version 1.2.6.3, 2012/07/31 23:08:40
|
version 1.4, 2012/09/20 14:19:45
|
Line 162 www_unescape(char * __restrict str)
|
Line 162 www_unescape(char * __restrict str)
|
{ |
{ |
register int i, j; |
register int i, j; |
|
|
assert(str); | if (!str) |
| return; |
|
|
for (i = j = 0; str[j]; i++, j++) { |
for (i = j = 0; str[j]; i++, j++) { |
str[i] = str[j]; |
str[i] = str[j]; |
Line 176 www_unescape(char * __restrict str)
|
Line 177 www_unescape(char * __restrict str)
|
} |
} |
|
|
str[i] = 0; |
str[i] = 0; |
|
} |
|
|
|
/* |
|
* www_undot() - Undotted and clean WWW query filename |
|
* |
|
* @pname = query filename |
|
* return: =NULL error or !=NULL allocated valid filename, after use you must call io_freeVar() |
|
*/ |
|
ait_val_t * |
|
www_undot(const char * __restrict pname) |
|
{ |
|
char *s, *s2, *fname; |
|
int l; |
|
ait_val_t *v; |
|
|
|
if (!pname) |
|
return NULL; |
|
/* check for valid query filename */ |
|
if (*pname != '/') |
|
return NULL; |
|
|
|
v = io_allocVar(); |
|
if (!v) { |
|
www_SetErr(io_GetErrno(), "%s", io_GetError()); |
|
return NULL; |
|
} else { |
|
AIT_SET_STR(v, pname + 1); |
|
fname = AIT_GET_STR(v); |
|
} |
|
|
|
/* collapse / sequences */ |
|
if ((s = strstr(fname, "//"))) { |
|
s2 = s + 1; |
|
for (s2 = ++s; *s2 == '/'; s2++); |
|
memmove(s, s2, strlen(s2) + 1); |
|
} |
|
|
|
/* escaped ./ and /./ sequences */ |
|
while (!strncmp(fname, "./", 2)) |
|
memmove(fname, fname + 2, strlen(fname + 1)); |
|
while ((s = strstr(fname, "/./"))) |
|
memmove(s, s + 2, strlen(s + 1)); |
|
|
|
/* alternate between removing leading ../ and removing xxx/../ */ |
|
while (42) { |
|
while (!strncmp(fname, "../", 3)) |
|
memmove(fname, fname + 3, strlen(fname + 2)); |
|
if (!(s = strstr(fname, "/../"))) |
|
break; |
|
for (s2 = s - 1; s2 >= fname && *s2 != '/'; --s2); |
|
memmove(s2 + 1, s + 4, strlen(s + 3)); |
|
} |
|
|
|
/* elide any /.. at the end */ |
|
while ((l = strlen(fname)) > 3 && |
|
!strcmp((s = fname + l - 3), "/..")) { |
|
for (s2 = s - 1; s2 >= fname && *s2 != '/'; --s2); |
|
if (s2 < fname) |
|
break; |
|
*s2 = 0; |
|
} |
|
|
|
/* if filename is empry add current dir */ |
|
if (!*fname) { |
|
AIT_FREE_VAL(v); |
|
AIT_SET_STR(v, "./"); |
|
fname = AIT_GET_STR(v); |
|
} |
|
|
|
/* check for valid filename */ |
|
if (*fname == '/' || (fname[0] == '.' && fname[1] == '.' && |
|
(!fname[2] || fname[2] == '/'))) { |
|
io_freeVar(&v); |
|
return NULL; |
|
} |
|
|
|
return v; |
} |
} |