2000-09-20 01:32:27 +08:00
|
|
|
/*
|
|
|
|
+----------------------------------------------------------------------+
|
2014-09-20 00:33:14 +08:00
|
|
|
| PHP Version 7 |
|
2000-09-20 01:32:27 +08:00
|
|
|
+----------------------------------------------------------------------+
|
2018-01-02 12:57:58 +08:00
|
|
|
| Copyright (c) 1997-2018 The PHP Group |
|
2000-09-20 01:32:27 +08:00
|
|
|
+----------------------------------------------------------------------+
|
2006-01-01 20:26:08 +08:00
|
|
|
| This source file is subject to version 3.01 of the PHP license, |
|
2000-09-20 01:32:27 +08:00
|
|
|
| that is bundled with this package in the file LICENSE, and is |
|
2003-06-11 04:04:29 +08:00
|
|
|
| available through the world-wide-web at the following url: |
|
2006-01-01 20:26:08 +08:00
|
|
|
| http://www.php.net/license/3_01.txt |
|
2000-09-20 01:32:27 +08:00
|
|
|
| If you did not receive a copy of the PHP license and are unable to |
|
|
|
|
| obtain it through the world-wide-web, please send a note to |
|
|
|
|
| license@php.net so we can mail you a copy immediately. |
|
|
|
|
+----------------------------------------------------------------------+
|
2002-02-28 16:29:35 +08:00
|
|
|
| Author: Sascha Schumann <sascha@schumann.cx> |
|
2016-08-11 07:03:45 +08:00
|
|
|
| Yasuo Ohgaki <yohgaki@ohgaki.net> |
|
2000-09-20 01:32:27 +08:00
|
|
|
+----------------------------------------------------------------------+
|
|
|
|
*/
|
|
|
|
|
2005-01-10 23:20:53 +08:00
|
|
|
/* $Id$ */
|
|
|
|
|
2000-09-20 01:32:27 +08:00
|
|
|
#include "php.h"
|
|
|
|
|
2000-09-20 01:53:09 +08:00
|
|
|
#ifdef HAVE_UNISTD_H
|
2000-09-20 01:32:27 +08:00
|
|
|
#include <unistd.h>
|
2000-09-20 01:53:09 +08:00
|
|
|
#endif
|
2003-03-11 10:28:46 +08:00
|
|
|
#ifdef HAVE_LIMITS_H
|
|
|
|
#include <limits.h>
|
|
|
|
#endif
|
2000-09-20 01:53:09 +08:00
|
|
|
|
2000-09-20 01:32:27 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
#include "SAPI.h"
|
2000-10-17 01:25:36 +08:00
|
|
|
#include "php_ini.h"
|
2000-09-20 01:32:27 +08:00
|
|
|
#include "php_globals.h"
|
2016-08-11 07:03:45 +08:00
|
|
|
#include "php_string.h"
|
2000-09-20 01:32:27 +08:00
|
|
|
#define STATE_TAG SOME_OTHER_STATE_TAG
|
|
|
|
#include "basic_functions.h"
|
2002-05-05 01:14:56 +08:00
|
|
|
#include "url.h"
|
2016-08-11 07:03:45 +08:00
|
|
|
#include "html.h"
|
2000-09-20 01:32:27 +08:00
|
|
|
#undef STATE_TAG
|
|
|
|
|
|
|
|
#define url_scanner url_scanner_ex
|
|
|
|
|
2014-09-21 04:42:02 +08:00
|
|
|
#include "zend_smart_str.h"
|
2000-09-20 02:17:28 +08:00
|
|
|
|
2014-02-17 21:59:18 +08:00
|
|
|
static void tag_dtor(zval *zv)
|
|
|
|
{
|
|
|
|
free(Z_PTR_P(zv));
|
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static int php_ini_on_update_tags(zend_ini_entry *entry, zend_string *new_value, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage, int type)
|
2000-10-17 01:25:36 +08:00
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
url_adapt_state_ex_t *ctx;
|
|
|
|
char *key;
|
|
|
|
char *tmp;
|
2015-01-08 16:28:32 +08:00
|
|
|
char *lasts = NULL;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (type) {
|
|
|
|
ctx = &BG(url_adapt_session_ex);
|
|
|
|
} else {
|
|
|
|
ctx = &BG(url_adapt_output_ex);
|
|
|
|
}
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2015-06-30 09:05:24 +08:00
|
|
|
tmp = estrndup(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
if (ctx->tags)
|
|
|
|
zend_hash_destroy(ctx->tags);
|
2011-07-28 18:52:45 +08:00
|
|
|
else {
|
2000-10-17 11:02:47 +08:00
|
|
|
ctx->tags = malloc(sizeof(HashTable));
|
2011-07-28 18:52:45 +08:00
|
|
|
if (!ctx->tags) {
|
2016-09-02 17:34:50 +08:00
|
|
|
efree(tmp);
|
2011-07-28 18:52:45 +08:00
|
|
|
return FAILURE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-02-17 21:59:18 +08:00
|
|
|
zend_hash_init(ctx->tags, 0, NULL, tag_dtor, 1);
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
for (key = php_strtok_r(tmp, ",", &lasts);
|
2016-08-11 07:03:45 +08:00
|
|
|
key;
|
|
|
|
key = php_strtok_r(NULL, ",", &lasts)) {
|
2000-10-17 11:02:47 +08:00
|
|
|
char *val;
|
|
|
|
|
|
|
|
val = strchr(key, '=');
|
|
|
|
if (val) {
|
|
|
|
char *q;
|
2014-10-27 20:08:21 +08:00
|
|
|
size_t keylen;
|
2017-11-03 16:15:20 +08:00
|
|
|
zend_string *str;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
*val++ = '\0';
|
2016-08-11 07:03:45 +08:00
|
|
|
for (q = key; *q; q++) {
|
2000-10-17 11:02:47 +08:00
|
|
|
*q = tolower(*q);
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
2000-10-17 11:02:47 +08:00
|
|
|
keylen = q - key;
|
2017-11-03 16:15:20 +08:00
|
|
|
str = zend_string_init(key, keylen, 1);
|
|
|
|
GC_MAKE_PERSISTENT_LOCAL(str);
|
|
|
|
zend_hash_add_mem(ctx->tags, str, val, strlen(val)+1);
|
|
|
|
zend_string_release(str);
|
2000-10-17 11:02:47 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
efree(tmp);
|
|
|
|
|
|
|
|
return SUCCESS;
|
2000-10-17 01:25:36 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static PHP_INI_MH(OnUpdateSessionTags)
|
|
|
|
{
|
|
|
|
return php_ini_on_update_tags(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
static PHP_INI_MH(OnUpdateOutputTags)
|
|
|
|
{
|
|
|
|
return php_ini_on_update_tags(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int php_ini_on_update_hosts(zend_ini_entry *entry, zend_string *new_value, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage, int type)
|
|
|
|
{
|
|
|
|
HashTable *hosts;
|
|
|
|
char *key;
|
|
|
|
char *tmp;
|
|
|
|
char *lasts = NULL;
|
|
|
|
|
|
|
|
if (type) {
|
|
|
|
hosts = &BG(url_adapt_session_hosts_ht);
|
|
|
|
} else {
|
|
|
|
hosts = &BG(url_adapt_output_hosts_ht);
|
|
|
|
}
|
|
|
|
zend_hash_clean(hosts);
|
|
|
|
|
|
|
|
/* Use user supplied host whitelist */
|
|
|
|
tmp = estrndup(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
|
|
|
|
for (key = php_strtok_r(tmp, ",", &lasts);
|
|
|
|
key;
|
|
|
|
key = php_strtok_r(NULL, ",", &lasts)) {
|
|
|
|
size_t keylen;
|
|
|
|
zend_string *tmp_key;
|
|
|
|
char *q;
|
|
|
|
|
|
|
|
for (q = key; *q; q++) {
|
|
|
|
*q = tolower(*q);
|
|
|
|
}
|
|
|
|
keylen = q - key;
|
|
|
|
if (keylen > 0) {
|
|
|
|
tmp_key = zend_string_init(key, keylen, 0);
|
|
|
|
zend_hash_add_empty_element(hosts, tmp_key);
|
|
|
|
zend_string_release(tmp_key);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
efree(tmp);
|
|
|
|
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
static PHP_INI_MH(OnUpdateSessionHosts)
|
|
|
|
{
|
|
|
|
return php_ini_on_update_hosts(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
static PHP_INI_MH(OnUpdateOutputHosts)
|
|
|
|
{
|
|
|
|
return php_ini_on_update_hosts(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* FIXME: OnUpdate*Hosts cannot set default to $_SERVER['HTTP_HOST'] at startup */
|
2000-10-17 01:25:36 +08:00
|
|
|
PHP_INI_BEGIN()
|
2016-08-11 07:03:45 +08:00
|
|
|
STD_PHP_INI_ENTRY("session.trans_sid_tags", "a=href,area=href,frame=src,form=", PHP_INI_ALL, OnUpdateSessionTags, url_adapt_session_ex, php_basic_globals, basic_globals)
|
|
|
|
STD_PHP_INI_ENTRY("session.trans_sid_hosts", "", PHP_INI_ALL, OnUpdateSessionHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
|
|
|
|
STD_PHP_INI_ENTRY("url_rewriter.tags", "form=", PHP_INI_ALL, OnUpdateOutputTags, url_adapt_session_ex, php_basic_globals, basic_globals)
|
|
|
|
STD_PHP_INI_ENTRY("url_rewriter.hosts", "", PHP_INI_ALL, OnUpdateOutputHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
|
2000-10-17 01:25:36 +08:00
|
|
|
PHP_INI_END()
|
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
/*!re2c
|
|
|
|
any = [\000-\377];
|
|
|
|
N = (any\[<]);
|
|
|
|
alpha = [a-zA-Z];
|
2007-06-06 08:00:28 +08:00
|
|
|
alphanamespace = [a-zA-Z:];
|
2002-09-25 20:15:22 +08:00
|
|
|
alphadash = ([a-zA-Z] | "-");
|
2001-07-04 23:30:21 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
#define YYFILL(n) goto done
|
|
|
|
#define YYCTYPE unsigned char
|
|
|
|
#define YYCURSOR p
|
|
|
|
#define YYLIMIT q
|
|
|
|
#define YYMARKER r
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2002-05-05 02:33:13 +08:00
|
|
|
static inline void append_modified_url(smart_str *url, smart_str *dest, smart_str *url_app, const char *separator)
|
2000-09-20 01:32:27 +08:00
|
|
|
{
|
2016-08-11 07:03:45 +08:00
|
|
|
php_url *url_parts;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_0(url); /* FIXME: Bug #70480 php_url_parse_ex() crashes by processing chars exceed len */
|
|
|
|
url_parts = php_url_parse_ex(ZSTR_VAL(url->s), ZSTR_LEN(url->s));
|
2000-10-17 11:02:47 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
/* Ignore malformed URLs */
|
|
|
|
if (!url_parts) {
|
|
|
|
smart_str_append_smart_str(dest, url);
|
|
|
|
return;
|
|
|
|
}
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
/* Check protocol. Only http/https is allowed. */
|
|
|
|
if (url_parts->scheme
|
2017-08-06 17:48:05 +08:00
|
|
|
&& !zend_string_equals_literal_ci(url_parts->scheme, "http")
|
|
|
|
&& !zend_string_equals_literal_ci(url_parts->scheme, "https")) {
|
2014-09-22 02:28:44 +08:00
|
|
|
smart_str_append_smart_str(dest, url);
|
2016-08-11 07:03:45 +08:00
|
|
|
php_url_free(url_parts);
|
2000-10-17 11:02:47 +08:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
/* Check host whitelist. If it's not listed, do nothing. */
|
2017-08-06 17:48:05 +08:00
|
|
|
if (url_parts->host) {
|
|
|
|
zend_string *tmp = zend_string_tolower(url_parts->host);
|
|
|
|
if (!zend_hash_exists(&BG(url_adapt_session_hosts_ht), tmp)) {
|
|
|
|
zend_string_release(tmp);
|
|
|
|
smart_str_append_smart_str(dest, url);
|
|
|
|
php_url_free(url_parts);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
zend_string_release(tmp);
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
2000-10-17 11:02:47 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
/*
|
|
|
|
* When URL does not have path and query string add "/?".
|
|
|
|
* i.e. If URL is only "?foo=bar", should not add "/?".
|
|
|
|
*/
|
|
|
|
if (!url_parts->path && !url_parts->query) {
|
|
|
|
/* URL is http://php.net or like */
|
|
|
|
smart_str_append_smart_str(dest, url);
|
|
|
|
smart_str_appendc(dest, '/');
|
|
|
|
smart_str_appendc(dest, '?');
|
|
|
|
smart_str_append_smart_str(dest, url_app);
|
|
|
|
/* There should not be fragment. Just return */
|
|
|
|
php_url_free(url_parts);
|
|
|
|
return;
|
|
|
|
}
|
2000-10-17 11:02:47 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (url_parts->scheme) {
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->scheme));
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appends(dest, "://");
|
|
|
|
} else if (*(ZSTR_VAL(url->s)) == '/' && *(ZSTR_VAL(url->s)+1) == '/') {
|
|
|
|
smart_str_appends(dest, "//");
|
|
|
|
}
|
|
|
|
if (url_parts->user) {
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->user));
|
2016-08-11 07:03:45 +08:00
|
|
|
if (url_parts->pass) {
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->pass));
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appendc(dest, ':');
|
|
|
|
}
|
|
|
|
smart_str_appendc(dest, '@');
|
|
|
|
}
|
|
|
|
if (url_parts->host) {
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->host));
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
|
|
|
if (url_parts->port) {
|
|
|
|
smart_str_appendc(dest, ':');
|
|
|
|
smart_str_append_unsigned(dest, (long)url_parts->port);
|
|
|
|
}
|
|
|
|
if (url_parts->path) {
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->path));
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
|
|
|
smart_str_appendc(dest, '?');
|
|
|
|
if (url_parts->query) {
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->query));
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appends(dest, separator);
|
|
|
|
smart_str_append_smart_str(dest, url_app);
|
|
|
|
} else {
|
|
|
|
smart_str_append_smart_str(dest, url_app);
|
|
|
|
}
|
|
|
|
if (url_parts->fragment) {
|
|
|
|
smart_str_appendc(dest, '#');
|
2017-08-06 17:48:05 +08:00
|
|
|
smart_str_appends(dest, ZSTR_VAL(url_parts->fragment));
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
|
|
|
php_url_free(url_parts);
|
2000-09-20 01:32:27 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
enum {
|
|
|
|
TAG_NORMAL = 0,
|
|
|
|
TAG_FORM
|
|
|
|
};
|
|
|
|
|
|
|
|
enum {
|
|
|
|
ATTR_NORMAL = 0,
|
|
|
|
ATTR_ACTION
|
|
|
|
};
|
2001-09-09 22:38:12 +08:00
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
#undef YYFILL
|
|
|
|
#undef YYCTYPE
|
|
|
|
#undef YYCURSOR
|
|
|
|
#undef YYLIMIT
|
|
|
|
#undef YYMARKER
|
|
|
|
|
2014-12-14 06:06:14 +08:00
|
|
|
static inline void tag_arg(url_adapt_state_ex_t *ctx, char quotes, char type)
|
2000-09-20 01:32:27 +08:00
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
char f = 0;
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
/* arg.s is string WITHOUT NUL.
|
|
|
|
To avoid partial match, NUL is added here */
|
|
|
|
ZSTR_VAL(ctx->arg.s)[ZSTR_LEN(ctx->arg.s)] = '\0';
|
|
|
|
if (!strcasecmp(ZSTR_VAL(ctx->arg.s), ctx->lookup_data)) {
|
2000-10-17 11:02:47 +08:00
|
|
|
f = 1;
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
2000-10-17 11:02:47 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (quotes) {
|
2002-03-26 18:23:33 +08:00
|
|
|
smart_str_appendc(&ctx->result, type);
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
2000-10-17 11:02:47 +08:00
|
|
|
if (f) {
|
2002-05-05 02:33:13 +08:00
|
|
|
append_modified_url(&ctx->val, &ctx->result, &ctx->url_app, PG(arg_separator).output);
|
2000-10-17 11:02:47 +08:00
|
|
|
} else {
|
2014-09-22 02:28:44 +08:00
|
|
|
smart_str_append_smart_str(&ctx->result, &ctx->val);
|
2000-10-17 11:02:47 +08:00
|
|
|
}
|
2016-08-11 07:03:45 +08:00
|
|
|
if (quotes) {
|
2002-03-26 18:23:33 +08:00
|
|
|
smart_str_appendc(&ctx->result, type);
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
2000-09-20 01:32:27 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
enum {
|
2001-07-04 23:30:21 +08:00
|
|
|
STATE_PLAIN = 0,
|
2000-10-17 11:02:47 +08:00
|
|
|
STATE_TAG,
|
|
|
|
STATE_NEXT_ARG,
|
|
|
|
STATE_ARG,
|
|
|
|
STATE_BEFORE_VAL,
|
|
|
|
STATE_VAL
|
2000-09-20 01:32:27 +08:00
|
|
|
};
|
|
|
|
|
2000-09-20 09:15:10 +08:00
|
|
|
#define YYFILL(n) goto stop
|
2000-10-05 02:06:20 +08:00
|
|
|
#define YYCTYPE unsigned char
|
2000-09-20 09:15:10 +08:00
|
|
|
#define YYCURSOR xp
|
|
|
|
#define YYLIMIT end
|
|
|
|
#define YYMARKER q
|
|
|
|
#define STATE ctx->state
|
|
|
|
|
2014-12-14 21:07:59 +08:00
|
|
|
#define STD_PARA url_adapt_state_ex_t *ctx, char *start, char *YYCURSOR
|
|
|
|
#define STD_ARGS ctx, start, xp
|
2000-12-04 20:26:53 +08:00
|
|
|
|
2002-09-25 20:15:22 +08:00
|
|
|
#if SCANNER_DEBUG
|
|
|
|
#define scdebug(x) printf x
|
|
|
|
#else
|
|
|
|
#define scdebug(x)
|
|
|
|
#endif
|
|
|
|
|
2015-01-03 17:22:58 +08:00
|
|
|
static inline void passthru(STD_PARA)
|
2000-12-04 20:26:53 +08:00
|
|
|
{
|
2002-09-25 20:15:22 +08:00
|
|
|
scdebug(("appending %d chars, starting with %c\n", YYCURSOR-start, *start));
|
2000-12-04 20:26:53 +08:00
|
|
|
smart_str_appendl(&ctx->result, start, YYCURSOR - start);
|
2000-09-20 09:15:10 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
|
|
|
|
static int check_http_host(char *target)
|
|
|
|
{
|
|
|
|
zval *host, *tmp;
|
|
|
|
zend_string *host_tmp;
|
|
|
|
char *colon;
|
|
|
|
|
|
|
|
if ((tmp = zend_hash_str_find(&EG(symbol_table), ZEND_STRL("_SERVER"))) &&
|
|
|
|
(host = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("HTTP_HOST"))) &&
|
|
|
|
Z_TYPE_P(host) == IS_STRING) {
|
|
|
|
host_tmp = zend_string_init(Z_STRVAL_P(host), Z_STRLEN_P(host), 0);
|
|
|
|
/* HTTP_HOST could be 'localhost:8888' etc. */
|
|
|
|
colon = strchr(ZSTR_VAL(host_tmp), ':');
|
|
|
|
if (colon) {
|
|
|
|
ZSTR_LEN(host_tmp) = colon - ZSTR_VAL(host_tmp);
|
|
|
|
ZSTR_VAL(host_tmp)[ZSTR_LEN(host_tmp)] = '\0';
|
|
|
|
}
|
|
|
|
if (!strcasecmp(ZSTR_VAL(host_tmp), target)) {
|
|
|
|
zend_string_release(host_tmp);
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
zend_string_release(host_tmp);
|
|
|
|
}
|
|
|
|
return FAILURE;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int check_host_whitelist(url_adapt_state_ex_t *ctx)
|
|
|
|
{
|
|
|
|
php_url *url_parts = NULL;
|
|
|
|
HashTable *allowed_hosts = ctx->type ? &BG(url_adapt_session_hosts_ht) : &BG(url_adapt_output_hosts_ht);
|
|
|
|
|
|
|
|
ZEND_ASSERT(ctx->tag_type == TAG_FORM);
|
|
|
|
|
|
|
|
if (ctx->attr_val.s && ZSTR_LEN(ctx->attr_val.s)) {
|
|
|
|
url_parts = php_url_parse_ex(ZSTR_VAL(ctx->attr_val.s), ZSTR_LEN(ctx->attr_val.s));
|
|
|
|
} else {
|
|
|
|
return SUCCESS; /* empty URL is valid */
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!url_parts) {
|
|
|
|
return FAILURE;
|
|
|
|
}
|
|
|
|
if (url_parts->scheme) {
|
|
|
|
/* Only http/https should be handled.
|
|
|
|
A bit hacky check this here, but saves a URL parse. */
|
2017-08-06 17:48:05 +08:00
|
|
|
if (!zend_string_equals_literal_ci(url_parts->scheme, "http") &&
|
|
|
|
!zend_string_equals_literal_ci(url_parts->scheme, "https")) {
|
2016-08-11 07:03:45 +08:00
|
|
|
php_url_free(url_parts);
|
|
|
|
return FAILURE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!url_parts->host) {
|
|
|
|
php_url_free(url_parts);
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
if (!zend_hash_num_elements(allowed_hosts) &&
|
2017-08-06 17:48:05 +08:00
|
|
|
check_http_host(ZSTR_VAL(url_parts->host)) == SUCCESS) {
|
2016-08-11 07:03:45 +08:00
|
|
|
php_url_free(url_parts);
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
2017-08-06 17:48:05 +08:00
|
|
|
if (!zend_hash_find(allowed_hosts, url_parts->host)) {
|
2016-08-11 07:03:45 +08:00
|
|
|
php_url_free(url_parts);
|
|
|
|
return FAILURE;
|
|
|
|
}
|
|
|
|
php_url_free(url_parts);
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
|
2002-09-25 19:06:24 +08:00
|
|
|
/*
|
2016-08-11 07:03:45 +08:00
|
|
|
* This function appends a hidden input field after a <form>.
|
2002-09-25 19:06:24 +08:00
|
|
|
*/
|
2015-01-03 17:22:58 +08:00
|
|
|
static void handle_form(STD_PARA)
|
2000-12-04 20:26:53 +08:00
|
|
|
{
|
2002-09-25 19:06:24 +08:00
|
|
|
int doit = 0;
|
|
|
|
|
2015-06-30 09:05:24 +08:00
|
|
|
if (ZSTR_LEN(ctx->form_app.s) > 0) {
|
|
|
|
switch (ZSTR_LEN(ctx->tag.s)) {
|
2007-10-10 08:34:40 +08:00
|
|
|
case sizeof("form") - 1:
|
2016-08-11 07:03:45 +08:00
|
|
|
if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "form", ZSTR_LEN(ctx->tag.s))
|
|
|
|
&& check_host_whitelist(ctx) == SUCCESS) {
|
2015-01-03 17:22:58 +08:00
|
|
|
doit = 1;
|
2007-10-10 08:34:40 +08:00
|
|
|
}
|
|
|
|
break;
|
2002-09-25 19:06:24 +08:00
|
|
|
}
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
2002-09-25 19:06:24 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (doit) {
|
|
|
|
smart_str_append_smart_str(&ctx->result, &ctx->form_app);
|
2000-12-04 20:26:53 +08:00
|
|
|
}
|
2000-09-20 09:15:10 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2015-01-03 17:22:58 +08:00
|
|
|
* HANDLE_TAG copies the HTML Tag and checks whether we
|
2000-09-20 09:15:10 +08:00
|
|
|
* have that tag in our table. If we might modify it,
|
|
|
|
* we continue to scan the tag, otherwise we simply copy the complete
|
|
|
|
* HTML stuff to the result buffer.
|
|
|
|
*/
|
|
|
|
|
2015-01-03 17:22:58 +08:00
|
|
|
static inline void handle_tag(STD_PARA)
|
2000-12-04 20:26:53 +08:00
|
|
|
{
|
|
|
|
int ok = 0;
|
2010-09-23 11:45:36 +08:00
|
|
|
unsigned int i;
|
2000-12-04 20:26:53 +08:00
|
|
|
|
2014-03-18 15:18:40 +08:00
|
|
|
if (ctx->tag.s) {
|
2015-06-30 09:05:24 +08:00
|
|
|
ZSTR_LEN(ctx->tag.s) = 0;
|
2014-03-18 15:18:40 +08:00
|
|
|
}
|
2000-12-04 20:26:53 +08:00
|
|
|
smart_str_appendl(&ctx->tag, start, YYCURSOR - start);
|
2015-06-30 09:05:24 +08:00
|
|
|
for (i = 0; i < ZSTR_LEN(ctx->tag.s); i++)
|
|
|
|
ZSTR_VAL(ctx->tag.s)[i] = tolower((int)(unsigned char)ZSTR_VAL(ctx->tag.s)[i]);
|
2014-02-18 17:42:46 +08:00
|
|
|
/* intentionally using str_find here, in case the hash value is set, but the string val is changed later */
|
2016-08-11 07:03:45 +08:00
|
|
|
if ((ctx->lookup_data = zend_hash_str_find_ptr(ctx->tags, ZSTR_VAL(ctx->tag.s), ZSTR_LEN(ctx->tag.s))) != NULL) {
|
2000-12-04 20:26:53 +08:00
|
|
|
ok = 1;
|
2016-08-11 07:03:45 +08:00
|
|
|
if (ZSTR_LEN(ctx->tag.s) == sizeof("form")-1
|
|
|
|
&& !strncasecmp(ZSTR_VAL(ctx->tag.s), "form", ZSTR_LEN(ctx->tag.s))) {
|
|
|
|
ctx->tag_type = TAG_FORM;
|
|
|
|
} else {
|
|
|
|
ctx->tag_type = TAG_NORMAL;
|
|
|
|
}
|
|
|
|
}
|
2000-12-04 20:26:53 +08:00
|
|
|
STATE = ok ? STATE_NEXT_ARG : STATE_PLAIN;
|
2000-09-20 09:15:10 +08:00
|
|
|
}
|
|
|
|
|
2015-01-03 17:22:58 +08:00
|
|
|
static inline void handle_arg(STD_PARA)
|
2000-12-04 20:26:53 +08:00
|
|
|
{
|
2014-03-18 15:18:40 +08:00
|
|
|
if (ctx->arg.s) {
|
2015-06-30 09:05:24 +08:00
|
|
|
ZSTR_LEN(ctx->arg.s) = 0;
|
2014-03-18 15:18:40 +08:00
|
|
|
}
|
2000-12-04 20:26:53 +08:00
|
|
|
smart_str_appendl(&ctx->arg, start, YYCURSOR - start);
|
2016-08-11 07:03:45 +08:00
|
|
|
if (ctx->tag_type == TAG_FORM &&
|
|
|
|
strncasecmp(ZSTR_VAL(ctx->arg.s), "action", ZSTR_LEN(ctx->arg.s)) == 0) {
|
|
|
|
ctx->attr_type = ATTR_ACTION;
|
|
|
|
} else {
|
|
|
|
ctx->attr_type = ATTR_NORMAL;
|
|
|
|
}
|
2000-09-20 09:15:10 +08:00
|
|
|
}
|
2000-12-04 20:26:53 +08:00
|
|
|
|
2015-01-03 17:22:58 +08:00
|
|
|
static inline void handle_val(STD_PARA, char quotes, char type)
|
2000-12-04 20:26:53 +08:00
|
|
|
{
|
|
|
|
smart_str_setl(&ctx->val, start + quotes, YYCURSOR - start - quotes * 2);
|
2016-08-11 07:03:45 +08:00
|
|
|
if (ctx->tag_type == TAG_FORM && ctx->attr_type == ATTR_ACTION) {
|
|
|
|
smart_str_setl(&ctx->attr_val, start + quotes, YYCURSOR - start - quotes * 2);
|
|
|
|
}
|
2014-12-14 06:06:14 +08:00
|
|
|
tag_arg(ctx, quotes, type);
|
2000-09-20 09:15:10 +08:00
|
|
|
}
|
|
|
|
|
2014-12-14 06:06:14 +08:00
|
|
|
static inline void xx_mainloop(url_adapt_state_ex_t *ctx, const char *newdata, size_t newlen)
|
2000-09-20 01:32:27 +08:00
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
char *end, *q;
|
|
|
|
char *xp;
|
|
|
|
char *start;
|
2014-10-27 20:08:21 +08:00
|
|
|
size_t rest;
|
2000-09-20 01:32:27 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
smart_str_appendl(&ctx->buf, newdata, newlen);
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2015-06-30 09:05:24 +08:00
|
|
|
YYCURSOR = ZSTR_VAL(ctx->buf.s);
|
|
|
|
YYLIMIT = ZSTR_VAL(ctx->buf.s) + ZSTR_LEN(ctx->buf.s);
|
2000-09-20 04:19:03 +08:00
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
switch (STATE) {
|
|
|
|
case STATE_PLAIN: goto state_plain;
|
|
|
|
case STATE_TAG: goto state_tag;
|
|
|
|
case STATE_NEXT_ARG: goto state_next_arg;
|
|
|
|
case STATE_ARG: goto state_arg;
|
|
|
|
case STATE_BEFORE_VAL: goto state_before_val;
|
|
|
|
case STATE_VAL: goto state_val;
|
|
|
|
}
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
|
|
|
|
state_plain_begin:
|
|
|
|
STATE = STATE_PLAIN;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
state_plain:
|
|
|
|
start = YYCURSOR;
|
2000-09-20 01:32:27 +08:00
|
|
|
/*!re2c
|
2001-07-04 23:30:21 +08:00
|
|
|
"<" { passthru(STD_ARGS); STATE = STATE_TAG; goto state_tag; }
|
|
|
|
N+ { passthru(STD_ARGS); goto state_plain; }
|
2000-09-20 01:32:27 +08:00
|
|
|
*/
|
2001-07-04 23:30:21 +08:00
|
|
|
|
2015-01-03 17:22:58 +08:00
|
|
|
state_tag:
|
2001-07-04 23:30:21 +08:00
|
|
|
start = YYCURSOR;
|
2000-09-20 01:32:27 +08:00
|
|
|
/*!re2c
|
2007-06-06 08:00:28 +08:00
|
|
|
alphanamespace+ { handle_tag(STD_ARGS); /* Sets STATE */; passthru(STD_ARGS); if (STATE == STATE_PLAIN) goto state_plain; else goto state_next_arg; }
|
2001-07-04 23:30:21 +08:00
|
|
|
any { passthru(STD_ARGS); goto state_plain_begin; }
|
2000-09-20 01:32:27 +08:00
|
|
|
*/
|
2001-07-04 23:30:21 +08:00
|
|
|
|
|
|
|
state_next_arg_begin:
|
|
|
|
STATE = STATE_NEXT_ARG;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
state_next_arg:
|
|
|
|
start = YYCURSOR;
|
2000-09-20 01:32:27 +08:00
|
|
|
/*!re2c
|
2013-07-17 23:07:26 +08:00
|
|
|
[/]? [>] { passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
|
2006-02-28 22:45:18 +08:00
|
|
|
[ \v\r\t\n]+ { passthru(STD_ARGS); goto state_next_arg; }
|
2001-07-04 23:30:21 +08:00
|
|
|
alpha { --YYCURSOR; STATE = STATE_ARG; goto state_arg; }
|
|
|
|
any { passthru(STD_ARGS); goto state_plain_begin; }
|
2000-09-20 01:32:27 +08:00
|
|
|
*/
|
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
state_arg:
|
|
|
|
start = YYCURSOR;
|
2000-09-20 01:32:27 +08:00
|
|
|
/*!re2c
|
2002-09-25 20:15:22 +08:00
|
|
|
alpha alphadash* { passthru(STD_ARGS); handle_arg(STD_ARGS); STATE = STATE_BEFORE_VAL; goto state_before_val; }
|
2001-07-04 23:30:21 +08:00
|
|
|
any { passthru(STD_ARGS); STATE = STATE_NEXT_ARG; goto state_next_arg; }
|
2000-09-20 09:15:10 +08:00
|
|
|
*/
|
2000-09-20 02:00:58 +08:00
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
state_before_val:
|
|
|
|
start = YYCURSOR;
|
2000-09-20 09:15:10 +08:00
|
|
|
/*!re2c
|
2001-07-04 23:30:21 +08:00
|
|
|
[ ]* "=" [ ]* { passthru(STD_ARGS); STATE = STATE_VAL; goto state_val; }
|
|
|
|
any { --YYCURSOR; goto state_next_arg_begin; }
|
2000-09-20 01:32:27 +08:00
|
|
|
*/
|
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
|
|
|
|
state_val:
|
|
|
|
start = YYCURSOR;
|
2000-09-20 01:32:27 +08:00
|
|
|
/*!re2c
|
2001-07-04 23:30:21 +08:00
|
|
|
["] (any\[">])* ["] { handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
|
|
|
|
['] (any\['>])* ['] { handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
|
2013-07-17 23:07:26 +08:00
|
|
|
(any\[ \r\t\n>'"])+ { handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
|
2001-07-04 23:30:21 +08:00
|
|
|
any { passthru(STD_ARGS); goto state_next_arg_begin; }
|
2000-09-20 01:32:27 +08:00
|
|
|
*/
|
|
|
|
|
2000-09-20 09:15:10 +08:00
|
|
|
stop:
|
2014-10-27 20:08:21 +08:00
|
|
|
if (YYLIMIT < start) {
|
2015-01-03 17:22:58 +08:00
|
|
|
/* XXX: Crash avoidance. Need to work with reporter to figure out what goes wrong */
|
2014-10-27 20:08:21 +08:00
|
|
|
rest = 0;
|
|
|
|
} else {
|
|
|
|
rest = YYLIMIT - start;
|
|
|
|
scdebug(("stopped in state %d at pos %d (%d:%c) %d\n", STATE, YYCURSOR - ctx->buf.c, *YYCURSOR, *YYCURSOR, rest));
|
|
|
|
}
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2015-06-30 09:05:24 +08:00
|
|
|
if (rest) memmove(ZSTR_VAL(ctx->buf.s), start, rest);
|
|
|
|
ZSTR_LEN(ctx->buf.s) = rest;
|
2000-09-20 01:32:27 +08:00
|
|
|
}
|
|
|
|
|
2015-02-02 11:53:41 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int encode)
|
2002-05-06 00:39:49 +08:00
|
|
|
{
|
2014-02-18 17:42:46 +08:00
|
|
|
char *result;
|
2002-05-06 00:39:49 +08:00
|
|
|
smart_str surl = {0};
|
|
|
|
smart_str buf = {0};
|
|
|
|
smart_str url_app = {0};
|
2015-02-02 11:53:41 +08:00
|
|
|
zend_string *encoded;
|
2002-05-06 00:39:49 +08:00
|
|
|
|
2015-02-02 11:53:41 +08:00
|
|
|
smart_str_appendl(&surl, url, urllen);
|
2002-05-06 00:39:49 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (encode) {
|
2015-02-02 11:53:41 +08:00
|
|
|
encoded = php_raw_url_encode(name, strlen(name));
|
2015-06-30 09:05:24 +08:00
|
|
|
smart_str_appendl(&url_app, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
|
2015-02-02 11:53:41 +08:00
|
|
|
zend_string_free(encoded);
|
|
|
|
} else {
|
|
|
|
smart_str_appends(&url_app, name);
|
|
|
|
}
|
2002-05-06 00:39:49 +08:00
|
|
|
smart_str_appendc(&url_app, '=');
|
2016-08-11 07:03:45 +08:00
|
|
|
if (encode) {
|
2015-02-02 11:53:41 +08:00
|
|
|
encoded = php_raw_url_encode(value, strlen(value));
|
2015-06-30 09:05:24 +08:00
|
|
|
smart_str_appendl(&url_app, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
|
2015-02-02 11:53:41 +08:00
|
|
|
zend_string_free(encoded);
|
|
|
|
} else {
|
|
|
|
smart_str_appends(&url_app, value);
|
|
|
|
}
|
2002-05-06 00:39:49 +08:00
|
|
|
|
|
|
|
append_modified_url(&surl, &buf, &url_app, PG(arg_separator).output);
|
|
|
|
|
|
|
|
smart_str_0(&buf);
|
2015-06-30 09:05:24 +08:00
|
|
|
if (newlen) *newlen = ZSTR_LEN(buf.s);
|
|
|
|
result = estrndup(ZSTR_VAL(buf.s), ZSTR_LEN(buf.s));
|
2002-05-06 00:39:49 +08:00
|
|
|
|
|
|
|
smart_str_free(&url_app);
|
2014-02-18 17:42:46 +08:00
|
|
|
smart_str_free(&buf);
|
2002-05-06 00:39:49 +08:00
|
|
|
|
2014-02-18 17:42:46 +08:00
|
|
|
return result;
|
2002-05-06 00:39:49 +08:00
|
|
|
}
|
|
|
|
|
2001-07-04 23:30:21 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static char *url_adapt_ext(const char *src, size_t srclen, size_t *newlen, zend_bool do_flush, url_adapt_state_ex_t *ctx)
|
2000-09-20 01:32:27 +08:00
|
|
|
{
|
2001-08-27 08:23:55 +08:00
|
|
|
char *retval;
|
2000-10-17 11:02:47 +08:00
|
|
|
|
2014-12-14 06:06:14 +08:00
|
|
|
xx_mainloop(ctx, src, srclen);
|
2000-10-17 11:02:47 +08:00
|
|
|
|
2014-02-18 17:42:46 +08:00
|
|
|
if (!ctx->result.s) {
|
2001-07-04 23:30:21 +08:00
|
|
|
smart_str_appendl(&ctx->result, "", 0);
|
2014-03-18 15:18:40 +08:00
|
|
|
*newlen = 0;
|
|
|
|
} else {
|
2015-06-30 09:05:24 +08:00
|
|
|
*newlen = ZSTR_LEN(ctx->result.s);
|
2001-08-25 23:57:42 +08:00
|
|
|
}
|
2000-10-17 11:02:47 +08:00
|
|
|
smart_str_0(&ctx->result);
|
2001-08-25 23:57:42 +08:00
|
|
|
if (do_flush) {
|
2014-09-22 02:47:07 +08:00
|
|
|
smart_str_append(&ctx->result, ctx->buf.s);
|
2015-06-30 09:05:24 +08:00
|
|
|
*newlen += ZSTR_LEN(ctx->buf.s);
|
2001-08-27 08:23:55 +08:00
|
|
|
smart_str_free(&ctx->buf);
|
2014-03-18 15:18:40 +08:00
|
|
|
smart_str_free(&ctx->val);
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_free(&ctx->attr_val);
|
2001-08-25 23:57:42 +08:00
|
|
|
}
|
2015-06-30 09:05:24 +08:00
|
|
|
retval = estrndup(ZSTR_VAL(ctx->result.s), ZSTR_LEN(ctx->result.s));
|
2014-02-18 17:42:46 +08:00
|
|
|
smart_str_free(&ctx->result);
|
2001-08-27 08:23:55 +08:00
|
|
|
return retval;
|
2000-09-20 01:32:27 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static int php_url_scanner_ex_activate(int type)
|
2000-09-20 01:32:27 +08:00
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
url_adapt_state_ex_t *ctx;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (type) {
|
|
|
|
ctx = &BG(url_adapt_session_ex);
|
|
|
|
} else {
|
|
|
|
ctx = &BG(url_adapt_output_ex);
|
|
|
|
}
|
2000-10-17 04:08:27 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
memset(ctx, 0, ((size_t) &((url_adapt_state_ex_t *)0)->tags));
|
2000-09-20 01:32:27 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
return SUCCESS;
|
2000-09-20 01:32:27 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static int php_url_scanner_ex_deactivate(int type)
|
2000-09-20 01:32:27 +08:00
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
url_adapt_state_ex_t *ctx;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (type) {
|
|
|
|
ctx = &BG(url_adapt_session_ex);
|
|
|
|
} else {
|
|
|
|
ctx = &BG(url_adapt_output_ex);
|
|
|
|
}
|
2000-09-20 01:32:27 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
smart_str_free(&ctx->result);
|
|
|
|
smart_str_free(&ctx->buf);
|
|
|
|
smart_str_free(&ctx->tag);
|
|
|
|
smart_str_free(&ctx->arg);
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_free(&ctx->attr_val);
|
2000-10-17 04:08:27 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
return SUCCESS;
|
2000-09-20 01:32:27 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static inline void php_url_scanner_session_handler_impl(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode, int type)
|
2002-05-03 16:00:41 +08:00
|
|
|
{
|
2003-03-11 10:28:46 +08:00
|
|
|
size_t len;
|
2016-08-11 07:03:45 +08:00
|
|
|
url_adapt_state_ex_t *url_state;
|
|
|
|
|
|
|
|
if (type) {
|
|
|
|
url_state = &BG(url_adapt_session_ex);
|
|
|
|
} else {
|
|
|
|
url_state = &BG(url_adapt_output_ex);
|
|
|
|
}
|
2003-03-11 10:28:46 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (ZSTR_LEN(url_state->url_app.s) != 0) {
|
|
|
|
*handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & (PHP_OUTPUT_HANDLER_END | PHP_OUTPUT_HANDLER_CONT | PHP_OUTPUT_HANDLER_FLUSH | PHP_OUTPUT_HANDLER_FINAL) ? 1 : 0), url_state);
|
2003-03-11 10:28:46 +08:00
|
|
|
if (sizeof(uint) < sizeof(size_t)) {
|
|
|
|
if (len > UINT_MAX)
|
|
|
|
len = UINT_MAX;
|
|
|
|
}
|
|
|
|
*handled_output_len = len;
|
2016-08-11 07:03:45 +08:00
|
|
|
} else if (ZSTR_LEN(url_state->url_app.s) == 0) {
|
|
|
|
url_adapt_state_ex_t *ctx = url_state;
|
2015-06-30 09:05:24 +08:00
|
|
|
if (ctx->buf.s && ZSTR_LEN(ctx->buf.s)) {
|
2014-09-22 02:47:07 +08:00
|
|
|
smart_str_append(&ctx->result, ctx->buf.s);
|
2004-07-23 10:05:49 +08:00
|
|
|
smart_str_appendl(&ctx->result, output, output_len);
|
|
|
|
|
2015-06-30 09:05:24 +08:00
|
|
|
*handled_output = estrndup(ZSTR_VAL(ctx->result.s), ZSTR_LEN(ctx->result.s));
|
|
|
|
*handled_output_len = ZSTR_LEN(ctx->buf.s) + output_len;
|
2004-07-23 10:05:49 +08:00
|
|
|
|
|
|
|
smart_str_free(&ctx->buf);
|
2014-02-18 17:42:46 +08:00
|
|
|
smart_str_free(&ctx->result);
|
2004-07-23 10:05:49 +08:00
|
|
|
} else {
|
2011-05-24 13:06:53 +08:00
|
|
|
*handled_output = estrndup(output, *handled_output_len = output_len);
|
2004-07-23 10:05:49 +08:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
*handled_output = NULL;
|
|
|
|
}
|
2002-05-03 16:00:41 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
static void php_url_scanner_session_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
|
|
|
|
{
|
|
|
|
php_url_scanner_session_handler_impl(output, output_len, handled_output, handled_output_len, mode, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void php_url_scanner_output_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
|
|
|
|
{
|
|
|
|
php_url_scanner_session_handler_impl(output, output_len, handled_output, handled_output_len, mode, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int php_url_scanner_add_var_impl(char *name, size_t name_len, char *value, size_t value_len, int encode, int type)
|
2002-05-03 16:00:41 +08:00
|
|
|
{
|
2015-02-02 11:53:41 +08:00
|
|
|
smart_str sname = {0};
|
|
|
|
smart_str svalue = {0};
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str hname = {0};
|
|
|
|
smart_str hvalue = {0};
|
2014-03-03 16:34:43 +08:00
|
|
|
zend_string *encoded;
|
2016-08-11 07:03:45 +08:00
|
|
|
url_adapt_state_ex_t *url_state;
|
|
|
|
php_output_handler_func_t handler;
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (type) {
|
|
|
|
url_state = &BG(url_adapt_session_ex);
|
|
|
|
handler = php_url_scanner_session_handler;
|
|
|
|
} else {
|
|
|
|
url_state = &BG(url_adapt_output_ex);
|
|
|
|
handler = php_url_scanner_output_handler;
|
2002-05-03 16:00:41 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (!url_state->active) {
|
|
|
|
php_url_scanner_ex_activate(type);
|
|
|
|
php_output_start_internal(ZEND_STRL("URL-Rewriter"), handler, 0, PHP_OUTPUT_HANDLER_STDFLAGS);
|
|
|
|
url_state->active = 1;
|
2002-05-05 02:33:13 +08:00
|
|
|
}
|
2002-05-03 16:00:41 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
if (url_state->url_app.s && ZSTR_LEN(url_state->url_app.s) != 0) {
|
|
|
|
smart_str_appends(&url_state->url_app, PG(arg_separator).output);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (encode) {
|
2015-02-02 11:53:41 +08:00
|
|
|
encoded = php_raw_url_encode(name, name_len);
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
|
2015-02-02 11:53:41 +08:00
|
|
|
encoded = php_raw_url_encode(value, value_len);
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appendl(&svalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
|
|
|
|
encoded = php_escape_html_entities_ex((unsigned char*)name, name_len, 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
|
|
|
|
smart_str_appendl(&hname, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
|
|
|
|
encoded = php_escape_html_entities_ex((unsigned char*)value, value_len, 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
|
|
|
|
smart_str_appendl(&hvalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
|
2002-05-03 16:00:41 +08:00
|
|
|
} else {
|
2015-02-02 11:53:41 +08:00
|
|
|
smart_str_appendl(&sname, name, name_len);
|
|
|
|
smart_str_appendl(&svalue, value, value_len);
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appendl(&hname, name, name_len);
|
|
|
|
smart_str_appendl(&hvalue, value, value_len);
|
2002-05-03 16:00:41 +08:00
|
|
|
}
|
2015-01-03 17:22:58 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_append_smart_str(&url_state->url_app, &sname);
|
|
|
|
smart_str_appendc(&url_state->url_app, '=');
|
|
|
|
smart_str_append_smart_str(&url_state->url_app, &svalue);
|
2002-05-05 02:33:13 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_appends(&url_state->form_app, "<input type=\"hidden\" name=\"");
|
|
|
|
smart_str_append_smart_str(&url_state->form_app, &hname);
|
|
|
|
smart_str_appends(&url_state->form_app, "\" value=\"");
|
|
|
|
smart_str_append_smart_str(&url_state->form_app, &hvalue);
|
|
|
|
smart_str_appends(&url_state->form_app, "\" />");
|
2002-05-05 02:33:13 +08:00
|
|
|
|
2015-02-02 11:53:41 +08:00
|
|
|
smart_str_free(&sname);
|
|
|
|
smart_str_free(&svalue);
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_free(&hname);
|
|
|
|
smart_str_free(&hvalue);
|
2002-05-03 16:00:41 +08:00
|
|
|
|
2002-05-05 02:33:13 +08:00
|
|
|
return SUCCESS;
|
2002-05-03 16:00:41 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
|
|
|
|
PHPAPI int php_url_scanner_add_session_var(char *name, size_t name_len, char *value, size_t value_len, int encode)
|
|
|
|
{
|
|
|
|
return php_url_scanner_add_var_impl(name, name_len, value, value_len, encode, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int encode)
|
2002-05-03 16:00:41 +08:00
|
|
|
{
|
2016-08-11 07:03:45 +08:00
|
|
|
return php_url_scanner_add_var_impl(name, name_len, value, value_len, encode, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static inline void php_url_scanner_reset_vars_impl(int type) {
|
|
|
|
url_adapt_state_ex_t *url_state;
|
|
|
|
|
|
|
|
if (type) {
|
|
|
|
url_state = &BG(url_adapt_session_ex);
|
|
|
|
} else {
|
|
|
|
url_state = &BG(url_adapt_output_ex);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (url_state->form_app.s) {
|
|
|
|
ZSTR_LEN(url_state->form_app.s) = 0;
|
2014-03-28 18:46:25 +08:00
|
|
|
}
|
2016-08-11 07:03:45 +08:00
|
|
|
if (url_state->url_app.s) {
|
|
|
|
ZSTR_LEN(url_state->url_app.s) = 0;
|
2014-03-28 18:46:25 +08:00
|
|
|
}
|
2016-08-11 07:03:45 +08:00
|
|
|
}
|
|
|
|
|
2002-05-03 16:00:41 +08:00
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
PHPAPI int php_url_scanner_reset_session_vars(void)
|
|
|
|
{
|
|
|
|
php_url_scanner_reset_vars_impl(1);
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PHPAPI int php_url_scanner_reset_vars(void)
|
|
|
|
{
|
|
|
|
php_url_scanner_reset_vars_impl(0);
|
2005-04-03 20:19:23 +08:00
|
|
|
return SUCCESS;
|
2002-05-03 16:00:41 +08:00
|
|
|
}
|
|
|
|
|
2016-08-11 07:03:45 +08:00
|
|
|
|
|
|
|
static inline int php_url_scanner_reset_var_impl(zend_string *name, int encode, int type)
|
|
|
|
{
|
|
|
|
char *start, *end, *limit;
|
|
|
|
size_t separator_len;
|
|
|
|
smart_str sname = {0};
|
|
|
|
smart_str hname = {0};
|
|
|
|
smart_str url_app = {0};
|
|
|
|
smart_str form_app = {0};
|
|
|
|
zend_string *encoded;
|
|
|
|
int ret = SUCCESS;
|
|
|
|
zend_bool sep_removed = 0;
|
|
|
|
url_adapt_state_ex_t *url_state;
|
|
|
|
|
|
|
|
if (type) {
|
|
|
|
url_state = &BG(url_adapt_session_ex);
|
|
|
|
} else {
|
|
|
|
url_state = &BG(url_adapt_output_ex);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Short circuit check. Only check url_app. */
|
|
|
|
if (!url_state->url_app.s || !ZSTR_LEN(url_state->url_app.s)) {
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (encode) {
|
|
|
|
encoded = php_raw_url_encode(ZSTR_VAL(name), ZSTR_LEN(name));
|
|
|
|
smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
|
|
|
|
zend_string_free(encoded);
|
|
|
|
encoded = php_escape_html_entities_ex((unsigned char *)ZSTR_VAL(name), ZSTR_LEN(name), 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
|
|
|
|
smart_str_appendl(&hname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
|
|
|
|
zend_string_free(encoded);
|
|
|
|
} else {
|
|
|
|
smart_str_appendl(&sname, ZSTR_VAL(name), ZSTR_LEN(name));
|
|
|
|
smart_str_appendl(&hname, ZSTR_VAL(name), ZSTR_LEN(name));
|
|
|
|
}
|
|
|
|
smart_str_0(&sname);
|
|
|
|
smart_str_0(&hname);
|
|
|
|
|
|
|
|
smart_str_append_smart_str(&url_app, &sname);
|
|
|
|
smart_str_appendc(&url_app, '=');
|
|
|
|
smart_str_0(&url_app);
|
|
|
|
|
|
|
|
smart_str_appends(&form_app, "<input type=\"hidden\" name=\"");
|
|
|
|
smart_str_append_smart_str(&form_app, &hname);
|
|
|
|
smart_str_appends(&form_app, "\" value=\"");
|
|
|
|
smart_str_0(&form_app);
|
|
|
|
|
|
|
|
/* Short circuit check. Only check url_app. */
|
|
|
|
start = (char *) php_memnstr(ZSTR_VAL(url_state->url_app.s),
|
|
|
|
ZSTR_VAL(url_app.s), ZSTR_LEN(url_app.s),
|
|
|
|
ZSTR_VAL(url_state->url_app.s) + ZSTR_LEN(url_state->url_app.s));
|
|
|
|
if (!start) {
|
|
|
|
ret = FAILURE;
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Get end of url var */
|
|
|
|
limit = ZSTR_VAL(url_state->url_app.s) + ZSTR_LEN(url_state->url_app.s);
|
|
|
|
end = start + ZSTR_LEN(url_app.s);
|
|
|
|
separator_len = strlen(PG(arg_separator).output);
|
|
|
|
while (end < limit) {
|
|
|
|
if (!memcmp(end, PG(arg_separator).output, separator_len)) {
|
|
|
|
end += separator_len;
|
|
|
|
sep_removed = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
end++;
|
|
|
|
}
|
|
|
|
/* Remove all when this is the only rewrite var */
|
|
|
|
if (ZSTR_LEN(url_state->url_app.s) == end - start) {
|
|
|
|
php_url_scanner_reset_vars_impl(type);
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
/* Check preceeding separator */
|
|
|
|
if (!sep_removed
|
2017-08-24 07:36:14 +08:00
|
|
|
&& (size_t)(start - PG(arg_separator).output) >= separator_len
|
2016-08-11 07:03:45 +08:00
|
|
|
&& !memcmp(start - separator_len, PG(arg_separator).output, separator_len)) {
|
|
|
|
start -= separator_len;
|
|
|
|
}
|
|
|
|
/* Remove partially */
|
|
|
|
memmove(start, end,
|
|
|
|
ZSTR_LEN(url_state->url_app.s) - (end - ZSTR_VAL(url_state->url_app.s)));
|
|
|
|
ZSTR_LEN(url_state->url_app.s) -= end - start;
|
|
|
|
ZSTR_VAL(url_state->url_app.s)[ZSTR_LEN(url_state->url_app.s)] = '\0';
|
|
|
|
|
|
|
|
/* Remove form var */
|
|
|
|
start = (char *) php_memnstr(ZSTR_VAL(url_state->form_app.s),
|
|
|
|
ZSTR_VAL(form_app.s), ZSTR_LEN(form_app.s),
|
|
|
|
ZSTR_VAL(url_state->form_app.s) + ZSTR_LEN(url_state->form_app.s));
|
|
|
|
if (!start) {
|
|
|
|
/* Should not happen */
|
|
|
|
ret = FAILURE;
|
|
|
|
php_url_scanner_reset_vars_impl(type);
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
/* Get end of form var */
|
|
|
|
limit = ZSTR_VAL(url_state->form_app.s) + ZSTR_LEN(url_state->form_app.s);
|
|
|
|
end = start + ZSTR_LEN(form_app.s);
|
|
|
|
while (end < limit) {
|
|
|
|
if (*end == '>') {
|
|
|
|
end += 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
end++;
|
|
|
|
}
|
|
|
|
/* Remove partially */
|
|
|
|
memmove(start, end,
|
|
|
|
ZSTR_LEN(url_state->form_app.s) - (end - ZSTR_VAL(url_state->form_app.s)));
|
|
|
|
ZSTR_LEN(url_state->form_app.s) -= end - start;
|
|
|
|
ZSTR_VAL(url_state->form_app.s)[ZSTR_LEN(url_state->form_app.s)] = '\0';
|
|
|
|
|
|
|
|
finish:
|
|
|
|
smart_str_free(&url_app);
|
|
|
|
smart_str_free(&form_app);
|
|
|
|
smart_str_free(&sname);
|
|
|
|
smart_str_free(&hname);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PHPAPI int php_url_scanner_reset_session_var(zend_string *name, int encode)
|
|
|
|
{
|
|
|
|
return php_url_scanner_reset_var_impl(name, encode, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PHPAPI int php_url_scanner_reset_var(zend_string *name, int encode)
|
|
|
|
{
|
|
|
|
return php_url_scanner_reset_var_impl(name, encode, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2000-10-17 01:25:36 +08:00
|
|
|
PHP_MINIT_FUNCTION(url_scanner)
|
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
REGISTER_INI_ENTRIES();
|
|
|
|
return SUCCESS;
|
2000-10-17 01:25:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
PHP_MSHUTDOWN_FUNCTION(url_scanner)
|
|
|
|
{
|
2000-10-17 11:02:47 +08:00
|
|
|
UNREGISTER_INI_ENTRIES();
|
2002-05-03 16:00:41 +08:00
|
|
|
|
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
PHP_RINIT_FUNCTION(url_scanner)
|
|
|
|
{
|
2016-08-11 07:03:45 +08:00
|
|
|
BG(url_adapt_session_ex).active = 0;
|
|
|
|
BG(url_adapt_session_ex).tag_type = 0;
|
|
|
|
BG(url_adapt_session_ex).attr_type = 0;
|
|
|
|
BG(url_adapt_output_ex).active = 0;
|
|
|
|
BG(url_adapt_output_ex).tag_type = 0;
|
|
|
|
BG(url_adapt_output_ex).attr_type = 0;
|
2002-05-03 16:00:41 +08:00
|
|
|
return SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
PHP_RSHUTDOWN_FUNCTION(url_scanner)
|
|
|
|
{
|
2016-08-11 07:03:45 +08:00
|
|
|
if (BG(url_adapt_session_ex).active) {
|
|
|
|
php_url_scanner_ex_deactivate(1);
|
|
|
|
BG(url_adapt_session_ex).active = 0;
|
|
|
|
BG(url_adapt_session_ex).tag_type = 0;
|
|
|
|
BG(url_adapt_session_ex).attr_type = 0;
|
2002-05-03 16:00:41 +08:00
|
|
|
}
|
2016-08-11 07:03:45 +08:00
|
|
|
smart_str_free(&BG(url_adapt_session_ex).form_app);
|
|
|
|
smart_str_free(&BG(url_adapt_session_ex).url_app);
|
|
|
|
|
|
|
|
if (BG(url_adapt_output_ex).active) {
|
|
|
|
php_url_scanner_ex_deactivate(0);
|
|
|
|
BG(url_adapt_output_ex).active = 0;
|
|
|
|
BG(url_adapt_output_ex).tag_type = 0;
|
|
|
|
BG(url_adapt_output_ex).attr_type = 0;
|
|
|
|
}
|
|
|
|
smart_str_free(&BG(url_adapt_output_ex).form_app);
|
|
|
|
smart_str_free(&BG(url_adapt_output_ex).url_app);
|
2002-05-05 10:07:16 +08:00
|
|
|
|
2000-10-17 11:02:47 +08:00
|
|
|
return SUCCESS;
|
2000-10-17 01:25:36 +08:00
|
|
|
}
|