|
Packit Service |
384592 |
/*
|
|
Packit Service |
384592 |
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
|
|
Packit Service |
384592 |
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
|
Packit Service |
384592 |
*
|
|
Packit Service |
384592 |
* You may not use this file except in compliance with
|
|
Packit Service |
384592 |
* the License. You may obtain a copy of the License at
|
|
Packit Service |
384592 |
*
|
|
Packit Service |
384592 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
Packit Service |
384592 |
*
|
|
Packit Service |
384592 |
* If any of the files related to licensing are missing or if you have any
|
|
Packit Service |
384592 |
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
|
Packit Service |
384592 |
* directly using the email address security@modsecurity.org.
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
#include "msc_xml.h"
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
static xmlParserInputBufferPtr
|
|
Packit Service |
384592 |
xml_unload_external_entity(const char *URI, xmlCharEncoding enc) {
|
|
Packit Service |
384592 |
return NULL;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/**
|
|
Packit Service |
384592 |
* Initialise XML parser.
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
int xml_init(modsec_rec *msr, char **error_msg) {
|
|
Packit Service |
384592 |
xmlParserInputBufferCreateFilenameFunc entity;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
if (error_msg == NULL) return -1;
|
|
Packit Service |
384592 |
*error_msg = NULL;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
msr->xml = apr_pcalloc(msr->mp, sizeof(xml_data));
|
|
Packit Service |
384592 |
if (msr->xml == NULL) return -1;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
if(msr->txcfg->xml_external_entity == 0) {
|
|
Packit Service |
384592 |
entity = xmlParserInputBufferCreateFilenameDefault(xml_unload_external_entity);
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
return 1;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
#if 0
|
|
Packit Service |
384592 |
static void xml_receive_sax_error(void *data, const char *msg, ...) {
|
|
Packit Service |
384592 |
modsec_rec *msr = (modsec_rec *)data;
|
|
Packit Service |
384592 |
char message[256];
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
if (msr == NULL) return;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
apr_snprintf(message, sizeof(message), "%s (line %d offset %d)",
|
|
Packit Service |
384592 |
log_escape_nq(msr->mp, msr->xml->parsing_ctx->lastError.message),
|
|
Packit Service |
384592 |
msr->xml->parsing_ctx->lastError.line,
|
|
Packit Service |
384592 |
msr->xml->parsing_ctx->lastError.int2);
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
msr_log(msr, 5, "XML: Parsing error: %s", message);
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
#endif
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/**
|
|
Packit Service |
384592 |
* Feed one chunk of data to the XML parser.
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
int xml_process_chunk(modsec_rec *msr, const char *buf, unsigned int size, char **error_msg) {
|
|
Packit Service |
384592 |
if (error_msg == NULL) return -1;
|
|
Packit Service |
384592 |
*error_msg = NULL;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* We want to initialise our parsing context here, to
|
|
Packit Service |
384592 |
* enable us to pass it the first chunk of data so that
|
|
Packit Service |
384592 |
* it can attempt to auto-detect the encoding.
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
if (msr->xml->parsing_ctx == NULL) {
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* First invocation. */
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
msr_log(msr, 4, "XML: Initialising parser.");
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* NOTE When Sax interface is used libxml will not
|
|
Packit Service |
384592 |
* create the document object, but we need it.
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
msr->xml->sax_handler = (xmlSAXHandler *)apr_pcalloc(msr->mp, sizeof(xmlSAXHandler));
|
|
Packit Service |
384592 |
if (msr->xml->sax_handler == NULL) return -1;
|
|
Packit Service |
384592 |
msr->xml->sax_handler->error = xml_receive_sax_error;
|
|
Packit Service |
384592 |
msr->xml->sax_handler->warning = xml_receive_sax_error;
|
|
Packit Service |
384592 |
msr->xml->parsing_ctx = xmlCreatePushParserCtxt(msr->xml->sax_handler, msr,
|
|
Packit Service |
384592 |
buf, size, "body.xml");
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
msr->xml->parsing_ctx = xmlCreatePushParserCtxt(NULL, NULL, buf, size, "body.xml");
|
|
Packit Service |
384592 |
if (msr->xml->parsing_ctx == NULL) {
|
|
Packit Service |
384592 |
*error_msg = apr_psprintf(msr->mp, "XML: Failed to create parsing context.");
|
|
Packit Service |
384592 |
return -1;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
} else {
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* Not a first invocation. */
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
xmlParseChunk(msr->xml->parsing_ctx, buf, size, 0);
|
|
Packit Service |
384592 |
if (msr->xml->parsing_ctx->wellFormed != 1) {
|
|
Packit Service |
384592 |
*error_msg = apr_psprintf(msr->mp, "XML: Failed parsing document.");
|
|
Packit Service |
384592 |
return -1;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
return 1;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/**
|
|
Packit Service |
384592 |
* Finalise XML parsing.
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
int xml_complete(modsec_rec *msr, char **error_msg) {
|
|
Packit Service |
384592 |
if (error_msg == NULL) return -1;
|
|
Packit Service |
384592 |
*error_msg = NULL;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* Only if we have a context, meaning we've done some work. */
|
|
Packit Service |
384592 |
if (msr->xml->parsing_ctx != NULL) {
|
|
Packit Service |
384592 |
/* This is how we signalise the end of parsing to libxml. */
|
|
Packit Service |
384592 |
xmlParseChunk(msr->xml->parsing_ctx, NULL, 0, 1);
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* Preserve the results for our reference. */
|
|
Packit Service |
384592 |
msr->xml->well_formed = msr->xml->parsing_ctx->wellFormed;
|
|
Packit Service |
384592 |
msr->xml->doc = msr->xml->parsing_ctx->myDoc;
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/* Clean up everything else. */
|
|
Packit Service |
384592 |
xmlFreeParserCtxt(msr->xml->parsing_ctx);
|
|
Packit Service |
384592 |
msr->xml->parsing_ctx = NULL;
|
|
Packit Service |
384592 |
msr_log(msr, 4, "XML: Parsing complete (well_formed %u).", msr->xml->well_formed);
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
if (msr->xml->well_formed != 1) {
|
|
Packit Service |
384592 |
*error_msg = apr_psprintf(msr->mp, "XML: Failed parsing document.");
|
|
Packit Service |
384592 |
return -1;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
return 1;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
/**
|
|
Packit Service |
384592 |
* Frees the resources used for XML parsing.
|
|
Packit Service |
384592 |
*/
|
|
Packit Service |
384592 |
apr_status_t xml_cleanup(modsec_rec *msr) {
|
|
Packit Service |
384592 |
if (msr->xml->doc != NULL) {
|
|
Packit Service |
384592 |
xmlFreeDoc(msr->xml->doc);
|
|
Packit Service |
384592 |
msr->xml->doc = NULL;
|
|
Packit Service |
384592 |
}
|
|
Packit Service |
384592 |
|
|
Packit Service |
384592 |
return 1;
|
|
Packit Service |
384592 |
}
|