>From e7513a5a2552e37ce72c1df8fc6d15183ef8fb56 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki <[email protected]>
Date: Sat, 10 Oct 2009 21:06:03 +0200
Subject: [MINOR] Add chunk_htmlencode and chunk_asciiencode
Add two functions to encode input chunk replacing
non-printable, non ascii or special characters
with:
"&#%u;" - chunk_htmlencode
"<%02X>" - chunk_asciiencode
Above functions should be used when adding strings, received
from possible unsafe sources, to html stats or logs.
---
include/proto/buffers.h | 3 ++
src/buffers.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 85 insertions(+), 0 deletions(-)
diff --git a/include/proto/buffers.h b/include/proto/buffers.h
index e061b2c..744ad66 100644
--- a/include/proto/buffers.h
+++ b/include/proto/buffers.h
@@ -474,6 +474,9 @@ static inline int chunk_strcpy(struct chunk *chk, const
char *str) {
int chunk_printf(struct chunk *chk, const char *fmt, ...)
__attribute__ ((format(printf, 2, 3)));
+int chunk_htmlencode(struct chunk *dst, struct chunk *src);
+int chunk_asciiencode(struct chunk *dst, struct chunk *src, char qc);
+
static inline void chunk_reset(struct chunk *chk) {
chk->str = NULL;
chk->len = -1;
diff --git a/src/buffers.c b/src/buffers.c
index ee00f1c..318085e 100644
--- a/src/buffers.c
+++ b/src/buffers.c
@@ -10,6 +10,7 @@
*
*/
+#include <ctype.h>
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
@@ -325,6 +326,87 @@ int chunk_printf(struct chunk *chk, const char *fmt, ...)
}
/*
+ * Encode chunk <src> into chunk <dst>, respecting the limit of at most
+ * chk->size chars. Replace non-printable or special chracters with "&#%d;".
+ * If the chk->len is over, nothing is added. Returns the new chunk size.
+ */
+int chunk_htmlencode(struct chunk *dst, struct chunk *src) {
+
+ int i, l;
+ int olen, free;
+ char c;
+
+ olen = dst->len;
+
+ for (i = 0; i < src->len; i++) {
+ free = dst->size - dst->len;
+
+ if (!free) {
+ dst->len = olen;
+ return dst->len;
+ }
+
+ c = src->str[i];
+
+ if (!isascii(c) || !isprint(c) || c == '&' || c == '"' || c ==
'\'' || c == '<' || c == '>') {
+ l = snprintf(dst->str + dst->len, free, "&#%u;",
(unsigned char)c);
+
+ if (free < l) {
+ dst->len = olen;
+ return dst->len;
+ }
+
+ dst->len += l;
+ } else {
+ dst->str[dst->len] = c;
+ dst->len++;
+ }
+ }
+
+ return dst->len;
+}
+
+/*
+ * Encode chunk <src> into chunk <dst>, respecting the limit of at most
+ * chk->size chars. Replace non-printable or char passed in qc with "<%02X>".
+ * If the chk->len is over, nothing is added. Returns the new chunk size.
+ */
+int chunk_asciiencode(struct chunk *dst, struct chunk *src, char qc) {
+ int i, l;
+ int olen, free;
+ char c;
+
+ olen = dst->len;
+
+ for (i = 0; i < src->len; i++) {
+ free = dst->size - dst->len;
+
+ if (!free) {
+ dst->len = olen;
+ return dst->len;
+ }
+
+ c = src->str[i];
+
+ if (!isascii(c) || !isprint(c) || c == '<' || c == '>' || c ==
qc) {
+ l = snprintf(dst->str + dst->len, free, "<%02X>",
(unsigned char)c);
+
+ if (free < l) {
+ dst->len = olen;
+ return dst->len;
+ }
+
+ dst->len += l;
+ } else {
+ dst->str[dst->len] = c;
+ dst->len++;
+ }
+ }
+
+ return dst->len;
+}
+
+/*
* Dumps part or all of a buffer.
*/
void buffer_dump(FILE *o, struct buffer *b, int from, int to)
--
1.6.4.2
