curl/lib/escape.c

/*****************************************************************************
 *                                  _   _ ____  _     
 *  Project                     ___| | | |  _ \| |    
 *                             / __| | | | |_) | |    
 *                            | (__| |_| |  _ <| |___ 
 *                             \___|\___/|_| \_\_____|
 *
 *  The contents of this file are subject to the Mozilla Public License
 *  Version 1.0 (the "License"); you may not use this file except in
 *  compliance with the License. You may obtain a copy of the License at
 *  http://www.mozilla.org/MPL/
 *
 *  Software distributed under the License is distributed on an "AS IS"
 *  basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
 *  License for the specific language governing rights and limitations
 *  under the License.
 *
 *  The Original Code is Curl.
 *
 *  The Initial Developer of the Original Code is Daniel Stenberg.
 *
 *  Portions created by the Initial Developer are Copyright (C) 1998.
 *  All Rights Reserved.
 *
 * ------------------------------------------------------------
 * Main author:
 * - Daniel Stenberg <daniel@haxx.se>
 *
 * 	http://curl.haxx.se
 *
 * $Source$
 * $Revision$
 * $Date$
 * $Author$
 * $State$
 * $Locker$
 *
 * ------------------------------------------------------------
 ****************************************************************************/

/* Escape and unescape URL encoding in strings. The functions return a new
 * allocated string or NULL if an error occurred.  */

#include "setup.h"
#include <curl/curl.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

/* The last #include file should be: */
#ifdef MALLOCDEBUG
#include "memdebug.h"
#endif

char *curl_escape(char *string)
{
   int alloc=strlen(string)+1;
   char *ns = malloc(alloc);
   unsigned char in;
   int newlen = alloc;
   int index=0;

   while(*string) {
      in = *string;
      if(' ' == in)
	 ns[index++] = '+';
      else if(!(in >= 'a' && in <= 'z') &&
	      !(in >= 'A' && in <= 'Z') &&
	      !(in >= '0' && in <= '9')) {
	 /* encode it */
	 newlen += 2; /* the size grows with two, since this'll become a %XX */
	 if(newlen > alloc) {
	    alloc *= 2;
	    ns = realloc(ns, alloc);
	    if(!ns)
	       return NULL;
	 }
	 sprintf(&ns[index], "%%%02X", in);
	 index+=3;
      }
      else {
	 /* just copy this */
	 ns[index++]=in;
      }
      string++;
   }
   ns[index]=0; /* terminate it */
   return ns;
}

char *curl_unescape(char *string, int length)
{
   int alloc = (length?length:strlen(string))+1;
   char *ns = malloc(alloc);
   unsigned char in;
   int index=0;
   int hex;
   char querypart=FALSE; /* everything to the right of a '?' letter is
                            the "query part" where '+' should become ' '.
                            RFC 2316, section 3.10 */
  
   while(--alloc) {
      in = *string;
      if(querypart && ('+' == in))
         in = ' ';
      else if(!querypart && ('?' == in)) {
        /* we have "walked in" to the query part */
        querypart=TRUE;
      }
      else if('%' == in) {
        /* encoded part */
        if(sscanf(string+1, "%02X", &hex)) {
          in = hex;
          string+=2;
        }
      }

      ns[index++] = in;
      string++;
   }
   ns[index]=0; /* terminate it */
   return ns;
  
}
Initial revision 1999-12-29 09:20:26 -05:00			`/*****************************************************************************`
			`* _ _ ____ _`
			`* Project ___\| \| \| \| _ \\| \|`
			`* / __\| \| \| \| \|_) \| \|`
			`* \| (__\| \|_\| \| _ <\| \|___`
			`* \___\|\___/\|_\| \_\_____\|`
			`*`
			`* The contents of this file are subject to the Mozilla Public License`
			`* Version 1.0 (the "License"); you may not use this file except in`
			`* compliance with the License. You may obtain a copy of the License at`
			`* http://www.mozilla.org/MPL/`
			`*`
			`* Software distributed under the License is distributed on an "AS IS"`
			`* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the`
			`* License for the specific language governing rights and limitations`
			`* under the License.`
			`*`
			`* The Original Code is Curl.`
			`*`
			`* The Initial Developer of the Original Code is Daniel Stenberg.`
			`*`
			`* Portions created by the Initial Developer are Copyright (C) 1998.`
			`* All Rights Reserved.`
			`*`
			`* ------------------------------------------------------------`
			`* Main author:`
haxx.nu => haxx.se 2000-06-20 11:31:26 -04:00			`* - Daniel Stenberg <daniel@haxx.se>`
Initial revision 1999-12-29 09:20:26 -05:00			`*`
haxx.nu => haxx.se 2000-06-20 11:31:26 -04:00			`* http://curl.haxx.se`
Initial revision 1999-12-29 09:20:26 -05:00			`*`
			`* $Source$`
			`* $Revision$`
			`* $Date$`
			`* $Author$`
			`* $State$`
			`* $Locker$`
			`*`
			`* ------------------------------------------------------------`
			`****************************************************************************/`

			`/* Escape and unescape URL encoding in strings. The functions return a new`
			`* allocated string or NULL if an error occurred. */`

in unescape(), '+' is now only converted to space after the first '?' 2000-08-31 08:03:04 -04:00			`#include "setup.h"`
			`#include <curl/curl.h>`

Initial revision 1999-12-29 09:20:26 -05:00			`#include <stdio.h>`
			`#include <stdlib.h>`
			`#include <string.h>`

added memory debugging include file 2000-10-09 07:12:34 -04:00			`/* The last #include file should be: */`
			`#ifdef MALLOCDEBUG`
			`#include "memdebug.h"`
			`#endif`

Initial revision 1999-12-29 09:20:26 -05:00			`char curl_escape(char string)`
			`{`
curl_unescape() could make a buffer overflow 2000-03-20 05:22:12 -05:00			`int alloc=strlen(string)+1;`
Initial revision 1999-12-29 09:20:26 -05:00			`char *ns = malloc(alloc);`
			`unsigned char in;`
			`int newlen = alloc;`
			`int index=0;`

			`while(*string) {`
			`in = *string;`
			`if(' ' == in)`
			`ns[index++] = '+';`
			`else if(!(in >= 'a' && in <= 'z') &&`
			`!(in >= 'A' && in <= 'Z') &&`
			`!(in >= '0' && in <= '9')) {`
			`/* encode it */`
			`newlen += 2; /* the size grows with two, since this'll become a %XX */`
			`if(newlen > alloc) {`
			`alloc *= 2;`
			`ns = realloc(ns, alloc);`
			`if(!ns)`
			`return NULL;`
			`}`
			`sprintf(&ns[index], "%%%02X", in);`
			`index+=3;`
			`}`
			`else {`
			`/* just copy this */`
			`ns[index++]=in;`
			`}`
			`string++;`
			`}`
			`ns[index]=0; /* terminate it */`
			`return ns;`
			`}`

moved here from the newlib branch 2000-05-22 10:12:12 -04:00			`char curl_unescape(char string, int length)`
Initial revision 1999-12-29 09:20:26 -05:00			`{`
moved here from the newlib branch 2000-05-22 10:12:12 -04:00			`int alloc = (length?length:strlen(string))+1;`
Initial revision 1999-12-29 09:20:26 -05:00			`char *ns = malloc(alloc);`
			`unsigned char in;`
			`int index=0;`
			`int hex;`
in unescape(), '+' is now only converted to space after the first '?' 2000-08-31 08:03:04 -04:00			`char querypart=FALSE; /* everything to the right of a '?' letter is`
			`the "query part" where '+' should become ' '.`
			`RFC 2316, section 3.10 */`
moved here from the newlib branch 2000-05-22 10:12:12 -04:00
			`while(--alloc) {`
Initial revision 1999-12-29 09:20:26 -05:00			`in = *string;`
in unescape(), '+' is now only converted to space after the first '?' 2000-08-31 08:03:04 -04:00			`if(querypart && ('+' == in))`
			`in = ' ';`
			`else if(!querypart && ('?' == in)) {`
			`/* we have "walked in" to the query part */`
			`querypart=TRUE;`
			`}`
Initial revision 1999-12-29 09:20:26 -05:00			`else if('%' == in) {`
in unescape(), '+' is now only converted to space after the first '?' 2000-08-31 08:03:04 -04:00			`/* encoded part */`
			`if(sscanf(string+1, "%02X", &hex)) {`
			`in = hex;`
			`string+=2;`
			`}`
Initial revision 1999-12-29 09:20:26 -05:00			`}`

			`ns[index++] = in;`
			`string++;`
			`}`
			`ns[index]=0; /* terminate it */`
			`return ns;`

			`}`