--- parser3/src/classes/op.C 2010/07/05 05:54:46 1.201 +++ parser3/src/classes/op.C 2016/11/01 23:10:40 1.243 @@ -1,12 +1,10 @@ /** @file Parser: parser @b operators. - Copyright (c) 2001-2009 ArtLebedev Group (http://www.artlebedev.com) + Copyright (c) 2001-2015 Art. Lebedev Studio (http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char * const IDENT_OP_C="$Date: 2010/07/05 05:54:46 $"; - #include "classes.h" #include "pa_vmethod_frame.h" @@ -20,16 +18,11 @@ static const char * const IDENT_OP_C="$D #include "pa_vclass.h" #include "pa_charset.h" -// limits - -#define MAX_LOOPS 20000 +volatile const char * IDENT_OP_C="$Id: op.C,v 1.243 2016/11/01 23:10:40 moko Exp $"; // defines #define CASE_DEFAULT_VALUE "DEFAULT" -#define PROCESS_MAIN_OPTION_NAME "main" -#define PROCESS_FILE_OPTION_NAME "file" -#define PROCESS_LINENO_OPTION_NAME "lineno" // class @@ -64,8 +57,7 @@ static const String exception_var_name(E class Untaint_lang_name2enum: public HashString { public: Untaint_lang_name2enum() { - #define ULN(name, LANG) \ - put(String::Body(name), (value_type)(String::L_##LANG)); + #define ULN(name, LANG) put(name, (value_type)(String::L_##LANG)); ULN("clean", CLEAN); ULN("as-is", AS_IS); ULN("optimized-as-is", AS_IS|String::L_OPTIMIZE_BIT); @@ -81,6 +73,7 @@ public: ULN("optimized-html", HTML|String::L_OPTIMIZE_BIT); ULN("regex", REGEX); ULN("parser-code", PARSER_CODE); + ULN("json", JSON); #undef ULN } } untaint_lang_name2enum; @@ -93,40 +86,39 @@ static void _if(Request& r, MethodParams do { bool condition=params.as_bool(i, "condition must be expression", r); if(condition) { - r.process_write(*params.get(i+1)); + r.process_write(params[i+1]); return; } i+=2; } while (i < max_param); if(i == max_param) - r.process_write(*params.get(i)); + r.process_write(params[i]); } -static String::Language get_untaint_lang(MethodParams& params, int index){ - const String& lang_name=params.as_string(index, "lang must be string"); +String::Language get_untaint_lang(const String& lang_name){ String::Language lang=untaint_lang_name2enum.get(lang_name); if(!lang) - throw Exception(PARSER_RUNTIME, - &lang_name, - "invalid taint language"); + throw Exception(PARSER_RUNTIME, &lang_name, "invalid taint language"); return lang; } static void _untaint(Request& r, MethodParams& params) { String::Language lang; if(params.count()==1) - lang=String::L_AS_IS; // mark as simply 'as-is'. useful in html from sql + lang=String::L_AS_IS; // mark as simply 'as-is'. useful in html from sql else - lang=get_untaint_lang(params, 0); + lang=get_untaint_lang(params.as_string(0, "lang must be string")); - { - Value& vbody=params.as_junction(params.count()-1, "body must be code"); - - Temp_lang temp_lang(r, lang); // set temporarily specified ^untaint[language; - StringOrValue result=r.process(vbody); // process marking tainted with that lang - r.write_assign_lang(result); - } + Value& vbody=params.as_junction(params.count()-1, "body must be code"); + Value& result=r.process(vbody); + + if(const String* string=result.get_string()){ + String &untainted=*new String(); + string->append_to(untainted, lang); // mark all tainted to specified language + r.write(untainted); + } else + r.write(result); // this is not normal, just backward compatibility } static void _taint(Request& r, MethodParams& params) { @@ -134,16 +126,23 @@ static void _taint(Request& r, MethodPar if(params.count()==1) lang=String::L_TAINTED; // mark as simply 'tainted'. useful in table:create else - lang=get_untaint_lang(params, 0); + lang=get_untaint_lang(params.as_string(0, "lang must be string")); { Value& vbody=params.as_no_junction(params.count()-1, "body must not be code"); String result(vbody.as_string(), lang); // force result language to specified - r.write_assign_lang(result); + r.write(result); } } +static void _apply_taint(Request& r, MethodParams& params) { + String::Language lang=params.count()==1 ? String::L_AS_IS : get_untaint_lang(params.as_string(0, "lang must be string")); + const String &sbody=params.as_string(params.count()-1, "body must be string"); + String::Body result_body=sbody.cstr_to_string_body_untaint(lang, r.connection(false), &r.charsets); + r.write(*new String(result_body, String::L_AS_IS)); +} + static void _process(Request& r, MethodParams& params) { Method* main_method; @@ -153,66 +152,63 @@ static void _process(Request& r, MethodP if(maybe_target_self.get_string() || maybe_target_self.get_junction()) target_self=&r.get_method_frame()->caller()->self(); else { - target_self=&maybe_target_self; index++; + target_self=&maybe_target_self; + if(params.count()==1) + throw Exception(PARSER_RUNTIME, 0, "no body specified"); + index++; } { VStateless_class *target_class=target_self->get_class(); if(!target_class) - throw Exception(PARSER_RUNTIME, - 0, - "no target class"); + throw Exception(PARSER_RUNTIME, 0, "no target class"); - // temporary remove language change - Temp_lang temp_lang(r, String::L_PARSER_CODE); // temporary zero @main so to maybe-replace it in processed code Temp_method temp_method_main(*target_class, main_method_name, 0); - // temporary zero @auto so it wouldn't be auto-called in Request::use_buf - Temp_method temp_method_auto(*target_class, auto_method_name, 0); - - size_t options_index=index+1; - HashStringValue* options=0; - if(options_indexget(PROCESS_MAIN_OPTION_NAME)) { - valid_options++; - main_alias=&vmain_alias->as_string(); - } - if(Value* vfile_alias=options->get(PROCESS_FILE_OPTION_NAME)) { - valid_options++; - file_alias=&vfile_alias->as_string(); - } - if(Value* vline_no_alias_offset=options->get(PROCESS_LINENO_OPTION_NAME)) { - valid_options++; - line_no_alias_offset=vline_no_alias_offset->as_int(); + bool allow_class_replace=false; + + size_t options_index=index+1; + if(options_indexas_string(); + } else if(key == "file") { + valid_options++; + file_alias=&value->as_string(); + } else if(key == "lineno") { + valid_options++; + line_no_alias_offset=value->as_int(); + } else if(key == "replace") { + valid_options++; + allow_class_replace=r.process(*value).as_bool(); + } + } + + if(valid_options!=options->count()) + throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); } - - if(valid_options!=options->count()) - throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); - } - uint processe_file_no=file_alias? - r.register_file(r.absolute(*file_alias)) - : pseudo_file_no__process; + uint processe_file_no=file_alias ? r.register_file(r.absolute(*file_alias)) : pseudo_file_no__process; // process...{string} Value& vjunction=params.as_junction(index, "body must be code"); // evaluate source to process const String& source=r.process_to_string(vjunction); - r.use_buf(*target_class, - source.untaint_cstr(String::L_AS_IS, r.connection(false)), - main_alias, - processe_file_no, - line_no_alias_offset); + + Temp_class_replace class_replace(r, allow_class_replace); + + r.use_buf(*target_class, source.untaint_cstr(String::L_PARSER_CODE, r.connection(false)), main_alias, processe_file_no, line_no_alias_offset); // main_method main_method=target_class->get_method(main_method_name); @@ -220,10 +216,10 @@ static void _process(Request& r, MethodP // after restoring current-request-lang // maybe-execute @main[] if(main_method) { - // temporarily set method_frame's self to target_self - Temp_method_frame_self tmfs(*r.get_method_frame(), *target_self); - // execute! - r.execute(*main_method->parser_code); + VMethodFrame frame(*main_method, r.get_method_frame()->caller(), *target_self); + frame.empty_params(); + r.call(frame); + r.write(frame.result()); } } @@ -244,37 +240,33 @@ static void _while(Request& r, MethodPar if(delim_maybe_code){ // delimiter set bool need_delim=false; while(true) { - if(++endless_loop_count>=MAX_LOOPS) // endless loop? - throw Exception(PARSER_RUNTIME, - 0, - "endless loop detected"); + if(++endless_loop_count>=pa_loop_limit) // endless loop? + throw Exception(PARSER_RUNTIME, 0, "endless loop detected"); - if(!r.process_to_value(vcondition, false/*don't intercept string*/).as_bool()) + if(!r.process(vcondition).as_bool()) break; - StringOrValue sv_processed=r.process(body_code); + Value& sv_processed=r.process(body_code); Request::Skip lskip=r.get_skip(); r.set_skip(Request::SKIP_NOTHING); const String* s_processed=sv_processed.get_string(); if(s_processed && !s_processed->is_empty()) { // we have body if(need_delim) // need delim & iteration produced string? - r.write_pass_lang(r.process(*delim_maybe_code)); + r.write(r.process(*delim_maybe_code)); else need_delim=true; } - r.write_pass_lang(sv_processed); + r.write(sv_processed); if(lskip==Request::SKIP_BREAK) break; } } else { while(true) { - if(++endless_loop_count>=MAX_LOOPS) // endless loop? - throw Exception(PARSER_RUNTIME, - 0, - "endless loop detected"); + if(++endless_loop_count>=pa_loop_limit) // endless loop? + throw Exception(PARSER_RUNTIME, 0, "endless loop detected"); - if(!r.process_to_value(vcondition, false/*don't intercept string*/).as_bool()) + if(!r.process(vcondition).as_bool()) break; r.process_write(body_code); @@ -289,25 +281,44 @@ static void _while(Request& r, MethodPar static void _use(Request& r, MethodParams& params) { Value& vfile=params.as_no_junction(0, FILE_NAME_MUST_NOT_BE_CODE); + bool allow_class_replace=false; + + if(params.count()==2) + if(HashStringValue* options=params.as_hash(1)) { + int valid_options=0; + for(HashStringValue::Iterator i(*options); i; i.next() ){ + + String::Body key=i.key(); + Value* value=i.value(); + + if(key == "replace") { + valid_options++; + allow_class_replace=r.process(*value).as_bool(); + } + + if(valid_options!=options->count()) + throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); + } + } + + Temp_class_replace class_replace(r, allow_class_replace); + // _use could be called from the parser3 method only, so caller is always defined - r.use_file(r.main_class, vfile.as_string(), r.get_method_filename(r.get_method_frame()->caller()->junction.method)); + r.use_file(r.main_class, vfile.as_string(), r.get_method_filename(&r.get_method_frame()->caller()->method)); } static void set_skip(Request& r, Request::Skip askip) { if(!r.get_in_cycle()) - throw Exception(PARSER_RUNTIME, - 0, - "without cycle"); - + throw Exception(askip==Request::SKIP_BREAK ? "parser.break" : "parser.continue", 0, "without cycle"); r.set_skip(askip); } -static void _break(Request& r, MethodParams&) { - set_skip(r, Request::SKIP_BREAK); +static void _break(Request& r, MethodParams& params) { + if(!params.count() || params.as_bool(0, "condition must be expression", r)) set_skip(r, Request::SKIP_BREAK); } -static void _continue(Request& r, MethodParams&) { - set_skip(r, Request::SKIP_CONTINUE); +static void _continue(Request& r, MethodParams& params) { + if(!params.count() || params.as_bool(0, "condition must be expression", r)) set_skip(r, Request::SKIP_CONTINUE); } static void _for(Request& r, MethodParams& params) { @@ -319,32 +330,30 @@ static void _for(Request& r, MethodParam Value& body_code=params.as_junction(3, "body must be code"); Value* delim_maybe_code=params.count()>4?¶ms[4]:0; - if(to-from>=MAX_LOOPS) // too long loop? - throw Exception(PARSER_RUNTIME, - 0, - "endless loop detected"); + if(to-from>=pa_loop_limit) // too long loop? + throw Exception(PARSER_RUNTIME, 0, "endless loop detected"); VInt* vint=new VInt(0); VMethodFrame& caller=*r.get_method_frame()->caller(); - caller.put_element(var_name, vint, false); + r.put_element(caller, var_name, vint); if(delim_maybe_code){ // delimiter set bool need_delim=false; for(int i=from; i<=to; i++) { vint->set_int(i); - StringOrValue sv_processed=r.process(body_code); + Value& sv_processed=r.process(body_code); Request::Skip lskip=r.get_skip(); r.set_skip(Request::SKIP_NOTHING); const String* s_processed=sv_processed.get_string(); if(s_processed && !s_processed->is_empty()) { // we have body if(need_delim) // need delim & iteration produced string? - r.write_pass_lang(r.process(*delim_maybe_code)); + r.write(r.process(*delim_maybe_code)); else need_delim=true; } - r.write_pass_lang(sv_processed); + r.write(sv_processed); if(lskip==Request::SKIP_BREAK) break; @@ -365,23 +374,19 @@ static void _for(Request& r, MethodParam static void _eval(Request& r, MethodParams& params) { Value& expr=params.as_junction(0, "need expression"); // evaluate expresion - Value& value_result=r.process_to_value(expr, - false/*don't intercept string*/).as_expr_result(); + Value& value_result=r.process(expr).as_expr_result(); if(params.count()>1) { const String& fmt=params.as_string(1, "fmt must be string").trim(); if(fmt.is_empty()){ - r.write_no_lang(value_result); + r.write(value_result); } else { - r.write_no_lang(String(format(value_result.as_double(), fmt.cstrm()))); + r.write(String(format(value_result.as_double(), fmt.cstrm()))); } } else - r.write_no_lang(value_result); + r.write(value_result); } static void _connect(Request& r, MethodParams& params) { -#ifdef RESOURCES_DEBUG -struct timeval mt[2]; -#endif Value& url=params.as_no_junction(0, "url must not be code"); Value& body_code=params.as_junction(1, "body must be code"); @@ -392,27 +397,14 @@ struct timeval mt[2]; } } -#ifdef RESOURCES_DEBUG -//measure:before -gettimeofday(&mt[0],NULL); -#endif // connect SQL_Connection* connection=SQL_driver_manager->get_connection(url.as_string(), protocol2driver_and_client, r.charsets.source().NAME().cstr(), r.request_info.document_root); -#ifdef RESOURCES_DEBUG -//measure:after connect -gettimeofday(&mt[1],NULL); - -double t[2]; -for(int i=0;i<2;i++) - t[i]=mt[i].tv_sec+mt[i].tv_usec/1000000.0; - -r.sql_connect_time+=t[1]-t[0]; -#endif Temp_connection temp_connection(r, connection); + // execute body try { r.process_write(body_code); @@ -431,6 +423,7 @@ public: Request& r; const String* searching_string; double searching_double; + bool searching_bool; Value* found; Value* _default; public: @@ -440,24 +433,25 @@ public: if(asearching.is_string() || asearching.is_void()){ searching_string=&asearching.as_string(); searching_double=0; + searching_bool=false; } else { searching_string=0; searching_double=asearching.as_double(); + searching_bool=asearching.is_bool(); } } }; #endif static void _switch(Request& r, MethodParams& params) { - Switch_data* data=new Switch_data(r, r.process_to_value(params[0])); - Temp_hash_value - switch_data_setter(r.classes_conf, switch_data_name, data); + Switch_data* data=new Switch_data(r, r.process(params[0])); + Temp_hash_value, void*> switch_data_setter(&r.classes_conf, switch_data_name, data); Value& cases_code=params.as_junction(1, "switch cases must be code"); // execution of found ^case[...]{code} must be in context of ^switch[...]{code} // because of stacked WWrapper used there as wcontext - r.process(cases_code, true/*intercept_string*/); + r.process(cases_code); if(Value* selected_code=data->found? data->found: data->_default) - r.write_pass_lang(r.process(*selected_code)); + r.write(r.process(*selected_code)); } static void _case(Request& r, MethodParams& params) { @@ -482,7 +476,7 @@ static void _case(Request& r, MethodPara #endif for(int i=0; i_default=code; @@ -492,6 +486,8 @@ static void _case(Request& r, MethodPara bool matches; if(data->searching_string) matches=(*data->searching_string) == value.as_string(); + else if(data->searching_bool || value.is_bool()) + matches=(data->searching_double != 0) == value.as_bool(); else matches=data->searching_double == value.as_double(); @@ -503,22 +499,33 @@ static void _case(Request& r, MethodPara } #ifndef DOXYGEN struct Try_catch_result { - StringOrValue processed_code; + ValueRef processed_code; const String* exception_should_be_handled; Try_catch_result(): exception_should_be_handled(0) {} }; + +/// Auto-object used for temporary changing Request::skip. +class Temp_skip { + Request& frequest; + Request::Skip saved_skip; +public: + Temp_skip(Request& arequest) : frequest(arequest), saved_skip(arequest.get_skip()) { + arequest.set_skip(Request::SKIP_NOTHING); + } + ~Temp_skip() { + if(frequest.get_skip() == Request::SKIP_NOTHING) + frequest.set_skip(saved_skip); + } +}; #endif /// used by ^try and ^cache, @returns $exception.handled[string] if any template -static Try_catch_result try_catch(Request& r, - StringOrValue body_code(Request&, I), I info, - Value* catch_code, - bool could_be_handled_by_caller=false) -{ +static Try_catch_result try_catch(Request& r, Value& body_code(Request&, I), I info, Value* catch_code, bool could_be_handled_by_caller=false) { Try_catch_result result; + // minor bug: context not restored if only finally code is present, see #1062 if(!catch_code) { result.processed_code=body_code(r, info); return result; @@ -529,37 +536,33 @@ static Try_catch_result try_catch(Reques try { result.processed_code=body_code(r, info); } catch(const Exception& e) { - Request_context_saver throw_context(r); // taking snapshot of throw-context [stack trace contains error] + Request_context_saver throw_context(r); // remembering exception stack trace + Request::Exception_details details=r.get_details(e); - try_context.restore(); // restoring try-context to perform catch-code - Junction* junction=catch_code->get_junction(); - Value* method_frame=junction->method_frame; - Value* saved_exception_var_value=method_frame->get_element(exception_var_name); - VMethodFrame& frame=*junction->method_frame; - frame.put_element(exception_var_name, &details.vhash, false); + try_context.restore(); // restoring try-context for code after try and catch-code - result.processed_code=r.process(*catch_code); + { + Temp_value_element temp(r, *catch_code->get_junction()->method_frame, exception_var_name, &details.vhash); + Temp_skip temp_skip(r); + result.processed_code=r.process(*catch_code); + } - // retriving $exception.handled, restoring $exception var + // retriving $exception.handled Value* vhandled=details.vhash.hash().get(exception_handled_part_name); - frame.put_element(exception_var_name, saved_exception_var_value, false); bool bhandled=false; if(vhandled) { if(vhandled->is_string()) { // not simple $exception.handled(1/0)? - if(could_be_handled_by_caller) { // and we can possibly handle it + if(bhandled=could_be_handled_by_caller) { // and we can possibly handle it result.exception_should_be_handled=vhandled->get_string(); // considering 'recovered' and let the caller recover - return result; } - - bhandled=false; } else bhandled=vhandled->as_bool(); } - if(!bhandled) { - throw_context.restore(); // restoring throw-context [exception were not handled] + if(!bhandled){ + throw_context.restore(); // restoring exception stack trace creared by try_context.restore() rethrow; } } @@ -567,6 +570,10 @@ static Try_catch_result try_catch(Reques return result; } +static Value& process_try_body_code(Request& r, Value* body_code) { + return r.process(*body_code); +} + // cache-- // consts @@ -603,8 +610,8 @@ struct Locked_process_and_cache_put_acti -static StringOrValue process_cache_body_code(Request& r, Value* body_code) { - return StringOrValue(r.process_to_string(*body_code)); +static Value& process_cache_body_code(Request& r, Value* body_code) { + return r.process(*body_code); } /* @todo maybe network order worth spending some effort? @@ -628,10 +635,10 @@ static void locked_process_and_cache_put } else throw Exception(PARSER_RUNTIME, result.exception_should_be_handled, - "$"EXCEPTION_VAR_NAME"."EXCEPTION_HANDLED_PART_NAME" value must be " - "either boolean or string '"CACHE_EXCEPTION_HANDLED_CACHE_NAME"'"); + "$" EXCEPTION_VAR_NAME "." EXCEPTION_HANDLED_PART_NAME " value must be " + "either boolean or string '" CACHE_EXCEPTION_HANDLED_CACHE_NAME "'"); } else - info.processed_code=&result.processed_code.as_string(); + info.processed_code=&((Value &)result.processed_code).as_string(); // expiration time not spoiled by ^cache(0) or something? if(info.scope->expires > time(0)) { @@ -671,12 +678,14 @@ const String* locked_process_and_cache_p cache_delete(file_spec); return result; } + #ifndef DOXYGEN struct Cache_get_result { const String* body; bool expired; }; #endif + static Cache_get_result cache_get(Request_charsets& charsets, const String& file_spec, time_t now) { Cache_get_result result={0, false}; @@ -707,24 +716,24 @@ static time_t as_expires(Request& r, Met int index, time_t now) { time_t result; if(Value* vdate=params[index].as(VDATE_TYPE)) - result=static_cast(vdate)->get_time(); + result=(time_t)(static_cast(vdate)->get_time()); else result=now+(time_t)params.as_double(index, "lifespan must be date or number", r); return result; } + static const String& as_file_spec(Request& r, MethodParams& params, int index) { return r.absolute(params.as_string(index, "filespec must be string")); } + static void _cache(Request& r, MethodParams& params) { if(params.count()==0) { // ^cache[] -- return current expiration time Cache_scope* scope=static_cast(r.classes_conf.get(cache_data_name)); if(!scope) - throw Exception(PARSER_RUNTIME, - 0, - "expire-time get without cache"); - r.write_no_lang(*new VDate(scope->expires)); + throw Exception(PARSER_RUNTIME, 0, "expire-time get without cache"); + r.write(*new VDate((pa_time_t)scope->expires)); return; } @@ -759,8 +768,7 @@ static void _cache(Request& r, MethodPar Cache_scope scope={as_expires(r, params, 1, now), 0}; - Temp_hash_value - cache_scope_setter(r.classes_conf, cache_data_name, &scope); + Temp_hash_value, void*> cache_scope_setter(&r.classes_conf, cache_data_name, &scope); Value& body_code=params.as_junction(2, "body_code must be code"); Value* catch_code=0; if(params.count()>3) @@ -774,7 +782,7 @@ static void _cache(Request& r, MethodPar scope.body_from_disk=cached.body; // storing for user to retrive it with ^cache[] } else { // and it's not expired yet write it out - r.write_assign_lang(*cached.body); + r.write(*cached.body); // happy with it return; } @@ -786,7 +794,7 @@ static void _cache(Request& r, MethodPar const String* processed_body=locked_process_and_cache_put(r, body_code, catch_code, scope, file_spec); if(processed_body){ // write it out - r.write_assign_lang(*processed_body); + r.write(*processed_body); // happy with it return; } else { @@ -797,45 +805,49 @@ static void _cache(Request& r, MethodPar cache_delete(file_spec); } - // process without cacheing - const String& processed_body=r.process_to_string(body_code); - // write it out - r.write_assign_lang(processed_body); + // process without caching + if(catch_code){ + Try_catch_result result=try_catch(r, process_try_body_code, &body_code, catch_code); + r.write(result.processed_code); + } else { + r.write(r.process_to_string(body_code)); + } } -static StringOrValue process_try_body_code(Request& r, Value* body_code) { - return r.process(*body_code); -} static void _try_operator(Request& r, MethodParams& params) { Value& body_code=params.as_junction(0, "body_code must be code"); Value& catch_code=params.as_junction(1, "catch_code must be code"); Value* finally_code=(params.count()==3) ? ¶ms.as_junction(2, "finally_code must be code") : 0; Try_catch_result result; - StringOrValue finally_result; + try{ - result=try_catch(r, - process_try_body_code, &body_code, - &catch_code); - if(result.exception_should_be_handled) - throw Exception(PARSER_RUNTIME, - result.exception_should_be_handled, - "catch block must set $exception.handled to some boolean value, not string"); + // process try and catch code + result=try_catch(r, process_try_body_code, &body_code, &catch_code); } catch(...){ - if(finally_code) - finally_result=r.process(*finally_code); + // process finally code but ignore the result + if(finally_code){ + Temp_skip temp(r); + Value &finally_result=r.process(*finally_code); + } rethrow; } - if(finally_code) - finally_result=r.process(*finally_code); + // process finally code + if(finally_code){ + Temp_skip temp(r); + Value& finally_result=r.process(*finally_code); - // write out processed body_code or catch_code - r.write_pass_lang(result.processed_code); + // no exception in try/catch or finally, writing processed body_code or catch_code + r.write(result.processed_code); + + // write out processed finally code + r.write(finally_result); + } else { + // no exception in try/catch, writing processed body_code or catch_code + r.write(result.processed_code); + } - // write out processed finally code - if(finally_code) - r.write_pass_lang(finally_result); } static void _throw_operator(Request&, MethodParams& params) { @@ -868,7 +880,8 @@ static void _throw_operator(Request&, Me static void _sleep_operator(Request& r, MethodParams& params) { double seconds=params.as_double(0, "seconds must be double", r); - pa_sleep((int)trunc(seconds), (int)trunc(seconds*1000)); + if(seconds>0) + pa_sleep((int)trunc(seconds), (int)trunc((seconds-trunc(seconds))*1000000)); } #if defined(WIN32) && defined(_DEBUG) @@ -880,8 +893,7 @@ static void _bpt(Request&, MethodParams& // constructor -VClassMAIN::VClassMAIN(): VClass() { - set_name(*new String(MAIN_CLASS_NAME)); +VClassMAIN::VClassMAIN(): VClass(MAIN_CLASS_NAME) { #ifdef PA_BPT // ^bpt[] @@ -899,7 +911,11 @@ VClassMAIN::VClassMAIN(): VClass() { // ^taint[as-is|uri|sql|js|html|html-typo|regex|parser-code]{code} add_native_method("taint", Method::CT_ANY, _taint, 1, 2, Method::CO_WITHOUT_FRAME); - // ^process[code] + // ^apply-taint[untaint lang][string] + add_native_method("apply-taint", Method::CT_ANY, _apply_taint, 1, 2, Method::CO_WITHOUT_FRAME); + + // ^process{code} + // ^process[context]{code}[options hash] add_native_method("process", Method::CT_ANY, _process, 1, 3); // ^rem{code} @@ -908,17 +924,19 @@ VClassMAIN::VClassMAIN(): VClass() { // ^while(condition){code} add_native_method("while", Method::CT_ANY, _while, 2, 3, Method::CO_WITHOUT_FRAME); - // ^use[file] - add_native_method("use", Method::CT_ANY, _use, 1, 1); + // ^use[file[;options hash]] + add_native_method("use", Method::CT_ANY, _use, 1, 2); // ^break[] - add_native_method("break", Method::CT_ANY, _break, 0, 0, Method::CO_WITHOUT_FRAME); + // ^break(condition) + add_native_method("break", Method::CT_ANY, _break, 0, 1, Method::CO_WITHOUT_FRAME); // ^continue[] - add_native_method("continue", Method::CT_ANY, _continue, 0, 0, Method::CO_WITHOUT_FRAME); + // ^continue(condition) + add_native_method("continue", Method::CT_ANY, _continue, 0, 1, Method::CO_WITHOUT_FRAME); // ^for[i](from-number;to-number-inclusive){code}[delim] - add_native_method("for", Method::CT_ANY, _for, 3+1, 3+1+1, Method::CO_WITHOUT_WCONTEXT); + add_native_method("for", Method::CT_ANY, _for, 3+1, 3+1+1); // ^eval(expr) // ^eval(expr)[format]