1 /** 2 * uri.c: set of generic URI related routines 3 * 4 * Reference: RFCs 3986, 2732 and 2373 5 * 6 * Copyright (C) 1998-2003 Daniel Veillard. All Rights Reserved. 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 21 * DANIEL VEILLARD BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 22 * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 23 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 24 * 25 * Except as contained in this notice, the name of Daniel Veillard shall not 26 * be used in advertising or otherwise to promote the sale, use or other 27 * dealings in this Software without prior written authorization from him. 28 * 29 * daniel@veillard.com 30 * 31 ** 32 * 33 * Copyright (C) 2007, 2009-2010 Red Hat, Inc. 34 * 35 * This library is free software; you can redistribute it and/or 36 * modify it under the terms of the GNU Lesser General Public 37 * License as published by the Free Software Foundation; either 38 * version 2.1 of the License, or (at your option) any later version. 39 * 40 * This library is distributed in the hope that it will be useful, 41 * but WITHOUT ANY WARRANTY; without even the implied warranty of 42 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 43 * Lesser General Public License for more details. 44 * 45 * You should have received a copy of the GNU Lesser General Public 46 * License along with this library. If not, see <https://www.gnu.org/licenses/>. 47 * 48 * Authors: 49 * Richard W.M. Jones <rjones@redhat.com> 50 * 51 */ 52 53 #include "qemu/osdep.h" 54 #include "qemu/cutils.h" 55 56 #include "qemu/uri.h" 57 58 static void uri_clean(URI *uri); 59 60 /* 61 * Old rule from 2396 used in legacy handling code 62 * alpha = lowalpha | upalpha 63 */ 64 #define IS_ALPHA(x) (IS_LOWALPHA(x) || IS_UPALPHA(x)) 65 66 /* 67 * lowalpha = "a" | "b" | "c" | "d" | "e" | "f" | "g" | "h" | "i" | "j" | 68 * "k" | "l" | "m" | "n" | "o" | "p" | "q" | "r" | "s" | "t" | 69 * "u" | "v" | "w" | "x" | "y" | "z" 70 */ 71 72 #define IS_LOWALPHA(x) (((x) >= 'a') && ((x) <= 'z')) 73 74 /* 75 * upalpha = "A" | "B" | "C" | "D" | "E" | "F" | "G" | "H" | "I" | "J" | 76 * "K" | "L" | "M" | "N" | "O" | "P" | "Q" | "R" | "S" | "T" | 77 * "U" | "V" | "W" | "X" | "Y" | "Z" 78 */ 79 #define IS_UPALPHA(x) (((x) >= 'A') && ((x) <= 'Z')) 80 81 #ifdef IS_DIGIT 82 #undef IS_DIGIT 83 #endif 84 /* 85 * digit = "0" | "1" | "2" | "3" | "4" | "5" | "6" | "7" | "8" | "9" 86 */ 87 #define IS_DIGIT(x) (((x) >= '0') && ((x) <= '9')) 88 89 /* 90 * alphanum = alpha | digit 91 */ 92 93 #define IS_ALPHANUM(x) (IS_ALPHA(x) || IS_DIGIT(x)) 94 95 /* 96 * mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")" 97 */ 98 99 #define IS_MARK(x) (((x) == '-') || ((x) == '_') || ((x) == '.') || \ 100 ((x) == '!') || ((x) == '~') || ((x) == '*') || ((x) == '\'') || \ 101 ((x) == '(') || ((x) == ')')) 102 103 /* 104 * unwise = "{" | "}" | "|" | "\" | "^" | "`" 105 */ 106 107 #define IS_UNWISE(p) \ 108 (((*(p) == '{')) || ((*(p) == '}')) || ((*(p) == '|')) || \ 109 ((*(p) == '\\')) || ((*(p) == '^')) || ((*(p) == '[')) || \ 110 ((*(p) == ']')) || ((*(p) == '`'))) 111 /* 112 * reserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" | "$" | "," | 113 * "[" | "]" 114 */ 115 116 #define IS_RESERVED(x) (((x) == ';') || ((x) == '/') || ((x) == '?') || \ 117 ((x) == ':') || ((x) == '@') || ((x) == '&') || ((x) == '=') || \ 118 ((x) == '+') || ((x) == '$') || ((x) == ',') || ((x) == '[') || \ 119 ((x) == ']')) 120 121 /* 122 * unreserved = alphanum | mark 123 */ 124 125 #define IS_UNRESERVED(x) (IS_ALPHANUM(x) || IS_MARK(x)) 126 127 /* 128 * Skip to next pointer char, handle escaped sequences 129 */ 130 131 #define NEXT(p) ((*p == '%') ? p += 3 : p++) 132 133 /* 134 * Productions from the spec. 135 * 136 * authority = server | reg_name 137 * reg_name = 1*( unreserved | escaped | "$" | "," | 138 * ";" | ":" | "@" | "&" | "=" | "+" ) 139 * 140 * path = [ abs_path | opaque_part ] 141 */ 142 143 /************************************************************************ 144 * * 145 * RFC 3986 parser * 146 * * 147 ************************************************************************/ 148 149 #define ISA_DIGIT(p) ((*(p) >= '0') && (*(p) <= '9')) 150 #define ISA_ALPHA(p) (((*(p) >= 'a') && (*(p) <= 'z')) || \ 151 ((*(p) >= 'A') && (*(p) <= 'Z'))) 152 #define ISA_HEXDIG(p) \ 153 (ISA_DIGIT(p) || ((*(p) >= 'a') && (*(p) <= 'f')) || \ 154 ((*(p) >= 'A') && (*(p) <= 'F'))) 155 156 /* 157 * sub-delims = "!" / "$" / "&" / "'" / "(" / ")" 158 * / "*" / "+" / "," / ";" / "=" 159 */ 160 #define ISA_SUB_DELIM(p) \ 161 (((*(p) == '!')) || ((*(p) == '$')) || ((*(p) == '&')) || \ 162 ((*(p) == '(')) || ((*(p) == ')')) || ((*(p) == '*')) || \ 163 ((*(p) == '+')) || ((*(p) == ',')) || ((*(p) == ';')) || \ 164 ((*(p) == '=')) || ((*(p) == '\''))) 165 166 /* 167 * gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@" 168 */ 169 #define ISA_GEN_DELIM(p) \ 170 (((*(p) == ':')) || ((*(p) == '/')) || ((*(p) == '?')) || \ 171 ((*(p) == '#')) || ((*(p) == '[')) || ((*(p) == ']')) || \ 172 ((*(p) == '@'))) 173 174 /* 175 * reserved = gen-delims / sub-delims 176 */ 177 #define ISA_RESERVED(p) (ISA_GEN_DELIM(p) || (ISA_SUB_DELIM(p))) 178 179 /* 180 * unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~" 181 */ 182 #define ISA_UNRESERVED(p) \ 183 ((ISA_ALPHA(p)) || (ISA_DIGIT(p)) || ((*(p) == '-')) || \ 184 ((*(p) == '.')) || ((*(p) == '_')) || ((*(p) == '~'))) 185 186 /* 187 * pct-encoded = "%" HEXDIG HEXDIG 188 */ 189 #define ISA_PCT_ENCODED(p) \ 190 ((*(p) == '%') && (ISA_HEXDIG(p + 1)) && (ISA_HEXDIG(p + 2))) 191 192 /* 193 * pchar = unreserved / pct-encoded / sub-delims / ":" / "@" 194 */ 195 #define ISA_PCHAR(p) \ 196 (ISA_UNRESERVED(p) || ISA_PCT_ENCODED(p) || ISA_SUB_DELIM(p) || \ 197 ((*(p) == ':')) || ((*(p) == '@'))) 198 199 /** 200 * rfc3986_parse_scheme: 201 * @uri: pointer to an URI structure 202 * @str: pointer to the string to analyze 203 * 204 * Parse an URI scheme 205 * 206 * ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) 207 * 208 * Returns 0 or the error code 209 */ 210 static int rfc3986_parse_scheme(URI *uri, const char **str) 211 { 212 const char *cur; 213 214 if (str == NULL) { 215 return -1; 216 } 217 218 cur = *str; 219 if (!ISA_ALPHA(cur)) { 220 return 2; 221 } 222 cur++; 223 while (ISA_ALPHA(cur) || ISA_DIGIT(cur) || (*cur == '+') || (*cur == '-') || 224 (*cur == '.')) { 225 cur++; 226 } 227 if (uri != NULL) { 228 g_free(uri->scheme); 229 uri->scheme = g_strndup(*str, cur - *str); 230 } 231 *str = cur; 232 return 0; 233 } 234 235 /** 236 * rfc3986_parse_fragment: 237 * @uri: pointer to an URI structure 238 * @str: pointer to the string to analyze 239 * 240 * Parse the query part of an URI 241 * 242 * fragment = *( pchar / "/" / "?" ) 243 * NOTE: the strict syntax as defined by 3986 does not allow '[' and ']' 244 * in the fragment identifier but this is used very broadly for 245 * xpointer scheme selection, so we are allowing it here to not break 246 * for example all the DocBook processing chains. 247 * 248 * Returns 0 or the error code 249 */ 250 static int rfc3986_parse_fragment(URI *uri, const char **str) 251 { 252 const char *cur; 253 254 if (str == NULL) { 255 return -1; 256 } 257 258 cur = *str; 259 260 while ((ISA_PCHAR(cur)) || (*cur == '/') || (*cur == '?') || 261 (*cur == '[') || (*cur == ']') || 262 ((uri != NULL) && (uri->cleanup & 1) && (IS_UNWISE(cur)))) { 263 NEXT(cur); 264 } 265 if (uri != NULL) { 266 g_free(uri->fragment); 267 if (uri->cleanup & 2) { 268 uri->fragment = g_strndup(*str, cur - *str); 269 } else { 270 uri->fragment = uri_string_unescape(*str, cur - *str, NULL); 271 } 272 } 273 *str = cur; 274 return 0; 275 } 276 277 /** 278 * rfc3986_parse_query: 279 * @uri: pointer to an URI structure 280 * @str: pointer to the string to analyze 281 * 282 * Parse the query part of an URI 283 * 284 * query = *uric 285 * 286 * Returns 0 or the error code 287 */ 288 static int rfc3986_parse_query(URI *uri, const char **str) 289 { 290 const char *cur; 291 292 if (str == NULL) { 293 return -1; 294 } 295 296 cur = *str; 297 298 while ((ISA_PCHAR(cur)) || (*cur == '/') || (*cur == '?') || 299 ((uri != NULL) && (uri->cleanup & 1) && (IS_UNWISE(cur)))) { 300 NEXT(cur); 301 } 302 if (uri != NULL) { 303 g_free(uri->query); 304 uri->query = g_strndup(*str, cur - *str); 305 } 306 *str = cur; 307 return 0; 308 } 309 310 /** 311 * rfc3986_parse_port: 312 * @uri: pointer to an URI structure 313 * @str: the string to analyze 314 * 315 * Parse a port part and fills in the appropriate fields 316 * of the @uri structure 317 * 318 * port = *DIGIT 319 * 320 * Returns 0 or the error code 321 */ 322 static int rfc3986_parse_port(URI *uri, const char **str) 323 { 324 const char *cur = *str; 325 int port = 0; 326 327 if (ISA_DIGIT(cur)) { 328 while (ISA_DIGIT(cur)) { 329 port = port * 10 + (*cur - '0'); 330 if (port > 65535) { 331 return 1; 332 } 333 cur++; 334 } 335 if (uri) { 336 uri->port = port; 337 } 338 *str = cur; 339 return 0; 340 } 341 return 1; 342 } 343 344 /** 345 * rfc3986_parse_user_info: 346 * @uri: pointer to an URI structure 347 * @str: the string to analyze 348 * 349 * Parse a user information part and fill in the appropriate fields 350 * of the @uri structure 351 * 352 * userinfo = *( unreserved / pct-encoded / sub-delims / ":" ) 353 * 354 * Returns 0 or the error code 355 */ 356 static int rfc3986_parse_user_info(URI *uri, const char **str) 357 { 358 const char *cur; 359 360 cur = *str; 361 while (ISA_UNRESERVED(cur) || ISA_PCT_ENCODED(cur) || ISA_SUB_DELIM(cur) || 362 (*cur == ':')) { 363 NEXT(cur); 364 } 365 if (*cur == '@') { 366 if (uri != NULL) { 367 g_free(uri->user); 368 if (uri->cleanup & 2) { 369 uri->user = g_strndup(*str, cur - *str); 370 } else { 371 uri->user = uri_string_unescape(*str, cur - *str, NULL); 372 } 373 } 374 *str = cur; 375 return 0; 376 } 377 return 1; 378 } 379 380 /** 381 * rfc3986_parse_dec_octet: 382 * @str: the string to analyze 383 * 384 * dec-octet = DIGIT ; 0-9 385 * / %x31-39 DIGIT ; 10-99 386 * / "1" 2DIGIT ; 100-199 387 * / "2" %x30-34 DIGIT ; 200-249 388 * / "25" %x30-35 ; 250-255 389 * 390 * Skip a dec-octet. 391 * 392 * Returns 0 if found and skipped, 1 otherwise 393 */ 394 static int rfc3986_parse_dec_octet(const char **str) 395 { 396 const char *cur = *str; 397 398 if (!(ISA_DIGIT(cur))) { 399 return 1; 400 } 401 if (!ISA_DIGIT(cur + 1)) { 402 cur++; 403 } else if ((*cur != '0') && (ISA_DIGIT(cur + 1)) && (!ISA_DIGIT(cur + 2))) { 404 cur += 2; 405 } else if ((*cur == '1') && (ISA_DIGIT(cur + 1)) && (ISA_DIGIT(cur + 2))) { 406 cur += 3; 407 } else if ((*cur == '2') && (*(cur + 1) >= '0') && (*(cur + 1) <= '4') && 408 (ISA_DIGIT(cur + 2))) { 409 cur += 3; 410 } else if ((*cur == '2') && (*(cur + 1) == '5') && (*(cur + 2) >= '0') && 411 (*(cur + 1) <= '5')) { 412 cur += 3; 413 } else { 414 return 1; 415 } 416 *str = cur; 417 return 0; 418 } 419 /** 420 * rfc3986_parse_host: 421 * @uri: pointer to an URI structure 422 * @str: the string to analyze 423 * 424 * Parse an host part and fills in the appropriate fields 425 * of the @uri structure 426 * 427 * host = IP-literal / IPv4address / reg-name 428 * IP-literal = "[" ( IPv6address / IPvFuture ) "]" 429 * IPv4address = dec-octet "." dec-octet "." dec-octet "." dec-octet 430 * reg-name = *( unreserved / pct-encoded / sub-delims ) 431 * 432 * Returns 0 or the error code 433 */ 434 static int rfc3986_parse_host(URI *uri, const char **str) 435 { 436 const char *cur = *str; 437 const char *host; 438 439 host = cur; 440 /* 441 * IPv6 and future addressing scheme are enclosed between brackets 442 */ 443 if (*cur == '[') { 444 cur++; 445 while ((*cur != ']') && (*cur != 0)) { 446 cur++; 447 } 448 if (*cur != ']') { 449 return 1; 450 } 451 cur++; 452 goto found; 453 } 454 /* 455 * try to parse an IPv4 456 */ 457 if (ISA_DIGIT(cur)) { 458 if (rfc3986_parse_dec_octet(&cur) != 0) { 459 goto not_ipv4; 460 } 461 if (*cur != '.') { 462 goto not_ipv4; 463 } 464 cur++; 465 if (rfc3986_parse_dec_octet(&cur) != 0) { 466 goto not_ipv4; 467 } 468 if (*cur != '.') { 469 goto not_ipv4; 470 } 471 if (rfc3986_parse_dec_octet(&cur) != 0) { 472 goto not_ipv4; 473 } 474 if (*cur != '.') { 475 goto not_ipv4; 476 } 477 if (rfc3986_parse_dec_octet(&cur) != 0) { 478 goto not_ipv4; 479 } 480 goto found; 481 not_ipv4: 482 cur = *str; 483 } 484 /* 485 * then this should be a hostname which can be empty 486 */ 487 while (ISA_UNRESERVED(cur) || ISA_PCT_ENCODED(cur) || ISA_SUB_DELIM(cur)) { 488 NEXT(cur); 489 } 490 found: 491 if (uri != NULL) { 492 g_free(uri->authority); 493 uri->authority = NULL; 494 g_free(uri->server); 495 if (cur != host) { 496 if (uri->cleanup & 2) { 497 uri->server = g_strndup(host, cur - host); 498 } else { 499 uri->server = uri_string_unescape(host, cur - host, NULL); 500 } 501 } else { 502 uri->server = NULL; 503 } 504 } 505 *str = cur; 506 return 0; 507 } 508 509 /** 510 * rfc3986_parse_authority: 511 * @uri: pointer to an URI structure 512 * @str: the string to analyze 513 * 514 * Parse an authority part and fills in the appropriate fields 515 * of the @uri structure 516 * 517 * authority = [ userinfo "@" ] host [ ":" port ] 518 * 519 * Returns 0 or the error code 520 */ 521 static int rfc3986_parse_authority(URI *uri, const char **str) 522 { 523 const char *cur; 524 int ret; 525 526 cur = *str; 527 /* 528 * try to parse a userinfo and check for the trailing @ 529 */ 530 ret = rfc3986_parse_user_info(uri, &cur); 531 if ((ret != 0) || (*cur != '@')) { 532 cur = *str; 533 } else { 534 cur++; 535 } 536 ret = rfc3986_parse_host(uri, &cur); 537 if (ret != 0) { 538 return ret; 539 } 540 if (*cur == ':') { 541 cur++; 542 ret = rfc3986_parse_port(uri, &cur); 543 if (ret != 0) { 544 return ret; 545 } 546 } 547 *str = cur; 548 return 0; 549 } 550 551 /** 552 * rfc3986_parse_segment: 553 * @str: the string to analyze 554 * @forbid: an optional forbidden character 555 * @empty: allow an empty segment 556 * 557 * Parse a segment and fills in the appropriate fields 558 * of the @uri structure 559 * 560 * segment = *pchar 561 * segment-nz = 1*pchar 562 * segment-nz-nc = 1*( unreserved / pct-encoded / sub-delims / "@" ) 563 * ; non-zero-length segment without any colon ":" 564 * 565 * Returns 0 or the error code 566 */ 567 static int rfc3986_parse_segment(const char **str, char forbid, int empty) 568 { 569 const char *cur; 570 571 cur = *str; 572 if (!ISA_PCHAR(cur)) { 573 if (empty) { 574 return 0; 575 } 576 return 1; 577 } 578 while (ISA_PCHAR(cur) && (*cur != forbid)) { 579 NEXT(cur); 580 } 581 *str = cur; 582 return 0; 583 } 584 585 /** 586 * rfc3986_parse_path_ab_empty: 587 * @uri: pointer to an URI structure 588 * @str: the string to analyze 589 * 590 * Parse an path absolute or empty and fills in the appropriate fields 591 * of the @uri structure 592 * 593 * path-abempty = *( "/" segment ) 594 * 595 * Returns 0 or the error code 596 */ 597 static int rfc3986_parse_path_ab_empty(URI *uri, const char **str) 598 { 599 const char *cur; 600 int ret; 601 602 cur = *str; 603 604 while (*cur == '/') { 605 cur++; 606 ret = rfc3986_parse_segment(&cur, 0, 1); 607 if (ret != 0) { 608 return ret; 609 } 610 } 611 if (uri != NULL) { 612 g_free(uri->path); 613 if (*str != cur) { 614 if (uri->cleanup & 2) { 615 uri->path = g_strndup(*str, cur - *str); 616 } else { 617 uri->path = uri_string_unescape(*str, cur - *str, NULL); 618 } 619 } else { 620 uri->path = NULL; 621 } 622 } 623 *str = cur; 624 return 0; 625 } 626 627 /** 628 * rfc3986_parse_path_absolute: 629 * @uri: pointer to an URI structure 630 * @str: the string to analyze 631 * 632 * Parse an path absolute and fills in the appropriate fields 633 * of the @uri structure 634 * 635 * path-absolute = "/" [ segment-nz *( "/" segment ) ] 636 * 637 * Returns 0 or the error code 638 */ 639 static int rfc3986_parse_path_absolute(URI *uri, const char **str) 640 { 641 const char *cur; 642 int ret; 643 644 cur = *str; 645 646 if (*cur != '/') { 647 return 1; 648 } 649 cur++; 650 ret = rfc3986_parse_segment(&cur, 0, 0); 651 if (ret == 0) { 652 while (*cur == '/') { 653 cur++; 654 ret = rfc3986_parse_segment(&cur, 0, 1); 655 if (ret != 0) { 656 return ret; 657 } 658 } 659 } 660 if (uri != NULL) { 661 g_free(uri->path); 662 if (cur != *str) { 663 if (uri->cleanup & 2) { 664 uri->path = g_strndup(*str, cur - *str); 665 } else { 666 uri->path = uri_string_unescape(*str, cur - *str, NULL); 667 } 668 } else { 669 uri->path = NULL; 670 } 671 } 672 *str = cur; 673 return 0; 674 } 675 676 /** 677 * rfc3986_parse_path_rootless: 678 * @uri: pointer to an URI structure 679 * @str: the string to analyze 680 * 681 * Parse an path without root and fills in the appropriate fields 682 * of the @uri structure 683 * 684 * path-rootless = segment-nz *( "/" segment ) 685 * 686 * Returns 0 or the error code 687 */ 688 static int rfc3986_parse_path_rootless(URI *uri, const char **str) 689 { 690 const char *cur; 691 int ret; 692 693 cur = *str; 694 695 ret = rfc3986_parse_segment(&cur, 0, 0); 696 if (ret != 0) { 697 return ret; 698 } 699 while (*cur == '/') { 700 cur++; 701 ret = rfc3986_parse_segment(&cur, 0, 1); 702 if (ret != 0) { 703 return ret; 704 } 705 } 706 if (uri != NULL) { 707 g_free(uri->path); 708 if (cur != *str) { 709 if (uri->cleanup & 2) { 710 uri->path = g_strndup(*str, cur - *str); 711 } else { 712 uri->path = uri_string_unescape(*str, cur - *str, NULL); 713 } 714 } else { 715 uri->path = NULL; 716 } 717 } 718 *str = cur; 719 return 0; 720 } 721 722 /** 723 * rfc3986_parse_path_no_scheme: 724 * @uri: pointer to an URI structure 725 * @str: the string to analyze 726 * 727 * Parse an path which is not a scheme and fills in the appropriate fields 728 * of the @uri structure 729 * 730 * path-noscheme = segment-nz-nc *( "/" segment ) 731 * 732 * Returns 0 or the error code 733 */ 734 static int rfc3986_parse_path_no_scheme(URI *uri, const char **str) 735 { 736 const char *cur; 737 int ret; 738 739 cur = *str; 740 741 ret = rfc3986_parse_segment(&cur, ':', 0); 742 if (ret != 0) { 743 return ret; 744 } 745 while (*cur == '/') { 746 cur++; 747 ret = rfc3986_parse_segment(&cur, 0, 1); 748 if (ret != 0) { 749 return ret; 750 } 751 } 752 if (uri != NULL) { 753 g_free(uri->path); 754 if (cur != *str) { 755 if (uri->cleanup & 2) { 756 uri->path = g_strndup(*str, cur - *str); 757 } else { 758 uri->path = uri_string_unescape(*str, cur - *str, NULL); 759 } 760 } else { 761 uri->path = NULL; 762 } 763 } 764 *str = cur; 765 return 0; 766 } 767 768 /** 769 * rfc3986_parse_hier_part: 770 * @uri: pointer to an URI structure 771 * @str: the string to analyze 772 * 773 * Parse an hierarchical part and fills in the appropriate fields 774 * of the @uri structure 775 * 776 * hier-part = "//" authority path-abempty 777 * / path-absolute 778 * / path-rootless 779 * / path-empty 780 * 781 * Returns 0 or the error code 782 */ 783 static int rfc3986_parse_hier_part(URI *uri, const char **str) 784 { 785 const char *cur; 786 int ret; 787 788 cur = *str; 789 790 if ((*cur == '/') && (*(cur + 1) == '/')) { 791 cur += 2; 792 ret = rfc3986_parse_authority(uri, &cur); 793 if (ret != 0) { 794 return ret; 795 } 796 ret = rfc3986_parse_path_ab_empty(uri, &cur); 797 if (ret != 0) { 798 return ret; 799 } 800 *str = cur; 801 return 0; 802 } else if (*cur == '/') { 803 ret = rfc3986_parse_path_absolute(uri, &cur); 804 if (ret != 0) { 805 return ret; 806 } 807 } else if (ISA_PCHAR(cur)) { 808 ret = rfc3986_parse_path_rootless(uri, &cur); 809 if (ret != 0) { 810 return ret; 811 } 812 } else { 813 /* path-empty is effectively empty */ 814 if (uri != NULL) { 815 g_free(uri->path); 816 uri->path = NULL; 817 } 818 } 819 *str = cur; 820 return 0; 821 } 822 823 /** 824 * rfc3986_parse_relative_ref: 825 * @uri: pointer to an URI structure 826 * @str: the string to analyze 827 * 828 * Parse an URI string and fills in the appropriate fields 829 * of the @uri structure 830 * 831 * relative-ref = relative-part [ "?" query ] [ "#" fragment ] 832 * relative-part = "//" authority path-abempty 833 * / path-absolute 834 * / path-noscheme 835 * / path-empty 836 * 837 * Returns 0 or the error code 838 */ 839 static int rfc3986_parse_relative_ref(URI *uri, const char *str) 840 { 841 int ret; 842 843 if ((*str == '/') && (*(str + 1) == '/')) { 844 str += 2; 845 ret = rfc3986_parse_authority(uri, &str); 846 if (ret != 0) { 847 return ret; 848 } 849 ret = rfc3986_parse_path_ab_empty(uri, &str); 850 if (ret != 0) { 851 return ret; 852 } 853 } else if (*str == '/') { 854 ret = rfc3986_parse_path_absolute(uri, &str); 855 if (ret != 0) { 856 return ret; 857 } 858 } else if (ISA_PCHAR(str)) { 859 ret = rfc3986_parse_path_no_scheme(uri, &str); 860 if (ret != 0) { 861 return ret; 862 } 863 } else { 864 /* path-empty is effectively empty */ 865 if (uri != NULL) { 866 g_free(uri->path); 867 uri->path = NULL; 868 } 869 } 870 871 if (*str == '?') { 872 str++; 873 ret = rfc3986_parse_query(uri, &str); 874 if (ret != 0) { 875 return ret; 876 } 877 } 878 if (*str == '#') { 879 str++; 880 ret = rfc3986_parse_fragment(uri, &str); 881 if (ret != 0) { 882 return ret; 883 } 884 } 885 if (*str != 0) { 886 uri_clean(uri); 887 return 1; 888 } 889 return 0; 890 } 891 892 /** 893 * rfc3986_parse: 894 * @uri: pointer to an URI structure 895 * @str: the string to analyze 896 * 897 * Parse an URI string and fills in the appropriate fields 898 * of the @uri structure 899 * 900 * scheme ":" hier-part [ "?" query ] [ "#" fragment ] 901 * 902 * Returns 0 or the error code 903 */ 904 static int rfc3986_parse(URI *uri, const char *str) 905 { 906 int ret; 907 908 ret = rfc3986_parse_scheme(uri, &str); 909 if (ret != 0) { 910 return ret; 911 } 912 if (*str != ':') { 913 return 1; 914 } 915 str++; 916 ret = rfc3986_parse_hier_part(uri, &str); 917 if (ret != 0) { 918 return ret; 919 } 920 if (*str == '?') { 921 str++; 922 ret = rfc3986_parse_query(uri, &str); 923 if (ret != 0) { 924 return ret; 925 } 926 } 927 if (*str == '#') { 928 str++; 929 ret = rfc3986_parse_fragment(uri, &str); 930 if (ret != 0) { 931 return ret; 932 } 933 } 934 if (*str != 0) { 935 uri_clean(uri); 936 return 1; 937 } 938 return 0; 939 } 940 941 /** 942 * rfc3986_parse_uri_reference: 943 * @uri: pointer to an URI structure 944 * @str: the string to analyze 945 * 946 * Parse an URI reference string and fills in the appropriate fields 947 * of the @uri structure 948 * 949 * URI-reference = URI / relative-ref 950 * 951 * Returns 0 or the error code 952 */ 953 static int rfc3986_parse_uri_reference(URI *uri, const char *str) 954 { 955 int ret; 956 957 if (str == NULL) { 958 return -1; 959 } 960 uri_clean(uri); 961 962 /* 963 * Try first to parse absolute refs, then fallback to relative if 964 * it fails. 965 */ 966 ret = rfc3986_parse(uri, str); 967 if (ret != 0) { 968 uri_clean(uri); 969 ret = rfc3986_parse_relative_ref(uri, str); 970 if (ret != 0) { 971 uri_clean(uri); 972 return ret; 973 } 974 } 975 return 0; 976 } 977 978 /** 979 * uri_parse: 980 * @str: the URI string to analyze 981 * 982 * Parse an URI based on RFC 3986 983 * 984 * URI-reference = [ absoluteURI | relativeURI ] [ "#" fragment ] 985 * 986 * Returns a newly built URI or NULL in case of error 987 */ 988 URI *uri_parse(const char *str) 989 { 990 URI *uri; 991 int ret; 992 993 if (str == NULL) { 994 return NULL; 995 } 996 uri = uri_new(); 997 ret = rfc3986_parse_uri_reference(uri, str); 998 if (ret) { 999 uri_free(uri); 1000 return NULL; 1001 } 1002 return uri; 1003 } 1004 1005 /** 1006 * uri_parse_into: 1007 * @uri: pointer to an URI structure 1008 * @str: the string to analyze 1009 * 1010 * Parse an URI reference string based on RFC 3986 and fills in the 1011 * appropriate fields of the @uri structure 1012 * 1013 * URI-reference = URI / relative-ref 1014 * 1015 * Returns 0 or the error code 1016 */ 1017 int uri_parse_into(URI *uri, const char *str) 1018 { 1019 return rfc3986_parse_uri_reference(uri, str); 1020 } 1021 1022 /** 1023 * uri_parse_raw: 1024 * @str: the URI string to analyze 1025 * @raw: if 1 unescaping of URI pieces are disabled 1026 * 1027 * Parse an URI but allows to keep intact the original fragments. 1028 * 1029 * URI-reference = URI / relative-ref 1030 * 1031 * Returns a newly built URI or NULL in case of error 1032 */ 1033 URI *uri_parse_raw(const char *str, int raw) 1034 { 1035 URI *uri; 1036 int ret; 1037 1038 if (str == NULL) { 1039 return NULL; 1040 } 1041 uri = uri_new(); 1042 if (raw) { 1043 uri->cleanup |= 2; 1044 } 1045 ret = uri_parse_into(uri, str); 1046 if (ret) { 1047 uri_free(uri); 1048 return NULL; 1049 } 1050 return uri; 1051 } 1052 1053 /************************************************************************ 1054 * * 1055 * Generic URI structure functions * 1056 * * 1057 ************************************************************************/ 1058 1059 /** 1060 * uri_new: 1061 * 1062 * Simply creates an empty URI 1063 * 1064 * Returns the new structure or NULL in case of error 1065 */ 1066 URI *uri_new(void) 1067 { 1068 return g_new0(URI, 1); 1069 } 1070 1071 /** 1072 * realloc2n: 1073 * 1074 * Function to handle properly a reallocation when saving an URI 1075 * Also imposes some limit on the length of an URI string output 1076 */ 1077 static char *realloc2n(char *ret, int *max) 1078 { 1079 char *temp; 1080 int tmp; 1081 1082 tmp = *max * 2; 1083 temp = g_realloc(ret, (tmp + 1)); 1084 *max = tmp; 1085 return temp; 1086 } 1087 1088 /** 1089 * uri_to_string: 1090 * @uri: pointer to an URI 1091 * 1092 * Save the URI as an escaped string 1093 * 1094 * Returns a new string (to be deallocated by caller) 1095 */ 1096 char *uri_to_string(URI *uri) 1097 { 1098 char *ret = NULL; 1099 char *temp; 1100 const char *p; 1101 int len; 1102 int max; 1103 1104 if (uri == NULL) { 1105 return NULL; 1106 } 1107 1108 max = 80; 1109 ret = g_malloc(max + 1); 1110 len = 0; 1111 1112 if (uri->scheme != NULL) { 1113 p = uri->scheme; 1114 while (*p != 0) { 1115 if (len >= max) { 1116 temp = realloc2n(ret, &max); 1117 ret = temp; 1118 } 1119 ret[len++] = *p++; 1120 } 1121 if (len >= max) { 1122 temp = realloc2n(ret, &max); 1123 ret = temp; 1124 } 1125 ret[len++] = ':'; 1126 } 1127 if (uri->opaque != NULL) { 1128 p = uri->opaque; 1129 while (*p != 0) { 1130 if (len + 3 >= max) { 1131 temp = realloc2n(ret, &max); 1132 ret = temp; 1133 } 1134 if (IS_RESERVED(*(p)) || IS_UNRESERVED(*(p))) { 1135 ret[len++] = *p++; 1136 } else { 1137 int val = *(unsigned char *)p++; 1138 int hi = val / 0x10, lo = val % 0x10; 1139 ret[len++] = '%'; 1140 ret[len++] = hi + (hi > 9 ? 'A' - 10 : '0'); 1141 ret[len++] = lo + (lo > 9 ? 'A' - 10 : '0'); 1142 } 1143 } 1144 } else { 1145 if (uri->server != NULL) { 1146 if (len + 3 >= max) { 1147 temp = realloc2n(ret, &max); 1148 ret = temp; 1149 } 1150 ret[len++] = '/'; 1151 ret[len++] = '/'; 1152 if (uri->user != NULL) { 1153 p = uri->user; 1154 while (*p != 0) { 1155 if (len + 3 >= max) { 1156 temp = realloc2n(ret, &max); 1157 ret = temp; 1158 } 1159 if ((IS_UNRESERVED(*(p))) || ((*(p) == ';')) || 1160 ((*(p) == ':')) || ((*(p) == '&')) || ((*(p) == '=')) || 1161 ((*(p) == '+')) || ((*(p) == '$')) || ((*(p) == ','))) { 1162 ret[len++] = *p++; 1163 } else { 1164 int val = *(unsigned char *)p++; 1165 int hi = val / 0x10, lo = val % 0x10; 1166 ret[len++] = '%'; 1167 ret[len++] = hi + (hi > 9 ? 'A' - 10 : '0'); 1168 ret[len++] = lo + (lo > 9 ? 'A' - 10 : '0'); 1169 } 1170 } 1171 if (len + 3 >= max) { 1172 temp = realloc2n(ret, &max); 1173 ret = temp; 1174 } 1175 ret[len++] = '@'; 1176 } 1177 p = uri->server; 1178 while (*p != 0) { 1179 if (len >= max) { 1180 temp = realloc2n(ret, &max); 1181 ret = temp; 1182 } 1183 ret[len++] = *p++; 1184 } 1185 if (uri->port > 0) { 1186 if (len + 10 >= max) { 1187 temp = realloc2n(ret, &max); 1188 ret = temp; 1189 } 1190 len += snprintf(&ret[len], max - len, ":%d", uri->port); 1191 } 1192 } else if (uri->authority != NULL) { 1193 if (len + 3 >= max) { 1194 temp = realloc2n(ret, &max); 1195 ret = temp; 1196 } 1197 ret[len++] = '/'; 1198 ret[len++] = '/'; 1199 p = uri->authority; 1200 while (*p != 0) { 1201 if (len + 3 >= max) { 1202 temp = realloc2n(ret, &max); 1203 ret = temp; 1204 } 1205 if ((IS_UNRESERVED(*(p))) || ((*(p) == '$')) || 1206 ((*(p) == ',')) || ((*(p) == ';')) || ((*(p) == ':')) || 1207 ((*(p) == '@')) || ((*(p) == '&')) || ((*(p) == '=')) || 1208 ((*(p) == '+'))) { 1209 ret[len++] = *p++; 1210 } else { 1211 int val = *(unsigned char *)p++; 1212 int hi = val / 0x10, lo = val % 0x10; 1213 ret[len++] = '%'; 1214 ret[len++] = hi + (hi > 9 ? 'A' - 10 : '0'); 1215 ret[len++] = lo + (lo > 9 ? 'A' - 10 : '0'); 1216 } 1217 } 1218 } else if (uri->scheme != NULL) { 1219 if (len + 3 >= max) { 1220 temp = realloc2n(ret, &max); 1221 ret = temp; 1222 } 1223 ret[len++] = '/'; 1224 ret[len++] = '/'; 1225 } 1226 if (uri->path != NULL) { 1227 p = uri->path; 1228 /* 1229 * the colon in file:///d: should not be escaped or 1230 * Windows accesses fail later. 1231 */ 1232 if ((uri->scheme != NULL) && (p[0] == '/') && 1233 (((p[1] >= 'a') && (p[1] <= 'z')) || 1234 ((p[1] >= 'A') && (p[1] <= 'Z'))) && 1235 (p[2] == ':') && (!strcmp(uri->scheme, "file"))) { 1236 if (len + 3 >= max) { 1237 temp = realloc2n(ret, &max); 1238 ret = temp; 1239 } 1240 ret[len++] = *p++; 1241 ret[len++] = *p++; 1242 ret[len++] = *p++; 1243 } 1244 while (*p != 0) { 1245 if (len + 3 >= max) { 1246 temp = realloc2n(ret, &max); 1247 ret = temp; 1248 } 1249 if ((IS_UNRESERVED(*(p))) || ((*(p) == '/')) || 1250 ((*(p) == ';')) || ((*(p) == '@')) || ((*(p) == '&')) || 1251 ((*(p) == '=')) || ((*(p) == '+')) || ((*(p) == '$')) || 1252 ((*(p) == ','))) { 1253 ret[len++] = *p++; 1254 } else { 1255 int val = *(unsigned char *)p++; 1256 int hi = val / 0x10, lo = val % 0x10; 1257 ret[len++] = '%'; 1258 ret[len++] = hi + (hi > 9 ? 'A' - 10 : '0'); 1259 ret[len++] = lo + (lo > 9 ? 'A' - 10 : '0'); 1260 } 1261 } 1262 } 1263 if (uri->query != NULL) { 1264 if (len + 1 >= max) { 1265 temp = realloc2n(ret, &max); 1266 ret = temp; 1267 } 1268 ret[len++] = '?'; 1269 p = uri->query; 1270 while (*p != 0) { 1271 if (len + 1 >= max) { 1272 temp = realloc2n(ret, &max); 1273 ret = temp; 1274 } 1275 ret[len++] = *p++; 1276 } 1277 } 1278 } 1279 if (uri->fragment != NULL) { 1280 if (len + 3 >= max) { 1281 temp = realloc2n(ret, &max); 1282 ret = temp; 1283 } 1284 ret[len++] = '#'; 1285 p = uri->fragment; 1286 while (*p != 0) { 1287 if (len + 3 >= max) { 1288 temp = realloc2n(ret, &max); 1289 ret = temp; 1290 } 1291 if ((IS_UNRESERVED(*(p))) || (IS_RESERVED(*(p)))) { 1292 ret[len++] = *p++; 1293 } else { 1294 int val = *(unsigned char *)p++; 1295 int hi = val / 0x10, lo = val % 0x10; 1296 ret[len++] = '%'; 1297 ret[len++] = hi + (hi > 9 ? 'A' - 10 : '0'); 1298 ret[len++] = lo + (lo > 9 ? 'A' - 10 : '0'); 1299 } 1300 } 1301 } 1302 if (len >= max) { 1303 temp = realloc2n(ret, &max); 1304 ret = temp; 1305 } 1306 ret[len] = 0; 1307 return ret; 1308 } 1309 1310 /** 1311 * uri_clean: 1312 * @uri: pointer to an URI 1313 * 1314 * Make sure the URI struct is free of content 1315 */ 1316 static void uri_clean(URI *uri) 1317 { 1318 if (uri == NULL) { 1319 return; 1320 } 1321 1322 g_free(uri->scheme); 1323 uri->scheme = NULL; 1324 g_free(uri->server); 1325 uri->server = NULL; 1326 g_free(uri->user); 1327 uri->user = NULL; 1328 g_free(uri->path); 1329 uri->path = NULL; 1330 g_free(uri->fragment); 1331 uri->fragment = NULL; 1332 g_free(uri->opaque); 1333 uri->opaque = NULL; 1334 g_free(uri->authority); 1335 uri->authority = NULL; 1336 g_free(uri->query); 1337 uri->query = NULL; 1338 } 1339 1340 /** 1341 * uri_free: 1342 * @uri: pointer to an URI, NULL is ignored 1343 * 1344 * Free up the URI struct 1345 */ 1346 void uri_free(URI *uri) 1347 { 1348 uri_clean(uri); 1349 g_free(uri); 1350 } 1351 1352 /************************************************************************ 1353 * * 1354 * Helper functions * 1355 * * 1356 ************************************************************************/ 1357 1358 /** 1359 * normalize_uri_path: 1360 * @path: pointer to the path string 1361 * 1362 * Applies the 5 normalization steps to a path string--that is, RFC 2396 1363 * Section 5.2, steps 6.c through 6.g. 1364 * 1365 * Normalization occurs directly on the string, no new allocation is done 1366 * 1367 * Returns 0 or an error code 1368 */ 1369 static int normalize_uri_path(char *path) 1370 { 1371 char *cur, *out; 1372 1373 if (path == NULL) { 1374 return -1; 1375 } 1376 1377 /* Skip all initial "/" chars. We want to get to the beginning of the 1378 * first non-empty segment. 1379 */ 1380 cur = path; 1381 while (cur[0] == '/') { 1382 ++cur; 1383 } 1384 if (cur[0] == '\0') { 1385 return 0; 1386 } 1387 1388 /* Keep everything we've seen so far. */ 1389 out = cur; 1390 1391 /* 1392 * Analyze each segment in sequence for cases (c) and (d). 1393 */ 1394 while (cur[0] != '\0') { 1395 /* 1396 * c) All occurrences of "./", where "." is a complete path segment, 1397 * are removed from the buffer string. 1398 */ 1399 if ((cur[0] == '.') && (cur[1] == '/')) { 1400 cur += 2; 1401 /* '//' normalization should be done at this point too */ 1402 while (cur[0] == '/') { 1403 cur++; 1404 } 1405 continue; 1406 } 1407 1408 /* 1409 * d) If the buffer string ends with "." as a complete path segment, 1410 * that "." is removed. 1411 */ 1412 if ((cur[0] == '.') && (cur[1] == '\0')) { 1413 break; 1414 } 1415 1416 /* Otherwise keep the segment. */ 1417 while (cur[0] != '/') { 1418 if (cur[0] == '\0') { 1419 goto done_cd; 1420 } 1421 (out++)[0] = (cur++)[0]; 1422 } 1423 /* nomalize // */ 1424 while ((cur[0] == '/') && (cur[1] == '/')) { 1425 cur++; 1426 } 1427 1428 (out++)[0] = (cur++)[0]; 1429 } 1430 done_cd: 1431 out[0] = '\0'; 1432 1433 /* Reset to the beginning of the first segment for the next sequence. */ 1434 cur = path; 1435 while (cur[0] == '/') { 1436 ++cur; 1437 } 1438 if (cur[0] == '\0') { 1439 return 0; 1440 } 1441 1442 /* 1443 * Analyze each segment in sequence for cases (e) and (f). 1444 * 1445 * e) All occurrences of "<segment>/../", where <segment> is a 1446 * complete path segment not equal to "..", are removed from the 1447 * buffer string. Removal of these path segments is performed 1448 * iteratively, removing the leftmost matching pattern on each 1449 * iteration, until no matching pattern remains. 1450 * 1451 * f) If the buffer string ends with "<segment>/..", where <segment> 1452 * is a complete path segment not equal to "..", that 1453 * "<segment>/.." is removed. 1454 * 1455 * To satisfy the "iterative" clause in (e), we need to collapse the 1456 * string every time we find something that needs to be removed. Thus, 1457 * we don't need to keep two pointers into the string: we only need a 1458 * "current position" pointer. 1459 */ 1460 while (1) { 1461 char *segp, *tmp; 1462 1463 /* At the beginning of each iteration of this loop, "cur" points to 1464 * the first character of the segment we want to examine. 1465 */ 1466 1467 /* Find the end of the current segment. */ 1468 segp = cur; 1469 while ((segp[0] != '/') && (segp[0] != '\0')) { 1470 ++segp; 1471 } 1472 1473 /* If this is the last segment, we're done (we need at least two 1474 * segments to meet the criteria for the (e) and (f) cases). 1475 */ 1476 if (segp[0] == '\0') { 1477 break; 1478 } 1479 1480 /* If the first segment is "..", or if the next segment _isn't_ "..", 1481 * keep this segment and try the next one. 1482 */ 1483 ++segp; 1484 if (((cur[0] == '.') && (cur[1] == '.') && (segp == cur + 3)) || 1485 ((segp[0] != '.') || (segp[1] != '.') || 1486 ((segp[2] != '/') && (segp[2] != '\0')))) { 1487 cur = segp; 1488 continue; 1489 } 1490 1491 /* If we get here, remove this segment and the next one and back up 1492 * to the previous segment (if there is one), to implement the 1493 * "iteratively" clause. It's pretty much impossible to back up 1494 * while maintaining two pointers into the buffer, so just compact 1495 * the whole buffer now. 1496 */ 1497 1498 /* If this is the end of the buffer, we're done. */ 1499 if (segp[2] == '\0') { 1500 cur[0] = '\0'; 1501 break; 1502 } 1503 /* Valgrind complained, strcpy(cur, segp + 3); */ 1504 /* string will overlap, do not use strcpy */ 1505 tmp = cur; 1506 segp += 3; 1507 while ((*tmp++ = *segp++) != 0) { 1508 /* No further work */ 1509 } 1510 1511 /* If there are no previous segments, then keep going from here. */ 1512 segp = cur; 1513 while ((segp > path) && ((--segp)[0] == '/')) { 1514 /* No further work */ 1515 } 1516 if (segp == path) { 1517 continue; 1518 } 1519 1520 /* "segp" is pointing to the end of a previous segment; find it's 1521 * start. We need to back up to the previous segment and start 1522 * over with that to handle things like "foo/bar/../..". If we 1523 * don't do this, then on the first pass we'll remove the "bar/..", 1524 * but be pointing at the second ".." so we won't realize we can also 1525 * remove the "foo/..". 1526 */ 1527 cur = segp; 1528 while ((cur > path) && (cur[-1] != '/')) { 1529 --cur; 1530 } 1531 } 1532 out[0] = '\0'; 1533 1534 /* 1535 * g) If the resulting buffer string still begins with one or more 1536 * complete path segments of "..", then the reference is 1537 * considered to be in error. Implementations may handle this 1538 * error by retaining these components in the resolved path (i.e., 1539 * treating them as part of the final URI), by removing them from 1540 * the resolved path (i.e., discarding relative levels above the 1541 * root), or by avoiding traversal of the reference. 1542 * 1543 * We discard them from the final path. 1544 */ 1545 if (path[0] == '/') { 1546 cur = path; 1547 while ((cur[0] == '/') && (cur[1] == '.') && (cur[2] == '.') && 1548 ((cur[3] == '/') || (cur[3] == '\0'))) { 1549 cur += 3; 1550 } 1551 1552 if (cur != path) { 1553 out = path; 1554 while (cur[0] != '\0') { 1555 (out++)[0] = (cur++)[0]; 1556 } 1557 out[0] = 0; 1558 } 1559 } 1560 1561 return 0; 1562 } 1563 1564 static int is_hex(char c) 1565 { 1566 if (((c >= '0') && (c <= '9')) || ((c >= 'a') && (c <= 'f')) || 1567 ((c >= 'A') && (c <= 'F'))) { 1568 return 1; 1569 } 1570 return 0; 1571 } 1572 1573 /** 1574 * uri_string_unescape: 1575 * @str: the string to unescape 1576 * @len: the length in bytes to unescape (or <= 0 to indicate full string) 1577 * @target: optional destination buffer 1578 * 1579 * Unescaping routine, but does not check that the string is an URI. The 1580 * output is a direct unsigned char translation of %XX values (no encoding) 1581 * Note that the length of the result can only be smaller or same size as 1582 * the input string. 1583 * 1584 * Returns a copy of the string, but unescaped, will return NULL only in case 1585 * of error 1586 */ 1587 char *uri_string_unescape(const char *str, int len, char *target) 1588 { 1589 char *ret, *out; 1590 const char *in; 1591 1592 if (str == NULL) { 1593 return NULL; 1594 } 1595 if (len <= 0) { 1596 len = strlen(str); 1597 } 1598 if (len < 0) { 1599 return NULL; 1600 } 1601 1602 if (target == NULL) { 1603 ret = g_malloc(len + 1); 1604 } else { 1605 ret = target; 1606 } 1607 in = str; 1608 out = ret; 1609 while (len > 0) { 1610 if ((len > 2) && (*in == '%') && (is_hex(in[1])) && (is_hex(in[2]))) { 1611 in++; 1612 if ((*in >= '0') && (*in <= '9')) { 1613 *out = (*in - '0'); 1614 } else if ((*in >= 'a') && (*in <= 'f')) { 1615 *out = (*in - 'a') + 10; 1616 } else if ((*in >= 'A') && (*in <= 'F')) { 1617 *out = (*in - 'A') + 10; 1618 } 1619 in++; 1620 if ((*in >= '0') && (*in <= '9')) { 1621 *out = *out * 16 + (*in - '0'); 1622 } else if ((*in >= 'a') && (*in <= 'f')) { 1623 *out = *out * 16 + (*in - 'a') + 10; 1624 } else if ((*in >= 'A') && (*in <= 'F')) { 1625 *out = *out * 16 + (*in - 'A') + 10; 1626 } 1627 in++; 1628 len -= 3; 1629 out++; 1630 } else { 1631 *out++ = *in++; 1632 len--; 1633 } 1634 } 1635 *out = 0; 1636 return ret; 1637 } 1638 1639 /** 1640 * uri_string_escape: 1641 * @str: string to escape 1642 * @list: exception list string of chars not to escape 1643 * 1644 * This routine escapes a string to hex, ignoring reserved characters (a-z) 1645 * and the characters in the exception list. 1646 * 1647 * Returns a new escaped string or NULL in case of error. 1648 */ 1649 char *uri_string_escape(const char *str, const char *list) 1650 { 1651 char *ret, ch; 1652 char *temp; 1653 const char *in; 1654 int len, out; 1655 1656 if (str == NULL) { 1657 return NULL; 1658 } 1659 if (str[0] == 0) { 1660 return g_strdup(str); 1661 } 1662 len = strlen(str); 1663 if (!(len > 0)) { 1664 return NULL; 1665 } 1666 1667 len += 20; 1668 ret = g_malloc(len); 1669 in = str; 1670 out = 0; 1671 while (*in != 0) { 1672 if (len - out <= 3) { 1673 temp = realloc2n(ret, &len); 1674 ret = temp; 1675 } 1676 1677 ch = *in; 1678 1679 if ((ch != '@') && (!IS_UNRESERVED(ch)) && (!strchr(list, ch))) { 1680 unsigned char val; 1681 ret[out++] = '%'; 1682 val = ch >> 4; 1683 if (val <= 9) { 1684 ret[out++] = '0' + val; 1685 } else { 1686 ret[out++] = 'A' + val - 0xA; 1687 } 1688 val = ch & 0xF; 1689 if (val <= 9) { 1690 ret[out++] = '0' + val; 1691 } else { 1692 ret[out++] = 'A' + val - 0xA; 1693 } 1694 in++; 1695 } else { 1696 ret[out++] = *in++; 1697 } 1698 } 1699 ret[out] = 0; 1700 return ret; 1701 } 1702 1703 /************************************************************************ 1704 * * 1705 * Public functions * 1706 * * 1707 ************************************************************************/ 1708 1709 /** 1710 * uri_resolve: 1711 * @URI: the URI instance found in the document 1712 * @base: the base value 1713 * 1714 * Computes he final URI of the reference done by checking that 1715 * the given URI is valid, and building the final URI using the 1716 * base URI. This is processed according to section 5.2 of the 1717 * RFC 2396 1718 * 1719 * 5.2. Resolving Relative References to Absolute Form 1720 * 1721 * Returns a new URI string (to be freed by the caller) or NULL in case 1722 * of error. 1723 */ 1724 char *uri_resolve(const char *uri, const char *base) 1725 { 1726 char *val = NULL; 1727 int ret, len, indx, cur, out; 1728 URI *ref = NULL; 1729 URI *bas = NULL; 1730 URI *res = NULL; 1731 1732 /* 1733 * 1) The URI reference is parsed into the potential four components and 1734 * fragment identifier, as described in Section 4.3. 1735 * 1736 * NOTE that a completely empty URI is treated by modern browsers 1737 * as a reference to "." rather than as a synonym for the current 1738 * URI. Should we do that here? 1739 */ 1740 if (uri == NULL) { 1741 ret = -1; 1742 } else { 1743 if (*uri) { 1744 ref = uri_new(); 1745 ret = uri_parse_into(ref, uri); 1746 } else { 1747 ret = 0; 1748 } 1749 } 1750 if (ret != 0) { 1751 goto done; 1752 } 1753 if ((ref != NULL) && (ref->scheme != NULL)) { 1754 /* 1755 * The URI is absolute don't modify. 1756 */ 1757 val = g_strdup(uri); 1758 goto done; 1759 } 1760 if (base == NULL) { 1761 ret = -1; 1762 } else { 1763 bas = uri_new(); 1764 ret = uri_parse_into(bas, base); 1765 } 1766 if (ret != 0) { 1767 if (ref) { 1768 val = uri_to_string(ref); 1769 } 1770 goto done; 1771 } 1772 if (ref == NULL) { 1773 /* 1774 * the base fragment must be ignored 1775 */ 1776 g_free(bas->fragment); 1777 bas->fragment = NULL; 1778 val = uri_to_string(bas); 1779 goto done; 1780 } 1781 1782 /* 1783 * 2) If the path component is empty and the scheme, authority, and 1784 * query components are undefined, then it is a reference to the 1785 * current document and we are done. Otherwise, the reference URI's 1786 * query and fragment components are defined as found (or not found) 1787 * within the URI reference and not inherited from the base URI. 1788 * 1789 * NOTE that in modern browsers, the parsing differs from the above 1790 * in the following aspect: the query component is allowed to be 1791 * defined while still treating this as a reference to the current 1792 * document. 1793 */ 1794 res = uri_new(); 1795 if ((ref->scheme == NULL) && (ref->path == NULL) && 1796 ((ref->authority == NULL) && (ref->server == NULL))) { 1797 res->scheme = g_strdup(bas->scheme); 1798 if (bas->authority != NULL) { 1799 res->authority = g_strdup(bas->authority); 1800 } else if (bas->server != NULL) { 1801 res->server = g_strdup(bas->server); 1802 res->user = g_strdup(bas->user); 1803 res->port = bas->port; 1804 } 1805 res->path = g_strdup(bas->path); 1806 if (ref->query != NULL) { 1807 res->query = g_strdup(ref->query); 1808 } else { 1809 res->query = g_strdup(bas->query); 1810 } 1811 res->fragment = g_strdup(ref->fragment); 1812 goto step_7; 1813 } 1814 1815 /* 1816 * 3) If the scheme component is defined, indicating that the reference 1817 * starts with a scheme name, then the reference is interpreted as an 1818 * absolute URI and we are done. Otherwise, the reference URI's 1819 * scheme is inherited from the base URI's scheme component. 1820 */ 1821 if (ref->scheme != NULL) { 1822 val = uri_to_string(ref); 1823 goto done; 1824 } 1825 res->scheme = g_strdup(bas->scheme); 1826 1827 res->query = g_strdup(ref->query); 1828 res->fragment = g_strdup(ref->fragment); 1829 1830 /* 1831 * 4) If the authority component is defined, then the reference is a 1832 * network-path and we skip to step 7. Otherwise, the reference 1833 * URI's authority is inherited from the base URI's authority 1834 * component, which will also be undefined if the URI scheme does not 1835 * use an authority component. 1836 */ 1837 if ((ref->authority != NULL) || (ref->server != NULL)) { 1838 if (ref->authority != NULL) { 1839 res->authority = g_strdup(ref->authority); 1840 } else { 1841 res->server = g_strdup(ref->server); 1842 res->user = g_strdup(ref->user); 1843 res->port = ref->port; 1844 } 1845 res->path = g_strdup(ref->path); 1846 goto step_7; 1847 } 1848 if (bas->authority != NULL) { 1849 res->authority = g_strdup(bas->authority); 1850 } else if (bas->server != NULL) { 1851 res->server = g_strdup(bas->server); 1852 res->user = g_strdup(bas->user); 1853 res->port = bas->port; 1854 } 1855 1856 /* 1857 * 5) If the path component begins with a slash character ("/"), then 1858 * the reference is an absolute-path and we skip to step 7. 1859 */ 1860 if ((ref->path != NULL) && (ref->path[0] == '/')) { 1861 res->path = g_strdup(ref->path); 1862 goto step_7; 1863 } 1864 1865 /* 1866 * 6) If this step is reached, then we are resolving a relative-path 1867 * reference. The relative path needs to be merged with the base 1868 * URI's path. Although there are many ways to do this, we will 1869 * describe a simple method using a separate string buffer. 1870 * 1871 * Allocate a buffer large enough for the result string. 1872 */ 1873 len = 2; /* extra / and 0 */ 1874 if (ref->path != NULL) { 1875 len += strlen(ref->path); 1876 } 1877 if (bas->path != NULL) { 1878 len += strlen(bas->path); 1879 } 1880 res->path = g_malloc(len); 1881 res->path[0] = 0; 1882 1883 /* 1884 * a) All but the last segment of the base URI's path component is 1885 * copied to the buffer. In other words, any characters after the 1886 * last (right-most) slash character, if any, are excluded. 1887 */ 1888 cur = 0; 1889 out = 0; 1890 if (bas->path != NULL) { 1891 while (bas->path[cur] != 0) { 1892 while ((bas->path[cur] != 0) && (bas->path[cur] != '/')) { 1893 cur++; 1894 } 1895 if (bas->path[cur] == 0) { 1896 break; 1897 } 1898 1899 cur++; 1900 while (out < cur) { 1901 res->path[out] = bas->path[out]; 1902 out++; 1903 } 1904 } 1905 } 1906 res->path[out] = 0; 1907 1908 /* 1909 * b) The reference's path component is appended to the buffer 1910 * string. 1911 */ 1912 if (ref->path != NULL && ref->path[0] != 0) { 1913 indx = 0; 1914 /* 1915 * Ensure the path includes a '/' 1916 */ 1917 if ((out == 0) && (bas->server != NULL)) { 1918 res->path[out++] = '/'; 1919 } 1920 while (ref->path[indx] != 0) { 1921 res->path[out++] = ref->path[indx++]; 1922 } 1923 } 1924 res->path[out] = 0; 1925 1926 /* 1927 * Steps c) to h) are really path normalization steps 1928 */ 1929 normalize_uri_path(res->path); 1930 1931 step_7: 1932 1933 /* 1934 * 7) The resulting URI components, including any inherited from the 1935 * base URI, are recombined to give the absolute form of the URI 1936 * reference. 1937 */ 1938 val = uri_to_string(res); 1939 1940 done: 1941 uri_free(ref); 1942 uri_free(bas); 1943 uri_free(res); 1944 return val; 1945 } 1946 1947 /** 1948 * uri_resolve_relative: 1949 * @URI: the URI reference under consideration 1950 * @base: the base value 1951 * 1952 * Expresses the URI of the reference in terms relative to the 1953 * base. Some examples of this operation include: 1954 * base = "http://site1.com/docs/book1.html" 1955 * URI input URI returned 1956 * docs/pic1.gif pic1.gif 1957 * docs/img/pic1.gif img/pic1.gif 1958 * img/pic1.gif ../img/pic1.gif 1959 * http://site1.com/docs/pic1.gif pic1.gif 1960 * http://site2.com/docs/pic1.gif http://site2.com/docs/pic1.gif 1961 * 1962 * base = "docs/book1.html" 1963 * URI input URI returned 1964 * docs/pic1.gif pic1.gif 1965 * docs/img/pic1.gif img/pic1.gif 1966 * img/pic1.gif ../img/pic1.gif 1967 * http://site1.com/docs/pic1.gif http://site1.com/docs/pic1.gif 1968 * 1969 * 1970 * Note: if the URI reference is really weird or complicated, it may be 1971 * worthwhile to first convert it into a "nice" one by calling 1972 * uri_resolve (using 'base') before calling this routine, 1973 * since this routine (for reasonable efficiency) assumes URI has 1974 * already been through some validation. 1975 * 1976 * Returns a new URI string (to be freed by the caller) or NULL in case 1977 * error. 1978 */ 1979 char *uri_resolve_relative(const char *uri, const char *base) 1980 { 1981 char *val = NULL; 1982 int ret; 1983 int ix; 1984 int pos = 0; 1985 int nbslash = 0; 1986 int len; 1987 URI *ref = NULL; 1988 URI *bas = NULL; 1989 char *bptr, *uptr, *vptr; 1990 int remove_path = 0; 1991 1992 if ((uri == NULL) || (*uri == 0)) { 1993 return NULL; 1994 } 1995 1996 /* 1997 * First parse URI into a standard form 1998 */ 1999 ref = uri_new(); 2000 /* If URI not already in "relative" form */ 2001 if (uri[0] != '.') { 2002 ret = uri_parse_into(ref, uri); 2003 if (ret != 0) { 2004 goto done; /* Error in URI, return NULL */ 2005 } 2006 } else { 2007 ref->path = g_strdup(uri); 2008 } 2009 2010 /* 2011 * Next parse base into the same standard form 2012 */ 2013 if ((base == NULL) || (*base == 0)) { 2014 val = g_strdup(uri); 2015 goto done; 2016 } 2017 bas = uri_new(); 2018 if (base[0] != '.') { 2019 ret = uri_parse_into(bas, base); 2020 if (ret != 0) { 2021 goto done; /* Error in base, return NULL */ 2022 } 2023 } else { 2024 bas->path = g_strdup(base); 2025 } 2026 2027 /* 2028 * If the scheme / server on the URI differs from the base, 2029 * just return the URI 2030 */ 2031 if ((ref->scheme != NULL) && 2032 ((bas->scheme == NULL) || (strcmp(bas->scheme, ref->scheme)) || 2033 (strcmp(bas->server, ref->server)))) { 2034 val = g_strdup(uri); 2035 goto done; 2036 } 2037 if (bas->path == ref->path || 2038 (bas->path && ref->path && !strcmp(bas->path, ref->path))) { 2039 val = g_strdup(""); 2040 goto done; 2041 } 2042 if (bas->path == NULL) { 2043 val = g_strdup(ref->path); 2044 goto done; 2045 } 2046 if (ref->path == NULL) { 2047 ref->path = (char *)"/"; 2048 remove_path = 1; 2049 } 2050 2051 /* 2052 * At this point (at last!) we can compare the two paths 2053 * 2054 * First we take care of the special case where either of the 2055 * two path components may be missing (bug 316224) 2056 */ 2057 if (bas->path == NULL) { 2058 if (ref->path != NULL) { 2059 uptr = ref->path; 2060 if (*uptr == '/') { 2061 uptr++; 2062 } 2063 /* exception characters from uri_to_string */ 2064 val = uri_string_escape(uptr, "/;&=+$,"); 2065 } 2066 goto done; 2067 } 2068 bptr = bas->path; 2069 if (ref->path == NULL) { 2070 for (ix = 0; bptr[ix] != 0; ix++) { 2071 if (bptr[ix] == '/') { 2072 nbslash++; 2073 } 2074 } 2075 uptr = NULL; 2076 len = 1; /* this is for a string terminator only */ 2077 } else { 2078 /* 2079 * Next we compare the two strings and find where they first differ 2080 */ 2081 if ((ref->path[pos] == '.') && (ref->path[pos + 1] == '/')) { 2082 pos += 2; 2083 } 2084 if ((*bptr == '.') && (bptr[1] == '/')) { 2085 bptr += 2; 2086 } else if ((*bptr == '/') && (ref->path[pos] != '/')) { 2087 bptr++; 2088 } 2089 while ((bptr[pos] == ref->path[pos]) && (bptr[pos] != 0)) { 2090 pos++; 2091 } 2092 2093 if (bptr[pos] == ref->path[pos]) { 2094 val = g_strdup(""); 2095 goto done; /* (I can't imagine why anyone would do this) */ 2096 } 2097 2098 /* 2099 * In URI, "back up" to the last '/' encountered. This will be the 2100 * beginning of the "unique" suffix of URI 2101 */ 2102 ix = pos; 2103 if ((ref->path[ix] == '/') && (ix > 0)) { 2104 ix--; 2105 } else if ((ref->path[ix] == 0) && (ix > 1) 2106 && (ref->path[ix - 1] == '/')) { 2107 ix -= 2; 2108 } 2109 for (; ix > 0; ix--) { 2110 if (ref->path[ix] == '/') { 2111 break; 2112 } 2113 } 2114 if (ix == 0) { 2115 uptr = ref->path; 2116 } else { 2117 ix++; 2118 uptr = &ref->path[ix]; 2119 } 2120 2121 /* 2122 * In base, count the number of '/' from the differing point 2123 */ 2124 if (bptr[pos] != ref->path[pos]) { /* check for trivial URI == base */ 2125 for (; bptr[ix] != 0; ix++) { 2126 if (bptr[ix] == '/') { 2127 nbslash++; 2128 } 2129 } 2130 } 2131 len = strlen(uptr) + 1; 2132 } 2133 2134 if (nbslash == 0) { 2135 if (uptr != NULL) { 2136 /* exception characters from uri_to_string */ 2137 val = uri_string_escape(uptr, "/;&=+$,"); 2138 } 2139 goto done; 2140 } 2141 2142 /* 2143 * Allocate just enough space for the returned string - 2144 * length of the remainder of the URI, plus enough space 2145 * for the "../" groups, plus one for the terminator 2146 */ 2147 val = g_malloc(len + 3 * nbslash); 2148 vptr = val; 2149 /* 2150 * Put in as many "../" as needed 2151 */ 2152 for (; nbslash > 0; nbslash--) { 2153 *vptr++ = '.'; 2154 *vptr++ = '.'; 2155 *vptr++ = '/'; 2156 } 2157 /* 2158 * Finish up with the end of the URI 2159 */ 2160 if (uptr != NULL) { 2161 if ((vptr > val) && (len > 0) && (uptr[0] == '/') && 2162 (vptr[-1] == '/')) { 2163 memcpy(vptr, uptr + 1, len - 1); 2164 vptr[len - 2] = 0; 2165 } else { 2166 memcpy(vptr, uptr, len); 2167 vptr[len - 1] = 0; 2168 } 2169 } else { 2170 vptr[len - 1] = 0; 2171 } 2172 2173 /* escape the freshly-built path */ 2174 vptr = val; 2175 /* exception characters from uri_to_string */ 2176 val = uri_string_escape(vptr, "/;&=+$,"); 2177 g_free(vptr); 2178 2179 done: 2180 /* 2181 * Free the working variables 2182 */ 2183 if (remove_path != 0) { 2184 ref->path = NULL; 2185 } 2186 uri_free(ref); 2187 uri_free(bas); 2188 2189 return val; 2190 } 2191 2192 /* 2193 * Utility functions to help parse and assemble query strings. 2194 */ 2195 2196 struct QueryParams *query_params_new(int init_alloc) 2197 { 2198 struct QueryParams *ps; 2199 2200 if (init_alloc <= 0) { 2201 init_alloc = 1; 2202 } 2203 2204 ps = g_new(QueryParams, 1); 2205 ps->n = 0; 2206 ps->alloc = init_alloc; 2207 ps->p = g_new(QueryParam, ps->alloc); 2208 2209 return ps; 2210 } 2211 2212 /* Ensure there is space to store at least one more parameter 2213 * at the end of the set. 2214 */ 2215 static int query_params_append(struct QueryParams *ps, const char *name, 2216 const char *value) 2217 { 2218 if (ps->n >= ps->alloc) { 2219 ps->p = g_renew(QueryParam, ps->p, ps->alloc * 2); 2220 ps->alloc *= 2; 2221 } 2222 2223 ps->p[ps->n].name = g_strdup(name); 2224 ps->p[ps->n].value = g_strdup(value); 2225 ps->p[ps->n].ignore = 0; 2226 ps->n++; 2227 2228 return 0; 2229 } 2230 2231 void query_params_free(struct QueryParams *ps) 2232 { 2233 int i; 2234 2235 for (i = 0; i < ps->n; ++i) { 2236 g_free(ps->p[i].name); 2237 g_free(ps->p[i].value); 2238 } 2239 g_free(ps->p); 2240 g_free(ps); 2241 } 2242 2243 struct QueryParams *query_params_parse(const char *query) 2244 { 2245 struct QueryParams *ps; 2246 const char *end, *eq; 2247 2248 ps = query_params_new(0); 2249 if (!query || query[0] == '\0') { 2250 return ps; 2251 } 2252 2253 while (*query) { 2254 char *name = NULL, *value = NULL; 2255 2256 /* Find the next separator, or end of the string. */ 2257 end = strchr(query, '&'); 2258 if (!end) { 2259 end = qemu_strchrnul(query, ';'); 2260 } 2261 2262 /* Find the first '=' character between here and end. */ 2263 eq = strchr(query, '='); 2264 if (eq && eq >= end) { 2265 eq = NULL; 2266 } 2267 2268 /* Empty section (eg. "&&"). */ 2269 if (end == query) { 2270 goto next; 2271 } 2272 2273 /* If there is no '=' character, then we have just "name" 2274 * and consistent with CGI.pm we assume value is "". 2275 */ 2276 else if (!eq) { 2277 name = uri_string_unescape(query, end - query, NULL); 2278 value = NULL; 2279 } 2280 /* Or if we have "name=" here (works around annoying 2281 * problem when calling uri_string_unescape with len = 0). 2282 */ 2283 else if (eq + 1 == end) { 2284 name = uri_string_unescape(query, eq - query, NULL); 2285 value = g_new0(char, 1); 2286 } 2287 /* If the '=' character is at the beginning then we have 2288 * "=value" and consistent with CGI.pm we _ignore_ this. 2289 */ 2290 else if (query == eq) { 2291 goto next; 2292 } 2293 2294 /* Otherwise it's "name=value". */ 2295 else { 2296 name = uri_string_unescape(query, eq - query, NULL); 2297 value = uri_string_unescape(eq + 1, end - (eq + 1), NULL); 2298 } 2299 2300 /* Append to the parameter set. */ 2301 query_params_append(ps, name, value); 2302 g_free(name); 2303 g_free(value); 2304 2305 next: 2306 query = end; 2307 if (*query) { 2308 query++; /* skip '&' separator */ 2309 } 2310 } 2311 2312 return ps; 2313 } 2314