Clean up string logic in www_files.c.

Use stralloc() etc here.

Signed-off-by: Dan Cross <patchdev@fat-dragon.org>
This commit is contained in:
Dan Cross 2018-10-14 02:34:00 +00:00 committed by Andrew Pamment
parent b500a450dd
commit 267dbf15b8

View File

@ -11,59 +11,64 @@ extern struct bbs_config conf;
extern struct user_record *gUser; extern struct user_record *gUser;
extern char *aha(char *input); extern char *aha(char *input);
static char *www_decode(char *clean_url) { static int digit2nibble(int digit) {
char *url = (char *)malloz(strlen(clean_url) + 1); static const char *const hex = "0123456789abcdef";
int i; static const char *const Hex = "0123456789ABCDEF";
int j = 0;
unsigned char c;
if (clean_url == NULL) {
free(url);
return NULL;
}
for (i = 0; i < strlen(clean_url); i++) { char *p;
if (clean_url[i] == '%') { p = strchr(hex, digit);
c = clean_url[i + 1] * 16 + clean_url[i + 2]; if (p != NULL)
url[j++] = (char)c; return p - hex;
url[j] = '\0'; p = strchr(Hex, digit);
i += 2; if (p != NULL)
} else { return p - Hex;
url[j++] = clean_url[i]; return -1;
url[j] = '\0';
}
}
return url;
} }
static char *www_encode(char *url) { static char *www_decode(char *clean_url) {
char *clean_url = (char *)malloz(strlen(url) * 3 + 1); stralloc url = EMPTY_STRALLOC;
int i;
int j;
if (url == NULL) { assert(clean_url != NULL);
free(clean_url); for (char *s = clean_url; *s != '\0'; ++s) {
return NULL; if (*s == '+')
} stralloc_append1(&url, ' ');
else if (*s != '%')
j = 0; stralloc_append1(&url, *s);
memset(clean_url, 0, strlen(url) * 3); else {
int hn = 0, ln = 0, ch = 0;
for (i = 0; i < strlen(url); i++) { if (s[1] == '\0' || (hn = digit2nibble(s[1])) < 0) {
if (isalnum(url[i]) || url[i] == '~' || url[i] == '.' || url[i] == '_') { free(url.s);
sprintf(&clean_url[j], "%c", url[i]); return NULL;
j++; }
} else { if (s[2] == '\0' || (ln = digit2nibble(s[2])) < 0) {
sprintf(&clean_url[j], "%%%02X", url[i]); free(url.s);
j += 3; return NULL;
}
stralloc_append1(&url, hn * 16 + ln);
} }
} }
stralloc_0(&url);
return clean_url; return url.s;
}
static void www_encode(stralloc *clean, char *url) {
assert(clean != NULL);
assert(url != NULL);
for (char *s = url; *s != '\0'; ++s) {
if (isalnum(*s) || *s == '~' || *s == '.' || *s == '_')
stralloc_append1(clean, *s);
else if (*s == ' ')
stralloc_append1(clean, '+');
else {
stralloc_append1(clean, '%');
stralloc_cat_Byte(clean, *s);
}
}
} }
void www_expire_old_links() { void www_expire_old_links() {
char buffer[PATH_MAX]; char pathbuf[PATH_MAX];
sqlite3 *db; sqlite3 *db;
sqlite3_stmt *res; sqlite3_stmt *res;
int rc; int rc;
@ -71,9 +76,9 @@ void www_expire_old_links() {
char *ret; char *ret;
time_t now = time(NULL); time_t now = time(NULL);
snprintf(buffer, PATH_MAX, "%s/www_file_hashes.sq3", conf.bbs_path); snprintf(pathbuf, PATH_MAX, "%s/www_file_hashes.sq3", conf.bbs_path);
rc = sqlite3_open(buffer, &db); rc = sqlite3_open(pathbuf, &db);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
dolog("Cannot open database: %s", sqlite3_errmsg(db)); dolog("Cannot open database: %s", sqlite3_errmsg(db));
return; return;
@ -91,14 +96,14 @@ void www_expire_old_links() {
} }
int www_check_hash_expired(char *hash) { int www_check_hash_expired(char *hash) {
char buffer[PATH_MAX]; char pathbuf[PATH_MAX];
sqlite3 *db; sqlite3 *db;
sqlite3_stmt *res; sqlite3_stmt *res;
int rc; int rc;
time_t now = time(NULL); time_t now = time(NULL);
char sql[] = "select id from wwwhash where hash = ? and expiry > ?"; char sql[] = "select id from wwwhash where hash = ? and expiry > ?";
snprintf(buffer, PATH_MAX, "%s/www_file_hashes.sq3", conf.bbs_path); snprintf(pathbuf, PATH_MAX, "%s/www_file_hashes.sq3", conf.bbs_path);
rc = sqlite3_open(buffer, &db); rc = sqlite3_open(pathbuf, &db);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
return 1; return 1;
} }
@ -123,7 +128,7 @@ int www_check_hash_expired(char *hash) {
} }
void www_add_hash_to_db(char *hash, time_t expiry) { void www_add_hash_to_db(char *hash, time_t expiry) {
char buffer[PATH_MAX]; char pathbuf[PATH_MAX];
sqlite3 *db; sqlite3 *db;
sqlite3_stmt *res; sqlite3_stmt *res;
int rc; int rc;
@ -135,9 +140,9 @@ void www_add_hash_to_db(char *hash, time_t expiry) {
char *ret; char *ret;
char *err_msg = 0; char *err_msg = 0;
snprintf(buffer, PATH_MAX, "%s/www_file_hashes.sq3", conf.bbs_path); snprintf(pathbuf, PATH_MAX, "%s/www_file_hashes.sq3", conf.bbs_path);
rc = sqlite3_open(buffer, &db); rc = sqlite3_open(pathbuf, &db);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
return; return;
} }
@ -195,7 +200,7 @@ char *www_decode_hash(char *hash) {
unsigned long long numbers[4]; unsigned long long numbers[4];
int dir, sub, fid, uid; int dir, sub, fid, uid;
hashids_t *hashids = hashids_init(conf.bbs_name); hashids_t *hashids = hashids_init(conf.bbs_name);
char buffer[PATH_MAX]; char pathbuf[PATH_MAX];
sqlite3 *db; sqlite3 *db;
sqlite3_stmt *res; sqlite3_stmt *res;
int rc; int rc;
@ -222,8 +227,8 @@ char *www_decode_hash(char *hash) {
} }
// get filename from database // get filename from database
snprintf(buffer, PATH_MAX, "%s/%s.sq3", conf.bbs_path, conf.file_directories[dir]->file_subs[sub]->database); snprintf(pathbuf, PATH_MAX, "%s/%s.sq3", conf.bbs_path, conf.file_directories[dir]->file_subs[sub]->database);
rc = sqlite3_open(buffer, &db); rc = sqlite3_open(pathbuf, &db);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
return NULL; return NULL;
} }
@ -280,10 +285,8 @@ char *www_create_link(int dir, int sub, int fid) {
return ret; return ret;
} }
char *www_files_display_listing(int dir, int sub) { char *www_files_display_listing(int dir, int sub) {
char *page; stralloc page = EMPTY_STRALLOC;
int max_len; char pathbuf[PATH_MAX];
int len;
char buffer[4096];
char *sql = "select id, filename, description, size, dlcount, uploaddate from files where approved=1 ORDER BY filename"; char *sql = "select id, filename, description, size, dlcount, uploaddate from files where approved=1 ORDER BY filename";
char *filename; char *filename;
char c; char c;
@ -296,178 +299,118 @@ char *www_files_display_listing(int dir, int sub) {
int i; int i;
char *clean_url; char *clean_url;
page = (char *)malloz(4096); stralloc_copys(&page, "<div class=\"content-header\"><h2>Files: ");
max_len = 4096; stralloc_cats(&page, conf.file_directories[dir]->name);
len = 0; stralloc_cats(&page, " - ");
stralloc_cats(&page, conf.file_directories[dir]->file_subs[sub]->name);
stralloc_cats(&page, "</h2></div>\n");
snprintf(buffer, 4096, "<div class=\"content-header\"><h2>Files: %s - %s</h2></div>\n", conf.file_directories[dir]->name, conf.file_directories[dir]->file_subs[sub]->name); snprintf(pathbuf, sizeof pathbuf, "%s/%s.sq3",
if (len + strlen(buffer) > max_len - 1) { conf.bbs_path, conf.file_directories[dir]->file_subs[sub]->database);
max_len += 4096; rc = sqlite3_open(pathbuf, &db);
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
snprintf(buffer, 4096, "%s/%s.sq3", conf.bbs_path, conf.file_directories[dir]->file_subs[sub]->database);
rc = sqlite3_open(buffer, &db);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
free(page); free(page.s);
return NULL; return NULL;
} }
sqlite3_busy_timeout(db, 5000); sqlite3_busy_timeout(db, 5000);
rc = sqlite3_prepare_v2(db, sql, -1, &res, 0); rc = sqlite3_prepare_v2(db, sql, -1, &res, 0);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
sqlite3_close(db); sqlite3_close(db);
free(page); free(page.s);
return NULL; return NULL;
} }
snprintf(buffer, 4096, "<table class=\"fileentry\"><thead><tr><td>Filename</td><td>Size</td><td>Description</td></tr></thead><tbody>\n"); stralloc_cats(&page, "<table class=\"fileentry\"><thead><tr><td>Filename</td><td>Size</td><td>Description</td></tr></thead><tbody>\n");
if (len + strlen(buffer) > max_len - 1) {
max_len += 4096;
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
while (sqlite3_step(res) == SQLITE_ROW) { while (sqlite3_step(res) == SQLITE_ROW) {
filename = strdup(sqlite3_column_text(res, 1)); filename = strdup((char *)sqlite3_column_text(res, 1));
clean_url = www_encode(basename(filename)); char *base_filename = basename(filename);
snprintf(buffer, 4096, "<tr><td class=\"filename\"><a href=\"%sfiles/areas/%d/%d/%s\">%s</a></td>", conf.www_url, dir, sub, basename(clean_url), basename(filename)); stralloc_cats(&page, "<tr><td class=\"filename\"><a href=\"");
free(clean_url); stralloc_cats(&page, conf.www_url);
free(filename); stralloc_cats(&page, "files/areas/");
if (len + strlen(buffer) > max_len - 1) { stralloc_cat_long(&page, dir);
max_len += 4096; stralloc_append1(&page, '/');
page = (char *)realloc(page, max_len); stralloc_cat_long(&page, sub);
} stralloc_append1(&page, '/');
strcat(page, buffer); www_encode(&page, base_filename);
len += strlen(buffer); stralloc_cats(&page, "\">");
stralloc_cats(&page, base_filename);
stralloc_cats(&page, "</a></td>");
size = sqlite3_column_int(res, 3); size = sqlite3_column_int(res, 3);
stralloc_cats(&page, "<td class=\"filesize\">");
if (size > 1024 * 1024 * 1024) { stralloc_cat_long(&page, size);
size = size / 1024 / 1024 / 1024; int c = 'b';
c = 'G'; if (size > 1024) {
} else if (size > 1024 * 1024) { size /= 1024;
size = size / 1024 / 1024;
c = 'M';
} else if (size > 1024) {
size = size / 1024;
c = 'K'; c = 'K';
} else {
c = 'b';
} }
if (size > 1024) {
snprintf(buffer, 4096, "<td class=\"filesize\">%d%c</td>", size, c); size /= 1024;
if (len + strlen(buffer) > max_len - 1) { c = 'M';
max_len += 4096;
page = (char *)realloc(page, max_len);
} }
strcat(page, buffer); if (size > 1024) {
len += strlen(buffer); size /= 1024;
c = 'G';
}
stralloc_append1(&page, c);
stralloc_cats(&page, "</td>");
stralloc_cats(&page, "<td class=\"filedesc\">");
description = strdup((char *)sqlite3_column_text(res, 2)); description = strdup((char *)sqlite3_column_text(res, 2));
for (char *p = description; *p != '\0'; ++p) {
for (i = 0; i < strlen(description); i++) { if (*p == '\n')
if (description[i] == '\n') { *p = '\r';
description[i] = '\r';
}
} }
snprintf(buffer, 4096, "<td class=\"filedesc\">");
if (len + strlen(buffer) > max_len - 1) {
max_len += 4096;
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
aha_out = aha(description); aha_out = aha(description);
stralloc_cats(&page, aha_out);
while (len + strlen(aha_out) > max_len - 1) {
max_len += 4096;
page = (char *)realloc(page, max_len);
}
strcat(page, aha_out);
len += strlen(aha_out);
free(aha_out); free(aha_out);
free(description); free(description);
free(filename);
snprintf(buffer, 4096, "</td></tr>\n"); stralloc_cats(&page, "</td></tr>\n");
if (len + strlen(buffer) > max_len - 1) {
max_len += 4096;
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
} }
stralloc_cats(&page, "</tbody></table>\n");
snprintf(buffer, 4096, "</tbody></table>\n"); stralloc_0(&page);
if (len + strlen(buffer) > max_len - 1) {
max_len += 4096;
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
sqlite3_finalize(res); sqlite3_finalize(res);
sqlite3_close(db); sqlite3_close(db);
return page; return page.s;
} }
char *www_files_areas() { char *www_files_areas() {
char *page; stralloc page = EMPTY_STRALLOC;
int max_len;
int len;
char buffer[4096];
int i;
int j;
page = (char *)malloz(4096); stralloc_copys(&page, "<div class=\"content-header\"><h2>File Directories</h2></div>\n");
max_len = 4096; for (int i = 0; i < conf.file_directory_count; i++) {
len = 0; if (!conf.file_directories[i]->display_on_web)
continue;
sprintf(buffer, "<div class=\"content-header\"><h2>File Directories</h2></div>\n"); stralloc_cats(&page, "<div class=\"conference-list-item\">");
if (len + strlen(buffer) > max_len - 1) { stralloc_cats(&page, conf.file_directories[i]->name);
max_len += 4096; stralloc_cats(&page, "</div>\n");
page = (char *)realloc(page, max_len); for (int j = 0; j < conf.file_directories[i]->file_sub_count; j++) {
} stralloc_cats(&page, "<div class=\"area-list-item\"><a href=\"");
strcat(page, buffer); stralloc_cats(&page, conf.www_url);
len += strlen(buffer); stralloc_cats(&page, "files/areas/");
stralloc_cat_long(&page, i);
for (i = 0; i < conf.file_directory_count; i++) { stralloc_append1(&page, '/');
if (conf.file_directories[i]->display_on_web) { stralloc_cat_long(&page, j);
sprintf(buffer, "<div class=\"conference-list-item\">%s</div>\n", conf.file_directories[i]->name); stralloc_cats(&page, "/\">");
if (len + strlen(buffer) > max_len - 1) { stralloc_cats(&page, conf.file_directories[i]->file_subs[j]->name);
max_len += 4096; stralloc_cats(&page, "</a></div>\n");
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
for (j = 0; j < conf.file_directories[i]->file_sub_count; j++) {
sprintf(buffer, "<div class=\"area-list-item\"><a href=\"%sfiles/areas/%d/%d/\">%s</a></div>\n", conf.www_url, i, j, conf.file_directories[i]->file_subs[j]->name);
if (len + strlen(buffer) > max_len - 1) {
max_len += 4096;
page = (char *)realloc(page, max_len);
}
strcat(page, buffer);
len += strlen(buffer);
}
} }
} }
stralloc_0(&page);
return page; return page.s;
} }
char *www_files_get_from_area(int dir, int sub, char *clean_file) { char *www_files_get_from_area(int dir, int sub, char *clean_file) {
char *sql = "SELECT filename FROM files WHERE approved=1 AND filename LIKE ? ESCAPE \"^\""; char *sql = "SELECT filename FROM files WHERE approved=1 AND filename LIKE ? ESCAPE \"^\"";
char *filenamelike; stralloc filenamelike = EMPTY_STRALLOC;
sqlite3 *db; sqlite3 *db;
sqlite3_stmt *res; sqlite3_stmt *res;
int rc; int rc;
char buffer[PATH_MAX]; char pathbuf[PATH_MAX];
char *ret = NULL; char *ret = NULL;
int i; int i;
int extra = 0; int extra = 0;
@ -475,67 +418,35 @@ char *www_files_get_from_area(int dir, int sub, char *clean_file) {
char *file; char *file;
file = www_decode(clean_file); file = www_decode(clean_file);
stralloc_copys(&filenamelike, "%");
for (i = 0; i < strlen(file); i++) { for (char *p = file; *p != '\0'; ++p) {
if (file[i] == '^' || file[i] == '%' || file[i] == '_') { if (*p == '^' || *p == '_' || *p == '%')
extra++; stralloc_append1(&filenamelike, '^');
} stralloc_append1(&filenamelike, *p);
} }
stralloc_0(&filenamelike);
filenamelike = (char *)malloz(strlen(file) + 3 + extra);
i = 0;
filenamelike[i++] = '%';
filenamelike[i] = '\0';
for (j = 0; j < strlen(file); j++) {
switch (file[j]) {
case '^':
filenamelike[i++] = '^';
filenamelike[i++] = '^';
filenamelike[i] = '\0';
break;
case '_':
filenamelike[i++] = '^';
filenamelike[i++] = '_';
filenamelike[i] = '\0';
break;
case '%':
filenamelike[i++] = '^';
filenamelike[i++] = '%';
filenamelike[i] = '\0';
break;
default:
filenamelike[i++] = file[j];
filenamelike[i] = '\0';
break;
}
}
// sprintf(filenamelike, "%%/%s", file);
free(file); free(file);
snprintf(buffer, PATH_MAX, "%s/%s.sq3", conf.bbs_path, conf.file_directories[dir]->file_subs[sub]->database); snprintf(pathbuf, PATH_MAX, "%s/%s.sq3", conf.bbs_path, conf.file_directories[dir]->file_subs[sub]->database);
rc = sqlite3_open(pathbuf, &db);
rc = sqlite3_open(buffer, &db);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
free(filenamelike.s);
return NULL; return NULL;
} }
sqlite3_busy_timeout(db, 5000); sqlite3_busy_timeout(db, 5000);
rc = sqlite3_prepare_v2(db, sql, -1, &res, 0); rc = sqlite3_prepare_v2(db, sql, -1, &res, 0);
if (rc != SQLITE_OK) { if (rc != SQLITE_OK) {
sqlite3_close(db); sqlite3_close(db);
free(filenamelike.s);
return NULL; return NULL;
} }
sqlite3_bind_text(res, 1, filenamelike, -1, 0); sqlite3_bind_text(res, 1, filenamelike.s, -1, 0);
rc = sqlite3_step(res); rc = sqlite3_step(res);
if (rc == SQLITE_ROW) { if (rc == SQLITE_ROW) {
ret = strdup(sqlite3_column_text(res, 0)); ret = strdup(sqlite3_column_text(res, 0));
} }
free(filenamelike); free(filenamelike.s);
sqlite3_finalize(res); sqlite3_finalize(res);
sqlite3_close(db); sqlite3_close(db);
return ret; return ret;