Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit53571a8

Browse files
author
Felipe Zimmerle
committed
Updates libinjection.
This is not yet their v3.10.0. But I belive it is close to be.Seemicrosoft#124 at client9/libinjection for further information.
1 parente5dbe59 commit53571a8

File tree

6 files changed

+175
-455
lines changed

6 files changed

+175
-455
lines changed

‎CHANGES‎

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
DD MMM YYYY - 2.9.2 - To be released
22
------------------------------------
33

4+
* Updates libinjection to: bf234eb2f385b969c4f803b35fda53cffdd93922
5+
[Issue #1412 - @zimmerle, @bjdijk]
46
* Avoid log flood while using SecConnEngine
57
[Issue #1436 - @victorhora]
68
* Make url path absolute for SecHashEngine only when it is relative

‎apache2/libinjection/libinjection_html5.c‎

Lines changed: 21 additions & 122 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@
1212

1313

1414
#defineCHAR_EOF -1
15-
#defineCHAR_NULL 0
1615
#defineCHAR_BANG 33
1716
#defineCHAR_DOUBLE 34
1817
#defineCHAR_PERCENT 37
@@ -24,7 +23,6 @@
2423
#defineCHAR_GT 62
2524
#defineCHAR_QUESTION 63
2625
#defineCHAR_RIGHTB 93
27-
#defineCHAR_TICK 96
2826

2927
/* prototypes */
3028

@@ -43,7 +41,6 @@ static int h5_state_before_attribute_name(h5_state_t* hs);
4341
staticinth5_state_before_attribute_value(h5_state_t*hs);
4442
staticinth5_state_attribute_value_double_quote(h5_state_t*hs);
4543
staticinth5_state_attribute_value_single_quote(h5_state_t*hs);
46-
staticinth5_state_attribute_value_back_quote(h5_state_t*hs);
4744
staticinth5_state_attribute_value_no_quote(h5_state_t*hs);
4845
staticinth5_state_after_attribute_value_quoted_state(h5_state_t*hs);
4946
staticinth5_state_comment(h5_state_t*hs);
@@ -63,28 +60,16 @@ static int h5_state_doctype(h5_state_t* hs);
6360
/**
6461
* public function
6562
*/
66-
voidlibinjection_h5_init(h5_state_t*hs,constchar*s,size_tlen,enumhtml5_flagsflags)
63+
voidlibinjection_h5_init(h5_state_t*hs,constchar*s,size_tlen,intflags)
6764
{
6865
memset(hs,0,sizeof(h5_state_t));
6966
hs->s=s;
7067
hs->len=len;
71-
72-
switch (flags) {
73-
caseDATA_STATE:
68+
hs->state=h5_state_data;
69+
if (flags==0) {
7470
hs->state=h5_state_data;
75-
break;
76-
caseVALUE_NO_QUOTE:
77-
hs->state=h5_state_before_attribute_name;
78-
break;
79-
caseVALUE_SINGLE_QUOTE:
80-
hs->state=h5_state_attribute_value_single_quote;
81-
break;
82-
caseVALUE_DOUBLE_QUOTE:
83-
hs->state=h5_state_attribute_value_double_quote;
84-
break;
85-
caseVALUE_BACK_QUOTE:
86-
hs->state=h5_state_attribute_value_back_quote;
87-
break;
71+
}else {
72+
assert(0);
8873
}
8974
}
9075

@@ -100,18 +85,10 @@ int libinjection_h5_next(h5_state_t* hs)
10085
/**
10186
* Everything below here is private
10287
*
103-
*/
104-
88+
*/
10589

10690
staticinth5_is_white(charch)
10791
{
108-
/*
109-
* \t = horizontal tab = 0x09
110-
* \n = newline = 0x0A
111-
* \v = vertical tab = 0x0B
112-
* \f = form feed = 0x0C
113-
* \r = cr = 0x0D
114-
*/
11592
returnstrchr(" \t\n\v\f\r",ch)!=NULL;
11693
}
11794

@@ -120,17 +97,9 @@ static int h5_skip_white(h5_state_t* hs)
12097
charch;
12198
while (hs->pos<hs->len) {
12299
ch=hs->s[hs->pos];
123-
switch (ch) {
124-
case0x00:/* IE only */
125-
case0x20:
126-
case0x09:
127-
case0x0A:
128-
case0x0B:/* IE only */
129-
case0x0C:
130-
case0x0D:/* IE only */
100+
if (ch==' ') {
131101
hs->pos+=1;
132-
break;
133-
default:
102+
}else {
134103
returnch;
135104
}
136105
}
@@ -198,9 +167,6 @@ static int h5_state_tag_open(h5_state_t* hs)
198167
returnh5_state_bogus_comment2(hs);
199168
}elseif ((ch >='a'&&ch <='z')|| (ch >='A'&&ch <='Z')) {
200169
returnh5_state_tag_name(hs);
201-
}elseif (ch==CHAR_NULL) {
202-
/* IE-ism NULL characters are ignored */
203-
returnh5_state_tag_name(hs);
204170
}else {
205171
/* user input mistake in configuring state */
206172
if (hs->pos==0) {
@@ -231,9 +197,7 @@ static int h5_state_end_tag_open(h5_state_t* hs)
231197
}elseif ((ch >='a'&&ch <='z')|| (ch >='A'&&ch <='Z')) {
232198
returnh5_state_tag_name(hs);
233199
}
234-
235-
hs->is_close=0;
236-
returnh5_state_bogus_comment(hs);
200+
returnh5_state_data(hs);
237201
}
238202
/*
239203
*
@@ -267,12 +231,7 @@ static int h5_state_tag_name(h5_state_t* hs)
267231
pos=hs->pos;
268232
while (pos<hs->len) {
269233
ch=hs->s[pos];
270-
if (ch==0) {
271-
/* special non-standard case */
272-
/* allow nulls in tag name */
273-
/* some old browsers apparently allow and ignore them */
274-
pos+=1;
275-
}elseif (h5_is_white(ch)) {
234+
if (h5_is_white(ch)) {
276235
hs->token_start=hs->s+hs->pos;
277236
hs->token_len=pos-hs->pos;
278237
hs->token_type=TAG_NAME_OPEN;
@@ -340,7 +299,7 @@ static int h5_state_before_attribute_name(h5_state_t* hs)
340299
default: {
341300
returnh5_state_attribute_name(hs);
342301
}
343-
}
302+
}
344303
}
345304

346305
staticinth5_state_attribute_name(h5_state_t*hs)
@@ -349,7 +308,7 @@ static int h5_state_attribute_name(h5_state_t* hs)
349308
size_tpos;
350309

351310
TRACE();
352-
pos=hs->pos+1;
311+
pos=hs->pos;
353312
while (pos<hs->len) {
354313
ch=hs->s[pos];
355314
if (h5_is_white(ch)) {
@@ -399,19 +358,21 @@ static int h5_state_attribute_name(h5_state_t* hs)
399358
staticinth5_state_after_attribute_name(h5_state_t*hs)
400359
{
401360
intc;
361+
size_tpos;
402362

403363
TRACE();
364+
pos=hs->pos;
404365
c=h5_skip_white(hs);
405366
switch (c) {
406367
caseCHAR_EOF: {
407368
return0;
408369
}
409370
caseCHAR_SLASH: {
410-
hs->pos+=1;
371+
hs->pos=pos+1;
411372
returnh5_state_self_closing_start_tag(hs);
412373
}
413374
caseCHAR_EQUALS: {
414-
hs->pos+=1;
375+
hs->pos=pos+1;
415376
returnh5_state_before_attribute_value(hs);
416377
}
417378
caseCHAR_GT: {
@@ -442,9 +403,6 @@ static int h5_state_before_attribute_value(h5_state_t* hs)
442403
returnh5_state_attribute_value_double_quote(hs);
443404
}elseif (c==CHAR_SINGLE) {
444405
returnh5_state_attribute_value_single_quote(hs);
445-
}elseif (c==CHAR_TICK) {
446-
/* NON STANDARD IE */
447-
returnh5_state_attribute_value_back_quote(hs);
448406
}else {
449407
returnh5_state_attribute_value_no_quote(hs);
450408
}
@@ -457,16 +415,8 @@ static int h5_state_attribute_value_quote(h5_state_t* hs, char qchar)
457415

458416
TRACE();
459417

460-
/* skip initial quote in normal case.
461-
* don't do this "if (pos == 0)" since it means we have started
462-
* in a non-data state. given an input of '><foo
463-
* we want to make 0-length attribute name
464-
*/
465-
if (hs->pos>0) {
466-
hs->pos+=1;
467-
}
468-
469-
418+
/* skip quote */
419+
hs->pos+=1;
470420
idx= (constchar*)memchr(hs->s+hs->pos,qchar,hs->len-hs->pos);
471421
if (idx==NULL) {
472422
hs->token_start=hs->s+hs->pos;
@@ -497,13 +447,6 @@ int h5_state_attribute_value_single_quote(h5_state_t* hs)
497447
returnh5_state_attribute_value_quote(hs,CHAR_SINGLE);
498448
}
499449

500-
static
501-
inth5_state_attribute_value_back_quote(h5_state_t*hs)
502-
{
503-
TRACE();
504-
returnh5_state_attribute_value_quote(hs,CHAR_TICK);
505-
}
506-
507450
staticinth5_state_attribute_value_no_quote(h5_state_t*hs)
508451
{
509452
charch;
@@ -713,13 +656,10 @@ static int h5_state_comment(h5_state_t* hs)
713656
charch;
714657
constchar*idx;
715658
size_tpos;
716-
size_toffset;
717-
constchar*end=hs->s+hs->len;
718659

719660
TRACE();
720661
pos=hs->pos;
721662
while (1) {
722-
723663
idx= (constchar*)memchr(hs->s+pos,CHAR_DASH,hs->len-pos);
724664

725665
/* did not find anything or has less than 3 chars left */
@@ -730,62 +670,21 @@ static int h5_state_comment(h5_state_t* hs)
730670
hs->token_type=TAG_COMMENT;
731671
return1;
732672
}
733-
offset=1;
734-
735-
/* skip all nulls */
736-
while (idx+offset<end&&*(idx+offset)==0) {
737-
offset+=1;
738-
}
739-
if (idx+offset==end) {
740-
hs->state=h5_state_eof;
741-
hs->token_start=hs->s+hs->pos;
742-
hs->token_len=hs->len-hs->pos;
743-
hs->token_type=TAG_COMMENT;
744-
return1;
745-
}
746-
747-
ch=*(idx+offset);
673+
ch=*(idx+1);
748674
if (ch!=CHAR_DASH&&ch!=CHAR_BANG) {
749675
pos= (size_t)(idx-hs->s)+1;
750676
continue;
751677
}
752-
753-
/* need to test */
754-
#if0
755-
/* skip all nulls */
756-
while (idx+offset<end&&*(idx+offset)==0) {
757-
offset+=1;
758-
}
759-
if (idx+offset==end) {
760-
hs->state=h5_state_eof;
761-
hs->token_start=hs->s+hs->pos;
762-
hs->token_len=hs->len-hs->pos;
763-
hs->token_type=TAG_COMMENT;
764-
return1;
765-
}
766-
#endif
767-
768-
offset+=1;
769-
if (idx+offset==end) {
770-
hs->state=h5_state_eof;
771-
hs->token_start=hs->s+hs->pos;
772-
hs->token_len=hs->len-hs->pos;
773-
hs->token_type=TAG_COMMENT;
774-
return1;
775-
}
776-
777-
778-
ch=*(idx+offset);
678+
ch=*(idx+2);
779679
if (ch!=CHAR_GT) {
780680
pos= (size_t)(idx-hs->s)+1;
781681
continue;
782682
}
783-
offset+=1;
784683

785684
/* ends in --> or -!> */
786685
hs->token_start=hs->s+hs->pos;
787686
hs->token_len= (size_t)(idx-hs->s)-hs->pos;
788-
hs->pos= (size_t)(idx+offset-hs->s);
687+
hs->pos= (size_t)(idx-hs->s)+3;
789688
hs->state=h5_state_data;
790689
hs->token_type=TAG_COMMENT;
791690
return1;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp