X-Git-Url: https://git.octo.it/?p=collection4.git;a=blobdiff_plain;f=src%2Futils_cgi.c;h=7995e3f1b8cd323992bdbb7c0150b0c461624e2d;hp=47a531fbaac13e20cc6f246051a7cab528d2d06e;hb=4f4a330557182d024ed5854bd9c79880b6fdaeb6;hpb=b988bcc13c655299bc3796cccaa583f62704e759 diff --git a/src/utils_cgi.c b/src/utils_cgi.c index 47a531f..7995e3f 100644 --- a/src/utils_cgi.c +++ b/src/utils_cgi.c @@ -104,6 +104,7 @@ static char *uri_unescape_copy (char *dest, const char *src, size_t n) /* {{{ */ *dest_ptr = *src_ptr; } + n--; src_ptr++; dest_ptr++; *dest_ptr = 0; @@ -111,7 +112,7 @@ static char *uri_unescape_copy (char *dest, const char *src, size_t n) /* {{{ */ assert (*dest_ptr == 0); return (dest); -} /* }}} char *uri_unescape */ +} /* }}} char *uri_unescape_copy */ static char *uri_unescape (const char *string) /* {{{ */ { @@ -431,10 +432,17 @@ char *uri_escape_copy (char *dest, const char *src, size_t n) /* {{{ */ return (dest); } else if ((((unsigned char) src[in]) < 32) - || (src[in] == '&') - || (src[in] == ';') - || (src[in] == '?') - || (src[in] == '/') + || (src[in] == ' ') + /* RFC 3986, gen-delims */ + || (src[in] == ':') || (src[in] == '/') || (src[in] == '?') + || (src[in] == '#') || (src[in] == '[') || (src[in] == ']') + || (src[in] == '@') + /* RFC 3986, sub-delims */ + || (src[in] == '!') || (src[in] == '$') || (src[in] == '&') + || (src[in] == '(') || (src[in] == ')') || (src[in] == '*') + || (src[in] == '+') || (src[in] == ',') || (src[in] == ';') + || (src[in] == '=') || (src[in] == '\'') + /* 8-bit data */ || (((unsigned char) src[in]) >= 128)) { char esc[4]; @@ -461,6 +469,16 @@ char *uri_escape_copy (char *dest, const char *src, size_t n) /* {{{ */ return (dest); } /* }}} char *uri_escape_copy */ +char *uri_escape_buffer (char *buffer, size_t buffer_size) /* {{{ */ +{ + char temp[buffer_size]; + + uri_escape_copy (temp, buffer, buffer_size); + memcpy (buffer, temp, buffer_size); + + return (&buffer[0]); +} /* }}} char *uri_escape_buffer */ + char *uri_escape (const char *string) /* {{{ */ { char buffer[4096]; @@ -473,6 +491,89 @@ char *uri_escape (const char *string) /* {{{ */ return (strdup (buffer)); } /* }}} char *uri_escape */ +#define COPY_ENTITY(e) do { \ + size_t len = strlen (e); \ + if (dest_size < (len + 1)) \ + break; \ + strcpy (dest_ptr, (e)); \ + dest_ptr += len; \ + dest_size -= len; \ +} while (0) + +char *json_escape_copy (char *dest, const char *src, size_t n) /* {{{ */ +{ + char *dest_ptr; + size_t dest_size; + size_t pos; + + dest[0] = 0; + dest_ptr = dest; + dest_size = n; + for (pos = 0; src[pos] != 0; pos++) + { + if (src[pos] == '"') + COPY_ENTITY ("\\\""); + else if (src[pos] == '\\') + COPY_ENTITY ("\\\\"); + else if (((uint8_t) src[pos]) < 32) + { + if (src[pos] == '\n') + COPY_ENTITY ("\\n"); + else if (src[pos] == '\r') + COPY_ENTITY ("\\r"); + else if (src[pos] == '\t') + COPY_ENTITY ("\\t"); + else if (src[pos] == '\b') + COPY_ENTITY ("\\b"); + else if (src[pos] == '\f') + COPY_ENTITY ("\\f"); + else + { + char buffer[8]; + sprintf (buffer, "\\u%04"PRIx8, (uint8_t) src[pos]); + buffer[sizeof (buffer) - 1] = 0; + COPY_ENTITY (buffer); + } + } + else + { + *dest_ptr = src[pos]; + dest_ptr++; + dest_size--; + *dest_ptr = 0; + } + + if (dest_size <= 1) + break; + } + + return (dest); +} /* }}} char *json_escape_copy */ + +#undef COPY_ENTITY + +char *json_escape_buffer (char *buffer, size_t buffer_size) +{ + char temp[buffer_size]; + + json_escape_copy (temp, buffer, buffer_size); + memcpy (buffer, temp, buffer_size); + + return (buffer); +} /* }}} char *json_escape_buffer */ + +char *json_escape (const char *string) /* {{{ */ +{ + char buffer[4096]; + + if (string == NULL) + return (NULL); + + json_escape_copy (buffer, string, sizeof (buffer)); + + return (strdup (buffer)); +} /* }}} char *json_escape */ + const char *script_name (void) /* {{{ */ { char *ret; @@ -504,11 +605,11 @@ int time_to_rfc1123 (time_t t, char *buffer, size_t buffer_size) /* {{{ */ #define COPY_ENTITY(e) do { \ size_t len = strlen (e); \ - if (dest_size < (len + 1)) \ + if (dest_size < (len + 1)) \ break; \ - strcpy (dest_ptr, (e)); \ - dest_ptr += len; \ - dest_size -= len; \ + strcpy (dest_ptr, (e)); \ + dest_ptr += len; \ + dest_size -= len; \ } while (0) char *html_escape_copy (char *dest, const char *src, size_t n) /* {{{ */ @@ -579,7 +680,7 @@ int html_print_page (const char *title, /* {{{ */ "\n\n"); if (title == NULL) - title = "c4: collection4 graph interface"; + title = "C₄: collection4 graph interface"; title_html = html_escape (title); @@ -589,6 +690,12 @@ int html_print_page (const char *title, /* {{{ */ " \n" " \n" + " \n" + " \n" + " \n" " \n" " \n", @@ -643,6 +750,7 @@ int html_print_page (const char *title, /* {{{ */ printf ("\n" " \n" " \n" + "
"PACKAGE_STRING"
\n" " \n" "\n"); @@ -653,9 +761,9 @@ int html_print_page (const char *title, /* {{{ */ int html_print_logo (__attribute__((unused)) void *user_data) /* {{{ */ { printf ("\n" - "

c4

\n" + "

C4

\n" "
collection 4
\n" - "\n"); + "\n", script_name ()); return (0); } /* }}} int html_print_search_box */ @@ -667,7 +775,7 @@ int html_print_search_box (__attribute__((unused)) void *user_data) /* {{{ */ term_html = html_escape (param ("q")); printf ("
\n" - " \n" + " \n" " \n" " \n" "
\n",