1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at http://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22
23 /* Escape and unescape URL encoding in strings. The functions return a new
24 * allocated string or NULL if an error occurred. */
25
26 #include <ctype.h>
27
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31
32 /* Portable character check (remember EBCDIC). Do not use isalnum() because
33 its behavior is altered by the current locale.
34 See http://tools.ietf.org/html/rfc3986#section-2.3
35 */
Curl_isunreserved(unsigned char in)36 static int Curl_isunreserved(unsigned char in)
37 {
38 switch (in) {
39 case '0': case '1': case '2': case '3': case '4':
40 case '5': case '6': case '7': case '8': case '9':
41 case 'a': case 'b': case 'c': case 'd': case 'e':
42 case 'f': case 'g': case 'h': case 'i': case 'j':
43 case 'k': case 'l': case 'm': case 'n': case 'o':
44 case 'p': case 'q': case 'r': case 's': case 't':
45 case 'u': case 'v': case 'w': case 'x': case 'y': case 'z':
46 case 'A': case 'B': case 'C': case 'D': case 'E':
47 case 'F': case 'G': case 'H': case 'I': case 'J':
48 case 'K': case 'L': case 'M': case 'N': case 'O':
49 case 'P': case 'Q': case 'R': case 'S': case 'T':
50 case 'U': case 'V': case 'W': case 'X': case 'Y': case 'Z':
51 case '-': case '.': case '_': case '~':
52 return 1;
53 default:
54 break;
55 }
56 return 0;
57 }
58
uri_escape(const char * string,int inlength)59 char *uri_escape(const char *string, int inlength)
60 {
61 size_t alloc = (inlength?(size_t)inlength:strlen(string))+1;
62 char *ns;
63 char *testing_ptr = NULL;
64 unsigned char in; /* we need to treat the characters unsigned */
65 size_t newlen = alloc;
66 int strindex=0;
67 size_t length;
68
69 ns = malloc(alloc);
70 if(!ns)
71 return NULL;
72
73 length = alloc-1;
74 while(length--) {
75 in = *string;
76
77 if (Curl_isunreserved(in)) {
78 /* just copy this */
79 ns[strindex++]=in;
80 }
81 else {
82 /* encode it */
83 newlen += 2; /* the size grows with two, since this'll become a %XX */
84 if(newlen > alloc) {
85 alloc *= 2;
86 testing_ptr = realloc(ns, alloc);
87 if(!testing_ptr) {
88 free( ns );
89 return NULL;
90 }
91 else {
92 ns = testing_ptr;
93 }
94 }
95
96 snprintf(&ns[strindex], 4, "%%%02X", in);
97
98 strindex+=3;
99 }
100 string++;
101 }
102 ns[strindex]=0; /* terminate it */
103 return ns;
104 }
105
106 #define ISXDIGIT(x) (isxdigit((int) ((unsigned char)x)))
107 #define CURL_MASK_UCHAR 0xFF
108
109 /*
110 ** unsigned long to unsigned char
111 */
112
curlx_ultouc(unsigned long ulnum)113 unsigned char curlx_ultouc(unsigned long ulnum)
114 {
115 #ifdef __INTEL_COMPILER
116 # pragma warning(push)
117 # pragma warning(disable:810) /* conversion may lose significant bits */
118 #endif
119
120 return (unsigned char)(ulnum & (unsigned long) CURL_MASK_UCHAR);
121
122 #ifdef __INTEL_COMPILER
123 # pragma warning(pop)
124 #endif
125 }
126
uri_unescape(const char * string,int length)127 char *uri_unescape(const char *string, int length)
128 {
129 int alloc = (length?length:(int)strlen(string))+1;
130 char *ns = malloc(alloc);
131 unsigned char in;
132 int strindex=0;
133 unsigned long hex;
134
135 if( !ns )
136 return NULL;
137
138 while(--alloc > 0) {
139 in = *string;
140 if(('%' == in) && ISXDIGIT(string[1]) && ISXDIGIT(string[2])) {
141 /* this is two hexadecimal digits following a '%' */
142 char hexstr[3];
143 char *ptr;
144 hexstr[0] = string[1];
145 hexstr[1] = string[2];
146 hexstr[2] = 0;
147
148 hex = strtoul(hexstr, &ptr, 16);
149
150 in = curlx_ultouc(hex); /* this long is never bigger than 255 anyway */
151
152 #ifdef CURL_DOES_CONVERSIONS
153 /* escape sequences are always in ASCII so convert them on non-ASCII hosts */
154 if(!handle ||
155 (Curl_convert_from_network(handle, &in, 1) != CURLE_OK)) {
156 /* Curl_convert_from_network calls failf if unsuccessful */
157 free(ns);
158 return NULL;
159 }
160 #endif /* CURL_DOES_CONVERSIONS */
161
162 string+=2;
163 alloc-=2;
164 }
165
166 ns[strindex++] = in;
167 string++;
168 }
169 ns[strindex]=0; /* terminate it */
170
171 return ns;
172 }
173