--- parser3/src/classes/math.C 2013/07/18 14:29:49 1.66 +++ parser3/src/classes/math.C 2016/11/01 23:10:40 1.83 @@ -1,7 +1,7 @@ /** @file Parser: @b math parser class. - Copyright (c) 2001-2012 Art. Lebedev Studio (http://www.artlebedev.com) + Copyright (c) 2001-2015 Art. Lebedev Studio (http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) portions from gen_uuid.c, @@ -12,22 +12,17 @@ #include "pa_common.h" #include "pa_vint.h" #include "pa_vmath.h" +#include "pa_vfile.h" #include "pa_request.h" #include "pa_md5.h" #include "pa_sha2.h" #include "pa_random.h" -#ifdef WIN32 -# define _WIN32_WINNT 0x400 -# include -# include -#endif - #ifdef HAVE_CRYPT -extern char *crypt(const char* , const char* ); +extern "C" char *crypt(const char* , const char* ); #endif -volatile const char * IDENT_MATH_C="$Id: math.C,v 1.66 2013/07/18 14:29:49 moko Exp $"; +volatile const char * IDENT_MATH_C="$Id: math.C,v 1.83 2016/11/01 23:10:40 moko Exp $"; // defines @@ -36,16 +31,16 @@ volatile const char * IDENT_MATH_C="$Id: // class class MMath: public Methoded { -public: - MMath(); - public: // Methoded bool used_directly() { return false; } + +public: + MMath(); }; // global variables -DECLARE_CLASS_VAR(math, 0 /*fictive*/, new MMath); +DECLARE_CLASS_VAR(math, new MMath); // methods @@ -56,7 +51,7 @@ static void _random(Request& r, MethodPa 0, "top(%g) must be [1..%u]", top, MAX_UINT); - r.write_no_lang(*new VInt(_random(uint(top)))); + r.write(*new VInt(_random(uint(top)))); } @@ -68,27 +63,38 @@ static double radians(double param) { re static void math1(Request& r, MethodParams& params, math1_func_ptr func) { double param=params.as_double(0, "parameter must be expression", r); double result=func(param); - r.write_no_lang(*new VDouble(result)); + r.write(*new VDouble(result)); } #define MATH1(name) \ static void _##name(Request& r, MethodParams& params) {\ math1(r, params, &name);\ } + #define MATH1P(name_parser, name_c) \ static void _##name_parser(Request& r, MethodParams& params) {\ math1(r, params, &name_c);\ } -MATH1(round); MATH1(floor); MATH1P(ceiling, ceil); -MATH1(trunc); MATH1(frac); -MATH1P(abs, fabs); MATH1(sign); -MATH1(exp); -MATH1(log); MATH1(log10); -MATH1(sin); MATH1(asin); -MATH1(cos); MATH1(acos); -MATH1(tan); MATH1(atan); -MATH1(degrees); MATH1(radians); -MATH1(sqrt); + +MATH1(round) +MATH1(floor) +MATH1P(ceiling, ceil) +MATH1(trunc) +MATH1(frac) +MATH1P(abs, fabs) +MATH1(sign) +MATH1(exp) +MATH1(log) +MATH1(log10) +MATH1(sin) +MATH1(asin) +MATH1(cos) +MATH1(acos) +MATH1(tan) +MATH1(atan) +MATH1(degrees) +MATH1(radians) +MATH1(sqrt) typedef double (*math2_func_ptr)(double, double); @@ -96,18 +102,20 @@ static void math2(Request& r, MethodPara double a=params.as_double(0, "parameter must be expression", r); double b=params.as_double(1, "parameter must be expression", r); double result=func(a, b); - r.write_no_lang(*new VDouble(result)); + r.write(*new VDouble(result)); } #define MATH2(name) \ static void _##name(Request& r, MethodParams& params) {\ math2(r, params, &name);\ } -MATH2(pow); -inline bool is_salt_body_char(int c) { - return isalnum(c) || c == '.' || c=='/'; +MATH2(pow) + +inline bool is_salt_body_char(unsigned char c) { + return pa_isalnum(c) || c == '.' || c=='/'; } + static size_t calc_prefix_size(const char* salt) { if(strlen(salt)) { if(!is_salt_body_char((unsigned char)salt[0])) { // $... {... @@ -148,7 +156,7 @@ static void _crypt(Request& r, MethodPar pa_MD5Encode((const unsigned char *)password, (const unsigned char *)normal_salt, sample_buf, sample_size); String sample(sample_buf); - r.write_pass_lang(sample); + r.write(sample); } else { #ifdef HAVE_CRYPT const char* static_sample_buf=crypt(password, normal_salt); @@ -159,7 +167,7 @@ static void _crypt(Request& r, MethodPar 0, "crypt on this platform does not support '%.*s' salt prefix", prefix_size, normal_salt); - r.write_pass_lang(String(pa_strdup(static_sample_buf))); + r.write(String(pa_strdup(static_sample_buf))); #else throw Exception(PARSER_RUNTIME, 0, @@ -169,7 +177,7 @@ static void _crypt(Request& r, MethodPar } static void _md5(Request& r, MethodParams& params) { - const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); + const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets).cstr(); PA_MD5_CTX context; unsigned char digest[16]; @@ -177,7 +185,7 @@ static void _md5(Request& r, MethodParam pa_MD5Update(&context, (const unsigned char*)string, strlen(string)); pa_MD5Final(digest, &context); - r.write_pass_lang(*new String(hex_string(digest, sizeof(digest), false))); + r.write(*new String(hex_string(digest, sizeof(digest), false))); } @@ -321,7 +329,7 @@ void SHA1ReadDigest(void *buf, SHA1Conte } static void _sha1(Request& r, MethodParams& params) { - const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); + const char *string = params.as_string(0, PARAMETER_MUST_BE_STRING).cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets).cstr(); SHA1Context c; unsigned char digest[20]; @@ -329,7 +337,7 @@ static void _sha1(Request& r, MethodPara SHA1Input (&c, (const unsigned char*)string, strlen(string)); SHA1ReadDigest(digest, &c); - r.write_pass_lang(*new String(hex_string(digest, sizeof(digest), false))); + r.write(*new String(hex_string(digest, sizeof(digest), false))); } void memxor(char *dest, const char *src, size_t n){ @@ -356,7 +364,7 @@ void memxor(char *dest, const char *src, memxor (block, key, keylen); \ init(&c); \ update(&c, (const unsigned char*)block, blocklen); \ - update(&c, (const unsigned char*)string, strlen(string)); \ + update(&c, (const unsigned char*)data.str, data.length); \ final(tempdigest, &c); \ /* Compute result from KEY and TEMP. */ \ memset (block, OPAD, blocklen); \ @@ -368,7 +376,17 @@ void memxor(char *dest, const char *src, static void _digest(Request& r, MethodParams& params) { const String &smethod = params.as_string(0, PARAMETER_MUST_BE_STRING); - const char *string = params.as_string(1, PARAMETER_MUST_BE_STRING).cstr(); + + Value& vdata=params.as_no_junction(1, "parameter must be string or file"); + + String::C data; + if(const String* sdata=vdata.get_string()){ + String::Body body=sdata->cstr_to_string_body_untaint(String::L_AS_IS, r.connection(false), &r.charsets); // explode content, honor tainting changes + data=String::C(body.cstr(), body.length()); + } else { + VFile *file=vdata.as_vfile(String::L_AS_IS); + data=String::C(file->value_ptr(),file->value_size()); + } enum Method { M_MD5, M_SHA1, M_SHA256, M_SHA512 } method; @@ -407,7 +425,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, pa_MD5Init, pa_MD5Update, pa_MD5Final, 64, 16); } else { pa_MD5Init(&c); - pa_MD5Update(&c, (const unsigned char*)string, strlen(string)); + pa_MD5Update(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(16); pa_MD5Final((unsigned char *)str, &c); @@ -420,7 +438,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, SHA1Reset, SHA1Input, SHA1ReadDigest, 64, 20); } else { SHA1Reset(&c); - SHA1Input(&c, (const unsigned char*)string, strlen(string)); + SHA1Input(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(20); SHA1ReadDigest(str, &c); @@ -433,7 +451,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, pa_SHA256_Init, pa_SHA256_Update, pa_SHA256_Final, 64, SHA256_DIGEST_LENGTH); } else { pa_SHA256_Init(&c); - pa_SHA256_Update(&c, (const unsigned char*)string, strlen(string)); + pa_SHA256_Update(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(SHA256_DIGEST_LENGTH); pa_SHA256_Final((unsigned char *)str, &c); @@ -446,7 +464,7 @@ static void _digest(Request& r, MethodPa HMAC(hmac, pa_SHA512_Init, pa_SHA512_Update, pa_SHA512_Final, 128, SHA512_DIGEST_LENGTH); } else { pa_SHA512_Init(&c); - pa_SHA512_Update(&c, (const unsigned char*)string, strlen(string)); + pa_SHA512_Update(&c, (const unsigned char*)data.str, data.length); } char *str=(char *)pa_malloc(SHA512_DIGEST_LENGTH); pa_SHA512_Final((unsigned char *)str, &c); @@ -454,45 +472,32 @@ static void _digest(Request& r, MethodPa } if(format == F_HEX){ - r.write_pass_lang(*new String(hex_string((unsigned char *)digest.str, digest.length, false))); + r.write(*new String(hex_string((unsigned char *)digest.str, digest.length, false))); } if(format == F_BASE64){ - r.write_pass_lang(*new String(pa_base64_encode(digest.str, digest.length))); + r.write(*new String(pa_base64_encode(digest.str, digest.length))); } } static void _uuid(Request& r, MethodParams& /*params*/) { - uuid uuid=get_uuid(); - - const size_t bufsize=36+1/*zero-teminator*/+1/*for faulty snprintfs*/; - char* cstr=new(PointerFreeGC) char[bufsize]; - - snprintf(cstr, bufsize, - "%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X", - uuid.time_low, uuid.time_mid, uuid.time_hi_and_version, - uuid.clock_seq >> 8, uuid.clock_seq & 0xFF, - uuid.node[0], uuid.node[1], uuid.node[2], - uuid.node[3], uuid.node[4], uuid.node[5]); - - r.write_pass_lang(*new String(cstr)); + r.write(*new String(get_uuid_cstr())); } static void _uid64(Request& r, MethodParams& /*params*/) { - unsigned char id[64/8]; random(&id, sizeof(id)); - r.write_pass_lang(*new String(hex_string(id, sizeof(id), true))); + r.write(*new String(hex_string(id, sizeof(id), true))); } static void _crc32(Request& r, MethodParams& params) { const char *string=params.as_string(0, PARAMETER_MUST_BE_STRING).cstr(); - r.write_no_lang(*new VInt(pa_crc32(string, strlen(string)))); + r.write(*new VInt(pa_crc32(string, strlen(string)))); } -static void toBase(unsigned int value, unsigned int base, char*& ptr){ +static void toBase(unsigned long long int value, unsigned int base, char*& ptr){ static const char* hex="0123456789ABCDEF"; - int rest = value % base; + unsigned int rest = (unsigned int)(value % base); if(value >= base) toBase( (value-rest)/base, base, ptr); *ptr++=(char)hex[rest]; @@ -523,16 +528,16 @@ static void _convert(Request& r, MethodP str++; } - unsigned int value=pa_atoui(str, base_from); + unsigned long long int value=pa_atoul(str, base_from); - char result_cstr[sizeof(unsigned int)*8+1/*minus for negative number*/+1/*terminator*/]; + char result_cstr[sizeof(unsigned long long int)*8+1/*minus for negative number*/+1/*terminator*/]; char* ptr=result_cstr; if(negative) *ptr++='-'; toBase(value, base_to, ptr); *ptr=0; - r.write_pass_lang(*new String(pa_strdup(result_cstr))); + r.write(*new String(pa_strdup(result_cstr))); } // constructor @@ -569,7 +574,7 @@ MMath::MMath(): Methoded("math") { // ^math:sha1[string] ADD1(sha1); - // ^math:digest[method;string;options] + // ^math:digest[method;string|file;options] add_native_method("digest", Method::CT_STATIC, _digest, 2, 3); // ^math:crc32[string]