X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fcups.git;a=blobdiff_plain;f=cgi-bin%2Fvar.c;h=fb9d051c0ba7e1e83fb4998e16b659ed478ea727;hp=8b8c026c495f8781abd1e93ea726837e1842129e;hb=eda46e3aac94d42e4199d95befe99ff83afb098f;hpb=82cc1f9ac32564e92bfbbe7a1de416f4ebcc8584 diff --git a/cgi-bin/var.c b/cgi-bin/var.c index 8b8c026c4..fb9d051c0 100644 --- a/cgi-bin/var.c +++ b/cgi-bin/var.c @@ -1,55 +1,20 @@ /* - * "$Id: var.c 7460 2008-04-16 02:19:54Z mike $" + * CGI form variable and array functions for CUPS. * - * CGI form variable and array functions for CUPS. + * Copyright © 2007-2019 by Apple Inc. + * Copyright © 1997-2005 by Easy Software Products. * - * Copyright 2007-2011 by Apple Inc. - * Copyright 1997-2005 by Easy Software Products. - * - * These coded instructions, statements, and computer programs are the - * property of Apple Inc. and are protected by Federal copyright - * law. Distribution and use rights are outlined in the file "LICENSE.txt" - * which should have been included with this file. If this file is - * file is missing or damaged, see the license at "http://www.cups.org/". - * - * Contents: - * - * cgiCheckVariables() - Check for the presence of "required" - * variables. - * cgiClearVariables() - Clear all form variables. - * cgiGetArray() - Get an element from a form array. - * cgiGetCookie() - Get a cookie value. - * cgiGetFile() - Get the file (if any) that was submitted in - * the form. - * cgiGetSize() - Get the size of a form array value. - * cgiGetVariable() - Get a CGI variable from the database. - * cgiInitialize() - Initialize the CGI variable "database". - * cgiIsPOST() - Determine whether this page was POSTed. - * cgiSetArray() - Set array element N to the specified string. - * cgiSetCookie() - Set a cookie value. - * cgiSetSize() - Set the array size. - * cgiSetVariable() - Set a CGI variable in the database. - * cgi_add_variable() - Add a form variable. - * cgi_compare_variables() - Compare two variables. - * cgi_find_variable() - Find a variable. - * cgi_initialize_cookies() - Initialize cookies. - * cgi_initialize_get() - Initialize form variables using the GET - * method. - * cgi_initialize_multipart() - Initialize variables and file using the POST - * method. - * cgi_initialize_post() - Initialize variables using the POST method. - * cgi_initialize_string() - Initialize form variables from a string. - * cgi_passwd() - Catch authentication requests and notify the - * server. - * cgi_set_sid() - Set the CUPS session ID. - * cgi_sort_variables() - Sort all form variables for faster lookup. - * cgi_unlink_file() - Remove the uploaded form. + * Licensed under Apache License v2.0. See the file "LICENSE" for more + * information. + */ + +/* + * Include necessary headers... */ /*#define DEBUG*/ #include "cgi-private.h" #include -#include /* @@ -65,10 +30,10 @@ typedef struct /**** Form variable structure ****/ { - const char *name; /* Name of variable */ + char *name; /* Name of variable */ int nvalues, /* Number of values */ avalues; /* Number of values allocated */ - const char **values; /* Value(s) of variable */ + char **values; /* Value(s) of variable */ } _cgi_var_t; @@ -149,7 +114,12 @@ cgiCheckVariables(const char *names) /* I - Variables to look for */ return (0); if (*val == '\0') + { + free((void *)val); return (0); /* Can't be blank, either! */ + } + + free((void *)val); } return (1); @@ -171,10 +141,10 @@ cgiClearVariables(void) for (v = form_vars, i = form_count; i > 0; v ++, i --) { - _cupsStrFree(v->name); + free(v->name); for (j = 0; j < v->nvalues; j ++) if (v->values[j]) - _cupsStrFree(v->values[j]); + free(v->values[j]); } form_count = 0; @@ -187,7 +157,7 @@ cgiClearVariables(void) * 'cgiGetArray()' - Get an element from a form array. */ -const char * /* O - Element value or NULL */ +char * /* O - Element value or NULL */ cgiGetArray(const char *name, /* I - Name of array variable */ int element) /* I - Element number (0 to N) */ { @@ -200,7 +170,10 @@ cgiGetArray(const char *name, /* I - Name of array variable */ if (element < 0 || element >= var->nvalues) return (NULL); - return (_cupsStrRetain(var->values[element])); + if (var->values[element] == NULL) + return (NULL); + + return (strdup(var->values[element])); } @@ -250,7 +223,7 @@ cgiGetSize(const char *name) /* I - Name of variable */ * array of values, returns the last element. */ -const char * /* O - Value of variable */ +char * /* O - Value of variable */ cgiGetVariable(const char *name) /* I - Name of variable */ { const _cgi_var_t *var; /* Returned variable */ @@ -258,15 +231,7 @@ cgiGetVariable(const char *name) /* I - Name of variable */ var = cgi_find_variable(name); -#ifdef DEBUG - if (var == NULL) - DEBUG_printf(("cgiGetVariable(\"%s\") is returning NULL...\n", name)); - else - DEBUG_printf(("cgiGetVariable(\"%s\") is returning \"%s\"...\n", name, - var->values[var->nvalues - 1])); -#endif /* DEBUG */ - - return ((var == NULL) ? NULL : _cupsStrRetain(var->values[var->nvalues - 1])); + return ((var == NULL) ? NULL : strdup(var->values[var->nvalues - 1])); } @@ -356,11 +321,18 @@ cgiInitialize(void) else fputs("DEBUG: " CUPS_SID " form variable is not present.\n", stderr); + free((void *)cups_sid_form); + cgiClearVariables(); + return (0); } else + { + free((void *)cups_sid_form); + return (1); + } } else return (0); @@ -414,10 +386,9 @@ cgiSetArray(const char *name, /* I - Name of variable */ { if (element >= var->avalues) { - const char **temp; /* Temporary pointer */ + char **temp; /* Temporary pointer */ - temp = (const char **)realloc((void *)(var->values), - sizeof(char *) * (element + 16)); + temp = (char **)realloc((void *)(var->values), sizeof(char *) * (size_t)(element + 16)); if (!temp) return; @@ -433,9 +404,9 @@ cgiSetArray(const char *name, /* I - Name of variable */ var->nvalues = element + 1; } else if (var->values[element]) - _cupsStrFree((char *)var->values[element]); + free((char *)var->values[element]); - var->values[element] = _cupsStrAlloc(value); + var->values[element] = strdup(value); } } @@ -466,9 +437,9 @@ cgiSetCookie(const char *name, /* I - Name */ printf(" expires=%s;", httpGetDateString2(expires, date, sizeof(date))); } if (secure) - puts(" secure;"); + puts(" httponly; secure;"); else - putchar('\n'); + puts(" httponly;"); } @@ -492,10 +463,9 @@ cgiSetSize(const char *name, /* I - Name of variable */ if (size >= var->avalues) { - const char **temp; /* Temporary pointer */ + char **temp; /* Temporary pointer */ - temp = (const char **)realloc((void *)(var->values), - sizeof(char *) * (size + 16)); + temp = (char **)realloc((void *)(var->values), sizeof(char *) * (size_t)(size + 16)); if (!temp) return; @@ -512,7 +482,7 @@ cgiSetSize(const char *name, /* I - Name of variable */ { for (i = size; i < var->nvalues; i ++) if (var->values[i]) - _cupsStrFree((void *)(var->values[i])); + free((void *)(var->values[i])); } var->nvalues = size; @@ -547,9 +517,9 @@ cgiSetVariable(const char *name, /* I - Name of variable */ { for (i = 0; i < var->nvalues; i ++) if (var->values[i]) - _cupsStrFree((char *)var->values[i]); + free((char *)var->values[i]); - var->values[0] = _cupsStrAlloc(value); + var->values[0] = strdup(value); var->nvalues = 1; } } @@ -570,9 +540,6 @@ cgi_add_variable(const char *name, /* I - Variable name */ if (name == NULL || value == NULL || element < 0 || element > 100000) return; - DEBUG_printf(("cgi_add_variable: Adding variable \'%s\' with value " - "\'%s\'...\n", name, value)); - if (form_count >= form_alloc) { _cgi_var_t *temp_vars; /* Temporary form pointer */ @@ -581,7 +548,7 @@ cgi_add_variable(const char *name, /* I - Variable name */ if (form_alloc == 0) temp_vars = malloc(sizeof(_cgi_var_t) * 16); else - temp_vars = realloc(form_vars, (form_alloc + 16) * sizeof(_cgi_var_t)); + temp_vars = realloc(form_vars, (size_t)(form_alloc + 16) * sizeof(_cgi_var_t)); if (!temp_vars) return; @@ -592,13 +559,13 @@ cgi_add_variable(const char *name, /* I - Variable name */ var = form_vars + form_count; - if ((var->values = calloc(element + 1, sizeof(char *))) == NULL) + if ((var->values = calloc((size_t)element + 1, sizeof(char *))) == NULL) return; - var->name = _cupsStrAlloc(name); + var->name = strdup(name); var->nvalues = element + 1; var->avalues = element + 1; - var->values[element] = _cupsStrAlloc(value); + var->values[element] = strdup(value); form_count ++; } @@ -630,9 +597,9 @@ cgi_find_variable(const char *name) /* I - Name of variable */ if (form_count < 1 || name == NULL) return (NULL); - key.name = name; + key.name = (char *)name; - return ((_cgi_var_t *)bsearch(&key, form_vars, form_count, sizeof(_cgi_var_t), + return ((_cgi_var_t *)bsearch(&key, form_vars, (size_t)form_count, sizeof(_cgi_var_t), (int (*)(const void *, const void *))cgi_compare_variables)); } @@ -655,6 +622,8 @@ cgi_initialize_cookies(void) while (*cookie) { + int skip = 0; /* Skip this cookie? */ + /* * Skip leading whitespace... */ @@ -670,9 +639,14 @@ cgi_initialize_cookies(void) for (ptr = name; *cookie && *cookie != '=';) if (ptr < (name + sizeof(name) - 1)) + { *ptr++ = *cookie++; + } else - break; + { + skip = 1; + cookie ++; + } if (*cookie != '=') break; @@ -688,26 +662,38 @@ cgi_initialize_cookies(void) { for (cookie ++, ptr = value; *cookie && *cookie != '\"';) if (ptr < (value + sizeof(value) - 1)) + { *ptr++ = *cookie++; + } else - break; + { + skip = 1; + cookie ++; + } if (*cookie == '\"') cookie ++; + else + skip = 1; } else { for (ptr = value; *cookie && *cookie != ';';) if (ptr < (value + sizeof(value) - 1)) + { *ptr++ = *cookie++; + } else - break; + { + skip = 1; + cookie ++; + } } if (*cookie == ';') cookie ++; else if (*cookie) - break; + skip = 1; *ptr = '\0'; @@ -716,7 +702,7 @@ cgi_initialize_cookies(void) * "$"... */ - if (name[0] != '$') + if (name[0] != '$' && !skip) num_cookies = cupsAddOption(name, value, num_cookies, &cookies); } } @@ -732,8 +718,6 @@ cgi_initialize_get(void) char *data; /* Pointer to form data string */ - DEBUG_puts("cgi_initialize_get: Initializing variables using GET method..."); - /* * Check to see if there is anything for us to read... */ @@ -769,11 +753,9 @@ cgi_initialize_multipart( *ptr, /* Pointer into name/filename */ *end; /* End of buffer */ int ch, /* Character from file */ - fd, /* Temporary file descriptor */ - blen; /* Length of boundary string */ - + fd; /* Temporary file descriptor */ + size_t blen; /* Length of boundary string */ - DEBUG_printf(("cgi_initialize_multipart(boundary=\"%s\")\n", boundary)); /* * Read multipart form data until we run out... @@ -835,22 +817,22 @@ cgi_initialize_multipart( while ((ch = getchar()) != EOF) { - *ptr++ = ch; + *ptr++ = (char)ch; - if ((ptr - line) >= blen && !memcmp(ptr - blen, bstring, blen)) + if ((size_t)(ptr - line) >= blen && !memcmp(ptr - blen, bstring, blen)) { ptr -= blen; break; } - if ((ptr - line - blen) >= 8192) + if ((ptr - line - (int)blen) >= 8192) { /* * Write out the first 8k of the buffer... */ write(fd, line, 8192); - memmove(line, line + 8192, ptr - line - 8192); + memmove(line, line + 8192, (size_t)(ptr - line - 8192)); ptr -= 8192; } } @@ -860,7 +842,7 @@ cgi_initialize_multipart( */ if (ptr > line) - write(fd, line, ptr - line); + write(fd, line, (size_t)(ptr - line)); close(fd); } @@ -877,9 +859,9 @@ cgi_initialize_multipart( while ((ch = getchar()) != EOF) { if (ptr < end) - *ptr++ = ch; + *ptr++ = (char)ch; - if ((ptr - line) >= blen && !memcmp(ptr - blen, bstring, blen)) + if ((size_t)(ptr - line) >= blen && !memcmp(ptr - blen, bstring, blen)) { ptr -= blen; break; @@ -902,12 +884,13 @@ cgi_initialize_multipart( if (line[0]) cgiSetArray(name, atoi(ptr) - 1, line); } - else if (cgiGetVariable(name)) + else if ((ptr = cgiGetVariable(name)) != NULL) { /* * Add another element in the array... */ + free(ptr); cgiSetArray(name, cgiGetSize(name), line); } else @@ -979,15 +962,13 @@ cgi_initialize_multipart( static int /* O - 1 if form data was read */ cgi_initialize_post(void) { - char *content_length, /* Length of input data (string) */ - *data; /* Pointer to form data string */ - int length, /* Length of input data */ - nbytes, /* Number of bytes read this read() */ - tbytes, /* Total number of bytes read */ - status; /* Return status */ - + char *content_length, /* Length of input data (string) */ + *data; /* Pointer to form data string */ + size_t length, /* Length of input data */ + tbytes; /* Total number of bytes read */ + ssize_t nbytes; /* Number of bytes read this read() */ + int status; /* Return status */ - DEBUG_puts("cgi_initialize_post: Initializing variables using POST method..."); /* * Check to see if there is anything for us to read... @@ -1001,7 +982,7 @@ cgi_initialize_post(void) * Get the length of the input stream and allocate a buffer for it... */ - length = atoi(content_length); + length = (size_t)strtol(content_length, NULL, 10); data = malloc(length + 1); if (data == NULL) @@ -1011,8 +992,8 @@ cgi_initialize_post(void) * Read the data into the buffer... */ - for (tbytes = 0; tbytes < length; tbytes += nbytes) - if ((nbytes = read(0, data + tbytes, length - tbytes)) < 0) + for (tbytes = 0; tbytes < length; tbytes += (size_t)nbytes) + if ((nbytes = read(0, data + tbytes, (size_t)(length - tbytes))) < 0) { if (errno != EAGAIN) { @@ -1064,7 +1045,8 @@ cgi_initialize_string(const char *data) /* I - Form data string */ char *s, /* Pointer to current form string */ ch, /* Temporary character */ name[255], /* Name of form variable */ - value[65536]; /* Variable value */ + value[65536], /* Variable value */ + *temp; /* Temporary pointer */ /* @@ -1126,7 +1108,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */ ch = *data - '0'; if (ch > 9) ch -= 7; - *s = ch << 4; + *s = (char)(ch << 4); data ++; ch = *data - '0'; @@ -1166,8 +1148,11 @@ cgi_initialize_string(const char *data) /* I - Form data string */ if (value[0]) cgiSetArray(name, atoi(s) - 1, value); } - else if (cgiGetVariable(name) != NULL) + else if ((temp = cgiGetVariable(name)) != NULL) + { + free(temp); cgiSetArray(name, cgiGetSize(name), value); + } else cgiSetVariable(name, value); } @@ -1216,11 +1201,11 @@ cgi_set_sid(void) { char buffer[512], /* SID data */ sid[33]; /* SID string */ - _cups_md5_state_t md5; /* MD5 state */ unsigned char sum[16]; /* MD5 sum */ const char *remote_addr, /* REMOTE_ADDR */ *server_name, /* SERVER_NAME */ *server_port; /* SERVER_PORT */ + struct timeval curtime; /* Current time */ if ((remote_addr = getenv("REMOTE_ADDR")) == NULL) @@ -1230,18 +1215,17 @@ cgi_set_sid(void) if ((server_port = getenv("SERVER_PORT")) == NULL) server_port = "SERVER_PORT"; - CUPS_SRAND(time(NULL)); + gettimeofday(&curtime, NULL); + CUPS_SRAND(curtime.tv_sec + curtime.tv_usec); snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X", remote_addr, server_name, server_port, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255); - _cupsMD5Init(&md5); - _cupsMD5Append(&md5, (unsigned char *)buffer, (int)strlen(buffer)); - _cupsMD5Finish(&md5, sum); + cupsHashData("md5", (unsigned char *)buffer, strlen(buffer), sum, sizeof(sum)); - cgiSetCookie(CUPS_SID, httpMD5String(sum, sid), "/", NULL, 0, 0); + cgiSetCookie(CUPS_SID, cupsHashString(sum, sizeof(sum), sid, sizeof(sid)), "/", NULL, 0, 0); return (cupsGetOption(CUPS_SID, num_cookies, cookies)); } @@ -1254,26 +1238,11 @@ cgi_set_sid(void) static void cgi_sort_variables(void) { -#ifdef DEBUG - int i; - - - DEBUG_puts("cgi_sort_variables: Sorting variables..."); -#endif /* DEBUG */ - if (form_count < 2) return; - qsort(form_vars, form_count, sizeof(_cgi_var_t), + qsort(form_vars, (size_t)form_count, sizeof(_cgi_var_t), (int (*)(const void *, const void *))cgi_compare_variables); - -#ifdef DEBUG - DEBUG_puts("cgi_sort_variables: Sorted variable list is:"); - for (i = 0; i < form_count; i ++) - DEBUG_printf(("cgi_sort_variables: %d: %s (%d) = \"%s\" ...\n", i, - form_vars[i].name, form_vars[i].nvalues, - form_vars[i].values[0])); -#endif /* DEBUG */ } @@ -1304,8 +1273,3 @@ cgi_unlink_file(void) form_file = NULL; } } - - -/* - * End of "$Id: var.c 7460 2008-04-16 02:19:54Z mike $". - */