| // Copyright 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "url/url_canon_internal.h" |
| |
| #include <errno.h> |
| #include <stddef.h> |
| #include <stdlib.h> |
| |
| #include <cstdio> |
| #include <string> |
| |
| #include "base/strings/utf_string_conversion_utils.h" |
| |
| namespace url { |
| |
| namespace { |
| |
| template<typename CHAR, typename UCHAR> |
| void DoAppendStringOfType(const CHAR* source, int length, |
| SharedCharTypes type, |
| CanonOutput* output) { |
| for (int i = 0; i < length; i++) { |
| if (static_cast<UCHAR>(source[i]) >= 0x80) { |
| // ReadChar will fill the code point with kUnicodeReplacementCharacter |
| // when the input is invalid, which is what we want. |
| unsigned code_point; |
| ReadUTFChar(source, &i, length, &code_point); |
| AppendUTF8EscapedValue(code_point, output); |
| } else { |
| // Just append the 7-bit character, possibly escaping it. |
| unsigned char uch = static_cast<unsigned char>(source[i]); |
| if (!IsCharOfType(uch, type)) |
| AppendEscapedChar(uch, output); |
| else |
| output->push_back(uch); |
| } |
| } |
| } |
| |
| // This function assumes the input values are all contained in 8-bit, |
| // although it allows any type. Returns true if input is valid, false if not. |
| template<typename CHAR, typename UCHAR> |
| void DoAppendInvalidNarrowString(const CHAR* spec, int begin, int end, |
| CanonOutput* output) { |
| for (int i = begin; i < end; i++) { |
| UCHAR uch = static_cast<UCHAR>(spec[i]); |
| if (uch >= 0x80) { |
| // Handle UTF-8/16 encodings. This call will correctly handle the error |
| // case by appending the invalid character. |
| AppendUTF8EscapedChar(spec, &i, end, output); |
| } else if (uch <= ' ' || uch == 0x7f) { |
| // This function is for error handling, so we escape all control |
| // characters and spaces, but not anything else since we lack |
| // context to do something more specific. |
| AppendEscapedChar(static_cast<unsigned char>(uch), output); |
| } else { |
| output->push_back(static_cast<char>(uch)); |
| } |
| } |
| } |
| |
| // Overrides one component, see the Replacements structure for |
| // what the various combionations of source pointer and component mean. |
| void DoOverrideComponent(const char* override_source, |
| const Component& override_component, |
| const char** dest, |
| Component* dest_component) { |
| if (override_source) { |
| *dest = override_source; |
| *dest_component = override_component; |
| } |
| } |
| |
| // Similar to DoOverrideComponent except that it takes a UTF-16 input and does |
| // not actually set the output character pointer. |
| // |
| // The input is converted to UTF-8 at the end of the given buffer as a temporary |
| // holding place. The component identifying the portion of the buffer used in |
| // the |utf8_buffer| will be specified in |*dest_component|. |
| // |
| // This will not actually set any |dest| pointer like DoOverrideComponent |
| // does because all of the pointers will point into the |utf8_buffer|, which |
| // may get resized while we're overriding a subsequent component. Instead, the |
| // caller should use the beginning of the |utf8_buffer| as the string pointer |
| // for all components once all overrides have been prepared. |
| bool PrepareUTF16OverrideComponent(const base::char16* override_source, |
| const Component& override_component, |
| CanonOutput* utf8_buffer, |
| Component* dest_component) { |
| bool success = true; |
| if (override_source) { |
| if (!override_component.is_valid()) { |
| // Non-"valid" component (means delete), so we need to preserve that. |
| *dest_component = Component(); |
| } else { |
| // Convert to UTF-8. |
| dest_component->begin = utf8_buffer->length(); |
| success = ConvertUTF16ToUTF8(&override_source[override_component.begin], |
| override_component.len, utf8_buffer); |
| dest_component->len = utf8_buffer->length() - dest_component->begin; |
| } |
| } |
| return success; |
| } |
| |
| } // namespace |
| |
| // See the header file for this array's declaration. |
| const unsigned char kSharedCharTypeTable[0x100] = { |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x00 - 0x0f |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x10 - 0x1f |
| 0, // 0x20 ' ' (escape spaces in queries) |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x21 ! |
| 0, // 0x22 " |
| 0, // 0x23 # (invalid in query since it marks the ref) |
| CHAR_QUERY | CHAR_USERINFO, // 0x24 $ |
| CHAR_QUERY | CHAR_USERINFO, // 0x25 % |
| CHAR_QUERY | CHAR_USERINFO, // 0x26 & |
| 0, // 0x27 ' (Try to prevent XSS.) |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x28 ( |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x29 ) |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x2a * |
| CHAR_QUERY | CHAR_USERINFO, // 0x2b + |
| CHAR_QUERY | CHAR_USERINFO, // 0x2c , |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x2d - |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_COMPONENT, // 0x2e . |
| CHAR_QUERY, // 0x2f / |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x30 0 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x31 1 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x32 2 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x33 3 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x34 4 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x35 5 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x36 6 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_OCT | CHAR_COMPONENT, // 0x37 7 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_COMPONENT, // 0x38 8 |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_DEC | CHAR_COMPONENT, // 0x39 9 |
| CHAR_QUERY, // 0x3a : |
| CHAR_QUERY, // 0x3b ; |
| 0, // 0x3c < (Try to prevent certain types of XSS.) |
| CHAR_QUERY, // 0x3d = |
| 0, // 0x3e > (Try to prevent certain types of XSS.) |
| CHAR_QUERY, // 0x3f ? |
| CHAR_QUERY, // 0x40 @ |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x41 A |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x42 B |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x43 C |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x44 D |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x45 E |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x46 F |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x47 G |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x48 H |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x49 I |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4a J |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4b K |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4c L |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4d M |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4e N |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x4f O |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x50 P |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x51 Q |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x52 R |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x53 S |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x54 T |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x55 U |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x56 V |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x57 W |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_COMPONENT, // 0x58 X |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x59 Y |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x5a Z |
| CHAR_QUERY, // 0x5b [ |
| CHAR_QUERY, // 0x5c '\' |
| CHAR_QUERY, // 0x5d ] |
| CHAR_QUERY, // 0x5e ^ |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x5f _ |
| CHAR_QUERY, // 0x60 ` |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x61 a |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x62 b |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x63 c |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x64 d |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x65 e |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_HEX | CHAR_COMPONENT, // 0x66 f |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x67 g |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x68 h |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x69 i |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6a j |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6b k |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6c l |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6d m |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6e n |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x6f o |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x70 p |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x71 q |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x72 r |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x73 s |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x74 t |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x75 u |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x76 v |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x77 w |
| CHAR_QUERY | CHAR_USERINFO | CHAR_IPV4 | CHAR_COMPONENT, // 0x78 x |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x79 y |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x7a z |
| CHAR_QUERY, // 0x7b { |
| CHAR_QUERY, // 0x7c | |
| CHAR_QUERY, // 0x7d } |
| CHAR_QUERY | CHAR_USERINFO | CHAR_COMPONENT, // 0x7e ~ |
| 0, // 0x7f |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x80 - 0x8f |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0x90 - 0x9f |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xa0 - 0xaf |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xb0 - 0xbf |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xc0 - 0xcf |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xd0 - 0xdf |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xe0 - 0xef |
| 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0xf0 - 0xff |
| }; |
| |
| const char kHexCharLookup[0x10] = { |
| '0', '1', '2', '3', '4', '5', '6', '7', |
| '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', |
| }; |
| |
| const char kCharToHexLookup[8] = { |
| 0, // 0x00 - 0x1f |
| '0', // 0x20 - 0x3f: digits 0 - 9 are 0x30 - 0x39 |
| 'A' - 10, // 0x40 - 0x5f: letters A - F are 0x41 - 0x46 |
| 'a' - 10, // 0x60 - 0x7f: letters a - f are 0x61 - 0x66 |
| 0, // 0x80 - 0x9F |
| 0, // 0xA0 - 0xBF |
| 0, // 0xC0 - 0xDF |
| 0, // 0xE0 - 0xFF |
| }; |
| |
| const base::char16 kUnicodeReplacementCharacter = 0xfffd; |
| |
| void AppendStringOfType(const char* source, int length, |
| SharedCharTypes type, |
| CanonOutput* output) { |
| DoAppendStringOfType<char, unsigned char>(source, length, type, output); |
| } |
| |
| void AppendStringOfType(const base::char16* source, int length, |
| SharedCharTypes type, |
| CanonOutput* output) { |
| DoAppendStringOfType<base::char16, base::char16>( |
| source, length, type, output); |
| } |
| |
| bool ReadUTFChar(const char* str, int* begin, int length, |
| unsigned* code_point_out) { |
| // This depends on ints and int32s being the same thing. If they're not, it |
| // will fail to compile. |
| // TODO(mmenke): This should probably be fixed. |
| if (!base::ReadUnicodeCharacter(str, length, begin, code_point_out) || |
| !base::IsValidCharacter(*code_point_out)) { |
| *code_point_out = kUnicodeReplacementCharacter; |
| return false; |
| } |
| return true; |
| } |
| |
| bool ReadUTFChar(const base::char16* str, int* begin, int length, |
| unsigned* code_point_out) { |
| // This depends on ints and int32s being the same thing. If they're not, it |
| // will fail to compile. |
| // TODO(mmenke): This should probably be fixed. |
| if (!base::ReadUnicodeCharacter(str, length, begin, code_point_out) || |
| !base::IsValidCharacter(*code_point_out)) { |
| *code_point_out = kUnicodeReplacementCharacter; |
| return false; |
| } |
| return true; |
| } |
| |
| void AppendInvalidNarrowString(const char* spec, int begin, int end, |
| CanonOutput* output) { |
| DoAppendInvalidNarrowString<char, unsigned char>(spec, begin, end, output); |
| } |
| |
| void AppendInvalidNarrowString(const base::char16* spec, int begin, int end, |
| CanonOutput* output) { |
| DoAppendInvalidNarrowString<base::char16, base::char16>( |
| spec, begin, end, output); |
| } |
| |
| bool ConvertUTF16ToUTF8(const base::char16* input, int input_len, |
| CanonOutput* output) { |
| bool success = true; |
| for (int i = 0; i < input_len; i++) { |
| unsigned code_point; |
| success &= ReadUTFChar(input, &i, input_len, &code_point); |
| AppendUTF8Value(code_point, output); |
| } |
| return success; |
| } |
| |
| bool ConvertUTF8ToUTF16(const char* input, int input_len, |
| CanonOutputT<base::char16>* output) { |
| bool success = true; |
| for (int i = 0; i < input_len; i++) { |
| unsigned code_point; |
| success &= ReadUTFChar(input, &i, input_len, &code_point); |
| AppendUTF16Value(code_point, output); |
| } |
| return success; |
| } |
| |
| void SetupOverrideComponents(const char* base, |
| const Replacements<char>& repl, |
| URLComponentSource<char>* source, |
| Parsed* parsed) { |
| // Get the source and parsed structures of the things we are replacing. |
| const URLComponentSource<char>& repl_source = repl.sources(); |
| const Parsed& repl_parsed = repl.components(); |
| |
| DoOverrideComponent(repl_source.scheme, repl_parsed.scheme, |
| &source->scheme, &parsed->scheme); |
| DoOverrideComponent(repl_source.username, repl_parsed.username, |
| &source->username, &parsed->username); |
| DoOverrideComponent(repl_source.password, repl_parsed.password, |
| &source->password, &parsed->password); |
| |
| // Our host should be empty if not present, so override the default setup. |
| DoOverrideComponent(repl_source.host, repl_parsed.host, |
| &source->host, &parsed->host); |
| if (parsed->host.len == -1) |
| parsed->host.len = 0; |
| |
| DoOverrideComponent(repl_source.port, repl_parsed.port, |
| &source->port, &parsed->port); |
| DoOverrideComponent(repl_source.path, repl_parsed.path, |
| &source->path, &parsed->path); |
| DoOverrideComponent(repl_source.query, repl_parsed.query, |
| &source->query, &parsed->query); |
| DoOverrideComponent(repl_source.ref, repl_parsed.ref, |
| &source->ref, &parsed->ref); |
| } |
| |
| bool SetupUTF16OverrideComponents(const char* base, |
| const Replacements<base::char16>& repl, |
| CanonOutput* utf8_buffer, |
| URLComponentSource<char>* source, |
| Parsed* parsed) { |
| bool success = true; |
| |
| // Get the source and parsed structures of the things we are replacing. |
| const URLComponentSource<base::char16>& repl_source = repl.sources(); |
| const Parsed& repl_parsed = repl.components(); |
| |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.scheme, repl_parsed.scheme, |
| utf8_buffer, &parsed->scheme); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.username, repl_parsed.username, |
| utf8_buffer, &parsed->username); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.password, repl_parsed.password, |
| utf8_buffer, &parsed->password); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.host, repl_parsed.host, |
| utf8_buffer, &parsed->host); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.port, repl_parsed.port, |
| utf8_buffer, &parsed->port); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.path, repl_parsed.path, |
| utf8_buffer, &parsed->path); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.query, repl_parsed.query, |
| utf8_buffer, &parsed->query); |
| success &= PrepareUTF16OverrideComponent( |
| repl_source.ref, repl_parsed.ref, |
| utf8_buffer, &parsed->ref); |
| |
| // PrepareUTF16OverrideComponent will not have set the data pointer since the |
| // buffer could be resized, invalidating the pointers. We set the data |
| // pointers for affected components now that the buffer is finalized. |
| if (repl_source.scheme) source->scheme = utf8_buffer->data(); |
| if (repl_source.username) source->username = utf8_buffer->data(); |
| if (repl_source.password) source->password = utf8_buffer->data(); |
| if (repl_source.host) source->host = utf8_buffer->data(); |
| if (repl_source.port) source->port = utf8_buffer->data(); |
| if (repl_source.path) source->path = utf8_buffer->data(); |
| if (repl_source.query) source->query = utf8_buffer->data(); |
| if (repl_source.ref) source->ref = utf8_buffer->data(); |
| |
| return success; |
| } |
| |
| #ifndef WIN32 |
| |
| int _itoa_s(int value, char* buffer, size_t size_in_chars, int radix) { |
| const char* format_str; |
| if (radix == 10) |
| format_str = "%d"; |
| else if (radix == 16) |
| format_str = "%x"; |
| else |
| return EINVAL; |
| |
| int written = snprintf(buffer, size_in_chars, format_str, value); |
| if (static_cast<size_t>(written) >= size_in_chars) { |
| // Output was truncated, or written was negative. |
| return EINVAL; |
| } |
| return 0; |
| } |
| |
| int _itow_s(int value, base::char16* buffer, size_t size_in_chars, int radix) { |
| if (radix != 10) |
| return EINVAL; |
| |
| // No more than 12 characters will be required for a 32-bit integer. |
| // Add an extra byte for the terminating null. |
| char temp[13]; |
| int written = snprintf(temp, sizeof(temp), "%d", value); |
| if (static_cast<size_t>(written) >= size_in_chars) { |
| // Output was truncated, or written was negative. |
| return EINVAL; |
| } |
| |
| for (int i = 0; i < written; ++i) { |
| buffer[i] = static_cast<base::char16>(temp[i]); |
| } |
| buffer[written] = '\0'; |
| return 0; |
| } |
| |
| #endif // !WIN32 |
| |
| } // namespace url |