--- parser3/src/classes/math.C 2013/07/18 14:29:49 1.66 +++ parser3/src/classes/math.C 2013/08/27 11:27:45 1.72 @@ -12,22 +12,17 @@ #include "pa_common.h" #include "pa_vint.h" #include "pa_vmath.h" +#include "pa_vfile.h" #include "pa_request.h" #include "pa_md5.h" #include "pa_sha2.h" #include "pa_random.h" -#ifdef WIN32 -# define _WIN32_WINNT 0x400 -# include -# include -#endif - #ifdef HAVE_CRYPT -extern char *crypt(const char* , const char* ); +extern "C" char *crypt(const char* , const char* ); #endif -volatile const char * IDENT_MATH_C="$Id: math.C,v 1.66 2013/07/18 14:29:49 moko Exp $"; +volatile const char * IDENT_MATH_C="$Id: math.C,v 1.72 2013/08/27 11:27:45 moko Exp $"; // defines @@ -169,7 +164,7 @@ static void _crypt(Request& r, MethodPar } static void _md5(Request& r, MethodParams& params) { - const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); + const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets).cstr(); PA_MD5_CTX context; unsigned char digest[16]; @@ -321,7 +316,7 @@ void SHA1ReadDigest(void *buf, SHA1Conte } static void _sha1(Request& r, MethodParams& params) { - const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); + const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets).cstr(); SHA1Context c; unsigned char digest[20]; @@ -356,7 +351,7 @@ void memxor(char *dest, const char *src, memxor (block, key, keylen); \ init(&c); \ update(&c, (const unsigned char*)block, blocklen); \ - update(&c, (const unsigned char*)string, strlen(string)); \ + update(&c, (const unsigned char*)data.str, data.length); \ final(tempdigest, &c); \ /* Compute result from KEY and TEMP. */ \ memset (block, OPAD, blocklen); \ @@ -368,7 +363,17 @@ void memxor(char *dest, const char *src, static void _digest(Request& r, MethodParams& params) { const String &smethod = params.as_string(0, PARAMETER_MUST_BE_STRING); - const char *string = params.as_string(1, PARAMETER_MUST_BE_STRING).cstr(); + + Value& vdata=params.as_no_junction(1, "parameter must be string or file"); + + String::C data; + if(const String* sdata=vdata.get_string()){ + String::Body body=sdata->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes + data=String::C(body.cstr(), body.length()); + } else { + VFile *file=vdata.as_vfile(String::L_AS_IS); + data=String::C(file->value_ptr(),file->value_size()); + } enum Method { M_MD5, M_SHA1, M_SHA256, M_SHA512 } method; @@ -407,7 +412,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, pa_MD5Init, pa_MD5Update, pa_MD5Final, 64, 16); } else { pa_MD5Init(&c); - pa_MD5Update(&c, (const unsigned char*)string, strlen(string)); + pa_MD5Update(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(16); pa_MD5Final((unsigned char *)str, &c); @@ -420,7 +425,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, SHA1Reset, SHA1Input, SHA1ReadDigest, 64, 20); } else { SHA1Reset(&c); - SHA1Input(&c, (const unsigned char*)string, strlen(string)); + SHA1Input(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(20); SHA1ReadDigest(str, &c); @@ -433,7 +438,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, pa_SHA256_Init, pa_SHA256_Update, pa_SHA256_Final, 64, SHA256_DIGEST_LENGTH); } else { pa_SHA256_Init(&c); - pa_SHA256_Update(&c, (const unsigned char*)string, strlen(string)); + pa_SHA256_Update(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(SHA256_DIGEST_LENGTH); pa_SHA256_Final((unsigned char *)str, &c); @@ -446,7 +451,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, pa_SHA512_Init, pa_SHA512_Update, pa_SHA512_Final, 128, SHA512_DIGEST_LENGTH); } else { pa_SHA512_Init(&c); - pa_SHA512_Update(&c, (const unsigned char*)string, strlen(string)); + pa_SHA512_Update(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(SHA512_DIGEST_LENGTH); pa_SHA512_Final((unsigned char *)str, &c); @@ -569,7 +574,7 @@ MMath::MMath(): Methoded("math") { // ^math:sha1[string] ADD1(sha1); - // ^math:digest[method;string;options] + // ^math:digest[method;string|file;options] add_native_method("digest", Method::CT_STATIC, _digest, 2, 3); // ^math:crc32[string]