=================================================================== RCS file: /cvs/mandoc/cgi.c,v retrieving revision 1.33 retrieving revision 1.38 diff -u -p -r1.33 -r1.38 --- mandoc/cgi.c 2011/12/15 12:18:57 1.33 +++ mandoc/cgi.c 2011/12/16 20:06:58 1.38 @@ -1,4 +1,4 @@ -/* $Id: cgi.c,v 1.33 2011/12/15 12:18:57 kristaps Exp $ */ +/* $Id: cgi.c,v 1.38 2011/12/16 20:06:58 kristaps Exp $ */ /* * Copyright (c) 2011 Kristaps Dzonsons * @@ -84,9 +84,13 @@ static void catman(const struct req *, const char *) static int cmp(const void *, const void *); static void format(const struct req *, const char *); static void html_print(const char *); +static void html_printquery(const struct req *); static void html_putchar(char); static int http_decode(char *); static void http_parse(struct req *, char *); +static void http_print(const char *); +static void http_putchar(char); +static void http_printquery(const struct req *); static int pathstop(DIR *); static void pathgen(DIR *, char *, struct req *); static void pg_index(const struct req *, char *); @@ -130,7 +134,7 @@ atou(const char *buf, unsigned *v) return(0); if ((errno == ERANGE && (lval == LONG_MAX || lval == LONG_MIN)) || - (lval > UINT_MAX || lval < 0)) + (lval > INT_MAX || lval < 0)) return(0); *v = (unsigned int)lval; @@ -163,7 +167,41 @@ html_putchar(char c) break; } } +static void +http_printquery(const struct req *req) +{ + printf("&expr="); + http_print(req->q.expr ? req->q.expr : ""); + printf("&sec="); + http_print(req->q.sec ? req->q.sec : ""); + printf("&arch="); + http_print(req->q.arch ? req->q.arch : ""); +} + + +static void +html_printquery(const struct req *req) +{ + + printf("&expr="); + html_print(req->q.expr ? req->q.expr : ""); + printf("&sec="); + html_print(req->q.sec ? req->q.sec : ""); + printf("&arch="); + html_print(req->q.arch ? req->q.arch : ""); +} + +static void +http_print(const char *p) +{ + + if (NULL == p) + return; + while ('\0' != *p) + http_putchar(*p++); +} + /* * Call through to html_putchar(). * Accepts NULL strings. @@ -187,7 +225,6 @@ static void http_parse(struct req *req, char *p) { char *key, *val, *manroot; - size_t sz; int i, legacy; memset(&req->q, 0, sizeof(struct query)); @@ -196,42 +233,24 @@ http_parse(struct req *req, char *p) legacy = -1; manroot = NULL; - while (p && '\0' != *p) { - while (' ' == *p) - p++; - + while ('\0' != *p) { key = p; val = NULL; - if (NULL != (p = strchr(p, '='))) { + p += (int)strcspn(p, ";&"); + if ('\0' != *p) *p++ = '\0'; - val = p; + if (NULL != (val = strchr(key, '='))) + *val++ = '\0'; - sz = strcspn(p, ";&"); - /* LINTED */ - p += sz; - - if ('\0' != *p) - *p++ = '\0'; - } else { - p = key; - sz = strcspn(p, ";&"); - /* LINTED */ - p += sz; - - if ('\0' != *p) - p++; + if ('\0' == *key || NULL == val || '\0' == *val) continue; - } - if ('\0' == *key || '\0' == *val) - continue; - /* Just abort handling. */ if ( ! http_decode(key)) break; - if ( ! http_decode(val)) + if (NULL != val && ! http_decode(val)) break; if (0 == strcmp(key, "expr")) @@ -284,6 +303,20 @@ http_parse(struct req *req, char *p) } } +static void +http_putchar(char c) +{ + + if (isalnum((unsigned char)c)) { + putchar((unsigned char)c); + return; + } else if (' ' == c) { + putchar('+'); + return; + } + printf("%%%.2x", c); +} + /* * HTTP-decode a string. The standard explanation is that this turns * "%4e+foo" into "n foo" in the regular way. This is done in-place @@ -477,18 +510,22 @@ resp_search(struct res *r, size_t sz, void *arg) const struct req *req; req = (const struct req *)arg; - assert(req->q.manroot >= 0); + if (sz > 0) + assert(req->q.manroot >= 0); + if (1 == sz) { /* * If we have just one result, then jump there now * without any delay. */ puts("Status: 303 See Other"); - printf("Location: http://%s%s/show/%d/%u/%u.html\n", + printf("Location: http://%s%s/show/%d/%u/%u.html?", host, progname, req->q.manroot, r[0].volume, r[0].rec); - puts("Content-Type: text/html; charset=utf-8\n"); + http_printquery(req); + puts("\n" + "Content-Type: text/html; charset=utf-8\n"); return; } @@ -504,13 +541,10 @@ resp_search(struct res *r, size_t sz, void *arg) "No %s results found.\n", req->q.whatis ? "whatis" : "apropos"); if (req->q.whatis) { - printf("(Try q.expr ? req->q.expr : ""); - printf("&sec="); - html_print(req->q.sec ? req->q.sec : ""); - printf("&arch="); - html_print(req->q.arch ? req->q.arch : ""); + printf("(Try " + "apropos?)"); } puts("

"); @@ -524,9 +558,11 @@ resp_search(struct res *r, size_t sz, void *arg) for (i = 0; i < (int)sz; i++) { printf("\n" "\n" - "", + "q.manroot, r[i].volume, r[i].rec); + html_printquery(req); + printf("\">"); html_print(r[i].title); putchar('('); html_print(r[i].cat); @@ -749,10 +785,11 @@ static void pg_show(const struct req *req, char *path) { struct manpaths ps; + size_t sz; char *sub; char file[MAXPATHLEN]; - const char *fn, *cp; - int rc; + const char *cp; + int rc, catm; unsigned int vol, rec, mr; DB *idx; DBT key, val; @@ -804,7 +841,8 @@ pg_show(const struct req *req, char *path) goto out; } - strlcpy(file, ps.paths[vol], MAXPATHLEN); + sz = strlcpy(file, ps.paths[vol], MAXPATHLEN); + assert(sz < MAXPATHLEN); strlcat(file, "/mandoc.index", MAXPATHLEN); /* Open the index recno(3) database. */ @@ -822,21 +860,24 @@ pg_show(const struct req *req, char *path) if (0 != (rc = (*idx->get)(idx, &key, &val, 0))) { rc < 0 ? resp_baddb() : resp_error400(); goto out; - } + } else if (0 == val.size) { + resp_baddb(); + goto out; + } cp = (char *)val.data; + catm = 'c' == *cp++; - if (NULL == (fn = memchr(cp, '\0', val.size))) + if (NULL == memchr(cp, '\0', val.size - 1)) resp_baddb(); - else if (++fn - cp >= (int)val.size) - resp_baddb(); - else if (NULL == memchr(fn, '\0', val.size - (fn - cp))) - resp_baddb(); else { - if (0 == strcmp(cp, "cat")) - catman(req, fn + 1); + file[(int)sz] = '\0'; + strlcat(file, "/", MAXPATHLEN); + strlcat(file, cp, MAXPATHLEN); + if (catm) + catman(req, file); else - format(req, fn + 1); + format(req, file); } out: if (idx)