On Tue, Jun 23, 2015 at 04:20:58PM +0200, Reyk Floeter wrote:
> On Sat, Jun 20, 2015 at 03:01:18PM +0200, Reyk Floeter wrote:
> > Comments? OK?
> >
>
> This diff includes some fixes from semarie@. We also have regress
> tests that will go in separately. We'd like to continue in the tree.
>
> OK?
>
> Reyk
>
Some comments below, but I think they could be addressed in tree.
ok semarie@
[...]
> Index: patterns.c
> ===================================================================
> RCS file: patterns.c
> diff -N patterns.c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patterns.c 23 Jun 2015 14:07:16 -0000
> @@ -0,0 +1,715 @@
> +/* $OpenBSD$ */
> +
> +/*
> + * Copyright (c) 2015 Reyk Floeter <r...@openbsd.org>
> + * Copyright (C) 1994-2015 Lua.org, PUC-Rio.
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining
> + * a copy of this software and associated documentation files (the
> + * "Software"), to deal in the Software without restriction, including
> + * without limitation the rights to use, copy, modify, merge, publish,
> + * distribute, sublicense, and/or sell copies of the Software, and to
> + * permit persons to whom the Software is furnished to do so, subject to
> + * the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be
> + * included in all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
> + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
> + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
> + * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
> + * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
> + * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
> + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
> + */
> +
> +/*
> + * Derived from Lua 5.3.1:
> + * $Id: lstrlib.c,v 1.229 2015/05/20 17:39:23 roberto Exp $
> + * Standard library for string operations and pattern-matching
> + */
> +
[...]
> +static int
> +match_class(int c, int cl)
> +{
> + int res;
> + switch (tolower(cl)) {
> + case 'a':
> + res = isalpha(c);
> + break;
> + case 'c':
> + res = iscntrl(c);
> + break;
> + case 'd':
> + res = isdigit(c);
> + break;
> + case 'g':
> + res = isgraph(c);
> + break;
> + case 'l':
> + res = islower(c);
> + break;
> + case 'p':
> + res = ispunct(c);
> + break;
> + case 's':
> + res = isspace(c);
> + break;
> + case 'u':
> + res = isupper(c);
> + break;
> + case 'w':
> + res = isalnum(c);
> + break;
> + case 'x':
> + res = isxdigit(c);
> + break;
> + case 'z':
> + res = (c == 0);
> + break; /* deprecated option */
I think this deprecated option should be removed. It is deprecated in
lua, but here, the code is new. The documentation don't mention it
either.
> + default:
> + return (cl == c);
> + }
> + return (islower(cl) ? res : !res);
> +}
> +
[...]
> Index: server_http.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/httpd/server_http.c,v
> retrieving revision 1.82
> diff -u -p -u -p -r1.82 server_http.c
> --- server_http.c 22 Jun 2015 11:46:06 -0000 1.82
> +++ server_http.c 23 Jun 2015 14:07:16 -0000
> @@ -29,14 +29,16 @@
> #include <string.h>
> #include <unistd.h>
> #include <limits.h>
> +#include <fnmatch.h>
> #include <stdio.h>
> #include <time.h>
> #include <resolv.h>
> #include <event.h>
> -#include <fnmatch.h>
> +#include <ctype.h>
>
> #include "httpd.h"
> #include "http.h"
> +#include "patterns.h"
>
> static int server_httpmethod_cmp(const void *, const void *);
> static int server_httperror_cmp(const void *, const void *);
[...]
> @@ -882,11 +887,34 @@ server_expand_http(struct client *clt, c
> struct http_descriptor *desc = clt->clt_descreq;
> struct server_config *srv_conf = clt->clt_srv_conf;
> char ibuf[128], *str, *path, *query;
> - int ret;
> + const char *errstr = NULL, *p;
> + size_t size;
> + int n, ret;
>
> if (strlcpy(buf, val, len) >= len)
> return (NULL);
>
> + /* Find previously matched substrings by index */
> + for (p = val; clt->clt_srv_match.sm_nmatch &&
> + (p = strstr(p, "%")) != NULL; p++) {
> + if (!isdigit(*(p + 1)))
> + continue;
> +
> + /* Copy number, leading '%' char and add trailing \0 */
> + size = strspn(p + 1, "0123456789") + 2;
> + if (size >= sizeof(ibuf))
> + return (NULL);
> + (void)strlcpy(ibuf, p, size);
> + n = strtonum(ibuf + 1, 0,
> + clt->clt_srv_match.sm_nmatch - 1, &errstr);
> + if (errstr != NULL)
> + return (NULL);
> +
> + /* Expand variable with matched value */
> + if (expand_string(buf, len, ibuf,
> + clt->clt_srv_match.sm_match[n]) != 0)
> + return (NULL);
> + }
the matched substrings should be escaped with url_encoded() before
expansion.
> if (strstr(val, "$DOCUMENT_URI") != NULL) {
> if ((path = url_encode(desc->http_path)) == NULL)
> return (NULL);
--
Sebastien Marie
