1 /* ====================================================================
2 * The Apache Software License, Version 1.1
4 * Copyright (c) 2000 The Apache Software Foundation. All rights
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
67 /* Returns TRUE if the input string is a string
68 * of one or more '.' characters.
70 static BOOL OnlyDots(char *pString)
77 for (c = pString;*c;c++)
84 /* Accepts as input a pathname, and tries to match it to an
85 * existing path and return the pathname in the case that
86 * is present on the existing path. This routine also
87 * converts alias names to long names.
89 API_EXPORT(char *) ap_os_systemcase_filename(ap_pool_t *pPool,
92 char buf[HUGE_STRING_LEN];
96 BOOL bFileExists = TRUE;
100 if (!szFile || strlen(szFile) == 0 || strlen(szFile) >= sizeof(buf))
101 return ap_pstrdup(pPool, "");
104 pInputName = ap_pstrdup(pPool, szFile);
106 /* First convert all slashes to \ so Win32 calls work OK */
107 for (p = pInputName; *p; p++) {
113 /* If there is drive information, copy it over. */
114 if (pInputName[1] == ':') {
115 buf[0] = tolower(*p++);
119 /* If all we have is a drive letter, then we are done */
120 if (strlen(pInputName) == 2)
127 if (*p == '\\') /* Possible UNC name */
130 /* Get past the machine name. FindFirstFile */
131 /* will not find a machine name only */
136 /* Get past the share name. FindFirstFile */
137 /* will not find a \\machine\share name only */
157 if (strchr(q, '*') || strchr(q, '?'))
160 /* If the path exists so far, call FindFirstFile
161 * again. However, if this portion of the path contains
162 * only '.' charaters, skip the call to FindFirstFile
163 * since it will convert '.' and '..' to actual names.
164 * Note: in the call to OnlyDots, we may have to skip
167 if (bFileExists && !OnlyDots((*q == '.' ? q : q+1))) {
168 hFind = FindFirstFile(pInputName, &wfd);
170 if (hFind == INVALID_HANDLE_VALUE) {
178 strcat(buf, wfd.cFileName);
182 if (!bFileExists || OnlyDots((*q == '.' ? q : q+1))) {
196 /* First convert all slashes to / so server code handles it ok */
197 for (p = buf; *p; p++) {
202 return ap_pstrdup(pPool, buf);
206 /* Perform canonicalization with the exception that the
207 * input case is preserved.
209 API_EXPORT(char *) ap_os_case_canonical_filename(ap_pool_t *pPool,
217 if (szFile == NULL || strlen(szFile) == 0)
218 return ap_pstrdup(pPool, "");
220 pNewStr = ap_pstrdup(pPool, szFile);
222 /* Change all '\' characters to '/' characters.
223 * While doing this, remove any trailing '.'.
224 * Also, blow away any directories with 3 or
227 for (p = pNewStr,s = pNewStr; *s; s++,p++) {
228 if (*s == '\\' || *s == '/') {
231 while (p > pNewStr && *(p-1) == '.')
234 if (p == pNewStr && q-p <= 2 && *p == '.')
236 else if (p > pNewStr && p < q && *(p-1) == '/') {
251 /* Blow away any final trailing '.' since on Win32
252 * foo.bat == foo.bat. == foo.bat... etc.
253 * Also blow away any trailing spaces since
254 * "filename" == "filename "
257 while (p > pNewStr && (*(p-1) == '.' || *(p-1) == ' '))
260 (p == pNewStr && q-p > 2))
264 /* One more security issue to deal with. Win32 allows
265 * you to create long filenames. However, alias filenames
266 * are always created so that the filename will
267 * conform to 8.3 rules. According to the Microsoft
268 * Developer's network CD (1/98)
269 * "Automatically generated aliases are composed of the
270 * first six characters of the filename plus ~n
271 * (where n is a number) and the first three characters
272 * after the last period."
273 * Here, we attempt to detect and decode these names.
275 p = strchr(pNewStr, '~');
277 char *pConvertedName, *pQstr, *pPstr;
278 char buf[HUGE_STRING_LEN];
279 /* We potentially have a short name. Call
280 * ap_os_systemcase_filename to examine the filesystem
281 * and possibly extract the long name.
283 pConvertedName = ap_os_systemcase_filename(pPool, pNewStr);
285 /* Since we want to preserve the incoming case as much
286 * as we can, compare for differences in the string and
287 * only substitute in the path names that changed.
289 if (stricmp(pNewStr, pConvertedName)) {
292 q = pQstr = pConvertedName;
303 if (stricmp(pQstr, pPstr))
304 strcat(buf, pQstr); /* Converted name */
306 strcat(buf, pPstr); /* Original name */
318 pNewStr = ap_pstrdup(pPool, buf);
326 /* Perform complete canonicalization.
328 API_EXPORT(char *) ap_os_canonical_filename(ap_pool_t *pPool, const char *szFile)
331 pNewName = ap_os_case_canonical_filename(pPool, szFile);
336 /* Win95 doesn't like trailing /s. NT and Unix don't mind. This works
337 * around the problem.
338 * Errr... except if it is UNC and we are referring to the root of
339 * the UNC, we MUST have a trailing \ and we can't use /s. Jeez.
340 * Not sure if this refers to all UNCs or just roots,
341 * but I'm going to fix it for all cases for now. (Ben)
345 API_EXPORT(int) os_stat(const char *szPath, struct stat *pStat)
349 if (strlen(szPath) == 0) {
353 if (szPath[0] == '/' && szPath[1] == '/') {
358 ap_assert(strlen(szPath) < _MAX_PATH);
360 for (s = buf; *s; ++s) {
366 /* then we need to add one more to get \\machine\share\ */
371 return stat(buf, pStat);
375 * Below removes the trailing /, however, do not remove
376 * it in the case of 'x:/' or stat will fail
379 if ((szPath[n - 1] == '\\' || szPath[n - 1] == '/') &&
380 !(n == 3 && szPath[1] == ':')) {
383 ap_assert(n < _MAX_PATH);
387 return stat(buf, pStat);
389 return stat(szPath, pStat);
395 /* Partial replacement for strftime. This adds certain expandos to the
399 API_EXPORT(int) os_strftime(char *s, size_t max, const char *format,
400 const struct tm *tm) {
401 /* If the new format string is bigger than max, the result string probably
402 * won't fit anyway. When %-expandos are added, made sure the padding below
405 char *new_format = (char *) _alloca(max + 11);
406 size_t i, j, format_length = strlen(format);
410 for (i = 0, j = 0; (i < format_length && j < max);) {
411 if (format[i] != '%') {
412 new_format[j++] = format[i++];
415 switch (format[i+1]) {
417 /* Is this locale dependent? Shouldn't be...
418 Also note the year 2000 exposure here */
419 memcpy(new_format + j, "%m/%d/%y", 8);
424 memcpy(new_format + j, "%I:%M:%S %p", 11);
429 memcpy(new_format + j, "%H:%M:%S", 8);
434 length_written = ap_snprintf(new_format + j, max - j, "%2d",
436 j = (length_written == -1) ? max : (j + length_written);
440 /* We know we can advance two characters forward here. */
441 new_format[j++] = format[i++];
442 new_format[j++] = format[i++];
446 *s = '\0'; /* Defensive programming, okay since output is undefined */
449 new_format[j] = '\0';
450 return_value = strftime(s, max, new_format, tm);
456 * ap_os_is_filename_valid is given a filename, and returns 0 if the filename
457 * is not valid for use on this system. On Windows, this means it fails any
458 * of the tests below. Otherwise returns 1.
460 * Test for filename validity on Win32. This is of tests come in part from
461 * the MSDN article at "Technical Articles, Windows Platform, Base Services,
462 * Guidelines, Making Room for Long Filenames" although the information
463 * in MSDN about filename testing is incomplete or conflicting. There is a
464 * similar set of tests in "Technical Articles, Windows Platform, Base Services,
465 * Guidelines, Moving Unix Applications to Windows NT".
469 * 1) total path length greater than MAX_PATH
471 * 2) anything using the octets 0-31 or characters " < > | :
472 * (these are reserved for Windows use in filenames. In addition
473 * each file system has its own additional characters that are
474 * invalid. See KB article Q100108 for more details).
476 * 3) anything ending in "." (no matter how many)
477 * (filename doc, doc. and doc... all refer to the same file)
479 * 4) any segment in which the basename (before first period) matches
480 * one of the DOS device names
481 * (the list comes from KB article Q100108 although some people
482 * reports that additional names such as "COM5" are also special
485 * If the path fails ANY of these tests, the result must be to deny access.
488 API_EXPORT(int) ap_os_is_filename_valid(const char *file)
490 const char *segstart;
491 unsigned int seglength;
493 static const char * const invalid_characters = "?\"<>*|:";
494 static const char * const invalid_filenames[] = {
495 "CON", "AUX", "COM1", "COM2", "COM3",
496 "COM4", "LPT1", "LPT2", "LPT3", "PRN", "NUL", NULL
500 if (strlen(file) >= MAX_PATH) {
501 /* Path too long for Windows. Note that this test is not valid
502 * if the path starts with //?/ or \\?\. */
508 /* Skip any leading non-path components. This can be either a
509 * drive letter such as C:, or a UNC path such as \\SERVER\SHARE\.
510 * We continue and check the rest of the path based on the rules above.
511 * This means we could eliminate valid filenames from servers which
512 * are not running NT (such as Samba).
515 if (pos[0] && pos[1] == ':') {
516 /* Skip leading drive letter */
520 if ((pos[0] == '\\' || pos[0] == '/') &&
521 (pos[1] == '\\' || pos[1] == '/')) {
522 /* Is a UNC, so skip the server name and share name */
524 while (*pos && *pos != '/' && *pos != '\\')
530 pos++; /* Move to start of share name */
531 while (*pos && *pos != '/' && *pos != '\\')
534 /* No path information */
542 unsigned int baselength;
544 while (*pos == '/' || *pos == '\\') {
550 segstart = pos; /* start of segment */
551 while (*pos && *pos != '/' && *pos != '\\') {
554 seglength = pos - segstart;
556 * Now we have a segment of the path, starting at position "segstart"
557 * and length "seglength"
561 for (idx = 0; idx < seglength; idx++) {
562 if ((segstart[idx] > 0 && segstart[idx] < 32) ||
563 strchr(invalid_characters, segstart[idx])) {
569 if (segstart[seglength-1] == '.') {
574 for (baselength = 0; baselength < seglength; baselength++) {
575 if (segstart[baselength] == '.') {
580 /* baselength is the number of characters in the base path of
581 * the segment (which could be the same as the whole segment length,
582 * if it does not include any dot characters). */
583 if (baselength == 3 || baselength == 4) {
584 for (idx = 0; invalid_filenames[idx]; idx++) {
585 if (strlen(invalid_filenames[idx]) == baselength &&
586 !strnicmp(invalid_filenames[idx], segstart, baselength)) {