apr_escape.h 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431
  1. /* Licensed to the Apache Software Foundation (ASF) under one or more
  2. * contributor license agreements. See the NOTICE file distributed with
  3. * this work for additional information regarding copyright ownership.
  4. * The ASF licenses this file to You under the Apache License, Version 2.0
  5. * (the "License"); you may not use this file except in compliance with
  6. * the License. You may obtain a copy of the License at
  7. *
  8. * http://www.apache.org/licenses/LICENSE-2.0
  9. *
  10. * Unless required by applicable law or agreed to in writing, software
  11. * distributed under the License is distributed on an "AS IS" BASIS,
  12. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. * See the License for the specific language governing permissions and
  14. * limitations under the License.
  15. */
  16. /**
  17. * @file apr_escape.h
  18. * @brief APR-UTIL Escaping
  19. */
  20. #ifndef APR_ESCAPE_H
  21. #define APR_ESCAPE_H
  22. #include "apr.h"
  23. #include "apr_general.h"
  24. #ifdef __cplusplus
  25. extern "C" {
  26. #endif
  27. /**
  28. * @defgroup APR_Util_Escaping Escape functions
  29. * @ingroup APR
  30. * @{
  31. */
  32. /* Simple escape/unescape functions.
  33. *
  34. * The design goal of these functions are:
  35. *
  36. * - Avoid unnecessary work.
  37. *
  38. * In most cases the strings passed in do not need to be escaped at all. In
  39. * these cases the original string will be returned.
  40. *
  41. * - Lowest possible memory footprint.
  42. *
  43. * The amount of memory allocated for a given encoding is calculated based
  44. * on the exact amount of memory needed, and not the theoretical worst case
  45. * scenario.
  46. *
  47. */
  48. /**
  49. * When passing a string to one of the escape functions, this value can be
  50. * passed to indicate a string-valued key, and have the length computed
  51. * automatically.
  52. */
  53. #define APR_ESCAPE_STRING (-1)
  54. /**
  55. * Apply LDAP distinguished name escaping as per RFC4514.
  56. */
  57. #define APR_ESCAPE_LDAP_DN (0x01)
  58. /**
  59. * Apply LDAP filter escaping as per RFC4515.
  60. */
  61. #define APR_ESCAPE_LDAP_FILTER (0x02)
  62. /**
  63. * Apply both RFC4514 and RFC4515 LDAP escaping.
  64. */
  65. #define APR_ESCAPE_LDAP_ALL (0x03)
  66. /**
  67. * Perform shell escaping on the provided string.
  68. *
  69. * Shell escaping causes characters to be prefixed with a '\' character.
  70. * @param escaped Optional buffer to write the encoded string, can be
  71. * NULL
  72. * @param str The original string
  73. * @param slen The length of the original string, or APR_ESCAPE_STRING
  74. * @param len If present, returns the length of the string
  75. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  76. * detected or the string was NULL
  77. */
  78. APR_DECLARE(apr_status_t) apr_escape_shell(char *escaped, const char *str,
  79. apr_ssize_t slen, apr_size_t *len);
  80. /**
  81. * Perform shell escaping on the provided string, returning the result
  82. * from the pool.
  83. *
  84. * Shell escaping causes characters to be prefixed with a '\' character.
  85. *
  86. * If no characters were escaped, the original string is returned.
  87. * @param p Pool to allocate from
  88. * @param str The original string
  89. * @return the encoded string, allocated from the pool, or the original
  90. * string if no escaping took place or the string was NULL.
  91. */
  92. APR_DECLARE(const char *) apr_pescape_shell(apr_pool_t *p, const char *str)
  93. __attribute__((nonnull(1)));
  94. /**
  95. * Unescapes a URL, leaving reserved characters intact.
  96. * @param escaped Optional buffer to write the encoded string, can be
  97. * NULL
  98. * @param url String to be unescaped
  99. * @param slen The length of the original url, or APR_ESCAPE_STRING
  100. * @param forbid Optional list of forbidden characters, in addition to
  101. * 0x00
  102. * @param reserved Optional list of reserved characters that will be
  103. * left unescaped
  104. * @param plus If non zero, '+' is converted to ' ' as per
  105. * application/x-www-form-urlencoded encoding
  106. * @param len If set, the length of the escaped string will be returned
  107. * @return APR_SUCCESS on success, APR_NOTFOUND if no characters are
  108. * decoded or the string is NULL, APR_EINVAL if a bad escape sequence is
  109. * found, APR_BADCH if a character on the forbid list is found.
  110. */
  111. APR_DECLARE(apr_status_t) apr_unescape_url(char *escaped, const char *url,
  112. apr_ssize_t slen, const char *forbid, const char *reserved, int plus,
  113. apr_size_t *len);
  114. /**
  115. * Unescapes a URL, leaving reserved characters intact, returning the
  116. * result from a pool.
  117. * @param p Pool to allocate from
  118. * @param url String to be unescaped in place
  119. * @param forbid Optional list of forbidden characters, in addition to
  120. * 0x00
  121. * @param reserved Optional list of reserved characters that will be
  122. * left unescaped
  123. * @param plus If non zero, '+' is converted to ' ' as per
  124. * application/x-www-form-urlencoded encoding
  125. * @return A string allocated from the pool on success, the original string
  126. * if no characters are decoded, or NULL if a bad escape sequence is found
  127. * or if a character on the forbid list is found, or if the original string
  128. * was NULL.
  129. */
  130. APR_DECLARE(const char *) apr_punescape_url(apr_pool_t *p, const char *url,
  131. const char *forbid, const char *reserved, int plus)
  132. __attribute__((nonnull(1)));
  133. /**
  134. * Escape a path segment, as defined in RFC1808.
  135. * @param escaped Optional buffer to write the encoded string, can be
  136. * NULL
  137. * @param str The original string
  138. * @param slen The length of the original string, or APR_ESCAPE_STRING
  139. * @param len If present, returns the length of the string
  140. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  141. * detected or the string was NULL
  142. */
  143. APR_DECLARE(apr_status_t) apr_escape_path_segment(char *escaped,
  144. const char *str, apr_ssize_t slen, apr_size_t *len);
  145. /**
  146. * Escape a path segment, as defined in RFC1808, returning the result from a
  147. * pool.
  148. * @param p Pool to allocate from
  149. * @param str String to be escaped
  150. * @return A string allocated from the pool on success, the original string
  151. * if no characters are encoded or the string is NULL.
  152. */
  153. APR_DECLARE(const char *) apr_pescape_path_segment(apr_pool_t *p,
  154. const char *str) __attribute__((nonnull(1)));
  155. /**
  156. * Converts an OS path to a URL, in an OS dependent way, as defined in RFC1808.
  157. * In all cases if a ':' occurs before the first '/' in the URL, the URL should
  158. * be prefixed with "./" (or the ':' escaped). In the case of Unix, this means
  159. * leaving '/' alone, but otherwise doing what escape_path_segment() does. For
  160. * efficiency reasons, we don't use escape_path_segment(), which is provided for
  161. * reference. Again, RFC 1808 is where this stuff is defined.
  162. *
  163. * If partial is set, os_escape_path() assumes that the path will be appended to
  164. * something with a '/' in it (and thus does not prefix "./").
  165. * @param escaped Optional buffer to write the encoded string, can be
  166. * NULL
  167. * @param path The original string
  168. * @param slen The length of the original string, or APR_ESCAPE_STRING
  169. * @param partial If non zero, suppresses the prepending of "./"
  170. * @param len If present, returns the length of the string
  171. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  172. * detected or if the string was NULL
  173. */
  174. APR_DECLARE(apr_status_t) apr_escape_path(char *escaped, const char *path,
  175. apr_ssize_t slen, int partial, apr_size_t *len);
  176. /**
  177. * Converts an OS path to a URL, in an OS dependent way, as defined in RFC1808,
  178. * returning the result from a pool.
  179. *
  180. * In all cases if a ':' occurs before the first '/' in the URL, the URL should
  181. * be prefixed with "./" (or the ':' escaped). In the case of Unix, this means
  182. * leaving '/' alone, but otherwise doing what escape_path_segment() does. For
  183. * efficiency reasons, we don't use escape_path_segment(), which is provided for
  184. * reference. Again, RFC 1808 is where this stuff is defined.
  185. *
  186. * If partial is set, os_escape_path() assumes that the path will be appended to
  187. * something with a '/' in it (and thus does not prefix "./").
  188. * @param p Pool to allocate from
  189. * @param str The original string
  190. * @param partial If non zero, suppresses the prepending of "./"
  191. * @return A string allocated from the pool on success, the original string
  192. * if no characters are encoded or if the string was NULL.
  193. */
  194. APR_DECLARE(const char *) apr_pescape_path(apr_pool_t *p, const char *str,
  195. int partial) __attribute__((nonnull(1)));
  196. /**
  197. * Urlencode a string, as defined in
  198. * http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1.
  199. * @param escaped Optional buffer to write the encoded string, can be
  200. * NULL
  201. * @param str The original string
  202. * @param slen The length of the original string, or APR_ESCAPE_STRING
  203. * @param len If present, returns the length of the string
  204. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  205. * detected or if the stirng was NULL
  206. */
  207. APR_DECLARE(apr_status_t) apr_escape_urlencoded(char *escaped, const char *str,
  208. apr_ssize_t slen, apr_size_t *len);
  209. /**
  210. * Urlencode a string, as defined in
  211. * http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1, returning
  212. * the result from a pool.
  213. * @param p Pool to allocate from
  214. * @param str String to be escaped
  215. * @return A string allocated from the pool on success, the original string
  216. * if no characters are encoded or if the string was NULL.
  217. */
  218. APR_DECLARE(const char *) apr_pescape_urlencoded(apr_pool_t *p,
  219. const char *str) __attribute__((nonnull(1)));
  220. /**
  221. * Apply entity encoding to a string. Characters are replaced as follows:
  222. * '<' becomes '\&lt;', '>' becomes '\&gt;', '&' becomes '\&amp;', the
  223. * double quote becomes '\&quot;" and the single quote becomes '\&apos;'.
  224. *
  225. * If toasc is not zero, any non ascii character will be encoded as
  226. * '%\#ddd;', where ddd is the decimal code of the character.
  227. * @param escaped Optional buffer to write the encoded string, can be
  228. * NULL
  229. * @param str The original string
  230. * @param slen The length of the original string, or APR_ESCAPE_STRING
  231. * @param toasc If non zero, encode non ascii characters
  232. * @param len If present, returns the length of the string
  233. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  234. * detected or the string was NULL
  235. */
  236. APR_DECLARE(apr_status_t) apr_escape_entity(char *escaped, const char *str,
  237. apr_ssize_t slen, int toasc, apr_size_t *len);
  238. /**
  239. * Apply entity encoding to a string, returning the result from a pool.
  240. * Characters are replaced as follows: '<' becomes '\&lt;', '>' becomes
  241. * '\&gt;', '&' becomes '\&amp;', the double quote becomes '\&quot;" and the
  242. * single quote becomes '\&apos;'.
  243. * @param p Pool to allocate from
  244. * @param str The original string
  245. * @param toasc If non zero, encode non ascii characters
  246. * @return A string allocated from the pool on success, the original string
  247. * if no characters are encoded or the string is NULL.
  248. */
  249. APR_DECLARE(const char *) apr_pescape_entity(apr_pool_t *p, const char *str,
  250. int toasc) __attribute__((nonnull(1)));
  251. /**
  252. * Decodes html entities or numeric character references in a string. If
  253. * the string to be unescaped is syntactically incorrect, then the
  254. * following fixups will be made:
  255. * unknown entities will be left undecoded;
  256. * references to unused numeric characters will be deleted.
  257. * In particular, &#00; will not be decoded, but will be deleted.
  258. * @param unescaped Optional buffer to write the encoded string, can be
  259. * NULL
  260. * @param str The original string
  261. * @param slen The length of the original string, or APR_ESCAPE_STRING
  262. * @param len If present, returns the length of the string
  263. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  264. * detected or the string was NULL
  265. */
  266. APR_DECLARE(apr_status_t) apr_unescape_entity(char *unescaped, const char *str,
  267. apr_ssize_t slen, apr_size_t *len);
  268. /**
  269. * Decodes html entities or numeric character references in a string. If
  270. * the string to be unescaped is syntactically incorrect, then the
  271. * following fixups will be made:
  272. * unknown entities will be left undecoded;
  273. * references to unused numeric characters will be deleted.
  274. * In particular, &#00; will not be decoded, but will be deleted.
  275. * @param p Pool to allocate from
  276. * @param str The original string
  277. * @return A string allocated from the pool on success, the original string
  278. * if no characters are encoded or the string is NULL.
  279. */
  280. APR_DECLARE(const char *) apr_punescape_entity(apr_pool_t *p, const char *str)
  281. __attribute__((nonnull(1)));
  282. /**
  283. * Escape control characters in a string, as performed by the shell's
  284. * 'echo' command. Characters are replaced as follows:
  285. * \\a alert (bell), \\b backspace, \\f form feed, \\n new line, \\r carriage
  286. * return, \\t horizontal tab, \\v vertical tab, \\ backslash.
  287. *
  288. * Any non ascii character will be encoded as '\\xHH', where HH is the hex
  289. * code of the character.
  290. *
  291. * If quote is not zero, the double quote character will also be escaped.
  292. * @param escaped Optional buffer to write the encoded string, can be
  293. * NULL
  294. * @param str The original string
  295. * @param slen The length of the original string, or APR_ESCAPE_STRING
  296. * @param quote If non zero, encode double quotes
  297. * @param len If present, returns the length of the string
  298. * @return APR_SUCCESS, or APR_NOTFOUND if no changes to the string were
  299. * detected or the string was NULL
  300. */
  301. APR_DECLARE(apr_status_t) apr_escape_echo(char *escaped, const char *str,
  302. apr_ssize_t slen, int quote, apr_size_t *len);
  303. /**
  304. * Escape control characters in a string, as performed by the shell's
  305. * 'echo' command, and return the results from a pool. Characters are
  306. * replaced as follows: \\a alert (bell), \\b backspace, \\f form feed,
  307. * \\n new line, \\r carriage return, \\t horizontal tab, \\v vertical tab,
  308. * \\ backslash.
  309. *
  310. * Any non ascii character will be encoded as '\\xHH', where HH is the hex
  311. * code of the character.
  312. *
  313. * If quote is not zero, the double quote character will also be escaped.
  314. * @param p Pool to allocate from
  315. * @param str The original string
  316. * @param quote If non zero, encode double quotes
  317. * @return A string allocated from the pool on success, the original string
  318. * if no characters are encoded or the string is NULL.
  319. */
  320. APR_DECLARE(const char *) apr_pescape_echo(apr_pool_t *p, const char *str,
  321. int quote);
  322. /**
  323. * Convert binary data to a hex encoding.
  324. * @param dest The destination buffer, can be NULL
  325. * @param src The original buffer
  326. * @param srclen The length of the original buffer
  327. * @param colon If not zero, insert colon characters between hex digits.
  328. * @param len If present, returns the length of the string
  329. * @return APR_SUCCESS, or APR_NOTFOUND if the string was NULL
  330. */
  331. APR_DECLARE(apr_status_t) apr_escape_hex(char *dest, const void *src,
  332. apr_size_t srclen, int colon, apr_size_t *len);
  333. /**
  334. * Convert binary data to a hex encoding, and return the results from a
  335. * pool.
  336. * @param p Pool to allocate from
  337. * @param src The original buffer
  338. * @param slen The length of the original buffer
  339. * @param colon If not zero, insert colon characters between hex digits.
  340. * @return A zero padded buffer allocated from the pool on success, or
  341. * NULL if src was NULL.
  342. */
  343. APR_DECLARE(const char *) apr_pescape_hex(apr_pool_t *p, const void *src,
  344. apr_size_t slen, int colon) __attribute__((nonnull(1)));
  345. /**
  346. * Convert hex encoded string to binary data.
  347. * @param dest The destination buffer, can be NULL
  348. * @param str The original buffer
  349. * @param slen The length of the original buffer
  350. * @param colon If not zero, ignore colon characters between hex digits.
  351. * @param len If present, returns the length of the string
  352. * @return APR_SUCCESS, or APR_NOTFOUND if the string was NULL, or APR_BADCH
  353. * if a non hex character is present.
  354. */
  355. APR_DECLARE(apr_status_t) apr_unescape_hex(void *dest, const char *str,
  356. apr_ssize_t slen, int colon, apr_size_t *len);
  357. /**
  358. * Convert hex encoding to binary data, and return the results from a pool.
  359. * If the colon character appears between pairs of hex digits, it will be
  360. * ignored.
  361. * @param p Pool to allocate from
  362. * @param str The original string
  363. * @param colon If not zero, ignore colon characters between hex digits.
  364. * @param len If present, returns the length of the final buffer
  365. * @return A buffer allocated from the pool on success, or NULL if src was
  366. * NULL, or a bad character was present.
  367. */
  368. APR_DECLARE(const void *) apr_punescape_hex(apr_pool_t *p, const char *str,
  369. int colon, apr_size_t *len);
  370. /**
  371. * Apply LDAP escaping to binary data. Characters from RFC4514 and RFC4515
  372. * are escaped with their hex equivalents.
  373. * @param dest The destination buffer, can be NULL
  374. * @param src The original buffer
  375. * @param srclen The length of the original buffer
  376. * @param flags APR_ESCAPE_LDAP_DN for RFC4514, APR_ESCAPE_LDAP_FILTER for
  377. * RFC4515, APR_ESCAPE_LDAP_ALL for both
  378. * @param len If present, returns the length of the string
  379. * @return APR_SUCCESS, or APR_NOTFOUND if the string was NULL
  380. */
  381. APR_DECLARE(apr_status_t) apr_escape_ldap(char *dest, const void *src,
  382. apr_ssize_t srclen, int flags, apr_size_t *len);
  383. /**
  384. * Apply LDAP escaping to binary data, and return the results from a
  385. * pool. Characters from RFC4514 and RFC4515 are escaped with their hex
  386. * equivalents.
  387. * @param p Pool to allocate from
  388. * @param src The original buffer
  389. * @param slen The length of the original buffer
  390. * @param flags APR_ESCAPE_LDAP_DN for RFC4514, APR_ESCAPE_LDAP_FILTER for
  391. * RFC4515, APR_ESCAPE_LDAP_ALL for both
  392. * @return A zero padded buffer allocated from the pool on success, or
  393. * NULL if src was NULL.
  394. */
  395. APR_DECLARE(const char *) apr_pescape_ldap(apr_pool_t *p, const void *src,
  396. apr_ssize_t slen, int flags) __attribute__((nonnull(1)));
  397. /** @} */
  398. #ifdef __cplusplus
  399. }
  400. #endif
  401. #endif /* !APR_ESCAPE_H */