github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-01 03:57:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring on `utils.cc' and adjacents

Browse Source 
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
This commit is contained in:
Felipe Zimmerle
2016-11-03 20:02:37 -03:00
parent b48dccff70
commit 507ec44cc2
75 changed files with 702 additions and 686 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
src/utils/decode.cc Normal file
View File

@@ -0,0 +1,124 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "utils/decode.h"
#include "modsecurity/modsecurity.h"
#include "utils/msc_string.h"
namespace modsecurity {
namespace utils {
int urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed) {
unsigned char *d = (unsigned char *)input;
uint64_t i, count;
*changed = 0;
if (input == NULL) {
return -1;
}
i = count = 0;
while (i < input_len) {
if (input[i] == '%') {
/* Character is a percent sign. */
/* Are there enough bytes available? */
if (i + 2 < input_len) {
char c1 = input[i + 1];
char c2 = input[i + 2];
if (VALID_HEX(c1) && VALID_HEX(c2)) {
uint64_t uni = x2c(&input[i + 1]);
*d++ = (wchar_t)uni;
count++;
i += 3;
*changed = 1;
} else {
/* Not a valid encoding, skip this % */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Not enough bytes available, copy the raw bytes. */
*d++ = input[i++];
count++;
(*invalid_count)++;
}
} else {
/* Character is not a percent sign. */
if (input[i] == '+') {
*d++ = ' ';
*changed = 1;
} else {
*d++ = input[i];
}
count++;
i++;
}
}
#if 0
*d = '\0';
#endif
return count;
}
std::string uri_decode(const std::string & sSrc) {
// Note from RFC1630: "Sequences which start with a percent
// sign but are not followed by two hexadecimal characters
// (0-9, A-F) are reserved for future extension"
const unsigned char * pSrc = (const unsigned char *)sSrc.c_str();
const int SRC_LEN = sSrc.length();
const unsigned char * const SRC_END = pSrc + SRC_LEN;
// last decodable '%'
const unsigned char * const SRC_LAST_DEC = SRC_END - 2;
char * const pStart = new char[SRC_LEN];
char * pEnd = pStart;
while (pSrc < SRC_LAST_DEC) {
if (*pSrc == '%') {
char dec1, dec2;
if (-1 != (dec1 = HEX2DEC[*(pSrc + 1)])
&& -1 != (dec2 = HEX2DEC[*(pSrc + 2)])) {
*pEnd++ = (dec1 << 4) + dec2;
pSrc += 3;
continue;
}
}
*pEnd++ = *pSrc++;
}
// the last 2- chars
while (pSrc < SRC_END) {
*pEnd++ = *pSrc++;
}
std::string sResult(pStart, pEnd);
delete [] pStart;
return sResult;
}
} // namespace utils
} // namespace modsecurity

40
src/utils/decode.h Normal file
View File

@@ -0,0 +1,40 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include "modsecurity/modsecurity.h"
#include "src/utils/msc_string.h"
#ifndef SRC_UTILS_DECODE_H_
#define SRC_UTILS_DECODE_H_
namespace modsecurity {
namespace utils {
int urldecode_nonstrict_inplace(unsigned char *input,
uint64_t input_len, int *invalid_count, int *changed);
std::string uri_decode(const std::string & sSrc);
} // namespace utils
} // namespace modsecurity
#endif // SRC_UTILS_DECODE_H_

34
src/utils/msc_string.cc
View File

@@ -171,5 +171,39 @@ void String::chomp(std::string *str) {
}
unsigned char x2c(unsigned char *what) {
unsigned char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0'));
digit *= 16;
digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0'));
return digit;
}
/**
* Converts a single hexadecimal digit into a decimal value.
*/
unsigned char xsingle2c(unsigned char *what) {
unsigned char digit;
digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0'));
return digit;
}
unsigned char *c2x(unsigned what, unsigned char *where) {
static const char c2x_table[] = "0123456789abcdef";
what = what & 0xff;
*where++ = c2x_table[what >> 4];
*where++ = c2x_table[what & 0x0f];
return where;
}
} // namespace utils
} // namespace modsecurity

32
src/utils/msc_string.h
View File

@@ -21,9 +21,38 @@
#ifndef SRC_UTILS_MSC_STRING_H_
#define SRC_UTILS_MSC_STRING_H_
#define VALID_HEX(X) (((X >= '0') && (X <= '9')) || \
((X >= 'a') && (X <= 'f')) || ((X >= 'A') && (X <= 'F')))
#define ISODIGIT(X) ((X >= '0') && (X <= '7'))
#define NBSP 160
namespace modsecurity {
namespace utils {
const char HEX2DEC[256] = {
/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
/* 0 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 1 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 2 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 3 */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
/* 4 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 5 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 6 */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 7 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 8 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* 9 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* A */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* B */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* C */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* D */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* E */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* F */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
};
class String {
public:
@@ -40,6 +69,9 @@ class String {
static void chomp(std::string *str);
};
unsigned char x2c(unsigned char *what);
unsigned char xsingle2c(unsigned char *what);
unsigned char *c2x(unsigned what, unsigned char *where);
} // namespace utils
} // namespace modsecurity

3
src/utils/msc_system.cc
View File

@@ -33,8 +33,7 @@
#include <sys/stat.h>
#endif
#include "utils.h"
#include "utils/msc_system.h"
#include "src/utils/msc_system.h"
namespace modsecurity {
namespace utils {

6
src/utils/msc_system.h
View File

@@ -20,8 +20,8 @@
#include "modsecurity/modsecurity.h"
#ifndef SRC_UTILS_SYSTEM_H_
#define SRC_UTILS_SYSTEM_H_
#ifndef SRC_UTILS_MSC_SYSTEM_H_
#define SRC_UTILS_MSC_SYSTEM_H_
namespace modsecurity {
@@ -38,4 +38,4 @@ void createDir(std::string dir, int mode);
} // namespace utils
} // namespace modsecurity
#endif // SRC_UTILS_SYSTEM_H_
#endif // SRC_UTILS_MSC_SYSTEM_H_

45
src/utils/random.cc Normal file
View File

@@ -0,0 +1,45 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <algorithm>
#include <random>
#include <memory>
#include <functional>
#include <string>
#include "modsecurity/modsecurity.h"
namespace modsecurity {
namespace utils {
double random_number(const double from, const double to) {
std::random_device rd;
std::mt19937 mt(rd());
return std::bind(
std::uniform_real_distribution<>{from, to},
std::default_random_engine{ mt() })();
}
double generate_transaction_unique_id() {
return random_number(0, 100);
}
} // namespace utils
} // namespace modsecurity

39
src/utils/random.h Normal file
View File

@@ -0,0 +1,39 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <ctime>
#include <iostream>
#include <string>
#include <vector>
#include "modsecurity/modsecurity.h"
#ifndef SRC_UTILS_RANDOM_H_
#define SRC_UTILS_RANDOM_H_
namespace modsecurity {
namespace utils {
double random_number(const double from, const double to);
double generate_transaction_unique_id();
} // namespace utils
} // namespace modsecurity
#endif // SRC_UTILS_RANDOM_H_