diff options
Diffstat (limited to '')
-rw-r--r-- | tools/gen_test_char.c | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/tools/gen_test_char.c b/tools/gen_test_char.c new file mode 100644 index 0000000..c48d2cb --- /dev/null +++ b/tools/gen_test_char.c @@ -0,0 +1,131 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#if defined(WIN32) || defined(OS2) +#define NEED_ENHANCED_ESCAPES +#endif + +#include <stdio.h> +#include <string.h> +#include <stdio.h> +#include <ctype.h> + +/* A bunch of functions in util.c scan strings looking for certain characters. + * To make that more efficient we encode a lookup table. + */ +#define T_ESCAPE_SHELL_CMD (0x01) +#define T_ESCAPE_PATH_SEGMENT (0x02) +#define T_OS_ESCAPE_PATH (0x04) +#define T_ESCAPE_ECHO (0x08) +#define T_ESCAPE_URLENCODED (0x10) +#define T_ESCAPE_XML (0x20) +#define T_ESCAPE_LDAP_DN (0x40) +#define T_ESCAPE_LDAP_FILTER (0x80) + +int main(int argc, char *argv[]) +{ + unsigned c; + unsigned char flags; + + printf("/* this file is automatically generated by gen_test_char, " + "do not edit. \"make include/private/apr_escape_test_char.h\" to regenerate. */\n" + "#define T_ESCAPE_SHELL_CMD (%u)\n" + "#define T_ESCAPE_PATH_SEGMENT (%u)\n" + "#define T_OS_ESCAPE_PATH (%u)\n" + "#define T_ESCAPE_ECHO (%u)\n" + "#define T_ESCAPE_URLENCODED (%u)\n" + "#define T_ESCAPE_XML (%u)\n" + "#define T_ESCAPE_LDAP_DN (%u)\n" + "#define T_ESCAPE_LDAP_FILTER (%u)\n" + "\n" + "static const unsigned char test_char_table[256] = {", + T_ESCAPE_SHELL_CMD, + T_ESCAPE_PATH_SEGMENT, + T_OS_ESCAPE_PATH, + T_ESCAPE_ECHO, + T_ESCAPE_URLENCODED, + T_ESCAPE_XML, + T_ESCAPE_LDAP_DN, + T_ESCAPE_LDAP_FILTER); + + for (c = 0; c < 256; ++c) { + flags = 0; + if (c % 20 == 0) + printf("\n "); + + /* escape_shell_cmd */ +#ifdef NEED_ENHANCED_ESCAPES + /* Win32/OS2 have many of the same vulnerable characters + * as Unix sh, plus the carriage return and percent char. + * The proper escaping of these characters varies from unix + * since Win32/OS2 use carets or doubled-double quotes, + * and neither lf nor cr can be escaped. We escape unix + * specific as well, to assure that cross-compiled unix + * applications behave similiarly when invoked on win32/os2. + * + * Rem please keep in-sync with apr's list in win32/filesys.c + */ + if (c && strchr("&;`'\"|*?~<>^()[]{}$\\\n\r%", c)) { + flags |= T_ESCAPE_SHELL_CMD; + } +#else + if (c && strchr("&;`'\"|*?~<>^()[]{}$\\\n", c)) { + flags |= T_ESCAPE_SHELL_CMD; + } +#endif + + if (!isalnum(c) && !strchr("$-_.+!*'(),:@&=~", c)) { + flags |= T_ESCAPE_PATH_SEGMENT; + } + + if (!isalnum(c) && !strchr("$-_.+!*'(),:@&=/~", c)) { + flags |= T_OS_ESCAPE_PATH; + } + + if (!isalnum(c) && !strchr(".-*_ ", c)) { + flags |= T_ESCAPE_URLENCODED; + } + + /* For logging, escape all control characters, + * double quotes (because they delimit the request in the log file) + * backslashes (because we use backslash for escaping) + * and 8-bit chars with the high bit set + */ + if (c && (!isprint(c) || c == '"' || c == '\\' || iscntrl(c))) { + flags |= T_ESCAPE_ECHO; + } + + if (strchr("<>&\"", c)) { + flags |= T_ESCAPE_XML; + } + + /* LDAP DN escaping (RFC4514) */ + if (!isprint(c) || strchr("\"+,;<>\\", c)) { + flags |= T_ESCAPE_LDAP_DN; + } + + /* LDAP filter escaping (RFC4515) */ + if (!isprint(c) || strchr("*()\\", c)) { + flags |= T_ESCAPE_LDAP_FILTER; + } + + printf("%u%c", flags, (c < 255) ? ',' : ' '); + } + + printf("\n};\n"); + + return 0; +} |