1 /*
2 * Copyright (c) 2007 Denys Vlasenko <vda.linux@googlemail.com>
3 *
4 * Licensed under GPLv2, see file LICENSE in this source tree.
5 */
6
7 /*
8 * This program is a CGI application. It outputs directory index page.
9 * Put it into cgi-bin/index.cgi and chmod 0755.
10 */
11
12 /* Build a-la
13 i486-linux-uclibc-gcc \
14 -static -static-libgcc \
15 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 \
16 -Wall -Wshadow -Wwrite-strings -Wundef -Wstrict-prototypes -Werror \
17 -Wold-style-definition -Wdeclaration-after-statement -Wno-pointer-sign \
18 -Wmissing-prototypes -Wmissing-declarations \
19 -Os -fno-builtin-strlen -finline-limit=0 -fomit-frame-pointer \
20 -ffunction-sections -fdata-sections -fno-guess-branch-probability \
21 -funsigned-char \
22 -falign-functions=1 -falign-jumps=1 -falign-labels=1 -falign-loops=1 \
23 -march=i386 -mpreferred-stack-boundary=2 \
24 -Wl,-Map -Wl,link.map -Wl,--warn-common -Wl,--sort-common -Wl,--gc-sections \
25 httpd_indexcgi.c -o index.cgi
26 */
27
28 /* We don't use printf, as it pulls in >12 kb of code from uclibc (i386). */
29 /* Currently malloc machinery is the biggest part of libc we pull in. */
30 /* We have only one realloc and one strdup, any idea how to do without? */
31
32 /* Size (i386, static uclibc, approximate):
33 * text data bss dec hex filename
34 * 13036 44 3052 16132 3f04 index.cgi
35 * 2576 4 2048 4628 1214 index.cgi.o
36 */
37
38 #define _GNU_SOURCE 1 /* for strchrnul */
39 #include <sys/types.h>
40 #include <sys/stat.h>
41 #include <errno.h>
42 #include <stdint.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <unistd.h>
46 #include <stdio.h>
47 #include <dirent.h>
48 #include <time.h>
49
50 /* Appearance of the table is controlled by style sheet *ONLY*,
51 * formatting code uses <TAG class=CLASS> to apply style
52 * to elements. Edit stylesheet to your liking and recompile. */
53
54 #define STYLE_STR \
55 "<style>" "\n"\
56 "table {" "\n"\
57 "width:100%;" "\n"\
58 "background-color:#fff5ee;" "\n"\
59 "border-width:1px;" /* 1px 1px 1px 1px; */ "\n"\
60 "border-spacing:2px;" "\n"\
61 "border-style:solid;" /* solid solid solid solid; */ "\n"\
62 "border-color:black;" /* black black black black; */ "\n"\
63 "border-collapse:collapse;" "\n"\
64 "}" "\n"\
65 "th {" "\n"\
66 "border-width:1px;" /* 1px 1px 1px 1px; */ "\n"\
67 "padding:1px;" /* 1px 1px 1px 1px; */ "\n"\
68 "border-style:solid;" /* solid solid solid solid; */ "\n"\
69 "border-color:black;" /* black black black black; */ "\n"\
70 "}" "\n"\
71 "td {" "\n"\
72 /* top right bottom left */ \
73 "border-width:0px 1px 0px 1px;" "\n"\
74 "padding:1px;" /* 1px 1px 1px 1px; */ "\n"\
75 "border-style:solid;" /* solid solid solid solid; */ "\n"\
76 "border-color:black;" /* black black black black; */ "\n"\
77 "white-space:nowrap;" "\n"\
78 "}" "\n"\
79 "tr.hdr { background-color:#eee5de; }" "\n"\
80 "tr.o { background-color:#ffffff; }" "\n"\
81 /* tr.e { ... } - for even rows (currently none) */ \
82 "tr.foot { background-color:#eee5de; }" "\n"\
83 "th.cnt { text-align:left; }" "\n"\
84 "th.sz { text-align:right; }" "\n"\
85 "th.dt { text-align:right; }" "\n"\
86 "td.sz { text-align:right; }" "\n"\
87 "td.dt { text-align:right; }" "\n"\
88 "col.nm { width:98%; }" "\n"\
89 "col.sz { width:1%; }" "\n"\
90 "col.dt { width:1%; }" "\n"\
91 "</style>" "\n"\
92
93 typedef struct dir_list_t {
94 char *dl_name;
95 mode_t dl_mode;
96 off_t dl_size;
97 time_t dl_mtime;
98 } dir_list_t;
99
compare_dl(dir_list_t * a,dir_list_t * b)100 static int compare_dl(dir_list_t *a, dir_list_t *b)
101 {
102 /* ".." is 'less than' any other dir entry */
103 if (strcmp(a->dl_name, "..") == 0) {
104 return -1;
105 }
106 if (strcmp(b->dl_name, "..") == 0) {
107 return 1;
108 }
109 if (S_ISDIR(a->dl_mode) != S_ISDIR(b->dl_mode)) {
110 /* 1 if b is a dir (and thus a is 'after' b, a > b),
111 * else -1 (a < b) */
112 return (S_ISDIR(b->dl_mode) != 0) ? 1 : -1;
113 }
114 return strcmp(a->dl_name, b->dl_name);
115 }
116
117 static char buffer[2*1024 > sizeof(STYLE_STR) ? 2*1024 : sizeof(STYLE_STR)];
118 static char *dst = buffer;
119 enum {
120 BUFFER_SIZE = sizeof(buffer),
121 HEADROOM = 64,
122 };
123
124 /* After this call, you have at least size + HEADROOM bytes available
125 * ahead of dst */
guarantee(int size)126 static void guarantee(int size)
127 {
128 if (buffer + (BUFFER_SIZE-HEADROOM) - dst >= size)
129 return;
130 write(STDOUT_FILENO, buffer, dst - buffer);
131 dst = buffer;
132 }
133
134 /* NB: formatters do not store terminating NUL! */
135
136 /* HEADROOM bytes are available after dst after this call */
fmt_str(const char * src)137 static void fmt_str(/*char *dst,*/ const char *src)
138 {
139 unsigned len = strlen(src);
140 guarantee(len);
141 memcpy(dst, src, len);
142 dst += len;
143 }
144
145 /* HEADROOM bytes after dst are available after this call */
fmt_url(const char * name)146 static void fmt_url(/*char *dst,*/ const char *name)
147 {
148 while (*name) {
149 unsigned c = *name++;
150 guarantee(3);
151 *dst = c;
152 if ((c - '0') > 9 /* not a digit */
153 && ((c|0x20) - 'a') > ('z' - 'a') /* not A-Z or a-z */
154 && !strchr("._-+@", c)
155 ) {
156 *dst++ = '%';
157 *dst++ = "0123456789ABCDEF"[c >> 4];
158 *dst = "0123456789ABCDEF"[c & 0xf];
159 }
160 dst++;
161 }
162 }
163
164 /* HEADROOM bytes are available after dst after this call */
fmt_html(const char * name)165 static void fmt_html(/*char *dst,*/ const char *name)
166 {
167 while (*name) {
168 char c = *name++;
169 if (c == '<')
170 fmt_str("<");
171 else if (c == '>')
172 fmt_str(">");
173 else if (c == '&') {
174 fmt_str("&");
175 } else {
176 guarantee(1);
177 *dst++ = c;
178 continue;
179 }
180 }
181 }
182
183 /* HEADROOM bytes are available after dst after this call */
fmt_ull(unsigned long long n)184 static void fmt_ull(/*char *dst,*/ unsigned long long n)
185 {
186 char buf[sizeof(n)*3 + 2];
187 char *p;
188
189 p = buf + sizeof(buf) - 1;
190 *p = '\0';
191 do {
192 *--p = (n % 10) + '0';
193 n /= 10;
194 } while (n);
195 fmt_str(/*dst,*/ p);
196 }
197
198 /* Does not call guarantee - eats into headroom instead */
fmt_02u(unsigned n)199 static void fmt_02u(/*char *dst,*/ unsigned n)
200 {
201 /* n %= 100; - not needed, callers don't pass big n */
202 dst[0] = (n / 10) + '0';
203 dst[1] = (n % 10) + '0';
204 dst += 2;
205 }
206
207 /* Does not call guarantee - eats into headroom instead */
fmt_04u(unsigned n)208 static void fmt_04u(/*char *dst,*/ unsigned n)
209 {
210 /* n %= 10000; - not needed, callers don't pass big n */
211 fmt_02u(n / 100);
212 fmt_02u(n % 100);
213 }
214
main(int argc,char * argv[])215 int main(int argc, char *argv[])
216 {
217 dir_list_t *dir_list;
218 dir_list_t *cdir;
219 unsigned dir_list_count;
220 unsigned count_dirs;
221 unsigned count_files;
222 unsigned long long size_total;
223 int odd;
224 DIR *dirp;
225 char *location;
226
227 location = getenv("REQUEST_URI");
228 if (!location)
229 return 1;
230
231 /* drop URL arguments if any */
232 strchrnul(location, '?')[0] = '\0';
233
234 if (location[0] != '/'
235 || strstr(location, "//")
236 || strstr(location, "/../")
237 || strcmp(strrchr(location, '/'), "/..") == 0
238 ) {
239 return 1;
240 }
241
242 if (chdir("..")
243 || (location[1] && chdir(location + 1))
244 ) {
245 return 1;
246 }
247
248 dirp = opendir(".");
249 if (!dirp)
250 return 1;
251 dir_list = NULL;
252 dir_list_count = 0;
253 while (1) {
254 struct dirent *dp;
255 struct stat sb;
256
257 dp = readdir(dirp);
258 if (!dp)
259 break;
260 if (dp->d_name[0] == '.' && !dp->d_name[1])
261 continue;
262 if (stat(dp->d_name, &sb) != 0)
263 continue;
264 dir_list = realloc(dir_list, (dir_list_count + 1) * sizeof(dir_list[0]));
265 dir_list[dir_list_count].dl_name = strdup(dp->d_name);
266 dir_list[dir_list_count].dl_mode = sb.st_mode;
267 dir_list[dir_list_count].dl_size = sb.st_size;
268 dir_list[dir_list_count].dl_mtime = sb.st_mtime;
269 dir_list_count++;
270 }
271 closedir(dirp);
272
273 qsort(dir_list, dir_list_count, sizeof(dir_list[0]), (void*)compare_dl);
274
275 fmt_str(
276 "" /* Additional headers (currently none) */
277 "\r\n" /* Mandatory empty line after headers */
278 "<html><head><title>Index of ");
279 /* Guard against directories with &, > etc */
280 fmt_html(location);
281 fmt_str(
282 "</title>\n"
283 STYLE_STR
284 "</head>" "\n"
285 "<body>" "\n"
286 "<h1>Index of ");
287 fmt_html(location);
288 fmt_str(
289 "</h1>" "\n"
290 "<table>" "\n"
291 "<col class=nm><col class=sz><col class=dt>" "\n"
292 "<tr class=hdr><th class=cnt>Name<th class=sz>Size<th class=dt>Last modified" "\n");
293
294 odd = 0;
295 count_dirs = 0;
296 count_files = 0;
297 size_total = 0;
298 cdir = dir_list;
299 while (dir_list_count--) {
300 struct tm *ptm;
301
302 if (S_ISDIR(cdir->dl_mode)) {
303 count_dirs++;
304 } else if (S_ISREG(cdir->dl_mode)) {
305 count_files++;
306 size_total += cdir->dl_size;
307 } else
308 goto next;
309
310 fmt_str("<tr class=");
311 *dst++ = (odd ? 'o' : 'e');
312 fmt_str("><td class=nm><a href='");
313 fmt_url(cdir->dl_name); /* %20 etc */
314 if (S_ISDIR(cdir->dl_mode))
315 *dst++ = '/';
316 fmt_str("'>");
317 fmt_html(cdir->dl_name); /* < etc */
318 if (S_ISDIR(cdir->dl_mode))
319 *dst++ = '/';
320 fmt_str("</a><td class=sz>");
321 if (S_ISREG(cdir->dl_mode))
322 fmt_ull(cdir->dl_size);
323 fmt_str("<td class=dt>");
324 ptm = gmtime(&cdir->dl_mtime);
325 fmt_04u(1900 + ptm->tm_year); *dst++ = '-';
326 fmt_02u(ptm->tm_mon + 1); *dst++ = '-';
327 fmt_02u(ptm->tm_mday); *dst++ = ' ';
328 fmt_02u(ptm->tm_hour); *dst++ = ':';
329 fmt_02u(ptm->tm_min); *dst++ = ':';
330 fmt_02u(ptm->tm_sec);
331 *dst++ = '\n';
332
333 odd = 1 - odd;
334 next:
335 cdir++;
336 }
337
338 fmt_str("<tr class=foot><th class=cnt>Files: ");
339 fmt_ull(count_files);
340 /* count_dirs - 1: we don't want to count ".." */
341 fmt_str(", directories: ");
342 fmt_ull(count_dirs - 1);
343 fmt_str("<th class=sz>");
344 fmt_ull(size_total);
345 fmt_str("<th class=dt>\n");
346 /* "</table></body></html>" - why bother? */
347 guarantee(BUFFER_SIZE * 2); /* flush */
348
349 return 0;
350 }
351