root/trunk/cgi.c

Revision 785, 2.8 KB (checked in by Gary, 3 years ago)

unxsVZ 1.32 test. Eliminated unused cgi.c getline(). Added sync period to wizard.
  • Property svn:keywords set to id
Line 
1/*
2FILE
3        $Id$
4LEGAL
5        Public Domain
6       
7        Note most of this is public domain from ancient ncsa code
8        examples. Figure out.
9 
10TODO    All cgi's should only use pointers to dynamically allocated
11        memory items created herein.
12        Should be reviewed for security issues: Buffer overflows, etc.
13
14        Thanks Keith for poiting out a buffer overflow attack vector!
15*/             
16
17
18#include <stdio.h>
19#include <string.h>
20void *malloc(size_t size);
21void *realloc(void *ptr, size_t size);
22
23#include "cgi.h"
24
25#define LF 10
26#define CR 13
27
28void getword(char *word, char *line, char stop) {
29    int x = 0,y;
30
31    for(x=0;((line[x]) && (line[x] != stop)) && x<127 ;x++)
32        word[x] = line[x];
33
34    word[x] = '\0';
35    if(line[x]) ++x;
36    y=0;
37
38    while( (line[y++] = line[x++] ) );
39}
40
41char *makeword(char *line, char stop) {
42    int x = 0,y;
43    char *word = (char *) malloc(sizeof(char) * (strlen(line) + 1));
44
45    for(x=0;((line[x]) && (line[x] != stop));x++)
46        word[x] = line[x];
47
48    word[x] = '\0';
49    if(line[x]) ++x;
50    y=0;
51
52    while( (line[y++] = line[x++]) );
53    return word;
54}
55
56char *fmakeword(FILE *f, char stop, int *cl) {
57    int wsize;
58    char *word;
59    int ll;
60
61    wsize = 102400;
62    ll=0;
63    word = (char *) malloc(sizeof(char) * (wsize + 1));
64
65    while(1) {
66        word[ll] = (char)fgetc(f);
67        if(ll==wsize) {
68            word[ll+1] = '\0';
69            wsize+=102400;
70            word = (char *)realloc(word,sizeof(char)*(wsize+1));
71        }
72        --(*cl);
73        if((word[ll] == stop) || (feof(f)) || (!(*cl))) {
74            if(word[ll] != stop) ll++;
75            word[ll] = '\0';
76            word = (char *) realloc(word, ll+1);
77            return word;
78        }
79        ++ll;
80    }
81}
82
83char x2c(char *what) {
84    register char digit;
85
86    digit = (what[0] >= 'A' ? ((what[0] & 0xdf) - 'A')+10 : (what[0] - '0'));
87    digit *= 16;
88    digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A')+10 : (what[1] - '0'));
89    return(digit);
90}
91
92void unescape_url(char *url) {
93    register int x,y;
94
95    for(x=0,y=0;url[y];++x,++y) {
96        if((url[x] = url[y]) == '%') {
97            url[x] = x2c(&url[y+1]);
98            y+=2;
99        }
100    }
101    url[x] = '\0';
102}
103
104void spacetoplus(char *str) {
105    register int x;
106
107    for(x=0;str[x];x++) if(str[x] == ' ') str[x] = '+';
108}
109
110void plustospace(char *str) {
111    register int x;
112
113    for(x=0;str[x];x++) if(str[x] == '+') str[x] = ' ';
114}
115
116int ind(char *s, char c) {
117    register int x;
118
119    for(x=0;s[x];x++)
120        if(s[x] == c) return x;
121
122    return -1;
123}
124
125void escape_shell_cmd(char *cmd) {
126    register int x,y,l;
127
128    l=strlen(cmd);
129    for(x=0;cmd[x];x++) {
130        if(ind("&;`'\"|*?~<>^()[]{}$\\",cmd[x]) != -1){
131            for(y=l+1;y>x;y--)
132                cmd[y] = cmd[y-1];
133            l++; /* length has been increased */
134            cmd[x] = '\\';
135            x++; /* skip the character */
136        }
137    }
138}
139
Note: See TracBrowser for help on using the browser.