|
Packit |
284210 |
/*
|
|
Packit |
284210 |
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
|
|
Packit |
284210 |
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* You may not use this file except in compliance with
|
|
Packit |
284210 |
* the License. You may obtain a copy of the License at
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* If any of the files related to licensing are missing or if you have any
|
|
Packit |
284210 |
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
|
Packit |
284210 |
* directly using the email address security@modsecurity.org.
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
|
|
Packit |
284210 |
#ifndef _MSC_MULTIPART_H_
|
|
Packit |
284210 |
#define _MSC_MULTIPART_H_
|
|
Packit |
284210 |
|
|
Packit |
284210 |
#define MULTIPART_BUF_SIZE 4096
|
|
Packit |
284210 |
|
|
Packit |
284210 |
#define MULTIPART_FORMDATA 1
|
|
Packit |
284210 |
#define MULTIPART_FILE 2
|
|
Packit |
284210 |
|
|
Packit |
284210 |
typedef struct multipart_part multipart_part;
|
|
Packit |
284210 |
typedef struct multipart_data multipart_data;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
#include "apr_general.h"
|
|
Packit |
284210 |
#include "apr_tables.h"
|
|
Packit |
284210 |
#include "modsecurity.h"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
typedef struct value_part_t value_part_t;
|
|
Packit |
284210 |
struct value_part_t {
|
|
Packit |
284210 |
char *data;
|
|
Packit |
284210 |
long int length;
|
|
Packit |
284210 |
};
|
|
Packit |
284210 |
|
|
Packit |
284210 |
struct multipart_part {
|
|
Packit |
284210 |
/* part type, can be MULTIPART_FORMDATA or MULTIPART_FILE */
|
|
Packit |
284210 |
int type;
|
|
Packit |
284210 |
/* the name */
|
|
Packit |
284210 |
char *name;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* variables only, variable value */
|
|
Packit |
284210 |
char *value;
|
|
Packit |
284210 |
apr_array_header_t *value_parts;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* files only, the content type (where available) */
|
|
Packit |
284210 |
char *content_type;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* files only, the name of the temporary file holding data */
|
|
Packit |
284210 |
char *tmp_file_name;
|
|
Packit |
284210 |
int tmp_file_fd;
|
|
Packit |
284210 |
unsigned int tmp_file_size;
|
|
Packit |
284210 |
/* files only, filename as supplied by the browser */
|
|
Packit |
284210 |
char *filename;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
char *last_header_name;
|
|
Packit |
284210 |
apr_table_t *headers;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
unsigned int offset;
|
|
Packit |
284210 |
unsigned int length;
|
|
Packit |
284210 |
};
|
|
Packit |
284210 |
|
|
Packit |
284210 |
struct multipart_data {
|
|
Packit |
284210 |
/* this array keeps parts */
|
|
Packit |
284210 |
apr_array_header_t *parts;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* Number of parts that are files */
|
|
Packit |
284210 |
int nfiles;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* mime boundary used to detect when
|
|
Packit |
284210 |
* parts end and begin
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
char *boundary;
|
|
Packit |
284210 |
int boundary_count;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* internal buffer and other variables
|
|
Packit |
284210 |
* used while parsing
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
char buf[MULTIPART_BUF_SIZE + 2];
|
|
Packit |
284210 |
int buf_contains_line;
|
|
Packit |
284210 |
char *bufptr;
|
|
Packit |
284210 |
int bufleft;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
unsigned int buf_offset;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* pointer that keeps track of a part while
|
|
Packit |
284210 |
* it is being built
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
multipart_part *mpp;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* part parsing state; 0 means we are reading
|
|
Packit |
284210 |
* headers, 1 means we are collecting data
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
int mpp_state;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* because of the way this parsing algorithm
|
|
Packit |
284210 |
* works we hold back the last two bytes of
|
|
Packit |
284210 |
* each data chunk so that we can discard it
|
|
Packit |
284210 |
* later if the next data chunk proves to be
|
|
Packit |
284210 |
* a boundary; the first byte is an indicator
|
|
Packit |
284210 |
* 0 - no content, 1 - two data bytes available
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
char reserve[4];
|
|
Packit |
284210 |
|
|
Packit |
284210 |
int seen_data;
|
|
Packit |
284210 |
int is_complete;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
int flag_error;
|
|
Packit |
284210 |
int flag_data_before;
|
|
Packit |
284210 |
int flag_data_after;
|
|
Packit |
284210 |
int flag_header_folding;
|
|
Packit |
284210 |
int flag_boundary_quoted;
|
|
Packit |
284210 |
int flag_lf_line;
|
|
Packit |
284210 |
int flag_crlf_line;
|
|
Packit |
284210 |
int flag_unmatched_boundary;
|
|
Packit |
284210 |
int flag_boundary_whitespace;
|
|
Packit |
284210 |
int flag_missing_semicolon;
|
|
Packit |
284210 |
int flag_invalid_quoting;
|
|
Packit |
284210 |
int flag_invalid_part;
|
|
Packit |
284210 |
int flag_invalid_header_folding;
|
|
Packit |
284210 |
int flag_file_limit_exceeded;
|
|
Packit |
284210 |
};
|
|
Packit |
284210 |
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/* Functions */
|
|
Packit |
284210 |
|
|
Packit |
284210 |
int DSOLOCAL multipart_init(modsec_rec *msr, char **error_msg);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
int DSOLOCAL multipart_complete(modsec_rec *msr, char **error_msg);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
int DSOLOCAL multipart_process_chunk(modsec_rec *msr, const char *buf,
|
|
Packit |
284210 |
unsigned int size, char **error_msg);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
apr_status_t DSOLOCAL multipart_cleanup(modsec_rec *msr);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
int DSOLOCAL multipart_get_arguments(modsec_rec *msr, char *origin, apr_table_t *arguments);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
char DSOLOCAL *multipart_reconstruct_urlencoded_body_sanitize(modsec_rec *msr);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
#endif
|