--- parser3/src/main/untaint.C 2004/02/06 09:25:22 1.127 +++ parser3/src/main/untaint.C 2004/07/01 07:20:10 1.133 @@ -1,11 +1,11 @@ /** @file Parser: String class part: untaint mechanizm. - Copyright(c) 2001-2003 ArtLebedev Group (http://www.artlebedev.com) + Copyright(c) 2001-2004 ArtLebedev Group (http://www.artlebedev.com) Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char * const IDENT_UNTAINT_C="$Date: 2004/02/06 09:25:22 $"; +static const char * const IDENT_UNTAINT_C="$Date: 2004/07/01 07:20:10 $"; #include "pa_string.h" @@ -23,15 +23,10 @@ extern "C" { // author forgot to do that #include "ec.h" } -#define PA_SQL - -#ifdef PA_SQL #include "pa_sql_connection.h" -#endif // defines - #undef CORD_ec_append // redefining to intercept flushes and implement whitespace optimization // of all consequent white space chars leaving only first one @@ -39,7 +34,7 @@ extern "C" { // author forgot to do that { \ bool skip=false; \ if(optimize) switch(c) { \ - case ' ': case '\r': case '\n': case '\t': \ + case ' ': case '\n': case '\t': \ if(whitespace) \ skip=true; /*skipping subsequent*/ \ else \ @@ -63,7 +58,7 @@ extern "C" { // author forgot to do that char c=CORD_pos_fetch(info->pos); \ action \ } -#define _default default: CORD_ec_append(info->result, c); break +#define _default CORD_ec_append(info->result, c) #define encode(need_encode_func, prefix, otherwise) \ if(need_encode_func(c)) { \ static const char* hex="0123456789ABCDEF"; \ @@ -376,12 +371,12 @@ int cstr_to_string_body_block(char alang bool email=false; uchar c; for(const char* src=mail_ptr; (c=(uchar)*src++); ) { - //RFC + An 'encoded-word' MUST NOT appear in any portion of an 'addr-spec'. - if(to_quoted_printable && (c==',' || addr_spec_soon(src) || c == '"')) { + if(to_quoted_printable && (c==',' || c == '"' || addr_spec_soon(src-1/*position to 'c'*/))) { email=c=='<'; to_string("?="); to_quoted_printable=false; } + //RFC + An 'encoded-word' MUST NOT appear in any portion of an 'addr-spec'. if(!email && ( !to_quoted_printable && (c & 0x80) // starting quote-printable-encoding on first 8bit char || to_quoted_printable && !mail_header_char_valid_within_Qencoded(c) @@ -404,15 +399,6 @@ int cstr_to_string_body_block(char alang } else ec_append(info->result, optimize, whitespace, info->pos, fragment_length); break; - case String::L_TABLE: - // tainted, untaint language: table - escape(switch(c) { - case '\t': to_char(' '); break; - case '\n': to_char(' '); break; - _default; - }); - break; -#ifdef PA_SQL case String::L_SQL: // tainted, untaint language: sql if(info->connection) { @@ -426,7 +412,6 @@ int cstr_to_string_body_block(char alang 0, "untaint in SQL language failed - no connection specified"); break; -#endif case String::L_JS: escape(switch(c) { case '"': to_string("\\\""); break; @@ -434,17 +419,39 @@ int cstr_to_string_body_block(char alang case '\n': to_string("\\n"); break; case '\\': to_string("\\\\"); break; case '\xFF': to_string("\\\xFF"); break; - _default; + default: _default; break; }); break; case String::L_XML: + // [2] Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF] escape(switch(c) { + case '\x9': + case '\xA': + case '\xD': // this is usually removed on input + _default; + break; case '&': to_string("&"); break; case '>': to_string(">"); break; case '<': to_string("<"); break; case '"': to_string("""); break; case '\'': to_string("'"); break; - _default; + default: + if(((unsigned char)c)<0x20) { + // fixing it, so that libxml would not result + // in fatal error parsing text + // though it really violates standard. + // to indicate there were an error + // replace bad char not to it's code, + // which we can do, + // but rather to '!' to show that input were actually + // invalid. + // life: shows that MSIE can somehow garble form values + // so that they contain these chars. + to_char('!'); + } else { + _default; + } + break; }); break; case String::L_HTML: @@ -453,7 +460,7 @@ int cstr_to_string_body_block(char alang case '>': to_string(">"); break; case '<': to_string("<"); break; case '"': to_string("""); break; - _default; + default: _default; break; }); break; default: