1 /*
2  * ModSecurity, http://www.modsecurity.org/
3  * Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
4  *
5  * You may not use this file except in compliance with
6  * the License.  You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * If any of the files related to licensing are missing or if you have any
11  * other questions related to licensing please contact Trustwave Holdings, Inc.
12  * directly using the email address security@modsecurity.org.
13  *
14  */
15 
16 #ifndef SRC_OPERATORS_VALIDATE_DTD_H_
17 #define SRC_OPERATORS_VALIDATE_DTD_H_
18 
19 #include <stdio.h>
20 #include <stdarg.h>
21 #include <string.h>
22 #ifdef WITH_LIBXML2
23 #include <libxml/xmlschemas.h>
24 #include <libxml/xpath.h>
25 #endif
26 #include <string>
27 #include <memory>
28 #include <utility>
29 
30 #include "src/operators/operator.h"
31 
32 
33 namespace modsecurity {
34 namespace operators {
35 
36 class ValidateDTD : public Operator {
37  public:
38     /** @ingroup ModSecurity_Operator */
ValidateDTD(std::unique_ptr<RunTimeString> param)39     explicit ValidateDTD(std::unique_ptr<RunTimeString> param)
40         : Operator("ValidateDTD", std::move(param)) { }
41 #ifdef WITH_LIBXML2
~ValidateDTD()42     ~ValidateDTD() {
43         if (m_dtd != NULL) {
44             xmlFreeDtd(m_dtd);
45             m_dtd = NULL;
46         }
47     }
48 
49     bool evaluate(Transaction *transaction, const std::string  &str) override;
50     bool init(const std::string &file, std::string *error) override;
51 
52 
error_runtime(void * ctx,const char * msg,...)53     static void error_runtime(void *ctx, const char *msg, ...) {
54         Transaction *t = reinterpret_cast<Transaction *>(ctx);
55         char buf[1024];
56         std::string s;
57         va_list args;
58 
59         va_start(args, msg);
60         int len = vsnprintf(buf, sizeof(buf), msg, args);
61         va_end(args);
62 
63         if (len > 0) {
64             s = "XML Error: " + std::string(buf);
65         }
66         ms_dbg_a(t, 4, s);
67     }
68 
69 
warn_runtime(void * ctx,const char * msg,...)70     static void warn_runtime(void *ctx, const char *msg, ...) {
71         Transaction *t = reinterpret_cast<Transaction *>(ctx);
72         char buf[1024];
73         std::string s;
74         va_list args;
75 
76         va_start(args, msg);
77         int len = vsnprintf(buf, sizeof(buf), msg, args);
78         va_end(args);
79 
80         if (len > 0) {
81             s = "XML Warning: " + std::string(buf);
82         }
83         ms_dbg_a(t, 4, s);
84     }
85 
86 
null_error(void * ctx,const char * msg,...)87     static void null_error(void *ctx, const char *msg, ...) {
88     }
89 
90  private:
91     std::string m_resource;
92     xmlDtdPtr m_dtd = NULL;
93 #endif
94 };
95 
96 }  // namespace operators
97 }  // namespace modsecurity
98 
99 
100 #endif  // SRC_OPERATORS_VALIDATE_DTD_H_
101