version 1.107, 2015/04/18 16:06:39 |
version 1.113, 2015/11/05 17:47:51 |
|
|
#include <string.h> |
#include <string.h> |
#include <unistd.h> |
#include <unistd.h> |
|
|
#include "mandoc.h" |
|
#include "mandoc_aux.h" |
#include "mandoc_aux.h" |
|
#include "mandoc.h" |
|
#include "roff.h" |
|
#include "mdoc.h" |
|
#include "man.h" |
#include "main.h" |
#include "main.h" |
#include "manconf.h" |
#include "manconf.h" |
#include "mansearch.h" |
#include "mansearch.h" |
Line 331 http_decode(char *p) |
|
Line 334 http_decode(char *p) |
|
for ( ; '\0' != *p; p++, q++) { |
for ( ; '\0' != *p; p++, q++) { |
if ('%' == *p) { |
if ('%' == *p) { |
if ('\0' == (hex[0] = *(p + 1))) |
if ('\0' == (hex[0] = *(p + 1))) |
return(0); |
return 0; |
if ('\0' == (hex[1] = *(p + 2))) |
if ('\0' == (hex[1] = *(p + 2))) |
return(0); |
return 0; |
if (1 != sscanf(hex, "%x", &c)) |
if (1 != sscanf(hex, "%x", &c)) |
return(0); |
return 0; |
if ('\0' == c) |
if ('\0' == c) |
return(0); |
return 0; |
|
|
*q = (char)c; |
*q = (char)c; |
p += 2; |
p += 2; |
Line 346 http_decode(char *p) |
|
Line 349 http_decode(char *p) |
|
} |
} |
|
|
*q = '\0'; |
*q = '\0'; |
return(1); |
return 1; |
} |
} |
|
|
static void |
static void |
Line 374 resp_begin_html(int code, const char *msg) |
|
Line 377 resp_begin_html(int code, const char *msg) |
|
"<HTML>\n" |
"<HTML>\n" |
"<HEAD>\n" |
"<HEAD>\n" |
"<META CHARSET=\"UTF-8\" />\n" |
"<META CHARSET=\"UTF-8\" />\n" |
"<LINK REL=\"stylesheet\" HREF=\"%s/man-cgi.css\"" |
"<LINK REL=\"stylesheet\" HREF=\"%s/mandoc.css\"" |
" TYPE=\"text/css\" media=\"all\">\n" |
" TYPE=\"text/css\" media=\"all\">\n" |
"<LINK REL=\"stylesheet\" HREF=\"%s/man.css\"" |
|
" TYPE=\"text/css\" media=\"all\">\n" |
|
"<TITLE>%s</TITLE>\n" |
"<TITLE>%s</TITLE>\n" |
"</HEAD>\n" |
"</HEAD>\n" |
"<BODY>\n" |
"<BODY>\n" |
"<!-- Begin page content. //-->\n", |
"<!-- Begin page content. //-->\n", |
CSS_DIR, CSS_DIR, CUSTOMIZE_TITLE); |
CSS_DIR, CUSTOMIZE_TITLE); |
} |
} |
|
|
static void |
static void |
Line 498 validate_urifrag(const char *frag) |
|
Line 499 validate_urifrag(const char *frag) |
|
if ( ! (isalnum((unsigned char)*frag) || |
if ( ! (isalnum((unsigned char)*frag) || |
'-' == *frag || '.' == *frag || |
'-' == *frag || '.' == *frag || |
'/' == *frag || '_' == *frag)) |
'/' == *frag || '_' == *frag)) |
return(0); |
return 0; |
frag++; |
frag++; |
} |
} |
return(1); |
return 1; |
} |
} |
|
|
static int |
static int |
Line 510 validate_manpath(const struct req *req, const char* ma |
|
Line 511 validate_manpath(const struct req *req, const char* ma |
|
size_t i; |
size_t i; |
|
|
if ( ! strcmp(manpath, "mandoc")) |
if ( ! strcmp(manpath, "mandoc")) |
return(1); |
return 1; |
|
|
for (i = 0; i < req->psz; i++) |
for (i = 0; i < req->psz; i++) |
if ( ! strcmp(manpath, req->p[i])) |
if ( ! strcmp(manpath, req->p[i])) |
return(1); |
return 1; |
|
|
return(0); |
return 0; |
} |
} |
|
|
static int |
static int |
Line 526 validate_filename(const char *file) |
|
Line 527 validate_filename(const char *file) |
|
if ('.' == file[0] && '/' == file[1]) |
if ('.' == file[0] && '/' == file[1]) |
file += 2; |
file += 2; |
|
|
return ( ! (strstr(file, "../") || strstr(file, "/..") || |
return ! (strstr(file, "../") || strstr(file, "/..") || |
(strncmp(file, "man", 3) && strncmp(file, "cat", 3)))); |
(strncmp(file, "man", 3) && strncmp(file, "cat", 3))); |
} |
} |
|
|
static void |
static void |
Line 818 format(const struct req *req, const char *file) |
|
Line 819 format(const struct req *req, const char *file) |
|
{ |
{ |
struct manoutput conf; |
struct manoutput conf; |
struct mparse *mp; |
struct mparse *mp; |
struct mchars *mchars; |
|
struct roff_man *mdoc; |
|
struct roff_man *man; |
struct roff_man *man; |
void *vp; |
void *vp; |
int fd; |
int fd; |
Line 830 format(const struct req *req, const char *file) |
|
Line 829 format(const struct req *req, const char *file) |
|
return; |
return; |
} |
} |
|
|
mchars = mchars_alloc(); |
mchars_alloc(); |
mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_BADARG, NULL, |
mp = mparse_alloc(MPARSE_SO, MANDOCLEVEL_BADARG, NULL, req->q.manpath); |
mchars, req->q.manpath); |
|
mparse_readfd(mp, fd, file); |
mparse_readfd(mp, fd, file); |
close(fd); |
close(fd); |
|
|
Line 846 format(const struct req *req, const char *file) |
|
Line 844 format(const struct req *req, const char *file) |
|
usepath ? "&manpath=" : "", |
usepath ? "&manpath=" : "", |
usepath ? req->q.manpath : ""); |
usepath ? req->q.manpath : ""); |
|
|
mparse_result(mp, &mdoc, &man, NULL); |
mparse_result(mp, &man, NULL); |
if (NULL == man && NULL == mdoc) { |
if (man == NULL) { |
fprintf(stderr, "fatal mandoc error: %s/%s\n", |
fprintf(stderr, "fatal mandoc error: %s/%s\n", |
req->q.manpath, file); |
req->q.manpath, file); |
pg_error_internal(); |
pg_error_internal(); |
mparse_free(mp); |
mparse_free(mp); |
mchars_free(mchars); |
mchars_free(); |
return; |
return; |
} |
} |
|
|
vp = html_alloc(mchars, &conf); |
vp = html_alloc(&conf); |
|
|
if (NULL != mdoc) |
if (man->macroset == MACROSET_MDOC) { |
html_mdoc(vp, mdoc); |
mdoc_validate(man); |
else |
html_mdoc(vp, man); |
|
} else { |
|
man_validate(man); |
html_man(vp, man); |
html_man(vp, man); |
|
} |
|
|
html_free(vp); |
html_free(vp); |
mparse_free(mp); |
mparse_free(mp); |
mchars_free(mchars); |
mchars_free(); |
free(conf.man); |
free(conf.man); |
} |
} |
|
|
|
|
if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) { |
if (setitimer(ITIMER_VIRTUAL, &itimer, NULL) == -1) { |
fprintf(stderr, "setitimer: %s\n", strerror(errno)); |
fprintf(stderr, "setitimer: %s\n", strerror(errno)); |
pg_error_internal(); |
pg_error_internal(); |
return(EXIT_FAILURE); |
return EXIT_FAILURE; |
} |
} |
|
|
/* Scan our run-time environment. */ |
/* Scan our run-time environment. */ |
|
|
fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n", |
fprintf(stderr, "unsafe SCRIPT_NAME \"%s\"\n", |
scriptname); |
scriptname); |
pg_error_internal(); |
pg_error_internal(); |
return(EXIT_FAILURE); |
return EXIT_FAILURE; |
} |
} |
|
|
/* |
/* |
|
|
fprintf(stderr, "MAN_DIR: %s: %s\n", |
fprintf(stderr, "MAN_DIR: %s: %s\n", |
MAN_DIR, strerror(errno)); |
MAN_DIR, strerror(errno)); |
pg_error_internal(); |
pg_error_internal(); |
return(EXIT_FAILURE); |
return EXIT_FAILURE; |
} |
} |
|
|
memset(&req, 0, sizeof(struct req)); |
memset(&req, 0, sizeof(struct req)); |
|
|
else if ( ! validate_manpath(&req, req.q.manpath)) { |
else if ( ! validate_manpath(&req, req.q.manpath)) { |
pg_error_badrequest( |
pg_error_badrequest( |
"You specified an invalid manpath."); |
"You specified an invalid manpath."); |
return(EXIT_FAILURE); |
return EXIT_FAILURE; |
} |
} |
|
|
if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) { |
if ( ! (NULL == req.q.arch || validate_urifrag(req.q.arch))) { |
pg_error_badrequest( |
pg_error_badrequest( |
"You specified an invalid architecture."); |
"You specified an invalid architecture."); |
return(EXIT_FAILURE); |
return EXIT_FAILURE; |
} |
} |
|
|
/* Dispatch to the three different pages. */ |
/* Dispatch to the three different pages. */ |
|
|
for (i = 0; i < (int)req.psz; i++) |
for (i = 0; i < (int)req.psz; i++) |
free(req.p[i]); |
free(req.p[i]); |
free(req.p); |
free(req.p); |
return(EXIT_SUCCESS); |
return EXIT_SUCCESS; |
} |
} |
|
|
/* |
/* |