1 /*
2 * Copyright (c) 2020 Omar Polo <op@omarpolo.com>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include "gmid.h"
18
19 #include <ctype.h>
20 #include <string.h>
21
22 static inline int
unreserved(int p)23 unreserved(int p)
24 {
25 return isalnum(p)
26 || p == '-'
27 || p == '.'
28 || p == '_'
29 || p == '~';
30 }
31
32 static inline int
sub_delimiters(int p)33 sub_delimiters(int p)
34 {
35 return p == '!'
36 || p == '$'
37 || p == '&'
38 || p == '\''
39 || p == '('
40 || p == ')'
41 || p == '*'
42 || p == '+'
43 || p == ','
44 || p == ';'
45 || p == '=';
46 }
47
48 static int
valid_pct_enc_string(char * s)49 valid_pct_enc_string(char *s)
50 {
51 if (*s != '%')
52 return 1;
53
54 if (!isxdigit(s[1]) || !isxdigit(s[2]))
55 return 0;
56
57 if (s[1] == '0' && s[2] == '0')
58 return 0;
59
60 return 1;
61 }
62
63 static int
valid_pct_encoded(struct parser * p)64 valid_pct_encoded(struct parser *p)
65 {
66 if (p->iri[0] != '%')
67 return 0;
68
69 if (!valid_pct_enc_string(p->iri)) {
70 p->err = "illegal percent-encoding";
71 return 0;
72 }
73
74 p->iri += 2;
75 return 1;
76 }
77
78 static void
pct_decode(char * s)79 pct_decode(char *s)
80 {
81 sscanf(s+1, "%2hhx", s);
82 memmove(s+1, s+3, strlen(s+3)+1);
83 }
84
85 static int
parse_pct_encoded(struct parser * p)86 parse_pct_encoded(struct parser *p)
87 {
88 if (p->iri[0] != '%')
89 return 0;
90
91 if (!valid_pct_enc_string(p->iri)) {
92 p->err = "illegal percent-encoding";
93 return 0;
94 }
95
96 pct_decode(p->iri);
97 if (*p->iri == '\0') {
98 p->err = "illegal percent-encoding";
99 return 0;
100 }
101
102 return 1;
103 }
104
105 /* ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) "://" */
106 static int
parse_scheme(struct parser * p)107 parse_scheme(struct parser *p)
108 {
109 p->parsed->schema = p->iri;
110
111 if (!isalpha(*p->iri)) {
112 p->err = "illegal character in scheme";
113 return 0;
114 }
115
116 do {
117 /*
118 * normalize the scheme (i.e. lowercase it)
119 *
120 * XXX: since we cannot have good things, tolower
121 * behaviour depends on the LC_CTYPE locale. The good
122 * news is that we're sure p->iri points to something
123 * that's in the ASCII range, so tolower can't
124 * mis-behave on some systems due to the locale.
125 */
126 *p->iri = tolower(*p->iri);
127 p->iri++;
128 } while (isalnum(*p->iri)
129 || *p->iri == '+'
130 || *p->iri == '-'
131 || *p->iri == '.');
132
133 if (*p->iri != ':') {
134 p->err = "illegal character in scheme";
135 return 0;
136 }
137
138 *p->iri = '\0';
139 if (p->iri[1] != '/' || p->iri[2] != '/') {
140 p->err = "invalid marker after scheme";
141 return 0;
142 }
143
144 p->iri += 3;
145 return 1;
146 }
147
148 /* *DIGIT */
149 static int
parse_port(struct parser * p)150 parse_port(struct parser *p)
151 {
152 uint32_t i = 0;
153
154 p->parsed->port = p->iri;
155
156 for (; isdigit(*p->iri); p->iri++) {
157 i = i * 10 + *p->iri - '0';
158 if (i > UINT16_MAX) {
159 p->err = "port number too large";
160 return 0;
161 }
162 }
163
164 if (*p->iri != '/' && *p->iri != '\0') {
165 p->err = "illegal character in port number";
166 return 0;
167 }
168
169 p->parsed->port_no = i;
170
171 if (*p->iri != '\0') {
172 *p->iri = '\0';
173 p->iri++;
174 }
175
176 return 1;
177 }
178
179 /* TODO: add support for ip-literal and ipv4addr ? */
180 /* *( unreserved / sub-delims / pct-encoded ) */
181 static int
parse_authority(struct parser * p)182 parse_authority(struct parser *p)
183 {
184 p->parsed->host = p->iri;
185
186 while (unreserved(*p->iri)
187 || sub_delimiters(*p->iri)
188 || parse_pct_encoded(p)
189 || valid_multibyte_utf8(p)) {
190 /* normalize the host name. */
191 if (*p->iri < 0x7F)
192 *p->iri = tolower(*p->iri);
193 p->iri++;
194 }
195
196 if (p->err != NULL)
197 return 0;
198
199 if (*p->iri == ':') {
200 *p->iri = '\0';
201 p->iri++;
202 return parse_port(p);
203 } else
204 p->parsed->port_no = 1965;
205
206 if (*p->iri == '/') {
207 *p->iri = '\0';
208 p->iri++;
209 return 1;
210 }
211
212 if (*p->iri == '\0')
213 return 1;
214
215 p->err = "illegal character in authority section";
216 return 0;
217 }
218
219 /*
220 * Routine for path_clean. Elide the pointed .. with the preceding
221 * element. Return 0 if it's not possible. incr is the length of
222 * the increment, 3 for ../ and 2 for ..
223 */
224 static int
path_elide_dotdot(char * path,char * i,int incr)225 path_elide_dotdot(char *path, char *i, int incr)
226 {
227 char *j;
228
229 if (i == path)
230 return 0;
231 for (j = i-2; j != path && *j != '/'; j--)
232 /* noop */ ;
233 if (*j == '/')
234 j++;
235 i += incr;
236 memmove(j, i, strlen(i)+1);
237 return 1;
238 }
239
240 /*
241 * Use an algorithm similar to the one implemented in go' path.Clean:
242 *
243 * 1. Replace multiple slashes with a single slash
244 * 2. Eliminate each . path name element
245 * 3. Eliminate each inner .. along with the non-.. element that precedes it
246 * 4. Eliminate trailing .. if possible or error (go would only discard)
247 *
248 * Unlike path.Clean, this function return the empty string if the
249 * original path is equivalent to "/".
250 */
251 static int
path_clean(char * path)252 path_clean(char *path)
253 {
254 char *i;
255
256 /* 1. replace multiple slashes with a single one */
257 for (i = path; *i; ++i) {
258 if (*i == '/' && *(i+1) == '/') {
259 memmove(i, i+1, strlen(i)); /* move also the \0 */
260 i--;
261 }
262 }
263
264 /* 2. eliminate each . path name element */
265 for (i = path; *i; ++i) {
266 if ((i == path || *i == '/') &&
267 *i != '.' && i[1] == '.' && i[2] == '/') {
268 /* move also the \0 */
269 memmove(i, i+2, strlen(i)-1);
270 i--;
271 }
272 }
273 if (!strcmp(path, ".") || !strcmp(path, "/.")) {
274 *path = '\0';
275 return 1;
276 }
277
278 /* 3. eliminate each inner .. along with the preceding non-.. */
279 for (i = strstr(path, "../"); i != NULL; i = strstr(path, "..")) {
280 /* break if we've found a trailing .. */
281 if (i[2] == '\0')
282 break;
283 if (!path_elide_dotdot(path, i, 3))
284 return 0;
285 }
286
287 /* 4. eliminate trailing ..*/
288 if ((i = strstr(path, "..")) != NULL)
289 if (!path_elide_dotdot(path, i, 2))
290 return 0;
291
292 return 1;
293 }
294
295 static int
parse_query(struct parser * p)296 parse_query(struct parser *p)
297 {
298 p->parsed->query = p->iri;
299 if (*p->iri == '\0')
300 return 1;
301
302 while (unreserved(*p->iri)
303 || sub_delimiters(*p->iri)
304 || *p->iri == '/'
305 || *p->iri == '?'
306 || *p->iri == ':'
307 || *p->iri == '@'
308 || valid_pct_encoded(p)
309 || valid_multibyte_utf8(p))
310 p->iri++;
311
312 if (p->err != NULL)
313 return 0;
314
315 if (*p->iri != '\0' && *p->iri != '#') {
316 p->err = "illegal character in query";
317 return 0;
318 }
319
320 if (*p->iri != '\0') {
321 *p->iri = '\0';
322 p->iri++;
323 }
324
325 return 1;
326 }
327
328 /* don't even bother */
329 static int
parse_fragment(struct parser * p)330 parse_fragment(struct parser *p)
331 {
332 p->parsed->fragment = p->iri;
333 return 1;
334 }
335
336 /* XXX: is it too broad? */
337 /* *(pchar / "/") */
338 static int
parse_path(struct parser * p)339 parse_path(struct parser *p)
340 {
341 char c;
342
343 /* trim initial slashes */
344 while (*p->iri == '/')
345 p->iri++;
346
347 p->parsed->path = p->iri;
348 if (*p->iri == '\0') {
349 p->parsed->query = p->parsed->fragment = p->iri;
350 return 1;
351 }
352
353 while (unreserved(*p->iri)
354 || sub_delimiters(*p->iri)
355 || *p->iri == '/'
356 || parse_pct_encoded(p)
357 || valid_multibyte_utf8(p))
358 p->iri++;
359
360 if (p->err != NULL)
361 return 0;
362
363 if (*p->iri != '\0' && *p->iri != '?' && *p->iri != '#') {
364 p->err = "illegal character in path";
365 return 0;
366 }
367
368 if (*p->iri != '\0') {
369 c = *p->iri;
370 *p->iri = '\0';
371 p->iri++;
372
373 if (c == '#') {
374 if (!parse_fragment(p))
375 return 0;
376 } else
377 if (!parse_query(p) || !parse_fragment(p))
378 return 0;
379 }
380
381 if (!path_clean(p->parsed->path)) {
382 p->err = "illegal path";
383 return 0;
384 }
385
386 return 1;
387 }
388
389 int
parse_iri(char * iri,struct iri * ret,const char ** err_ret)390 parse_iri(char *iri, struct iri *ret, const char **err_ret)
391 {
392 char *end;
393 struct parser p = {iri, ret, NULL};
394
395 bzero(ret, sizeof(*ret));
396
397 /* initialize optional stuff to the empty string */
398 end = iri + strlen(iri);
399 p.parsed->host = end;
400 p.parsed->port = end;
401 p.parsed->path = end;
402 p.parsed->query = end;
403 p.parsed->fragment = end;
404
405 if (!parse_scheme(&p) || !parse_authority(&p) || !parse_path(&p)) {
406 *err_ret = p.err;
407 return 0;
408 }
409
410 *err_ret = NULL;
411 return 1;
412 }
413
414 int
trim_req_iri(char * iri,const char ** err)415 trim_req_iri(char *iri, const char **err)
416 {
417 char *i;
418
419 if ((i = strstr(iri, "\r\n")) == NULL) {
420 *err = "missing CRLF";
421 return 0;
422 }
423 *i = '\0';
424 return 1;
425 }
426
427
428 int
serialize_iri(struct iri * i,char * buf,size_t len)429 serialize_iri(struct iri *i, char *buf, size_t len)
430 {
431 size_t l = 0;
432
433 /* in ex.c we receive empty "" strings as NULL */
434 if (i->schema == NULL || i->host == NULL) {
435 memset(buf, 0, len);
436 return 0;
437 }
438
439 strlcpy(buf, i->schema, len);
440 strlcat(buf, "://", len);
441 strlcat(buf, i->host, len);
442 strlcat(buf, "/", len);
443
444 if (i->path != NULL)
445 l = strlcat(buf, i->path, len);
446
447 if (i->query != NULL && *i->query != '\0') {
448 strlcat(buf, "?", len);
449 l = strlcat(buf, i->query, len);
450 }
451
452 return l < len;
453 }
454
455 char *
pct_decode_str(char * s)456 pct_decode_str(char *s)
457 {
458 char *t;
459
460 for (t = s; *t; ++t) {
461 if (*t == '%' && valid_pct_enc_string(t))
462 pct_decode(t);
463 }
464
465 return s;
466 }
467