|
Packit |
229ac0 |
/*
|
|
Packit |
229ac0 |
* Copyright (C) 2004-2005 Kay Sievers <kay.sievers@vrfy.org>
|
|
Packit |
229ac0 |
*
|
|
Packit |
229ac0 |
* This program is free software; you can redistribute it and/or modify it
|
|
Packit |
229ac0 |
* under the terms of the GNU General Public License as published by the
|
|
Packit |
229ac0 |
* Free Software Foundation version 2 of the License.
|
|
Packit |
229ac0 |
*
|
|
Packit |
229ac0 |
* This program is distributed in the hope that it will be useful, but
|
|
Packit |
229ac0 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
229ac0 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
229ac0 |
* General Public License for more details.
|
|
Packit |
229ac0 |
*
|
|
Packit |
229ac0 |
* You should have received a copy of the GNU General Public License along
|
|
Packit |
229ac0 |
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
Packit |
229ac0 |
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
Packit |
229ac0 |
*
|
|
Packit |
229ac0 |
*/
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
static void remove_trailing_chars(char *path, char c)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
size_t len;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
len = strlen(path);
|
|
Packit |
229ac0 |
while (len > 0 && path[len-1] == c)
|
|
Packit |
229ac0 |
path[--len] = '\0';
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* count of characters used to encode one unicode char */
|
|
Packit |
229ac0 |
static int utf8_encoded_expected_len(const char *str)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
unsigned char c = (unsigned char)str[0];
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
if (c < 0x80)
|
|
Packit |
229ac0 |
return 1;
|
|
Packit |
229ac0 |
if ((c & 0xe0) == 0xc0)
|
|
Packit |
229ac0 |
return 2;
|
|
Packit |
229ac0 |
if ((c & 0xf0) == 0xe0)
|
|
Packit |
229ac0 |
return 3;
|
|
Packit |
229ac0 |
if ((c & 0xf8) == 0xf0)
|
|
Packit |
229ac0 |
return 4;
|
|
Packit |
229ac0 |
if ((c & 0xfc) == 0xf8)
|
|
Packit |
229ac0 |
return 5;
|
|
Packit |
229ac0 |
if ((c & 0xfe) == 0xfc)
|
|
Packit |
229ac0 |
return 6;
|
|
Packit |
229ac0 |
return 0;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* decode one unicode char */
|
|
Packit |
229ac0 |
static int utf8_encoded_to_unichar(const char *str)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
int unichar;
|
|
Packit |
229ac0 |
int len;
|
|
Packit |
229ac0 |
int i;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
len = utf8_encoded_expected_len(str);
|
|
Packit |
229ac0 |
switch (len) {
|
|
Packit |
229ac0 |
case 1:
|
|
Packit |
229ac0 |
return (int)str[0];
|
|
Packit |
229ac0 |
case 2:
|
|
Packit |
229ac0 |
unichar = str[0] & 0x1f;
|
|
Packit |
229ac0 |
break;
|
|
Packit |
229ac0 |
case 3:
|
|
Packit |
229ac0 |
unichar = (int)str[0] & 0x0f;
|
|
Packit |
229ac0 |
break;
|
|
Packit |
229ac0 |
case 4:
|
|
Packit |
229ac0 |
unichar = (int)str[0] & 0x07;
|
|
Packit |
229ac0 |
break;
|
|
Packit |
229ac0 |
case 5:
|
|
Packit |
229ac0 |
unichar = (int)str[0] & 0x03;
|
|
Packit |
229ac0 |
break;
|
|
Packit |
229ac0 |
case 6:
|
|
Packit |
229ac0 |
unichar = (int)str[0] & 0x01;
|
|
Packit |
229ac0 |
break;
|
|
Packit |
229ac0 |
default:
|
|
Packit |
229ac0 |
return -1;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
for (i = 1; i < len; i++) {
|
|
Packit |
229ac0 |
if (((int)str[i] & 0xc0) != 0x80)
|
|
Packit |
229ac0 |
return -1;
|
|
Packit |
229ac0 |
unichar <<= 6;
|
|
Packit |
229ac0 |
unichar |= (int)str[i] & 0x3f;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
return unichar;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* expected size used to encode one unicode char */
|
|
Packit |
229ac0 |
static int utf8_unichar_to_encoded_len(int unichar)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
if (unichar < 0x80)
|
|
Packit |
229ac0 |
return 1;
|
|
Packit |
229ac0 |
if (unichar < 0x800)
|
|
Packit |
229ac0 |
return 2;
|
|
Packit |
229ac0 |
if (unichar < 0x10000)
|
|
Packit |
229ac0 |
return 3;
|
|
Packit |
229ac0 |
if (unichar < 0x200000)
|
|
Packit |
229ac0 |
return 4;
|
|
Packit |
229ac0 |
if (unichar < 0x4000000)
|
|
Packit |
229ac0 |
return 5;
|
|
Packit |
229ac0 |
return 6;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* check if unicode char has a valid numeric range */
|
|
Packit |
229ac0 |
static int utf8_unichar_valid_range(int unichar)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
if (unichar > 0x10ffff)
|
|
Packit |
229ac0 |
return 0;
|
|
Packit |
229ac0 |
if ((unichar & 0xfffff800) == 0xd800)
|
|
Packit |
229ac0 |
return 0;
|
|
Packit |
229ac0 |
if ((unichar > 0xfdcf) && (unichar < 0xfdf0))
|
|
Packit |
229ac0 |
return 0;
|
|
Packit |
229ac0 |
if ((unichar & 0xffff) == 0xffff)
|
|
Packit |
229ac0 |
return 0;
|
|
Packit |
229ac0 |
return 1;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* validate one encoded unicode char and return its length */
|
|
Packit |
229ac0 |
static int utf8_encoded_valid_unichar(const char *str)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
int len;
|
|
Packit |
229ac0 |
int unichar;
|
|
Packit |
229ac0 |
int i;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
len = utf8_encoded_expected_len(str);
|
|
Packit |
229ac0 |
if (len == 0)
|
|
Packit |
229ac0 |
return -1;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* ascii is valid */
|
|
Packit |
229ac0 |
if (len == 1)
|
|
Packit |
229ac0 |
return 1;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* check if expected encoded chars are available */
|
|
Packit |
229ac0 |
for (i = 0; i < len; i++)
|
|
Packit |
229ac0 |
if ((str[i] & 0x80) != 0x80)
|
|
Packit |
229ac0 |
return -1;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
unichar = utf8_encoded_to_unichar(str);
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* check if encoded length matches encoded value */
|
|
Packit |
229ac0 |
if (utf8_unichar_to_encoded_len(unichar) != len)
|
|
Packit |
229ac0 |
return -1;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* check if value has valid range */
|
|
Packit |
229ac0 |
if (!utf8_unichar_valid_range(unichar))
|
|
Packit |
229ac0 |
return -1;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
return len;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* replace everything but whitelisted plain ascii and valid utf8 */
|
|
Packit |
229ac0 |
static int replace_untrusted_chars(char *str)
|
|
Packit |
229ac0 |
{
|
|
Packit |
229ac0 |
size_t i = 0;
|
|
Packit |
229ac0 |
int replaced = 0;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
while (str[i] != '\0') {
|
|
Packit |
229ac0 |
int len;
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* valid printable ascii char */
|
|
Packit |
229ac0 |
if ((str[i] >= '0' && str[i] <= '9') ||
|
|
Packit |
229ac0 |
(str[i] >= 'A' && str[i] <= 'Z') ||
|
|
Packit |
229ac0 |
(str[i] >= 'a' && str[i] <= 'z') ||
|
|
Packit |
229ac0 |
strchr(" #$%+-./:=?@_,", str[i])) {
|
|
Packit |
229ac0 |
i++;
|
|
Packit |
229ac0 |
continue;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
/* valid utf8 is accepted */
|
|
Packit |
229ac0 |
len = utf8_encoded_valid_unichar(&str[i]);
|
|
Packit |
229ac0 |
if (len > 1) {
|
|
Packit |
229ac0 |
i += len;
|
|
Packit |
229ac0 |
continue;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
/* everything else is garbage */
|
|
Packit |
229ac0 |
str[i] = '_';
|
|
Packit |
229ac0 |
i++;
|
|
Packit |
229ac0 |
replaced++;
|
|
Packit |
229ac0 |
}
|
|
Packit |
229ac0 |
|
|
Packit |
229ac0 |
return replaced;
|
|
Packit |
229ac0 |
}
|