), ??&script_name);
1.23 paf 415:
1.111 paf 416: bool stdin_specified=false;
1.90 paf 417: // environment & stdin from param
1.111 paf 418: String *in=new String();
1.109 paf 419: Charset *charset=0; // default script works raw_in 'source' charset = no transcoding needed
1.162 misha 420: if(param_index < params.count()) {
421: Value& venv=params.as_no_junction(param_index++, "env must not be code");
1.111 paf 422: if(HashStringValue* user_env=venv.get_hash()) {
1.141 paf 423: // $.charset [previewing to handle URI pieces]
424: if(Value* vcharset=user_env->get(CHARSET_EXEC_PARAM_NAME))
425: charset=&charsets.get(vcharset->as_string()
426: .change_case(r.charsets.source(), String::CC_UPPER));
427:
428: // $.others
429: Append_env_pair_info info={&r.charsets, &env, 0};
430: {
1.144 paf 431: // influence tainting
432: // main target -- $.QUERY_STRING -- URLencoding of tainted pieces to String::L_URI lang
1.141 paf 433: Temp_client_charset temp(r.charsets, charset? *charset: r.charsets.source());
1.143 paf 434: user_env->for_each<Append_env_pair_info*>(append_env_pair, &info);
1.141 paf 435: }
1.109 paf 436: // $.stdin
1.103 paf 437: if(info.vstdin) {
1.111 paf 438: stdin_specified=true;
439: if(const String* sstdin=info.vstdin->get_string()) {
440: in->append(*sstdin, String::L_CLEAN, true);
1.103 paf 441: } else
1.111 paf 442: if(VFile* vfile=static_cast<VFile *>(info.vstdin->as("file", false)))
443: in->append_know_length((const char* )vfile->value_ptr(), vfile->value_size(), String::L_TAINTED);
1.100 paf 444: else
1.156 misha 445: throw Exception(PARSER_RUNTIME,
1.111 paf 446: 0,
1.100 paf 447: STDIN_EXEC_PARAM_NAME " parameter must be string or file");
1.103 paf 448: }
1.90 paf 449: }
1.21 paf 450: }
451:
1.90 paf 452: // argv from params
1.111 paf 453: ArrayString argv;
1.162 misha 454: if(param_index < params.count()) {
1.144 paf 455: // influence tainting
456: // main target -- URLencoding of tainted pieces to String::L_URI lang
457: Temp_client_charset temp(r.charsets, charset? *charset: r.charsets.source());
1.154 misha 458:
1.162 misha 459: for(size_t i=param_index; i<params.count(); i++) {
1.161 misha 460: Value& param=params.as_no_junction(i, PARAM_MUST_NOT_BE_CODE);
1.154 misha 461: if(param.is_defined()){
462: if(param.is_string()){
1.155 misha 463: append_to_argv(r, argv, param.get_string());
1.154 misha 464: } else {
1.155 misha 465: Table* table=param.get_table();
466: if(table){
467: for(size_t i=0; i<table->count(); i++) {
468: append_to_argv(r, argv, table->get(i)->get(0));
1.154 misha 469: }
470: } else {
1.156 misha 471: throw Exception(PARSER_RUNTIME,
1.154 misha 472: 0,
1.162 misha 473: "param must be string or table");
1.154 misha 474: }
475: }
1.145 misha 476: }
1.144 paf 477: }
1.21 paf 478: }
1.90 paf 479:
1.109 paf 480: // transcode if necessary
481: if(charset) {
1.111 paf 482: Charset::transcode(env, r.charsets.source(), *charset);
483: Charset::transcode(argv, r.charsets.source(), *charset);
484: in=&Charset::transcode(*in, r.charsets.source(), *charset);
485: }
486: // @todo
487: // ifdef WIN32 do OEM->ANSI transcode on some(.cmd?) programs to
488: // match silent conversion in OS
489:
490: // exec!
1.163 misha 491: PA_exec_result execution=pa_exec(false/*forced_allow*/, script_name, &env, argv, *in);
1.111 paf 492:
1.162 misha 493: File_read_result *file_out=&execution.out;
1.111 paf 494: String *real_err=&execution.err;
1.162 misha 495:
1.163 misha 496: if(file_out->length && is_text_mode(mode_name)){
1.162 misha 497: fix_line_breaks(file_out->str, file_out->length);
498: // treat output as string
499: String *real_out = new String(file_out->str, file_out->length);
500:
501: // transcode if necessary
502: if(charset) {
503: real_out=&Charset::transcode(*real_out, *charset, r.charsets.source());
504: real_err=&Charset::transcode(*real_err, *charset, r.charsets.source());
505: }
506: // FIXME: unsafe cast
1.163 misha 507: file_out->str=const_cast<char *>(real_out->cstr()); // hacking a little
1.162 misha 508: file_out->length = real_out->length();
1.109 paf 509: }
510:
1.111 paf 511: VFile& self=GET_SELF(r, VFile);
1.109 paf 512:
1.162 misha 513: if(cgi) { // ^file::cgi
1.163 misha 514: const char* eol_marker=0;
515: size_t eol_marker_size;
516:
1.111 paf 517: // construct with 'out' body and header
1.162 misha 518: size_t dos_pos=strpos(file_out->str, "\r\n\r\n");
519: size_t unix_pos=strpos(file_out->str, "\n\n");
1.111 paf 520:
521: bool unix_header_break;
522: switch((dos_pos!=STRING_NOT_FOUND?10:00) + (unix_pos!=STRING_NOT_FOUND?01:00)) {
523: case 10: // dos
524: unix_header_break=false;
525: break;
526: case 01: // unix
527: unix_header_break=true;
528: break;
529: case 11: // dos & unix
530: unix_header_break=unix_pos<dos_pos;
531: break;
532: default: // 00
533: unix_header_break=false; // calm down, compiler
1.74 paf 534: throw Exception(0,
1.111 paf 535: 0,
1.90 paf 536: "output does not contain CGI header; "
537: "exit status=%d; stdoutsize=%u; stdout: \"%s\"; stderrsize=%u; stderr: \"%s\"",
1.111 paf 538: execution.status,
1.162 misha 539: (uint)file_out->length, file_out->str,
1.111 paf 540: (uint)real_err->length(), real_err->cstr());
541: break; //never reached
542: }
543:
544: int header_break_pos;
545: if(unix_header_break) {
546: header_break_pos=unix_pos;
547: eol_marker="\n"; eol_marker_size=1;
548: } else {
549: header_break_pos=dos_pos;
550: eol_marker="\r\n"; eol_marker_size=2;
551: }
1.21 paf 552:
1.162 misha 553: file_out->str[header_break_pos] = 0;
554: String *header=new String(file_out->str, header_break_pos);
555: unsigned long headersize = header_break_pos+eol_marker_size*2;
556: file_out->str += headersize;
557: file_out->length -= headersize;
558:
1.164 ! misha 559: // $body
! 560: self.set(false/*not tainted*/, file_out->str, file_out->length);
! 561:
1.162 misha 562: // $fields << header
563: if(header && eol_marker) {
564: ArrayString rows;
565: size_t pos_after=0;
566: header->split(rows, pos_after, eol_marker);
567: Pass_cgi_header_attribute_info info={0, 0, 0};
568: info.charset=&r.charsets.source();
569: info.fields=&self.fields();
570: rows.for_each(pass_cgi_header_attribute, &info);
571: if(info.content_type)
572: self.fields().put(content_type_name, info.content_type);
573: }
1.164 ! misha 574: } else { // ^file::exec
1.163 misha 575: // $body
576: self.set(false/*not tainted*/, file_out->str, file_out->length);
1.164 ! misha 577: }
1.163 misha 578:
1.42 parser 579: // $status
1.111 paf 580: self.fields().put(file_status_name, new VInt(execution.status));
1.21 paf 581:
582: // $stderr
1.111 paf 583: if(real_err->length())
1.21 paf 584: self.fields().put(
1.119 paf 585: String::Body("stderr"),
1.111 paf 586: new VString(*real_err));
1.21 paf 587: }
1.111 paf 588: static void _exec(Request& r, MethodParams& params) {
589: _exec_cgi(r, params, false);
1.41 parser 590: }
1.111 paf 591: static void _cgi(Request& r, MethodParams& params) {
592: _exec_cgi(r, params, true);
1.41 parser 593: }
594:
1.111 paf 595: static void _list(Request& r, MethodParams& params) {
596: Value& relative_path=params.as_no_junction(0, "path must not be code");
1.47 parser 597:
1.111 paf 598: const String* regexp;
1.47 parser 599: pcre *regexp_code;
1.81 paf 600: const int ovecsize=(1/*match*/)*3;
601: int ovector[ovecsize];
1.111 paf 602: if(params.count()>1) {
603: regexp=¶ms.as_no_junction(1, "regexp must not be code").as_string();
1.47 parser 604:
1.111 paf 605: const char* pattern=regexp->cstr();
606: const char* errptr;
1.47 parser 607: int erroffset;
608: regexp_code=pcre_compile(pattern, PCRE_EXTRA | PCRE_DOTALL,
609: &errptr, &erroffset,
1.111 paf 610: r.charsets.source().pcre_tables);
1.47 parser 611:
612: if(!regexp_code)
1.74 paf 613: throw Exception(0,
1.111 paf 614: ®exp->mid(erroffset, regexp->length()),
1.47 parser 615: "regular expression syntax error - %s", errptr);
1.114 paf 616: } else {
617: regexp=0; // not used, just to calm down compiler
1.47 parser 618: regexp_code=0;
1.114 paf 619: }
1.47 parser 620:
621:
1.111 paf 622: const char* absolute_path_cstr=r.absolute(relative_path.as_string()).cstr(String::L_FILE_SPEC);
1.47 parser 623:
1.111 paf 624: Table::columns_type columns(new ArrayString);
625: *columns+=new String("name");
626: Table& table=*new Table(columns);
1.47 parser 627:
628: LOAD_DIR(absolute_path_cstr,
1.111 paf 629: const char* file_name_cstr=ffblk.ff_name;
630: size_t file_name_size=strlen(file_name_cstr);
1.47 parser 631: bool suits=true;
632: if(regexp_code) {
633: int exec_result=pcre_exec(regexp_code, 0,
634: ffblk.ff_name, file_name_size, 0,
635: 0, ovector, ovecsize);
636:
637: if(exec_result==PCRE_ERROR_NOMATCH)
638: suits=false;
639: else if(exec_result<0) {
640: (*pcre_free)(regexp_code);
1.74 paf 641: throw Exception(0,
1.47 parser 642: regexp,
643: "regular expression execute (%d)",
644: exec_result);
645: }
646: }
647:
648: if(suits) {
1.111 paf 649: Table::element_type row(new ArrayString);
650: *row+=new String(pa_strdup(file_name_cstr, file_name_size), file_name_size, true);
651: table+=row;
1.47 parser 652: }
653: );
654:
655: if(regexp_code)
1.111 paf 656: pcre_free(regexp_code);
1.47 parser 657:
1.60 parser 658: // write out result
1.111 paf 659: r.write_no_lang(*new VTable(&table));
1.47 parser 660: }
1.21 paf 661:
1.69 paf 662: #ifndef DOXYGEN
663: struct Lock_execute_body_info {
1.111 paf 664: Request* r;
665: Value* body_code;
1.69 paf 666: };
667: #endif
1.111 paf 668: static void lock_execute_body(int , void *ainfo) {
669: Lock_execute_body_info& info=*static_cast<Lock_execute_body_info *>(ainfo);
1.69 paf 670: // execute body
1.78 paf 671: info.r->write_assign_lang(info.r->process(*info.body_code));
1.69 paf 672: };
1.111 paf 673: static void _lock(Request& r, MethodParams& params) {
1.152 misha 674: const String& file_spec=r.absolute(params.as_string(0, FILE_NAME_MUST_BE_STRING));
1.116 paf 675: Lock_execute_body_info info={
676: &r,
1.117 paf 677: ¶ms.as_junction(1, "body must be code")
1.116 paf 678: };
1.69 paf 679:
1.158 misha 680: file_write_action_under_lock(
681: file_spec,
682: "lock",
683: lock_execute_body,
684: &info);
1.69 paf 685: }
686:
1.111 paf 687: static int lastposafter(const String& s, size_t after, const char* substr, size_t substr_size, bool beforelast=false) {
1.114 paf 688: size_t size=0; // just to calm down compiler
1.89 paf 689: if(beforelast)
1.111 paf 690: size=s.length();
1.116 paf 691: size_t at;
1.112 paf 692: while((at=s.pos(String::Body(substr, substr_size), after))!=STRING_NOT_FOUND) {
1.89 paf 693: size_t newafter=at+substr_size/*skip substr*/;
694: if(beforelast && newafter==size)
695: break;
696: after=newafter;
697: }
698:
699: return after;
700: }
701:
1.111 paf 702: static void _find(Request& r, MethodParams& params) {
1.152 misha 703: const String& file_name=params.as_no_junction(0, FILE_NAME_MUST_NOT_BE_CODE).as_string();
1.111 paf 704: const String* file_spec;
1.90 paf 705: if(file_name.first_char()=='/')
706: file_spec=&file_name;
707: else
1.111 paf 708: file_spec=&r.relative(r.request_info.uri, file_name);
1.90 paf 709:
710: // easy way
1.142 paf 711: if(file_exist(r.absolute(*file_spec))) {
1.96 paf 712: r.write_assign_lang(*file_spec);
1.90 paf 713: return;
714: }
715:
716: // monkey way
717: int after_base_slash=lastposafter(*file_spec, 0, "/", 1);
1.111 paf 718: const String* dirname=&file_spec->mid(0, after_base_slash);
719: const String& basename=file_spec->mid(after_base_slash, file_spec->length());
1.90 paf 720:
721: int after_monkey_slash;
722: while((after_monkey_slash=lastposafter(*dirname, 0, "/", 1, true))>0) {
1.111 paf 723: String test_name;
724: test_name<<*(dirname=&dirname->mid(0, after_monkey_slash));
725: test_name<<basename;
1.142 paf 726: if(file_exist(r.absolute(test_name))) {
1.111 paf 727: r.write_assign_lang(test_name);
1.90 paf 728: return;
729: }
730: }
731:
732: // no way, not found
1.111 paf 733: if(params.count()==2) {
734: Value& not_found_code=params.as_junction(1, "not-found param must be code");
1.90 paf 735: r.write_pass_lang(r.process(not_found_code));
736: }
737: }
738:
1.111 paf 739: static void _dirname(Request& r, MethodParams& params) {
1.152 misha 740: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.89 paf 741: // /a/some.tar.gz > /a
742: // /a/b/ > /a
743: int afterslash=lastposafter(file_spec, 0, "/", 1, true);
744: if(afterslash>0)
745: r.write_assign_lang(file_spec.mid(0, afterslash==1?1:afterslash-1));
746: else
1.111 paf 747: r.write_assign_lang(String(".", 1));
1.89 paf 748: }
749:
1.111 paf 750: static void _basename(Request& r, MethodParams& params) {
1.152 misha 751: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.89 paf 752: // /a/some.tar.gz > some.tar.gz
753: int afterslash=lastposafter(file_spec, 0, "/", 1);
1.111 paf 754: r.write_assign_lang(file_spec.mid(afterslash, file_spec.length()));
1.89 paf 755: }
756:
1.111 paf 757: static void _justname(Request& r, MethodParams& params) {
1.152 misha 758: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.89 paf 759: // /a/some.tar.gz > some.tar
760: int afterslash=lastposafter(file_spec, 0, "/", 1);
761: int afterdot=lastposafter(file_spec, afterslash, ".", 1);
1.111 paf 762: r.write_assign_lang(file_spec.mid(afterslash, afterdot!=afterslash?afterdot-1:file_spec.length()));
1.89 paf 763: }
1.111 paf 764: static void _justext(Request& r, MethodParams& params) {
1.152 misha 765: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.89 paf 766: // /a/some.tar.gz > gz
767: int afterdot=lastposafter(file_spec, 0, ".", 1);
768: if(afterdot>0)
1.111 paf 769: r.write_assign_lang(file_spec.mid(afterdot, file_spec.length()));
1.89 paf 770: }
771:
1.111 paf 772: static void _fullpath(Request& r, MethodParams& params) {
1.152 misha 773: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.111 paf 774: const String* result;
1.102 paf 775: if(file_spec.first_char()=='/')
776: result=&file_spec;
777: else {
778: // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif
779: const String& full_disk_path=r.absolute(file_spec);
1.111 paf 780: size_t document_root_length=strlen(r.request_info.document_root);
1.106 paf 781:
782: if(document_root_length>0) {
1.111 paf 783: char last_char=r.request_info.document_root[document_root_length-1];
1.106 paf 784: if(last_char == '/' || last_char == '\\')
785: --document_root_length;
786: }
1.111 paf 787: result=&full_disk_path.mid(document_root_length, full_disk_path.length());
1.102 paf 788: }
789: r.write_assign_lang(*result);
790: }
791:
1.121 paf 792: static void _sql_string(Request& r, MethodParams&) {
793: VFile& self=GET_SELF(r, VFile);
794:
795: const char *quoted=r.connection()->quote(self.value_ptr(), self.value_size());
796: r.write_assign_lang(*new String(quoted));
797: }
1.89 paf 798:
1.122 paf 799: #ifndef DOXYGEN
800: class File_sql_event_handlers: public SQL_Driver_query_event_handlers {
801: const String& statement_string; const char* statement_cstr;
802: int got_columns;
803: int got_cells;
804: public:
805: String::C value;
1.131 paf 806: const String* user_file_name;
807: const String* user_content_type;
1.122 paf 808: public:
809: File_sql_event_handlers(
810: const String& astatement_string, const char* astatement_cstr):
811: statement_string(astatement_string), statement_cstr(astatement_cstr),
812: got_columns(0),
813: got_cells(0),
814: user_file_name(0),
815: user_content_type(0) {}
816:
817: bool add_column(SQL_Error& error, const char* /*str*/, size_t /*length*/) {
818: if(got_columns++==3) {
1.156 misha 819: error=SQL_Error(PARSER_RUNTIME, "result must contain not more then 3 columns");
1.122 paf 820: return true;
821: }
822: return false;
823: }
824: bool before_rows(SQL_Error& /*error*/ ) { /* ignore */ return false; }
825: bool add_row(SQL_Error& /*error*/) { /* ignore */ return false; }
826: bool add_row_cell(SQL_Error& error, const char* str, size_t length) {
827: try {
828: switch(got_cells++) {
829: case 0:
830: value=String::C(str, length);
831: break;
832: case 1:
1.131 paf 833: if(!user_file_name) // user not specified?
834: user_file_name=new String(str, length, true);
1.122 paf 835: break;
836: case 2:
1.131 paf 837: if(!user_content_type) // user not specified?
838: user_content_type=new String(str, length, true);
1.122 paf 839: break;
840: default:
1.156 misha 841: error=SQL_Error(PARSER_RUNTIME, "result must not contain more then one row, three rows");
1.122 paf 842: return true;
843: }
844: return false;
845: } catch(...) {
846: error=SQL_Error("exception occured in File_sql_event_handlers::add_row_cell");
847: return true;
848: }
849: }
850: };
851: #endif
852: static void _sql(Request& r, MethodParams& params) {
1.131 paf 853: Value& statement=params.as_junction(0, "statement must be code");
1.122 paf 854:
855: Temp_lang temp_lang(r, String::L_SQL);
856: const String& statement_string=r.process_to_string(statement);
857: const char* statement_cstr=
858: statement_string.cstr(String::L_UNSPECIFIED, r.connection());
859: File_sql_event_handlers handlers(statement_string, statement_cstr);
1.131 paf 860:
861: if(params.count()>1)
862: if(HashStringValue* options=
1.161 misha 863: params.as_no_junction(1, PARAM_MUST_NOT_BE_CODE).get_hash()) {
1.131 paf 864: int valid_options=0;
865: if(Value* vfilename=options->get(NAME_NAME)) {
866: valid_options++;
867: handlers.user_file_name=&vfilename->as_string();
868: }
869: if(Value* vcontent_type=options->get(CONTENT_TYPE_NAME)) {
870: valid_options++;
871: handlers.user_content_type=&vcontent_type->as_string();
872: }
873: if(valid_options!=options->count())
1.156 misha 874: throw Exception(PARSER_RUNTIME,
1.131 paf 875: 0,
876: "called with invalid option");
877: }
878:
879:
1.122 paf 880: r.connection()->query(
1.123 paf 881: statement_cstr,
882: 0, 0,
883: 0, 0,
1.122 paf 884: handlers,
885: statement_string);
886:
887: if(!handlers.value)
1.156 misha 888: throw Exception(PARSER_RUNTIME,
1.122 paf 889: 0,
890: "produced no result");
891:
1.131 paf 892: const char* user_file_name_cstr=handlers.user_file_name? handlers.user_file_name->cstr(): 0;
1.122 paf 893:
894: VString* vcontent_type=handlers.user_content_type?
895: new VString(*handlers.user_content_type)
896: : user_file_name_cstr?
897: new VString(r.mime_type_of(user_file_name_cstr))
898: : 0;
899: VFile& self=GET_SELF(r, VFile);
900: self.set(true/*tainted*/, handlers.value.str, handlers.value.length, user_file_name_cstr, vcontent_type);
901: }
1.140 paf 902:
1.139 paf 903: static void _base64(Request& r, MethodParams& params) {
1.151 misha 904: bool dynamic = !(&r.get_self() == file_class);
905: if ( dynamic ){
1.140 paf 906: VFile& self=GET_SELF(r, VFile);
1.139 paf 907: if(params.count()) {
1.140 paf 908: // decode
1.160 misha 909: const char* cstr=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr();
1.140 paf 910: char* decoded_cstr=0;
1.139 paf 911: size_t decoded_size=0;
912: pa_base64_decode(cstr, strlen(cstr), decoded_cstr, decoded_size);
913: if(decoded_cstr && decoded_size)
1.140 paf 914: self.set(true/*tainted*/, decoded_cstr, decoded_size);
915: } else {
916: // encode
917: const char* encoded=pa_base64_encode(self.value_ptr(), self.value_size());
918: r.write_assign_lang(*new String(encoded, 0, true/*once ?param=base64(something) was needed*/));
1.139 paf 919: }
1.151 misha 920: } else {
921: // encode
1.152 misha 922: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.151 misha 923: const char* encoded=pa_base64_encode(r.absolute(file_spec));
924: r.write_assign_lang(*new String(encoded, 0, true/*once ?param=base64(something) was needed*/));
925: }
1.139 paf 926: }
1.140 paf 927:
1.146 misha 928: static void _crc32(Request& r, MethodParams& params) {
929: unsigned long crc32 = 0;
930: if(&r.get_self() == file_class) {
931: // ^file:crc32[file-name]
932: if(params.count()) {
1.152 misha 933: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.146 misha 934: crc32=pa_crc32(r.absolute(file_spec));
935: } else {
1.156 misha 936: throw Exception(PARSER_RUNTIME,
1.146 misha 937: 0,
938: "file name must be defined");
939: }
940: } else {
941: // ^file.crc32[]
942: VFile& self=GET_SELF(r, VFile);
943: crc32=pa_crc32(self.value_ptr(), self.value_size());
944: }
945: r.write_no_lang(*new VInt(crc32));
946: }
947:
948:
1.147 misha 949: static void file_md5_file_action(
950: struct stat& finfo,
951: int f,
952: const String& , const char* /*fname*/, bool,
953: void *context)
954: {
955: PA_MD5_CTX& md5context=*static_cast<PA_MD5_CTX *>(context);
956: if(finfo.st_size) {
1.148 misha 957: int nCount=0;
1.147 misha 958: do {
959: unsigned char buffer[FILE_BUFFER_SIZE];
1.150 misha 960: nCount = file_block_read(f, buffer, sizeof(buffer));
1.147 misha 961: if ( nCount ){
962: pa_MD5Update(&md5context, (const unsigned char*)buffer, nCount);
963: }
1.148 misha 964: } while(nCount > 0);
1.147 misha 965: }
966: }
967:
968: const char* pa_md5(const String& file_spec)
969: {
970: PA_MD5_CTX context;
971: unsigned char digest[16];
972: pa_MD5Init(&context);
973: file_read_action_under_lock(file_spec, "md5", file_md5_file_action, &context);
974: pa_MD5Final(digest, &context);
975:
976: return hex_string(digest, sizeof(digest), false);
977: }
978:
979: const char* pa_md5(const char *in, size_t in_size)
980: {
981: PA_MD5_CTX context;
982: unsigned char digest[16];
983: pa_MD5Init(&context);
984: pa_MD5Update(&context, (const unsigned char*)in, in_size);
985: pa_MD5Final(digest, &context);
986:
987: return hex_string(digest, sizeof(digest), false);
988: }
989:
990: static void _md5(Request& r, MethodParams& params) {
991: const char* md5;
992: if(&r.get_self() == file_class) {
993: // ^file:md5[file-name]
994: if(params.count()) {
1.152 misha 995: const String& file_spec=params.as_string(0, FILE_NAME_MUST_BE_STRING);
1.147 misha 996: md5=pa_md5(r.absolute(file_spec));
997: } else {
1.156 misha 998: throw Exception(PARSER_RUNTIME,
1.147 misha 999: 0,
1000: "file name must be defined");
1001: }
1002: } else {
1003: // ^file.md5[]
1004: VFile& self=GET_SELF(r, VFile);
1005: md5=pa_md5(self.value_ptr(), self.value_size());
1006:
1007: }
1008: r.write_no_lang(*new String(md5));
1009: }
1010:
1.32 paf 1011: // constructor
1012:
1.111 paf 1013: MFile::MFile(): Methoded("file") {
1.146 misha 1014: // ^file::create[text;user-name;string]
1015: // ^file::create[binary;user-name;SOMEDAY SOMETHING]
1.138 paf 1016: add_native_method("create", Method::CT_DYNAMIC, _create, 3, 3);
1017:
1.146 misha 1018: // ^file.save[mode;file-name]
1.48 parser 1019: add_native_method("save", Method::CT_DYNAMIC, _save, 2, 2);
1.7 paf 1020:
1.146 misha 1021: // ^file:delete[file-name]
1.32 paf 1022: add_native_method("delete", Method::CT_STATIC, _delete, 1, 1);
1.45 parser 1023:
1.146 misha 1024: // ^file:move[from-file-name;to-file-name]
1.45 parser 1025: add_native_method("move", Method::CT_STATIC, _move, 2, 2);
1.8 paf 1026:
1.146 misha 1027: // ^file::load[mode;disk-name]
1028: // ^file::load[mode;disk-name;user-name]
1.48 parser 1029: add_native_method("load", Method::CT_DYNAMIC, _load, 2, 3);
1.25 paf 1030:
1.146 misha 1031: // ^file::stat[disk-name]
1.32 paf 1032: add_native_method("stat", Method::CT_DYNAMIC, _stat, 1, 1);
1.21 paf 1033:
1.162 misha 1034: // ^file::cgi[mode;file-name]
1035: // ^file::cgi[mode;file-name;env hash]
1036: // ^file::cgi[mode;file-name;env hash;1cmd;2line;3ar;4g;5s]
1037: add_native_method("cgi", Method::CT_DYNAMIC, _cgi, 1, 3+50);
1038:
1039: // ^file::exec[mode;file-name]
1040: // ^file::exec[mode;file-name;env hash]
1041: // ^file::exec[mode;file-name;env hash;1cmd;2line;3ar;4g;5s]
1042: add_native_method("exec", Method::CT_DYNAMIC, _exec, 1, 3+50);
1.47 parser 1043:
1044: // ^file:list[path]
1045: // ^file:list[path][regexp]
1046: add_native_method("list", Method::CT_STATIC, _list, 1, 2);
1.69 paf 1047:
1048: // ^file:lock[path]{code}
1049: add_native_method("lock", Method::CT_STATIC, _lock, 2, 2);
1.90 paf 1050:
1.146 misha 1051: // ^file:find[file-name]
1052: // ^file:find[file-name]{when-not-found}
1.90 paf 1053: add_native_method("find", Method::CT_STATIC, _find, 1, 2);
1.47 parser 1054:
1.89 paf 1055: // ^file:dirname[/a/some.tar.gz]=/a
1056: // ^file:dirname[/a/b/]=/a
1057: add_native_method("dirname", Method::CT_STATIC, _dirname, 1, 1);
1058: // ^file:basename[/a/some.tar.gz]=some.tar.gz
1059: add_native_method("basename", Method::CT_STATIC, _basename, 1, 1);
1060: // ^file:justname[/a/some.tar.gz]=some.tar
1061: add_native_method("justname", Method::CT_STATIC, _justname, 1, 1);
1062: // ^file:justext[/a/some.tar.gz]=gz
1063: add_native_method("justext", Method::CT_STATIC, _justext, 1, 1);
1.102 paf 1064: // /some/page.html: ^file:fullpath[a.gif] => /some/a.gif
1065: add_native_method("fullpath", Method::CT_STATIC, _fullpath, 1, 1);
1.121 paf 1066:
1067: // ^file.sql-string[]
1068: add_native_method("sql-string", Method::CT_DYNAMIC, _sql_string, 0, 0);
1.122 paf 1069:
1070: // ^file::sql[[alt_name]]{}
1071: add_native_method("sql", Method::CT_DYNAMIC, _sql, 1, 2);
1.139 paf 1072:
1.146 misha 1073: // ^file::base64[string] << decode
1.139 paf 1074: // ^file.base64[] << encode
1.151 misha 1075: // ^file:base64[file-name] << encode
1076: add_native_method("base64", Method::CT_ANY, _base64, 0, 1);
1.146 misha 1077:
1078: // ^file.crc32[]
1079: // ^file:crc32[file-name]
1080: add_native_method("crc32", Method::CT_ANY, _crc32, 0, 1);
1.147 misha 1081:
1082: // ^file.md5[]
1083: // ^file:md5[file-name]
1084: add_native_method("md5", Method::CT_ANY, _md5, 0, 1);
1085:
1.148 misha 1086: // ^file:copy[from-file-name;to-file-name]
1087: add_native_method("copy", Method::CT_STATIC, _copy, 2, 2);
1.1 paf 1088: }
E-mail:
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to file.C CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [parser3project] / parser3 / src / classes