1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * util.c: string utility things
21 * 1995-96 Many changes by the Apache Software Foundation
26 * #define DEBUG to trace all cfg_open*()/cfg_closefile() calls
27 * #define DEBUG_CFG_LINES to trace every line read from the config files
31 #include "apr_strings.h"
34 #define APR_WANT_STDIO
35 #define APR_WANT_STRFUNC
41 #if APR_HAVE_PROCESS_H
42 #include <process.h> /* for getpid() on Win32 */
45 #include <netdb.h> /* for gethostbyname() */
48 #include "ap_config.h"
49 #include "apr_base64.h"
51 #include "http_main.h"
53 #include "http_protocol.h"
54 #include "http_config.h"
55 #include "http_core.h"
56 #include "util_ebcdic.h"
65 /* A bunch of functions in util.c scan strings looking for certain characters.
66 * To make that more efficient we encode a lookup table. The test_char_table
67 * is generated automatically by gen_test_char.c.
69 #include "test_char.h"
71 /* we assume the folks using this ensure 0 <= c < 256... which means
72 * you need a cast to (unsigned char) first, you can't just plug a
73 * char in here and get it to work, because if char is signed then it
74 * will first be sign extended.
76 #define TEST_CHAR(c, f) (test_char_table[(unsigned)(c)] & (f))
78 /* Win32/NetWare/OS2 need to check for both forward and back slashes
79 * in ap_getparents() and ap_escape_url.
81 #ifdef CASE_BLIND_FILESYSTEM
82 #define IS_SLASH(s) ((s == '/') || (s == '\\'))
85 #define IS_SLASH(s) (s == '/')
89 /* we know core's module_index is 0 */
90 #undef APLOG_MODULE_INDEX
91 #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
95 * Examine a field value (such as a media-/content-type) string and return
96 * it sans any parameters; e.g., strip off any ';charset=foo' and the like.
98 AP_DECLARE(char *) ap_field_noparam(apr_pool_t *p, const char *intype)
102 if (intype == NULL) return NULL;
104 semi = ap_strchr_c(intype, ';');
106 return apr_pstrdup(p, intype);
109 while ((semi > intype) && apr_isspace(semi[-1])) {
112 return apr_pstrndup(p, intype, semi - intype);
116 AP_DECLARE(char *) ap_ht_time(apr_pool_t *p, apr_time_t t, const char *fmt,
120 char ts[MAX_STRING_LEN];
121 char tf[MAX_STRING_LEN];
128 apr_time_exp_gmt(&xt, t);
129 /* Convert %Z to "GMT" and %z to "+0000";
130 * on hosts that do not have a time zone string in struct tm,
131 * strftime must assume its argument is local time.
133 for(strp = tf, f = fmt; strp < tf + sizeof(tf) - 6 && (*strp = *f)
135 if (*f != '%') continue;
146 case 'z': /* common extension */
160 apr_time_exp_lt(&xt, t);
163 /* check return code? */
164 apr_strftime(ts, &retcode, MAX_STRING_LEN, fmt, &xt);
165 ts[MAX_STRING_LEN - 1] = '\0';
166 return apr_pstrdup(p, ts);
169 /* Roy owes Rob beer. */
170 /* Rob owes Roy dinner. */
172 /* These legacy comments would make a lot more sense if Roy hadn't
173 * replaced the old later_than() routine with util_date.c.
175 * Well, okay, they still wouldn't make any sense.
178 /* Match = 0, NoMatch = 1, Abort = -1
179 * Based loosely on sections of wildmat.c by Rich Salz
180 * Hmmm... shouldn't this really go component by component?
182 AP_DECLARE(int) ap_strcmp_match(const char *str, const char *expected)
186 for (x = 0, y = 0; expected[y]; ++y, ++x) {
187 if ((!str[x]) && (expected[y] != '*'))
189 if (expected[y] == '*') {
190 while (expected[++y] == '*');
195 if ((ret = ap_strcmp_match(&str[x++], &expected[y])) != 1)
200 else if ((expected[y] != '?') && (str[x] != expected[y]))
203 return (str[x] != '\0');
206 AP_DECLARE(int) ap_strcasecmp_match(const char *str, const char *expected)
210 for (x = 0, y = 0; expected[y]; ++y, ++x) {
211 if (!str[x] && expected[y] != '*')
213 if (expected[y] == '*') {
214 while (expected[++y] == '*');
219 if ((ret = ap_strcasecmp_match(&str[x++], &expected[y])) != 1)
224 else if (expected[y] != '?'
225 && apr_tolower(str[x]) != apr_tolower(expected[y]))
228 return (str[x] != '\0');
231 /* We actually compare the canonical root to this root, (but we don't
232 * waste time checking the case), since every use of this function in
233 * httpd-2.1 tests if the path is 'proper', meaning we've already passed
234 * it through apr_filepath_merge, or we haven't.
236 AP_DECLARE(int) ap_os_is_path_absolute(apr_pool_t *p, const char *dir)
239 const char *ourdir = dir;
240 if (apr_filepath_root(&newpath, &dir, 0, p) != APR_SUCCESS
241 || strncmp(newpath, ourdir, strlen(newpath)) != 0) {
247 AP_DECLARE(int) ap_is_matchexp(const char *str)
251 for (x = 0; str[x]; x++)
252 if ((str[x] == '*') || (str[x] == '?'))
258 * Here's a pool-based interface to the POSIX-esque ap_regcomp().
259 * Note that we return ap_regex_t instead of being passed one.
260 * The reason is that if you use an already-used ap_regex_t structure,
261 * the memory that you've already allocated gets forgotten, and
262 * regfree() doesn't clear it. So we don't allow it.
265 static apr_status_t regex_cleanup(void *preg)
267 ap_regfree((ap_regex_t *) preg);
271 AP_DECLARE(ap_regex_t *) ap_pregcomp(apr_pool_t *p, const char *pattern,
274 ap_regex_t *preg = apr_palloc(p, sizeof *preg);
276 if (ap_regcomp(preg, pattern, cflags)) {
280 apr_pool_cleanup_register(p, (void *) preg, regex_cleanup,
281 apr_pool_cleanup_null);
286 AP_DECLARE(void) ap_pregfree(apr_pool_t *p, ap_regex_t *reg)
289 apr_pool_cleanup_kill(p, (void *) reg, regex_cleanup);
293 * Similar to standard strstr() but we ignore case in this version.
294 * Based on the strstr() implementation further below.
296 AP_DECLARE(char *) ap_strcasestr(const char *s1, const char *s2)
304 for ( ; (*s1 != '\0') && (apr_tolower(*s1) != apr_tolower(*s2)); s1++);
308 /* found first character of s2, see if the rest matches */
311 for (++p1, ++p2; apr_tolower(*p1) == apr_tolower(*p2); ++p1, ++p2) {
313 /* both strings ended together */
318 /* second string ended, a match */
321 /* didn't find a match here, try starting at next character in s1 */
328 * Returns an offsetted pointer in bigstring immediately after
329 * prefix. Returns bigstring if bigstring doesn't start with
330 * prefix or if prefix is longer than bigstring while still matching.
331 * NOTE: pointer returned is relative to bigstring, so we
332 * can use standard pointer comparisons in the calling function
333 * (eg: test if ap_stripprefix(a,b) == a)
335 AP_DECLARE(const char *) ap_stripprefix(const char *bigstring,
344 while (*p1 && *prefix) {
345 if (*p1++ != *prefix++)
351 /* hit the end of bigstring! */
355 /* This function substitutes for $0-$9, filling in regular expression
356 * submatches. Pass it the same nmatch and pmatch arguments that you
357 * passed ap_regexec(). pmatch should not be greater than the maximum number
358 * of subexpressions - i.e. one more than the re_nsub member of ap_regex_t.
360 * input should be the string with the $-expressions, source should be the
361 * string that was matched against.
363 * It returns the substituted string, or NULL on error.
365 * Parts of this code are based on Henry Spencer's regsub(), from his
366 * AT&T V8 regexp package.
369 AP_DECLARE(char *) ap_pregsub(apr_pool_t *p, const char *input,
370 const char *source, size_t nmatch,
371 ap_regmatch_t pmatch[])
373 const char *src = input;
382 return apr_pstrdup(p, src);
384 /* First pass, find the size */
388 while ((c = *src++) != '\0') {
389 if (c == '$' && apr_isdigit(*src))
394 if (no > 9) { /* Ordinary character. */
395 if (c == '\\' && *src)
399 else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) {
400 len += pmatch[no].rm_eo - pmatch[no].rm_so;
405 dest = dst = apr_pcalloc(p, len + 1);
407 /* Now actually fill in the string */
411 while ((c = *src++) != '\0') {
414 else if (c == '$' && apr_isdigit(*src))
419 if (no > 9) { /* Ordinary character. */
420 if (c == '\\' && (*src == '$' || *src == '&'))
424 else if (no < nmatch && pmatch[no].rm_so < pmatch[no].rm_eo) {
425 len = pmatch[no].rm_eo - pmatch[no].rm_so;
426 memcpy(dst, source + pmatch[no].rm_so, len);
437 * Parse .. so we don't compromise security
439 AP_DECLARE(void) ap_getparents(char *name)
444 /* Four paseses, as per RFC 1808 */
445 /* a) remove ./ path segments */
446 for (next = name; *next && (*next != '.'); next++) {
449 l = w = first_dot = next - name;
450 while (name[l] != '\0') {
451 if (name[l] == '.' && IS_SLASH(name[l + 1])
452 && (l == 0 || IS_SLASH(name[l - 1])))
455 name[w++] = name[l++];
458 /* b) remove trailing . path, segment */
459 if (w == 1 && name[0] == '.')
461 else if (w > 1 && name[w - 1] == '.' && IS_SLASH(name[w - 2]))
465 /* c) remove all xx/../ segments. (including leading ../ and /../) */
468 while (name[l] != '\0') {
469 if (name[l] == '.' && name[l + 1] == '.' && IS_SLASH(name[l + 2])
470 && (l == 0 || IS_SLASH(name[l - 1]))) {
471 register int m = l + 3, n;
475 while (l >= 0 && !IS_SLASH(name[l]))
482 while ((name[n] = name[m]))
489 /* d) remove trailing xx/.. segment. */
490 if (l == 2 && name[0] == '.' && name[1] == '.')
492 else if (l > 2 && name[l - 1] == '.' && name[l - 2] == '.'
493 && IS_SLASH(name[l - 3])) {
496 while (l >= 0 && !IS_SLASH(name[l]))
506 AP_DECLARE(void) ap_no2slash(char *name)
512 #ifdef HAVE_UNC_PATHS
513 /* Check for UNC names. Leave leading two slashes. */
514 if (s[0] == '/' && s[1] == '/')
519 if ((*d++ = *s) == '/') {
533 * copy at most n leading directories of s into d
534 * d should be at least as large as s plus 1 extra byte
536 * the return value is the ever useful pointer to the trailing \0 of d
538 * MODIFIED FOR HAVE_DRIVE_LETTERS and NETWARE environments,
539 * so that if n == 0, "/" is returned in d with n == 1
540 * and s == "e:/test.html", "e:/" is returned in d
541 * *** See also directory_walk in modules/http/http_request.c
544 * /a/b, 0 ==> / (true for all platforms)
553 * c:/a/b 3 ==> c:/a/b
554 * c:/a/b 4 ==> c:/a/b
556 AP_DECLARE(char *) ap_make_dirstr_prefix(char *d, const char *s, int n)
565 if (*s == '\0' || (*s == '/' && (--n) == 0)) {
577 * return the parent directory name including trailing / of the file s
579 AP_DECLARE(char *) ap_make_dirstr_parent(apr_pool_t *p, const char *s)
581 const char *last_slash = ap_strrchr_c(s, '/');
585 if (last_slash == NULL) {
586 return apr_pstrdup(p, "");
588 l = (last_slash - s) + 1;
589 d = apr_pstrmemdup(p, s, l);
595 AP_DECLARE(int) ap_count_dirs(const char *path)
599 for (x = 0, n = 0; path[x]; x++)
605 AP_DECLARE(char *) ap_getword_nc(apr_pool_t *atrans, char **line, char stop)
607 return ap_getword(atrans, (const char **) line, stop);
610 AP_DECLARE(char *) ap_getword(apr_pool_t *atrans, const char **line, char stop)
612 const char *pos = *line;
616 while ((*pos != stop) && *pos) {
621 res = apr_pstrmemdup(atrans, *line, len);
624 while (*pos == stop) {
633 AP_DECLARE(char *) ap_getword_white_nc(apr_pool_t *atrans, char **line)
635 return ap_getword_white(atrans, (const char **) line);
638 AP_DECLARE(char *) ap_getword_white(apr_pool_t *atrans, const char **line)
640 const char *pos = *line;
644 while (!apr_isspace(*pos) && *pos) {
649 res = apr_pstrmemdup(atrans, *line, len);
651 while (apr_isspace(*pos)) {
660 AP_DECLARE(char *) ap_getword_nulls_nc(apr_pool_t *atrans, char **line,
663 return ap_getword_nulls(atrans, (const char **) line, stop);
666 AP_DECLARE(char *) ap_getword_nulls(apr_pool_t *atrans, const char **line,
669 const char *pos = ap_strchr_c(*line, stop);
673 res = apr_pstrdup(atrans, *line);
674 *line += strlen(*line);
678 res = apr_pstrndup(atrans, *line, pos - *line);
687 /* Get a word, (new) config-file style --- quoted strings and backslashes
691 static char *substring_conf(apr_pool_t *p, const char *start, int len,
694 char *result = apr_palloc(p, len + 2);
698 for (i = 0; i < len; ++i) {
699 if (start[i] == '\\' && (start[i + 1] == '\\'
700 || (quote && start[i + 1] == quote)))
701 *resp++ = start[++i];
707 #if RESOLVE_ENV_PER_TOKEN
708 return (char *)ap_resolve_env(p,result);
714 AP_DECLARE(char *) ap_getword_conf_nc(apr_pool_t *p, char **line)
716 return ap_getword_conf(p, (const char **) line);
719 AP_DECLARE(char *) ap_getword_conf(apr_pool_t *p, const char **line)
721 const char *str = *line, *strend;
725 while (*str && apr_isspace(*str))
733 if ((quote = *str) == '"' || quote == '\'') {
735 while (*strend && *strend != quote) {
736 if (*strend == '\\' && strend[1] &&
737 (strend[1] == quote || strend[1] == '\\')) {
744 res = substring_conf(p, str + 1, strend - str - 1, quote);
746 if (*strend == quote)
751 while (*strend && !apr_isspace(*strend))
754 res = substring_conf(p, str, strend - str, 0);
757 while (*strend && apr_isspace(*strend))
763 AP_DECLARE(int) ap_cfg_closefile(ap_configfile_t *cfp)
766 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL,
767 "Done with config file %s", cfp->name);
769 return (cfp->close == NULL) ? 0 : cfp->close(cfp->param);
772 /* we can't use apr_file_* directly because of linking issues on Windows */
773 static apr_status_t cfg_close(void *param)
775 return apr_file_close(param);
778 static apr_status_t cfg_getch(char *ch, void *param)
780 return apr_file_getc(ch, param);
783 static apr_status_t cfg_getstr(void *buf, size_t bufsiz, void *param)
785 return apr_file_gets(buf, bufsiz, param);
788 /* Open a ap_configfile_t as FILE, return open ap_configfile_t struct pointer */
789 AP_DECLARE(apr_status_t) ap_pcfg_openfile(ap_configfile_t **ret_cfg,
790 apr_pool_t *p, const char *name)
792 ap_configfile_t *new_cfg;
793 apr_file_t *file = NULL;
801 ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
802 "Internal error: pcfg_openfile() called with NULL filename");
806 status = apr_file_open(&file, name, APR_READ | APR_BUFFERED,
809 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL,
810 "Opening config file %s (%s)",
811 name, (status != APR_SUCCESS) ?
812 apr_strerror(status, buf, sizeof(buf)) : "successful");
814 if (status != APR_SUCCESS)
817 status = apr_file_info_get(&finfo, APR_FINFO_TYPE, file);
818 if (status != APR_SUCCESS)
821 if (finfo.filetype != APR_REG &&
822 #if defined(WIN32) || defined(OS2) || defined(NETWARE)
823 strcasecmp(apr_filepath_name_get(name), "nul") != 0) {
825 strcmp(name, "/dev/null") != 0) {
826 #endif /* WIN32 || OS2 */
827 ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
828 "Access to file %s denied by server: not a regular file",
830 apr_file_close(file);
835 /* Some twisted character [no pun intended] at MS decided that a
836 * zero width joiner as the lead wide character would be ideal for
837 * describing Unicode text files. This was further convoluted to
838 * another MSism that the same character mapped into utf-8, EF BB BF
839 * would signify utf-8 text files.
841 * Since MS configuration files are all protecting utf-8 encoded
842 * Unicode path, file and resource names, we already have the correct
843 * WinNT encoding. But at least eat the stupid three bytes up front.
846 unsigned char buf[4];
848 status = apr_file_read(file, buf, &len);
849 if ((status != APR_SUCCESS) || (len < 3)
850 || memcmp(buf, "\xEF\xBB\xBF", 3) != 0) {
852 apr_file_seek(file, APR_SET, &zero);
857 new_cfg = apr_palloc(p, sizeof(*new_cfg));
858 new_cfg->param = file;
859 new_cfg->name = apr_pstrdup(p, name);
860 new_cfg->getch = cfg_getch;
861 new_cfg->getstr = cfg_getstr;
862 new_cfg->close = cfg_close;
863 new_cfg->line_number = 0;
869 /* Allocate a ap_configfile_t handle with user defined functions and params */
870 AP_DECLARE(ap_configfile_t *) ap_pcfg_open_custom(
871 apr_pool_t *p, const char *descr, void *param,
872 apr_status_t (*getc_func) (char *ch, void *param),
873 apr_status_t (*gets_func) (void *buf, size_t bufsize, void *param),
874 apr_status_t (*close_func) (void *param))
876 ap_configfile_t *new_cfg = apr_palloc(p, sizeof(*new_cfg));
877 new_cfg->param = param;
878 new_cfg->name = descr;
879 new_cfg->getch = getc_func;
880 new_cfg->getstr = gets_func;
881 new_cfg->close = close_func;
882 new_cfg->line_number = 0;
886 /* Read one character from a configfile_t */
887 AP_DECLARE(apr_status_t) ap_cfg_getc(char *ch, ap_configfile_t *cfp)
889 apr_status_t rc = cfp->getch(ch, cfp->param);
890 if (rc == APR_SUCCESS && *ch == LF)
895 AP_DECLARE(const char *) ap_pcfg_strerror(apr_pool_t *p, ap_configfile_t *cfp,
898 char buf[MAX_STRING_LEN];
899 if (rc == APR_SUCCESS)
901 return apr_psprintf(p, "Error reading %s at line %d: %s",
902 cfp->name, cfp->line_number,
903 rc == APR_ENOSPC ? "Line too long"
904 : apr_strerror(rc, buf, sizeof(buf)));
907 /* Read one line from open ap_configfile_t, strip LF, increase line number */
908 /* If custom handler does not define a getstr() function, read char by char */
909 AP_DECLARE(apr_status_t) ap_cfg_getline(char *buf, size_t bufsize, ap_configfile_t *cfp)
913 /* If a "get string" function is defined, use it */
914 if (cfp->getstr != NULL) {
917 size_t cbufsize = bufsize;
921 rc = cfp->getstr(cbuf, cbufsize, cfp->param);
931 if (rc != APR_SUCCESS) {
936 * check for line continuation,
937 * i.e. match [^\\]\\[\r]\n only
941 if (cp > cbuf && cp[-1] == LF) {
943 if (cp > cbuf && cp[-1] == CR)
945 if (cp > cbuf && cp[-1] == '\\') {
948 * line continuation requested -
949 * then remove backslash and continue
951 cbufsize -= (cp-cbuf);
956 else if (cp - buf >= bufsize - 1) {
962 /* No "get string" function defined; read character by character */
966 /* too small, assume caller is crazy */
973 rc = cfp->getch(&c, cfp->param);
980 if (rc != APR_SUCCESS)
984 /* check for line continuation */
985 if (i > 0 && buf[i-1] == '\\') {
993 else if (i >= bufsize - 2) {
1003 * Leading and trailing white space is eliminated completely
1006 while (apr_isspace(*src))
1008 /* blast trailing whitespace */
1009 dst = &src[strlen(src)];
1010 while (--dst >= src && apr_isspace(*dst))
1012 /* Zap leading whitespace by shifting */
1014 memmove(buf, src, dst - src + 2);
1016 #ifdef DEBUG_CFG_LINES
1017 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, "Read config: '%s'", buf);
1022 /* Size an HTTP header field list item, as separated by a comma.
1023 * The return value is a pointer to the beginning of the non-empty list item
1024 * within the original string (or NULL if there is none) and the address
1025 * of field is shifted to the next non-comma, non-whitespace character.
1026 * len is the length of the item excluding any beginning whitespace.
1028 AP_DECLARE(const char *) ap_size_list_item(const char **field, int *len)
1030 const unsigned char *ptr = (const unsigned char *)*field;
1031 const unsigned char *token;
1032 int in_qpair, in_qstr, in_com;
1034 /* Find first non-comma, non-whitespace byte */
1036 while (*ptr == ',' || apr_isspace(*ptr))
1041 /* Find the end of this item, skipping over dead bits */
1043 for (in_qpair = in_qstr = in_com = 0;
1044 *ptr && (in_qpair || in_qstr || in_com || *ptr != ',');
1052 case '\\': in_qpair = 1; /* quoted-pair */
1054 case '"' : if (!in_com) /* quoted string delim */
1057 case '(' : if (!in_qstr) /* comment (may nest) */
1060 case ')' : if (in_com) /* end comment */
1068 if ((*len = (ptr - token)) == 0) {
1069 *field = (const char *)ptr;
1073 /* Advance field pointer to the next non-comma, non-white byte */
1075 while (*ptr == ',' || apr_isspace(*ptr))
1078 *field = (const char *)ptr;
1079 return (const char *)token;
1082 /* Retrieve an HTTP header field list item, as separated by a comma,
1083 * while stripping insignificant whitespace and lowercasing anything not in
1084 * a quoted string or comment. The return value is a new string containing
1085 * the converted list item (or NULL if none) and the address pointed to by
1086 * field is shifted to the next non-comma, non-whitespace.
1088 AP_DECLARE(char *) ap_get_list_item(apr_pool_t *p, const char **field)
1090 const char *tok_start;
1091 const unsigned char *ptr;
1094 int addspace = 0, in_qpair = 0, in_qstr = 0, in_com = 0, tok_len = 0;
1096 /* Find the beginning and maximum length of the list item so that
1097 * we can allocate a buffer for the new string and reset the field.
1099 if ((tok_start = ap_size_list_item(field, &tok_len)) == NULL) {
1102 token = apr_palloc(p, tok_len + 1);
1104 /* Scan the token again, but this time copy only the good bytes.
1105 * We skip extra whitespace and any whitespace around a '=', '/',
1106 * or ';' and lowercase normal characters not within a comment,
1107 * quoted-string or quoted-pair.
1109 for (ptr = (const unsigned char *)tok_start, pos = (unsigned char *)token;
1110 *ptr && (in_qpair || in_qstr || in_com || *ptr != ',');
1119 case '\\': in_qpair = 1;
1125 case '"' : if (!in_com)
1132 case '(' : if (!in_qstr)
1139 case ')' : if (in_com)
1145 case '\t': if (addspace)
1147 if (in_com || in_qstr)
1154 case ';' : if (!(in_com || in_qstr))
1158 default : if (addspace == 1)
1160 *pos++ = (in_com || in_qstr) ? *ptr
1161 : apr_tolower(*ptr);
1172 /* Find an item in canonical form (lowercase, no extra spaces) within
1173 * an HTTP field value list. Returns 1 if found, 0 if not found.
1174 * This would be much more efficient if we stored header fields as
1175 * an array of list items as they are received instead of a plain string.
1177 AP_DECLARE(int) ap_find_list_item(apr_pool_t *p, const char *line,
1180 const unsigned char *pos;
1181 const unsigned char *ptr = (const unsigned char *)line;
1182 int good = 0, addspace = 0, in_qpair = 0, in_qstr = 0, in_com = 0;
1187 do { /* loop for each item in line's list */
1189 /* Find first non-comma, non-whitespace byte */
1191 while (*ptr == ',' || apr_isspace(*ptr))
1195 good = 1; /* until proven otherwise for this item */
1197 break; /* no items left and nothing good found */
1199 /* We skip extra whitespace and any whitespace around a '=', '/',
1200 * or ';' and lowercase normal characters not within a comment,
1201 * quoted-string or quoted-pair.
1203 for (pos = (const unsigned char *)tok;
1204 *ptr && (in_qpair || in_qstr || in_com || *ptr != ',');
1210 good = (*pos++ == *ptr);
1214 case '\\': in_qpair = 1;
1216 good = good && (*pos++ == ' ');
1217 good = good && (*pos++ == *ptr);
1220 case '"' : if (!in_com)
1223 good = good && (*pos++ == ' ');
1224 good = good && (*pos++ == *ptr);
1227 case '(' : if (!in_qstr)
1230 good = good && (*pos++ == ' ');
1231 good = good && (*pos++ == *ptr);
1234 case ')' : if (in_com)
1236 good = good && (*pos++ == *ptr);
1240 case '\t': if (addspace || !good)
1242 if (in_com || in_qstr)
1243 good = (*pos++ == *ptr);
1249 case ';' : if (!(in_com || in_qstr))
1251 good = good && (*pos++ == *ptr);
1253 default : if (!good)
1256 good = (*pos++ == ' ');
1257 if (in_com || in_qstr)
1258 good = good && (*pos++ == *ptr);
1260 good = good && (*pos++ == apr_tolower(*ptr));
1267 good = 0; /* not good if only a prefix was matched */
1269 } while (*ptr && !good);
1275 /* Retrieve a token, spacing over it and returning a pointer to
1276 * the first non-white byte afterwards. Note that these tokens
1277 * are delimited by semis and commas; and can also be delimited
1278 * by whitespace at the caller's option.
1281 AP_DECLARE(char *) ap_get_token(apr_pool_t *p, const char **accept_line,
1284 const char *ptr = *accept_line;
1285 const char *tok_start;
1289 /* Find first non-white byte */
1291 while (*ptr && apr_isspace(*ptr))
1296 /* find token end, skipping over quoted strings.
1297 * (comments are already gone).
1300 while (*ptr && (accept_white || !apr_isspace(*ptr))
1301 && *ptr != ';' && *ptr != ',') {
1308 tok_len = ptr - tok_start;
1309 token = apr_pstrndup(p, tok_start, tok_len);
1311 /* Advance accept_line pointer to the next non-white byte */
1313 while (*ptr && apr_isspace(*ptr))
1321 /* find http tokens, see the definition of token from RFC2068 */
1322 AP_DECLARE(int) ap_find_token(apr_pool_t *p, const char *line, const char *tok)
1324 const unsigned char *start_token;
1325 const unsigned char *s;
1330 s = (const unsigned char *)line;
1332 /* find start of token, skip all stop characters, note NUL
1333 * isn't a token stop, so we don't need to test for it
1335 while (TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
1342 /* find end of the token */
1343 while (*s && !TEST_CHAR(*s, T_HTTP_TOKEN_STOP)) {
1346 if (!strncasecmp((const char *)start_token, (const char *)tok,
1357 AP_DECLARE(int) ap_find_last_token(apr_pool_t *p, const char *line,
1360 int llen, tlen, lidx;
1365 llen = strlen(line);
1370 (lidx > 0 && !(apr_isspace(line[lidx - 1]) || line[lidx - 1] == ',')))
1373 return (strncasecmp(&line[lidx], tok, tlen) == 0);
1376 AP_DECLARE(char *) ap_escape_shell_cmd(apr_pool_t *p, const char *str)
1380 const unsigned char *s;
1382 cmd = apr_palloc(p, 2 * strlen(str) + 1); /* Be safe */
1383 d = (unsigned char *)cmd;
1384 s = (const unsigned char *)str;
1387 #if defined(OS2) || defined(WIN32)
1389 * Newlines to Win32/OS2 CreateProcess() are ill advised.
1390 * Convert them to spaces since they are effectively white
1391 * space to most applications
1393 if (*s == '\r' || *s == '\n') {
1399 if (TEST_CHAR(*s, T_ESCAPE_SHELL_CMD)) {
1409 static char x2c(const char *what)
1411 register char digit;
1413 #if !APR_CHARSET_EBCDIC
1414 digit = ((what[0] >= 'A') ? ((what[0] & 0xdf) - 'A') + 10
1417 digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10
1419 #else /*APR_CHARSET_EBCDIC*/
1426 digit = apr_xlate_conv_byte(ap_hdrs_from_ascii,
1427 0xFF & strtol(xstr, NULL, 16));
1428 #endif /*APR_CHARSET_EBCDIC*/
1433 * Unescapes a URL, leaving reserved characters intact.
1434 * Returns 0 on success, non-zero on error
1436 * bad % escape returns HTTP_BAD_REQUEST
1438 * decoding %00 or a forbidden character returns HTTP_NOT_FOUND
1441 static int unescape_url(char *url, const char *forbid, const char *reserved)
1443 register int badesc, badpath;
1448 /* Initial scan for first '%'. Don't bother writing values before
1450 y = strchr(url, '%');
1454 for (x = y; *y; ++x, ++y) {
1459 if (!apr_isxdigit(*(y + 1)) || !apr_isxdigit(*(y + 2))) {
1465 decoded = x2c(y + 1);
1466 if ((decoded == '\0')
1467 || (forbid && ap_strchr_c(forbid, decoded))) {
1472 else if (reserved && ap_strchr_c(reserved, decoded)) {
1486 return HTTP_BAD_REQUEST;
1489 return HTTP_NOT_FOUND;
1495 AP_DECLARE(int) ap_unescape_url(char *url)
1498 return unescape_url(url, SLASHES, NULL);
1500 AP_DECLARE(int) ap_unescape_url_keep2f(char *url, int decode_slashes)
1502 /* AllowEncodedSlashes (corrected) */
1503 if (decode_slashes) {
1504 /* no chars reserved */
1505 return unescape_url(url, NULL, NULL);
1507 /* reserve (do not decode) encoded slashes */
1508 return unescape_url(url, NULL, SLASHES);
1512 /* IFDEF these out until they've been thought through.
1513 * Just a germ of an API extension for now
1515 AP_DECLARE(int) ap_unescape_url_proxy(char *url)
1517 /* leave RFC1738 reserved characters intact, * so proxied URLs
1518 * don't get mangled. Where does that leave encoded '&' ?
1520 return unescape_url(url, NULL, "/;?");
1522 AP_DECLARE(int) ap_unescape_url_reserved(char *url, const char *reserved)
1524 return unescape_url(url, NULL, reserved);
1528 AP_DECLARE(char *) ap_construct_server(apr_pool_t *p, const char *hostname,
1529 apr_port_t port, const request_rec *r)
1531 if (ap_is_default_port(port, r)) {
1532 return apr_pstrdup(p, hostname);
1535 return apr_psprintf(p, "%s:%u", hostname, port);
1539 AP_DECLARE(int) ap_unescape_all(char *url)
1541 return unescape_url(url, NULL, NULL);
1544 /* c2x takes an unsigned, and expects the caller has guaranteed that
1545 * 0 <= what < 256... which usually means that you have to cast to
1546 * unsigned char first, because (unsigned)(char)(x) first goes through
1547 * signed extension to an int before the unsigned cast.
1549 * The reason for this assumption is to assist gcc code generation --
1550 * the unsigned char -> unsigned extension is already done earlier in
1551 * both uses of this code, so there's no need to waste time doing it
1554 static const char c2x_table[] = "0123456789abcdef";
1556 static APR_INLINE unsigned char *c2x(unsigned what, unsigned char prefix,
1557 unsigned char *where)
1559 #if APR_CHARSET_EBCDIC
1560 what = apr_xlate_conv_byte(ap_hdrs_to_ascii, (unsigned char)what);
1561 #endif /*APR_CHARSET_EBCDIC*/
1563 *where++ = c2x_table[what >> 4];
1564 *where++ = c2x_table[what & 0xf];
1569 * escape_path_segment() escapes a path segment, as defined in RFC 1808. This
1570 * routine is (should be) OS independent.
1572 * os_escape_path() converts an OS path to a URL, in an OS dependent way. In all
1573 * cases if a ':' occurs before the first '/' in the URL, the URL should be
1574 * prefixed with "./" (or the ':' escaped). In the case of Unix, this means
1575 * leaving '/' alone, but otherwise doing what escape_path_segment() does. For
1576 * efficiency reasons, we don't use escape_path_segment(), which is provided for
1577 * reference. Again, RFC 1808 is where this stuff is defined.
1579 * If partial is set, os_escape_path() assumes that the path will be appended to
1580 * something with a '/' in it (and thus does not prefix "./").
1583 AP_DECLARE(char *) ap_escape_path_segment_buffer(char *copy, const char *segment)
1585 const unsigned char *s = (const unsigned char *)segment;
1586 unsigned char *d = (unsigned char *)copy;
1590 if (TEST_CHAR(c, T_ESCAPE_PATH_SEGMENT)) {
1602 AP_DECLARE(char *) ap_escape_path_segment(apr_pool_t *p, const char *segment)
1604 return ap_escape_path_segment_buffer(apr_palloc(p, 3 * strlen(segment) + 1), segment);
1607 AP_DECLARE(char *) ap_os_escape_path(apr_pool_t *p, const char *path, int partial)
1609 char *copy = apr_palloc(p, 3 * strlen(path) + 3);
1610 const unsigned char *s = (const unsigned char *)path;
1611 unsigned char *d = (unsigned char *)copy;
1615 const char *colon = ap_strchr_c(path, ':');
1616 const char *slash = ap_strchr_c(path, '/');
1618 if (colon && (!slash || colon < slash)) {
1624 if (TEST_CHAR(c, T_OS_ESCAPE_PATH)) {
1636 /* ap_escape_uri is now a macro for os_escape_path */
1638 AP_DECLARE(char *) ap_escape_html2(apr_pool_t *p, const char *s, int toasc)
1643 /* first, count the number of extra characters */
1644 for (i = 0, j = 0; s[i] != '\0'; i++)
1645 if (s[i] == '<' || s[i] == '>')
1647 else if (s[i] == '&')
1649 else if (s[i] == '"')
1651 else if (toasc && !apr_isascii(s[i]))
1655 return apr_pstrmemdup(p, s, i);
1657 x = apr_palloc(p, i + j + 1);
1658 for (i = 0, j = 0; s[i] != '\0'; i++, j++)
1660 memcpy(&x[j], "<", 4);
1663 else if (s[i] == '>') {
1664 memcpy(&x[j], ">", 4);
1667 else if (s[i] == '&') {
1668 memcpy(&x[j], "&", 5);
1671 else if (s[i] == '"') {
1672 memcpy(&x[j], """, 6);
1675 else if (toasc && !apr_isascii(s[i])) {
1676 char *esc = apr_psprintf(p, "&#%3.3d;", (unsigned char)s[i]);
1677 memcpy(&x[j], esc, 6);
1686 AP_DECLARE(char *) ap_escape_logitem(apr_pool_t *p, const char *str)
1690 const unsigned char *s;
1696 ret = apr_palloc(p, 4 * strlen(str) + 1); /* Be safe */
1697 d = (unsigned char *)ret;
1698 s = (const unsigned char *)str;
1701 if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
1737 AP_DECLARE(apr_size_t) ap_escape_errorlog_item(char *dest, const char *source,
1740 unsigned char *d, *ep;
1741 const unsigned char *s;
1743 if (!source || !buflen) { /* be safe */
1747 d = (unsigned char *)dest;
1748 s = (const unsigned char *)source;
1749 ep = d + buflen - 1;
1751 for (; d < ep && *s; ++s) {
1753 if (TEST_CHAR(*s, T_ESCAPE_LOGITEM)) {
1779 case '"': /* no need for this in error log */
1784 ep = --d; /* break the for loop as well */
1797 return (d - (unsigned char *)dest);
1800 AP_DECLARE(int) ap_is_directory(apr_pool_t *p, const char *path)
1804 if (apr_stat(&finfo, path, APR_FINFO_TYPE, p) != APR_SUCCESS)
1805 return 0; /* in error condition, just return no */
1807 return (finfo.filetype == APR_DIR);
1810 AP_DECLARE(int) ap_is_rdirectory(apr_pool_t *p, const char *path)
1814 if (apr_stat(&finfo, path, APR_FINFO_LINK | APR_FINFO_TYPE, p) != APR_SUCCESS)
1815 return 0; /* in error condition, just return no */
1817 return (finfo.filetype == APR_DIR);
1820 AP_DECLARE(char *) ap_make_full_path(apr_pool_t *a, const char *src1,
1823 apr_size_t len1, len2;
1826 len1 = strlen(src1);
1827 len2 = strlen(src2);
1828 /* allocate +3 for '/' delimiter, trailing NULL and overallocate
1829 * one extra byte to allow the caller to add a trailing '/'
1831 path = (char *)apr_palloc(a, len1 + len2 + 3);
1834 memcpy(path + 1, src2, len2 + 1);
1838 memcpy(path, src1, len1);
1840 if (next[-1] != '/') {
1843 memcpy(next, src2, len2 + 1);
1849 * Check for an absoluteURI syntax (see section 3.2 in RFC2068).
1851 AP_DECLARE(int) ap_is_url(const char *u)
1855 for (x = 0; u[x] != ':'; x++) {
1857 ((!apr_isalpha(u[x])) && (!apr_isdigit(u[x])) &&
1858 (u[x] != '+') && (u[x] != '-') && (u[x] != '.'))) {
1863 return (x ? 1 : 0); /* If the first character is ':', it's broken, too */
1866 AP_DECLARE(int) ap_ind(const char *s, char c)
1868 const char *p = ap_strchr_c(s, c);
1875 AP_DECLARE(int) ap_rind(const char *s, char c)
1877 const char *p = ap_strrchr_c(s, c);
1884 AP_DECLARE(void) ap_str_tolower(char *str)
1887 *str = apr_tolower(*str);
1893 * We must return a FQDN
1895 char *ap_get_local_host(apr_pool_t *a)
1897 #ifndef MAXHOSTNAMELEN
1898 #define MAXHOSTNAMELEN 256
1900 char str[MAXHOSTNAMELEN + 1];
1901 char *server_hostname = NULL;
1902 apr_sockaddr_t *sockaddr;
1905 if (apr_gethostname(str, sizeof(str) - 1, a) != APR_SUCCESS) {
1906 ap_log_perror(APLOG_MARK, APLOG_STARTUP | APLOG_WARNING, 0, a,
1907 "%s: apr_gethostname() failed to determine ServerName",
1910 str[sizeof(str) - 1] = '\0';
1911 if (apr_sockaddr_info_get(&sockaddr, str, APR_UNSPEC, 0, 0, a) == APR_SUCCESS) {
1912 if ( (apr_getnameinfo(&hostname, sockaddr, 0) == APR_SUCCESS) &&
1913 (ap_strchr_c(hostname, '.')) ) {
1914 server_hostname = apr_pstrdup(a, hostname);
1915 return server_hostname;
1916 } else if (ap_strchr_c(str, '.')) {
1917 server_hostname = apr_pstrdup(a, str);
1919 apr_sockaddr_ip_get(&hostname, sockaddr);
1920 server_hostname = apr_pstrdup(a, hostname);
1923 ap_log_perror(APLOG_MARK, APLOG_STARTUP | APLOG_WARNING, 0, a,
1924 "%s: apr_sockaddr_info_get() failed for %s",
1925 ap_server_argv0, str);
1929 if (!server_hostname)
1930 server_hostname = apr_pstrdup(a, "127.0.0.1");
1932 ap_log_perror(APLOG_MARK, APLOG_ALERT|APLOG_STARTUP, 0, a,
1933 "%s: Could not reliably determine the server's fully qualified "
1934 "domain name, using %s for ServerName",
1935 ap_server_argv0, server_hostname);
1937 return server_hostname;
1940 /* simple 'pool' alloc()ing glue to apr_base64.c
1942 AP_DECLARE(char *) ap_pbase64decode(apr_pool_t *p, const char *bufcoded)
1947 decoded = (char *) apr_palloc(p, 1 + apr_base64_decode_len(bufcoded));
1948 l = apr_base64_decode(decoded, bufcoded);
1949 decoded[l] = '\0'; /* make binary sequence into string */
1954 AP_DECLARE(char *) ap_pbase64encode(apr_pool_t *p, char *string)
1957 int l = strlen(string);
1959 encoded = (char *) apr_palloc(p, 1 + apr_base64_encode_len(l));
1960 l = apr_base64_encode(encoded, string, l);
1961 encoded[l] = '\0'; /* make binary sequence into string */
1966 /* we want to downcase the type/subtype for comparison purposes
1967 * but nothing else because ;parameter=foo values are case sensitive.
1968 * XXX: in truth we want to downcase parameter names... but really,
1969 * apache has never handled parameters and such correctly. You
1970 * also need to compress spaces and such to be able to compare
1973 AP_DECLARE(void) ap_content_type_tolower(char *str)
1977 semi = strchr(str, ';');
1982 ap_str_tolower(str);
1990 * Given a string, replace any bare " with \" .
1992 AP_DECLARE(char *) ap_escape_quotes(apr_pool_t *p, const char *instring)
1995 const char *inchr = instring;
1996 char *outchr, *outstring;
1999 * Look through the input string, jogging the length of the output
2000 * string up by an extra byte each time we find an unescaped ".
2002 while (*inchr != '\0') {
2004 if (*inchr == '"') {
2008 * If we find a slosh, and it's not the last byte in the string,
2009 * it's escaping something - advance past both bytes.
2011 if ((*inchr == '\\') && (inchr[1] != '\0')) {
2017 outstring = apr_palloc(p, newlen + 1);
2021 * Now copy the input string to the output string, inserting a slosh
2022 * in front of every " that doesn't already have one.
2024 while (*inchr != '\0') {
2025 if ((*inchr == '\\') && (inchr[1] != '\0')) {
2026 *outchr++ = *inchr++;
2027 *outchr++ = *inchr++;
2029 if (*inchr == '"') {
2032 if (*inchr != '\0') {
2033 *outchr++ = *inchr++;
2041 * Given a string, append the PID deliminated by delim.
2042 * Usually used to create a pid-appended filepath name
2043 * (eg: /a/b/foo -> /a/b/foo.6726). A function, and not
2044 * a macro, to avoid unistd.h dependency
2046 AP_DECLARE(char *) ap_append_pid(apr_pool_t *p, const char *string,
2049 return apr_psprintf(p, "%s%s%" APR_PID_T_FMT, string,
2055 * Parse a given timeout parameter string into an apr_interval_time_t value.
2056 * The unit of the time interval is given as postfix string to the numeric
2057 * string. Currently the following units are understood:
2064 * If no unit is contained in the given timeout parameter the default_time_unit
2065 * will be used instead.
2066 * @param timeout_parameter The string containing the timeout parameter.
2067 * @param timeout The timeout value to be returned.
2068 * @param default_time_unit The default time unit to use if none is specified
2069 * in timeout_parameter.
2070 * @return Status value indicating whether the parsing was successful or not.
2072 AP_DECLARE(apr_status_t) ap_timeout_parameter_parse(
2073 const char *timeout_parameter,
2074 apr_interval_time_t *timeout,
2075 const char *default_time_unit)
2078 const char *time_str;
2081 tout = apr_strtoi64(timeout_parameter, &endp, 10);
2085 if (!endp || !*endp) {
2086 time_str = default_time_unit;
2092 switch (*time_str) {
2093 /* Time is in seconds */
2095 *timeout = (apr_interval_time_t) apr_time_from_sec(tout);
2098 /* Time is in hours */
2099 *timeout = (apr_interval_time_t) apr_time_from_sec(tout * 3600);
2102 switch (*(++time_str)) {
2103 /* Time is in milliseconds */
2105 *timeout = (apr_interval_time_t) tout * 1000;
2107 /* Time is in minutes */
2109 *timeout = (apr_interval_time_t) apr_time_from_sec(tout * 60);
2112 return APR_EGENERAL;
2116 return APR_EGENERAL;
2122 * Determine if a request has a request body or not.
2124 * @param r the request_rec of the request
2125 * @return truth value
2127 AP_DECLARE(int) ap_request_has_body(request_rec *r)
2134 has_body = (!r->header_only
2136 || apr_table_get(r->headers_in, "Transfer-Encoding")
2137 || ( (cls = apr_table_get(r->headers_in, "Content-Length"))
2138 && (apr_strtoff(&cl, cls, &estr, 10) == APR_SUCCESS)
2146 AP_DECLARE_NONSTD(apr_status_t) ap_pool_cleanup_set_null(void *data_)
2148 void **ptr = (void **)data_;
2153 AP_DECLARE(apr_status_t) ap_str2_alnum(const char *src, char *dest) {
2155 for ( ; *src; src++, dest++)
2157 if (!apr_isprint(*src))
2159 else if (!apr_isalnum(*src))
2169 AP_DECLARE(apr_status_t) ap_pstr2_alnum(apr_pool_t *p, const char *src,
2172 char *new = apr_palloc(p, strlen(src)+1);
2176 return ap_str2_alnum(src, new);
2180 * Read the body and parse any form found, which must be of the
2181 * type application/x-www-form-urlencoded.
2183 * Name/value pairs are returned in an array, with the names as
2184 * strings with a maximum length of HUGE_STRING_LEN, and the
2185 * values as bucket brigades. This allows values to be arbitrarily
2188 * All url-encoding is removed from both the names and the values
2189 * on the fly. The names are interpreted as strings, while the
2190 * values are interpreted as blocks of binary data, that may
2191 * contain the 0 character.
2193 * In order to ensure that resource limits are not exceeded, a
2194 * maximum size must be provided. If the sum of the lengths of
2195 * the names and the values exceed this size, this function
2196 * will return HTTP_REQUEST_ENTITY_TOO_LARGE.
2198 * An optional number of parameters can be provided, if the number
2199 * of parameters provided exceeds this amount, this function will
2200 * return HTTP_REQUEST_ENTITY_TOO_LARGE. If this value is negative,
2201 * no limit is imposed, and the number of parameters is in turn
2202 * constrained by the size parameter above.
2204 * This function honours any kept_body configuration, and the
2205 * original raw request body will be saved to the kept_body brigade
2206 * if so configured, just as ap_discard_request_body does.
2208 * NOTE: File upload is not yet supported, but can be without change
2209 * to the function call.
2212 /* form parsing stuff */
2223 AP_DECLARE(int) ap_parse_form_data(request_rec *r, ap_filter_t *f,
2224 apr_array_header_t **ptr,
2225 apr_size_t num, apr_size_t usize)
2227 apr_bucket_brigade *bb = NULL;
2229 char buffer[HUGE_STRING_LEN + 1];
2231 apr_size_t offset = 0;
2233 ap_form_type_t state = FORM_NAME, percent = FORM_NORMAL;
2234 ap_form_pair_t *pair = NULL;
2235 apr_array_header_t *pairs = apr_array_make(r->pool, 4, sizeof(ap_form_pair_t));
2242 /* sanity check - we only support forms for now */
2243 ct = apr_table_get(r->headers_in, "Content-Type");
2244 if (!ct || strcmp("application/x-www-form-urlencoded", ct)) {
2245 return ap_discard_request_body(r);
2248 if (usize > APR_SIZE_MAX >> 1)
2249 size = APR_SIZE_MAX >> 1;
2254 f = r->input_filters;
2257 bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
2259 apr_bucket *bucket = NULL, *last = NULL;
2261 int rv = ap_get_brigade(f, bb, AP_MODE_READBYTES,
2262 APR_BLOCK_READ, HUGE_STRING_LEN);
2263 if (rv != APR_SUCCESS) {
2264 apr_brigade_destroy(bb);
2265 return (rv == AP_FILTER_ERROR) ? rv : HTTP_BAD_REQUEST;
2268 for (bucket = APR_BRIGADE_FIRST(bb);
2269 bucket != APR_BRIGADE_SENTINEL(bb);
2270 last = bucket, bucket = APR_BUCKET_NEXT(bucket)) {
2272 apr_size_t len, slide;
2275 apr_bucket_delete(last);
2277 if (APR_BUCKET_IS_EOS(bucket)) {
2281 if (bucket->length == 0) {
2285 rv = apr_bucket_read(bucket, &data, &len, APR_BLOCK_READ);
2286 if (rv != APR_SUCCESS) {
2287 apr_brigade_destroy(bb);
2288 return HTTP_BAD_REQUEST;
2292 while (state != FORM_ABORT && slide-- > 0 && size >= 0 && num != 0) {
2297 else if ('&' == c) {
2301 percent = FORM_PERCENTA;
2304 if (FORM_PERCENTA == percent) {
2308 else if (c >= 'A') {
2311 else if (c >= '0') {
2315 percent = FORM_PERCENTB;
2318 if (FORM_PERCENTB == percent) {
2322 else if (c >= 'A') {
2325 else if (c >= '0') {
2329 percent = FORM_NORMAL;
2334 const char *tmp = apr_pmemdup(r->pool, buffer, offset);
2335 apr_bucket *b = apr_bucket_pool_create(tmp, offset, r->pool, r->connection->bucket_alloc);
2336 APR_BRIGADE_INSERT_TAIL(pair->value, b);
2344 if (offset < HUGE_STRING_LEN) {
2348 pair = (ap_form_pair_t *) apr_array_push(pairs);
2349 pair->name = apr_pstrdup(r->pool, buffer);
2350 pair->value = apr_brigade_create(r->pool, r->connection->bucket_alloc);
2354 buffer[offset++] = c;
2363 if (offset >= HUGE_STRING_LEN) {
2364 const char *tmp = apr_pmemdup(r->pool, buffer, offset);
2365 apr_bucket *b = apr_bucket_pool_create(tmp, offset, r->pool, r->connection->bucket_alloc);
2366 APR_BRIGADE_INSERT_TAIL(pair->value, b);
2369 buffer[offset++] = c;
2379 apr_brigade_cleanup(bb);
2380 } while (!seen_eos);
2382 if (FORM_ABORT == state || size < 0 || num == 0) {
2383 return HTTP_REQUEST_ENTITY_TOO_LARGE;
2385 else if (FORM_VALUE == state && pair && offset > 0) {
2386 const char *tmp = apr_pmemdup(r->pool, buffer, offset);
2387 apr_bucket *b = apr_bucket_pool_create(tmp, offset, r->pool, r->connection->bucket_alloc);
2388 APR_BRIGADE_INSERT_TAIL(pair->value, b);