Eliminate unsafe access to char*

etr · etr · commit d685890f0d4b · 2019-01-07T04:16:02.000Z
diff --git a/src/http_utils.cpp b/src/http_utils.cpp
@@ -281,42 +281,44 @@ unsigned short get_port(const struct sockaddr* sa)
     }
 }
 
-size_t http_unescape(char *val)
+size_t http_unescape(std::string& val)
 {
-    char *rpos = val;
-    char *wpos = val;
+    if (val.empty()) return 0;
+
+    int rpos = 0;
+    int wpos = 0;
+
     unsigned int num;
 
-    while ('\0' != *rpos)
+    while ('\0' != val[rpos])
     {
-        switch (*rpos)
+        switch (val[rpos])
         {
             case '+':
-                *wpos = ' ';
+                val[wpos] = ' ';
                 wpos++;
                 rpos++;
                 break;
             case '%':
-                if ( (1 == sscanf (&rpos[1],
-                    "%2x", &num)) ||
-                    (1 == sscanf (&rpos[1],
-                    "%2X", &num))
+                if ( (1 == sscanf (val.substr(rpos + 1).c_str(), "%2x", &num)) ||
+                    (1 == sscanf (val.substr(rpos + 1).c_str(), "%2X", &num))
                 )
                 {
-                    *wpos = (unsigned char) num;
+                    val[wpos] = (unsigned char) num;
                     wpos++;
                     rpos += 3;
                     break;
                 }
             /* intentional fall through! */
             default:
-                *wpos = *rpos;
+                val[wpos] = val[rpos];
                 wpos++;
                 rpos++;
         }
     }
-    *wpos = '\0'; /* add 0-terminator */
-    return wpos - val; /* = strlen(val) */
+    val[wpos] = '\0'; /* add 0-terminator */
+    val.resize(wpos);
+    return wpos; /* = strlen(val) */
 }
 
 ip_representation::ip_representation(const struct sockaddr* ip)
diff --git a/src/httpserver/create_webserver.hpp b/src/httpserver/create_webserver.hpp
@@ -39,7 +39,7 @@ class http_request;
 
 typedef const http_response(*render_ptr)(const http_request&);
 typedef bool(*validator_ptr)(const std::string&);
-typedef void(*unescaper_ptr)(char*);
+typedef void(*unescaper_ptr)(std::string&);
 typedef void(*log_access_ptr)(const std::string&);
 typedef void(*log_error_ptr)(const std::string&);
 
diff --git a/src/httpserver/http_utils.hpp b/src/httpserver/http_utils.hpp
@@ -352,7 +352,7 @@ void dump_arg_map(std::ostream &os, const std::string &prefix,
  * @return length of the resulting val (strlen(val) maybe
  *  shorter afterwards due to elimination of escape sequences)
  */
-size_t http_unescape (char *val);
+size_t http_unescape (std::string& val);
 
 const std::string load_file (const std::string& filename);
 
diff --git a/src/httpserver/webserver.hpp b/src/httpserver/webserver.hpp
@@ -288,7 +288,7 @@ class webserver
         friend size_t unescaper_func(void * cls,
                 struct MHD_Connection *c, char *s
         );
-        friend size_t internal_unescaper(void * cls, char *s);
+        friend size_t internal_unescaper(void * cls, std::string& s);
         friend class http_response;
 };
 
diff --git a/src/string_utilities.cpp b/src/string_utilities.cpp
@@ -107,12 +107,12 @@ const std::string regex_replace(const std::string& str,
         );
 
         memcpy(&ns[substmatch[0].rm_so+replace_str.size()],
-                &str[substmatch[0].rm_eo], strlen(&str[substmatch[0].rm_eo])
+                &str[substmatch[0].rm_eo], str.substr(substmatch[0].rm_eo).size()
         );
 
         ns[substmatch[0].rm_so +
             replace_str.size() +
-            strlen(&str[substmatch[0].rm_eo])
+            str.substr(substmatch[0].rm_eo).size()
         ] = 0;
 
         result = std::string((char*)ns);
diff --git a/src/webserver.cpp b/src/webserver.cpp
@@ -96,7 +96,7 @@ void error_log(void*, const char*, va_list);
 void* uri_log(void*, const char*);
 void access_log(webserver*, string);
 size_t unescaper_func(void*, struct MHD_Connection*, char*);
-size_t internal_unescaper(void*, char*);
+size_t internal_unescaper(void*, std::string&);
 
 struct compare_value
 {
@@ -494,22 +494,22 @@ int webserver::build_request_args (
 )
 {
     details::modded_request* mr = static_cast<details::modded_request*>(cls);
-    char* value = (char*) ((arg_value == NULL) ? "" : arg_value);
+    std::string value = ((arg_value == NULL) ? "" : arg_value);
     {
-        char buf[strlen(key) + strlen(value) + 3];
+        char buf[strlen(key) + value.size() + 3];
         if(mr->dhr->querystring == "")
         {
-            snprintf(buf, sizeof buf, "?%s=%s", key, value);
+            snprintf(buf, sizeof buf, "?%s=%s", key, value.c_str());
             mr->dhr->querystring = buf;
         }
         else
         {
-            snprintf(buf, sizeof buf, "&%s=%s", key, value);
+            snprintf(buf, sizeof buf, "&%s=%s", key, value.c_str());
             mr->dhr->querystring += string(buf);
         }
     }
-    size_t size = internal_unescaper((void*) mr->ws, value);
-    mr->dhr->set_arg(key, string(value, size));
+    internal_unescaper((void*) mr->ws, value);
+    mr->dhr->set_arg(key, value);
     return MHD_YES;
 }
 
@@ -560,15 +560,15 @@ size_t unescaper_func(void * cls, struct MHD_Connection *c, char *s)
     return strlen(s);
 }
 
-size_t internal_unescaper(void* cls, char* s)
+size_t internal_unescaper(void* cls, std::string& s)
 {
     if(s[0] == 0) return 0;
 
     webserver* dws = static_cast<webserver*>(cls);
     if(dws->unescaper != 0x0)
     {
         dws->unescaper(s);
-        return strlen(s);
+        return s.size();
     }
 
     return http_unescape(s);
@@ -658,15 +658,15 @@ int webserver::bodyfull_requests_answer_first_step(
         (
             0x0 != encoding &&
             ((0 == strncasecmp (
-                                MHD_HTTP_POST_ENCODING_FORM_URLENCODED,
+                                http_utils::http_post_encoding_form_urlencoded.c_str(),
                                 encoding,
-                                strlen (MHD_HTTP_POST_ENCODING_FORM_URLENCODED)
+                                http_utils::http_post_encoding_form_urlencoded.size()
                                 )
               )
              || (0 == strncasecmp (
-                                   MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA,
+                                   http_utils::http_post_encoding_multipart_formdata.c_str(),
                                    encoding,
-                                   strlen (MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA)
+                                   http_utils::http_post_encoding_multipart_formdata.size()
                                    )))
         )
     )
@@ -966,8 +966,10 @@ int webserver::answer_to_connection(void* cls, MHD_Connection* connection,
             );
     }
 
-    internal_unescaper((void*) static_cast<webserver*>(cls), (char*) url);
-    mr->standardized_url = new string(http_utils::standardize_url(url));
+    std::string t_url = url;
+
+    internal_unescaper((void*) static_cast<webserver*>(cls), t_url);
+    mr->standardized_url = new string(http_utils::standardize_url(t_url));
 
     bool body = false;
 
diff --git a/test/integ/deferred.cpp b/test/integ/deferred.cpp
@@ -58,7 +58,7 @@ ssize_t test_callback (char* buf, size_t max)
         memset(buf, 0, max);
         strcat(buf, "test");
         counter++;
-        return strlen(buf);
+        return std::string(buf).size();
     }
 }
 
diff --git a/test/unit/http_utils_test.cpp b/test/unit/http_utils_test.cpp
@@ -47,32 +47,37 @@ LT_BEGIN_SUITE(http_utils_suite)
 LT_END_SUITE(http_utils_suite)
 
 LT_BEGIN_AUTO_TEST(http_utils_suite, unescape)
-    char* string_with_plus = (char*) malloc(6 * sizeof(char));
-    sprintf(string_with_plus, "%s", "A%20B");
+    char* with_plus = (char*) malloc(6 * sizeof(char));
+    sprintf(with_plus, "%s", "A%20B");
+    std::string string_with_plus = with_plus;
     int expected_size = http::http_unescape(string_with_plus);
 
     char* expected = (char*) malloc(4 * sizeof(char));
     sprintf(expected, "%s", "A B");
 
-    LT_CHECK_EQ(string(string_with_plus), string(expected));
+    std::cout << "|||||" << string_with_plus << "||||" << std::endl;
+    std::cout << expected << std::endl;
+
+    LT_CHECK_EQ(string_with_plus, string(expected));
     LT_CHECK_EQ(expected_size, 3);
 
-    free(string_with_plus);
+    free(with_plus);
     free(expected);
 LT_END_AUTO_TEST(unescape)
 
 LT_BEGIN_AUTO_TEST(http_utils_suite, unescape_plus)
-    char* string_with_plus = (char*) malloc(6 * sizeof(char));
-    sprintf(string_with_plus, "%s", "A+B");
+    char* with_plus = (char*) malloc(6 * sizeof(char));
+    sprintf(with_plus, "%s", "A+B");
+    std::string string_with_plus = with_plus;
     int expected_size = http::http_unescape(string_with_plus);
 
     char* expected = (char*) malloc(4 * sizeof(char));
     sprintf(expected, "%s", "A B");
 
-    LT_CHECK_EQ(string(string_with_plus), string(expected));
+    LT_CHECK_EQ(string_with_plus, string(expected));
     LT_CHECK_EQ(expected_size, 3);
 
-    free(string_with_plus);
+    free(with_plus);
     free(expected);
 LT_END_AUTO_TEST(unescape_plus)
 

Original file line number	Diff line number	Diff line change
`@@ -281,42 +281,44 @@ unsigned short get_port(const struct sockaddr* sa)`
`281`	`281`	`}`
`282`	`282`	`}`
`283`	`283`
`284`		`-size_t http_unescape(char *val)`
	`284`	`+size_t http_unescape(std::string& val)`
`285`	`285`	`{`
`286`		`- char *rpos = val;`
`287`		`- char *wpos = val;`
	`286`	`+ if (val.empty()) return 0;`
	`287`	`+`
	`288`	`+ int rpos = 0;`
	`289`	`+ int wpos = 0;`
	`290`	`+`
`288`	`291`	`unsigned int num;`
`289`	`292`
`290`		`- while ('\0' != *rpos)`
	`293`	`+ while ('\0' != val[rpos])`
`291`	`294`	`{`
`292`		`- switch (*rpos)`
	`295`	`+ switch (val[rpos])`
`293`	`296`	`{`
`294`	`297`	`case '+':`
`295`		`- *wpos = ' ';`
	`298`	`+ val[wpos] = ' ';`
`296`	`299`	`wpos++;`
`297`	`300`	`rpos++;`
`298`	`301`	`break;`
`299`	`302`	`case '%':`
`300`		`- if ( (1 == sscanf (&rpos[1],`
`301`		`- "%2x", &num)) \|\|`
`302`		`- (1 == sscanf (&rpos[1],`
`303`		`- "%2X", &num))`
	`303`	`+ if ( (1 == sscanf (val.substr(rpos + 1).c_str(), "%2x", &num)) \|\|`
	`304`	`+ (1 == sscanf (val.substr(rpos + 1).c_str(), "%2X", &num))`
`304`	`305`	`)`
`305`	`306`	`{`
`306`		`- *wpos = (unsigned char) num;`
	`307`	`+ val[wpos] = (unsigned char) num;`
`307`	`308`	`wpos++;`
`308`	`309`	`rpos += 3;`
`309`	`310`	`break;`
`310`	`311`	`}`
`311`	`312`	`/* intentional fall through! */`
`312`	`313`	`default:`
`313`		`- wpos = rpos;`
	`314`	`+ val[wpos] = val[rpos];`
`314`	`315`	`wpos++;`
`315`	`316`	`rpos++;`
`316`	`317`	`}`
`317`	`318`	`}`
`318`		`- wpos = '\0'; / add 0-terminator */`
`319`		`- return wpos - val; /* = strlen(val) */`
	`319`	`+ val[wpos] = '\0'; /* add 0-terminator */`
	`320`	`+ val.resize(wpos);`
	`321`	`+ return wpos; /* = strlen(val) */`
`320`	`322`	`}`
`321`	`323`
`322`	`324`	`ip_representation::ip_representation(const struct sockaddr* ip)`
Original file line number	Diff line number	Diff line change
`@@ -96,7 +96,7 @@ void error_log(void, const char, va_list);`
`96`	`96`	`void* uri_log(void, const char);`
`97`	`97`	`void access_log(webserver*, string);`
`98`	`98`	`size_t unescaper_func(void, struct MHD_Connection, char*);`
`99`		`-size_t internal_unescaper(void, char);`
	`99`	`+size_t internal_unescaper(void*, std::string&);`
`100`	`100`
`101`	`101`	`struct compare_value`
`102`	`102`	`{`
`@@ -494,22 +494,22 @@ int webserver::build_request_args (`
`494`	`494`	`)`
`495`	`495`	`{`
`496`	`496`	`details::modded_request* mr = static_cast<details::modded_request*>(cls);`
`497`		`- char* value = (char*) ((arg_value == NULL) ? "" : arg_value);`
	`497`	`+ std::string value = ((arg_value == NULL) ? "" : arg_value);`
`498`	`498`	`{`
`499`		`- char buf[strlen(key) + strlen(value) + 3];`
	`499`	`+ char buf[strlen(key) + value.size() + 3];`
`500`	`500`	`if(mr->dhr->querystring == "")`
`501`	`501`	`{`
`502`		`- snprintf(buf, sizeof buf, "?%s=%s", key, value);`
	`502`	`+ snprintf(buf, sizeof buf, "?%s=%s", key, value.c_str());`
`503`	`503`	`mr->dhr->querystring = buf;`
`504`	`504`	`}`
`505`	`505`	`else`
`506`	`506`	`{`
`507`		`- snprintf(buf, sizeof buf, "&%s=%s", key, value);`
	`507`	`+ snprintf(buf, sizeof buf, "&%s=%s", key, value.c_str());`
`508`	`508`	`mr->dhr->querystring += string(buf);`
`509`	`509`	`}`
`510`	`510`	`}`
`511`		`- size_t size = internal_unescaper((void*) mr->ws, value);`
`512`		`- mr->dhr->set_arg(key, string(value, size));`
	`511`	`+ internal_unescaper((void*) mr->ws, value);`
	`512`	`+ mr->dhr->set_arg(key, value);`
`513`	`513`	`return MHD_YES;`
`514`	`514`	`}`
`515`	`515`
`@@ -560,15 +560,15 @@ size_t unescaper_func(void * cls, struct MHD_Connection c, char s)`
`560`	`560`	`return strlen(s);`
`561`	`561`	`}`
`562`	`562`
`563`		`-size_t internal_unescaper(void* cls, char* s)`
	`563`	`+size_t internal_unescaper(void* cls, std::string& s)`
`564`	`564`	`{`
`565`	`565`	`if(s[0] == 0) return 0;`
`566`	`566`
`567`	`567`	`webserver* dws = static_cast<webserver*>(cls);`
`568`	`568`	`if(dws->unescaper != 0x0)`
`569`	`569`	`{`
`570`	`570`	`dws->unescaper(s);`
`571`		`- return strlen(s);`
	`571`	`+ return s.size();`
`572`	`572`	`}`
`573`	`573`
`574`	`574`	`return http_unescape(s);`
`@@ -658,15 +658,15 @@ int webserver::bodyfull_requests_answer_first_step(`
`658`	`658`	`(`
`659`	`659`	`0x0 != encoding &&`
`660`	`660`	`((0 == strncasecmp (`
`661`		`- MHD_HTTP_POST_ENCODING_FORM_URLENCODED,`
	`661`	`+ http_utils::http_post_encoding_form_urlencoded.c_str(),`
`662`	`662`	`encoding,`
`663`		`- strlen (MHD_HTTP_POST_ENCODING_FORM_URLENCODED)`
	`663`	`+ http_utils::http_post_encoding_form_urlencoded.size()`
`664`	`664`	`)`
`665`	`665`	`)`
`666`	`666`	`\|\| (0 == strncasecmp (`
`667`		`- MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA,`
	`667`	`+ http_utils::http_post_encoding_multipart_formdata.c_str(),`
`668`	`668`	`encoding,`
`669`		`- strlen (MHD_HTTP_POST_ENCODING_MULTIPART_FORMDATA)`
	`669`	`+ http_utils::http_post_encoding_multipart_formdata.size()`
`670`	`670`	`)))`
`671`	`671`	`)`
`672`	`672`	`)`
`@@ -966,8 +966,10 @@ int webserver::answer_to_connection(void* cls, MHD_Connection* connection,`
`966`	`966`	`);`
`967`	`967`	`}`
`968`	`968`
`969`		`- internal_unescaper((void) static_cast<webserver>(cls), (char*) url);`
`970`		`- mr->standardized_url = new string(http_utils::standardize_url(url));`
	`969`	`+ std::string t_url = url;`
	`970`	`+`
	`971`	`+ internal_unescaper((void) static_cast<webserver>(cls), t_url);`
	`972`	`+ mr->standardized_url = new string(http_utils::standardize_url(t_url));`
`971`	`973`
`972`	`974`	`bool body = false;`
`973`	`975`
Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ ssize_t test_callback (char* buf, size_t max)`
`58`	`58`	`memset(buf, 0, max);`
`59`	`59`	`strcat(buf, "test");`
`60`	`60`	`counter++;`
`61`		`- return strlen(buf);`
	`61`	`+ return std::string(buf).size();`
`62`	`62`	`}`
`63`	`63`	`}`
`64`	`64`