| version 1.108, 2015/04/18 16:34:25 |
version 1.115, 2015/11/07 17:58:55 |
|
|
| #include "mandoc_aux.h" |
#include "mandoc_aux.h" |
| #include "mandoc.h" |
#include "mandoc.h" |
| #include "roff.h" |
#include "roff.h" |
| |
#include "mdoc.h" |
| |
#include "man.h" |
| #include "main.h" |
#include "main.h" |
| #include "manconf.h" |
#include "manconf.h" |
| #include "mansearch.h" |
#include "mansearch.h" |
| Line 75 static void pg_searchres(const struct req *, |
|
| Line 77 static void pg_searchres(const struct req *, |
|
| static void pg_show(struct req *, const char *); |
static void pg_show(struct req *, const char *); |
| static void resp_begin_html(int, const char *); |
static void resp_begin_html(int, const char *); |
| static void resp_begin_http(int, const char *); |
static void resp_begin_http(int, const char *); |
| |
static void resp_copy(const char *); |
| static void resp_end_html(void); |
static void resp_end_html(void); |
| static void resp_searchform(const struct req *); |
static void resp_searchform(const struct req *); |
| static void resp_show(const struct req *, const char *); |
static void resp_show(const struct req *, const char *); |
| Line 332 http_decode(char *p) |
|
| Line 335 http_decode(char *p) |
|
| for ( ; '\0' != *p; p++, q++) { |
for ( ; '\0' != *p; p++, q++) { |
| if ('%' == *p) { |
if ('%' == *p) { |
| if ('\0' == (hex[0] = *(p + 1))) |
if ('\0' == (hex[0] = *(p + 1))) |
| return(0); |
return 0; |
| if ('\0' == (hex[1] = *(p + 2))) |
if ('\0' == (hex[1] = *(p + 2))) |
| return(0); |
return 0; |
| if (1 != sscanf(hex, "%x", &c)) |
if (1 != sscanf(hex, "%x", &c)) |
| return(0); |
return 0; |
| if ('\0' == c) |
if ('\0' == c) |
| return(0); |
return 0; |
| |
|
| *q = (char)c; |
*q = (char)c; |
| p += 2; |
p += 2; |
| Line 347 http_decode(char *p) |
|
| Line 350 http_decode(char *p) |
|
| } |
} |
| |
|
| *q = '\0'; |
*q = '\0'; |
| return(1); |
return 1; |
| } |
} |
| |
|
| static void |
static void |
| Line 366 resp_begin_http(int code, const char *msg) |
|
| Line 369 resp_begin_http(int code, const char *msg) |
|
| } |
} |
| |
|
| static void |
static void |
| |
resp_copy(const char *filename) |
| |
{ |
| |
char buf[4096]; |
| |
ssize_t sz; |
| |
int fd; |
| |
|
| |
if ((fd = open(filename, O_RDONLY)) != -1) { |
| |
fflush(stdout); |
| |
while ((sz = read(fd, buf, sizeof(buf))) > 0) |
| |
write(STDOUT_FILENO, buf, sz); |
| |
} |
| |
} |
| |
|
| |
static void |
| resp_begin_html(int code, const char *msg) |
resp_begin_html(int code, const char *msg) |
| { |
{ |
| |
|
| Line 375 resp_begin_html(int code, const char *msg) |
|
| Line 392 resp_begin_html(int code, const char *msg) |
|
| "<HTML>\n" |
"<HTML>\n" |
| "<HEAD>\n" |
"<HEAD>\n" |
| "<META CHARSET=\"UTF-8\" />\n" |
"<META CHARSET=\"UTF-8\" />\n" |
| "<LINK REL=\"stylesheet\" HREF=\"%s/man-cgi.css\"" |
"<LINK REL=\"stylesheet\" HREF=\"%s/mandoc.css\"" |
| " TYPE=\"text/css\" media=\"all\">\n" |
" TYPE=\"text/css\" media=\"all\">\n" |
| "<LINK REL=\"stylesheet\" HREF=\"%s/man.css\"" |
|
| " TYPE=\"text/css\" media=\"all\">\n" |
|
| "<TITLE>%s</TITLE>\n" |
"<TITLE>%s</TITLE>\n" |
| "</HEAD>\n" |
"</HEAD>\n" |
| "<BODY>\n" |
"<BODY>\n" |
| "<!-- Begin page content. //-->\n", |
"<!-- Begin page content. //-->\n", |
| CSS_DIR, CSS_DIR, CUSTOMIZE_TITLE); |
CSS_DIR, CUSTOMIZE_TITLE); |
| |
|
| |
resp_copy(MAN_DIR "/header.html"); |
| } |
} |
| |
|
| static void |
static void |
| resp_end_html(void) |
resp_end_html(void) |
| { |
{ |
| |
|
| |
resp_copy(MAN_DIR "/footer.html"); |
| |
|
| puts("</BODY>\n" |
puts("</BODY>\n" |
| "</HTML>"); |
"</HTML>"); |
| } |
} |
| Line 399 resp_searchform(const struct req *req) |
|
| Line 418 resp_searchform(const struct req *req) |
|
| { |
{ |
| int i; |
int i; |
| |
|
| puts(CUSTOMIZE_BEGIN); |
|
| puts("<!-- Begin search form. //-->"); |
puts("<!-- Begin search form. //-->"); |
| printf("<DIV ID=\"mancgi\">\n" |
printf("<DIV ID=\"mancgi\">\n" |
| "<FORM ACTION=\"%s\" METHOD=\"get\">\n" |
"<FORM ACTION=\"%s\" METHOD=\"get\">\n" |
| Line 499 validate_urifrag(const char *frag) |
|
| Line 517 validate_urifrag(const char *frag) |
|
| if ( ! (isalnum((unsigned char)*frag) || |
if ( ! (isalnum((unsigned char)*frag) || |
| '-' == *frag || '.' == *frag || |
'-' == *frag || '.' == *frag || |
| '/' == *frag || '_' == *frag)) |
'/' == *frag || '_' == *frag)) |
| return(0); |
return 0; |
| frag++; |
frag++; |
| } |
} |
| return(1); |
return 1; |
| } |
} |
| |
|
| static int |
static int |
| Line 511 validate_manpath(const struct req *req, const char* ma |
|
| Line 529 validate_manpath(const struct req *req, const char* ma |
|
| size_t i; |
size_t i; |
| |
|
| if ( ! strcmp(manpath, "mandoc")) |
if ( ! strcmp(manpath, "mandoc")) |
| return(1); |
return 1; |
| |
|
| for (i = 0; i < req->psz; i++) |
for (i = 0; i < req->psz; i++) |
| if ( ! strcmp(manpath, req->p[i])) |
if ( ! strcmp(manpath, req->p[i])) |
| return(1); |
return 1; |
| |
|
| return(0); |
return 0; |
| } |
} |
| |
|
| static int |
static int |
| Line 527 validate_filename(const char *file) |
|
| Line 545 validate_filename(const char *file) |
|
| if ('.' == file[0] && '/' == file[1]) |
if ('.' == file[0] && '/' == file[1]) |
| file += 2; |
file += 2; |
| |
|
| return ( ! (strstr(file, "../") || strstr(file, "/..") || |
return ! (strstr(file, "../") || strstr(file, "/..") || |
| (strncmp(file, "man", 3) && strncmp(file, "cat", 3)))); |
(strncmp(file, "man", 3) && strncmp(file, "cat", 3))); |
| } |
} |
| |
|
| static void |
static void |
|
|
| catman(const struct req *req, const char *file) |
catman(const struct req *req, const char *file) |
| { |
{ |
| FILE *f; |
FILE *f; |
| size_t len; |
|
| int i; |
|
| char *p; |
char *p; |
| |
size_t sz; |
| |
ssize_t len; |
| |
int i; |
| int italic, bold; |
int italic, bold; |
| |
|
| if (NULL == (f = fopen(file, "r"))) { |
if ((f = fopen(file, "r")) == NULL) { |
| puts("<P>You specified an invalid manual file.</P>"); |
puts("<P>You specified an invalid manual file.</P>"); |
| return; |
return; |
| } |
} |
| Line 699 catman(const struct req *req, const char *file) |
|
| Line 718 catman(const struct req *req, const char *file) |
|
| puts("<DIV CLASS=\"catman\">\n" |
puts("<DIV CLASS=\"catman\">\n" |
| "<PRE>"); |
"<PRE>"); |
| |
|
| while (NULL != (p = fgetln(f, &len))) { |
p = NULL; |
| |
sz = 0; |
| |
|
| |
while ((len = getline(&p, &sz, f)) != -1) { |
| bold = italic = 0; |
bold = italic = 0; |
| for (i = 0; i < (int)len - 1; i++) { |
for (i = 0; i < len - 1; i++) { |
| /* |
/* |
| * This means that the catpage is out of state. |
* This means that the catpage is out of state. |
| * Ignore it and keep going (although the |
* Ignore it and keep going (although the |
| Line 726 catman(const struct req *req, const char *file) |
|
| Line 748 catman(const struct req *req, const char *file) |
|
| italic = bold = 0; |
italic = bold = 0; |
| html_putchar(p[i]); |
html_putchar(p[i]); |
| continue; |
continue; |
| } else if (i + 2 >= (int)len) |
} else if (i + 2 >= len) |
| continue; |
continue; |
| |
|
| /* Italic mode. */ |
/* Italic mode. */ |
| Line 802 catman(const struct req *req, const char *file) |
|
| Line 824 catman(const struct req *req, const char *file) |
|
| if (bold) |
if (bold) |
| printf("</B>"); |
printf("</B>"); |
| |
|
| if (i == (int)len - 1 && '\n' != p[i]) |
if (i == len - 1 && p[i] != '\n') |
| html_putchar(p[i]); |
html_putchar(p[i]); |
| |
|
| putchar('\n'); |
putchar('\n'); |
| } |
} |
| |
free(p); |
| |
|
| puts("</PRE>\n" |
puts("</PRE>\n" |
| "</DIV>"); |
"</DIV>"); |
| Line 819 format(const struct req *req, const char *file) |
|
| Line 842 format(const struct req *req, const char *file) |
|
| { |
{ |
| struct manoutput conf; |
struct manoutput conf; |
| struct mparse *mp; |
struct mparse *mp; |
| struct mchars *mchars; |
|
| struct roff_man *man; |
struct roff_man *man; |
| void *vp; |
void *vp; |
| int fd; |
int fd; |
| Line 830 format(const struct req *req, const char *file) |
|
| Line 852 format(const struct req *req, const char *file) |
|
| return; |
return; |
| } |
} |
| |
|
| mchars = mchars_alloc(); |
mchars_alloc(); |
| mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_BADARG, NULL, |
mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_BADARG, NULL, req->q.manpath); |
| mchars, req->q.manpath); |
|
| mparse_readfd(mp, fd, file); |
mparse_readfd(mp, fd, file); |
| close(fd); |
close(fd); |
| |
|
| Line 852 format(const struct req *req, const char *file) |
|
| Line 873 format(const struct req *req, const char *file) |
|
| req->q.manpath, file); |
req->q.manpath, file); |
| pg_error_internal(); |
pg_error_internal(); |
| mparse_free(mp); |
mparse_free(mp); |
| mchars_free(mchars); |
mchars_free(); |
| return; |
return; |
| } |
} |
| |
|
| vp = html_alloc(mchars, &conf); |
vp = html_alloc(&conf); |
| |
|
| if (man->macroset == MACROSET_MDOC) |
if (man->macroset == MACROSET_MDOC) { |
| |
mdoc_validate(man); |
| html_mdoc(vp, man); |
html_mdoc(vp, man); |
| else |
} else { |
| |
man_validate(man); |
| html_man(vp, man); |
html_man(vp, man); |
| |
} |
| |
|
| html_free(vp); |
html_free(vp); |
| mparse_free(mp); |
mparse_free(mp); |
| mchars_free(mchars); |
mchars_free(); |
| free(conf.man); |
free(conf.man); |
| } |
} |
| |
|
|
|
| if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) { |
if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) { |
| fprintf(stderr, "setitimer: %s\n", strerror(errno)); |
fprintf(stderr, "setitimer: %s\n", strerror(errno)); |
| pg_error_internal(); |
pg_error_internal(); |
| return(EXIT_FAILURE); |
return EXIT_FAILURE; |
| } |
} |
| |
|
| /* Scan our run-time environment. */ |
/* Scan our run-time environment. */ |
|
|
| fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n", |
fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n", |
| scriptname); |
scriptname); |
| pg_error_internal(); |
pg_error_internal(); |
| return(EXIT_FAILURE); |
return EXIT_FAILURE; |
| } |
} |
| |
|
| /* |
/* |
|
|
| fprintf(stderr, "MAN_DIR: %s: %s\n", |
fprintf(stderr, "MAN_DIR: %s: %s\n", |
| MAN_DIR, strerror(errno)); |
MAN_DIR, strerror(errno)); |
| pg_error_internal(); |
pg_error_internal(); |
| return(EXIT_FAILURE); |
return EXIT_FAILURE; |
| } |
} |
| |
|
| memset(&req, 0, sizeof(struct req)); |
memset(&req, 0, sizeof(struct req)); |
|
|
| else if ( ! validate_manpath(&req, req.q.manpath)) { |
else if ( ! validate_manpath(&req, req.q.manpath)) { |
| pg_error_badrequest( |
pg_error_badrequest( |
| "You specified an invalid manpath."); |
"You specified an invalid manpath."); |
| return(EXIT_FAILURE); |
return EXIT_FAILURE; |
| } |
} |
| |
|
| if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) { |
if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) { |
| pg_error_badrequest( |
pg_error_badrequest( |
| "You specified an invalid architecture."); |
"You specified an invalid architecture."); |
| return(EXIT_FAILURE); |
return EXIT_FAILURE; |
| } |
} |
| |
|
| /* Dispatch to the three different pages. */ |
/* Dispatch to the three different pages. */ |
|
|
| for (i = 0; i < (int)req.psz; i++) |
for (i = 0; i < (int)req.psz; i++) |
| free(req.p[i]); |
free(req.p[i]); |
| free(req.p); |
free(req.p); |
| return(EXIT_SUCCESS); |
return EXIT_SUCCESS; |
| } |
} |
| |
|
| /* |
/* |
| Line 1115 pathgen(struct req *req) |
|
| Line 1139 pathgen(struct req *req) |
|
| FILE *fp; |
FILE *fp; |
| char *dp; |
char *dp; |
| size_t dpsz; |
size_t dpsz; |
| |
ssize_t len; |
| |
|
| if (NULL == (fp = fopen("manpath.conf", "r"))) { |
if (NULL == (fp = fopen("manpath.conf", "r"))) { |
| fprintf(stderr, "%s/manpath.conf: %s\n", |
fprintf(stderr, "%s/manpath.conf: %s\n", |
| Line 1123 pathgen(struct req *req) |
|
| Line 1148 pathgen(struct req *req) |
|
| exit(EXIT_FAILURE); |
exit(EXIT_FAILURE); |
| } |
} |
| |
|
| while (NULL != (dp = fgetln(fp, &dpsz))) { |
dp = NULL; |
| if ('\n' == dp[dpsz - 1]) |
dpsz = 0; |
| dpsz--; |
|
| |
while ((len = getline(&dp, &dpsz, fp)) != -1) { |
| |
if (dp[len - 1] == '\n') |
| |
dp[--len] = '\0'; |
| req->p = mandoc_realloc(req->p, |
req->p = mandoc_realloc(req->p, |
| (req->psz + 1) * sizeof(char *)); |
(req->psz + 1) * sizeof(char *)); |
| dp = mandoc_strndup(dp, dpsz); |
|
| if ( ! validate_urifrag(dp)) { |
if ( ! validate_urifrag(dp)) { |
| fprintf(stderr, "%s/manpath.conf contains " |
fprintf(stderr, "%s/manpath.conf contains " |
| "unsafe path \"%s\"\n", MAN_DIR, dp); |
"unsafe path \"%s\"\n", MAN_DIR, dp); |
| Line 1142 pathgen(struct req *req) |
|
| Line 1169 pathgen(struct req *req) |
|
| exit(EXIT_FAILURE); |
exit(EXIT_FAILURE); |
| } |
} |
| req->p[req->psz++] = dp; |
req->p[req->psz++] = dp; |
| |
dp = NULL; |
| |
dpsz = 0; |
| } |
} |
| |
free(dp); |
| |
|
| if ( req->p == NULL ) { |
if ( req->p == NULL ) { |
| fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR); |
fprintf(stderr, "%s/manpath.conf is empty\n", MAN_DIR); |
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to cgi.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [cvsweb.bsd.lv] / mandoc