mirror of
https://github.com/moparisthebest/curl
synced 2025-01-03 18:08:02 -05:00
urlglob fix to prevent crashing when -o path is longer than url
This commit is contained in:
parent
160d2a30db
commit
22d8aa37e0
@ -1500,7 +1500,7 @@ operate(struct Configurable *config, int argc, char *argv[])
|
|||||||
else {
|
else {
|
||||||
/* fill '#1' ... '#9' terms from URL pattern */
|
/* fill '#1' ... '#9' terms from URL pattern */
|
||||||
char *outfile = config->outfile;
|
char *outfile = config->outfile;
|
||||||
config->outfile = match_url(config->outfile, *urls);
|
config->outfile = match_url(config->outfile, urls);
|
||||||
free(outfile);
|
free(outfile);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
142
src/urlglob.c
142
src/urlglob.c
@ -49,25 +49,23 @@
|
|||||||
#include "../lib/memdebug.h"
|
#include "../lib/memdebug.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
char *glob_buffer;
|
int glob_word(URLGlob *, char*, int);
|
||||||
URLGlob *glob_expand;
|
|
||||||
|
|
||||||
int glob_word(char*, int);
|
int glob_set(URLGlob *glob, char *pattern, int pos)
|
||||||
|
{
|
||||||
int glob_set(char *pattern, int pos) {
|
|
||||||
/* processes a set expression with the point behind the opening '{'
|
/* processes a set expression with the point behind the opening '{'
|
||||||
','-separated elements are collected until the next closing '}'
|
','-separated elements are collected until the next closing '}'
|
||||||
*/
|
*/
|
||||||
char* buf = glob_buffer;
|
char* buf = glob->glob_buffer;
|
||||||
URLPattern *pat;
|
URLPattern *pat;
|
||||||
|
|
||||||
pat = (URLPattern*)&glob_expand->pattern[glob_expand->size / 2];
|
pat = (URLPattern*)&glob->pattern[glob->size / 2];
|
||||||
/* patterns 0,1,2,... correspond to size=1,3,5,... */
|
/* patterns 0,1,2,... correspond to size=1,3,5,... */
|
||||||
pat->type = UPTSet;
|
pat->type = UPTSet;
|
||||||
pat->content.Set.size = 0;
|
pat->content.Set.size = 0;
|
||||||
pat->content.Set.ptr_s = 0;
|
pat->content.Set.ptr_s = 0;
|
||||||
pat->content.Set.elements = (char**)malloc(0);
|
pat->content.Set.elements = (char**)malloc(0);
|
||||||
++glob_expand->size;
|
++glob->size;
|
||||||
|
|
||||||
while (1) {
|
while (1) {
|
||||||
switch (*pattern) {
|
switch (*pattern) {
|
||||||
@ -81,19 +79,22 @@ int glob_set(char *pattern, int pos) {
|
|||||||
case ',':
|
case ',':
|
||||||
case '}': /* set element completed */
|
case '}': /* set element completed */
|
||||||
*buf = '\0';
|
*buf = '\0';
|
||||||
pat->content.Set.elements = realloc(pat->content.Set.elements, (pat->content.Set.size + 1) * sizeof(char*));
|
pat->content.Set.elements =
|
||||||
|
realloc(pat->content.Set.elements,
|
||||||
|
(pat->content.Set.size + 1) * sizeof(char*));
|
||||||
if (!pat->content.Set.elements) {
|
if (!pat->content.Set.elements) {
|
||||||
printf("out of memory in set pattern\n");
|
printf("out of memory in set pattern\n");
|
||||||
exit(CURLE_OUT_OF_MEMORY);
|
exit(CURLE_OUT_OF_MEMORY);
|
||||||
}
|
}
|
||||||
pat->content.Set.elements[pat->content.Set.size] = strdup(glob_buffer);
|
pat->content.Set.elements[pat->content.Set.size] =
|
||||||
|
strdup(glob->glob_buffer);
|
||||||
++pat->content.Set.size;
|
++pat->content.Set.size;
|
||||||
|
|
||||||
if (*pattern == '}') /* entire set pattern completed */
|
if (*pattern == '}') /* entire set pattern completed */
|
||||||
/* always check for a literal (may be "") between patterns */
|
/* always check for a literal (may be "") between patterns */
|
||||||
return pat->content.Set.size * glob_word(++pattern, ++pos);
|
return pat->content.Set.size * glob_word(glob, ++pattern, ++pos);
|
||||||
|
|
||||||
buf = glob_buffer;
|
buf = glob->glob_buffer;
|
||||||
++pattern;
|
++pattern;
|
||||||
++pos;
|
++pos;
|
||||||
break;
|
break;
|
||||||
@ -115,7 +116,8 @@ int glob_set(char *pattern, int pos) {
|
|||||||
exit (CURLE_FAILED_INIT);
|
exit (CURLE_FAILED_INIT);
|
||||||
}
|
}
|
||||||
|
|
||||||
int glob_range(char *pattern, int pos) {
|
int glob_range(URLGlob *glob, char *pattern, int pos)
|
||||||
|
{
|
||||||
/* processes a range expression with the point behind the opening '['
|
/* processes a range expression with the point behind the opening '['
|
||||||
- char range: e.g. "a-z]", "B-Q]"
|
- char range: e.g. "a-z]", "B-Q]"
|
||||||
- num range: e.g. "0-9]", "17-2000]"
|
- num range: e.g. "0-9]", "17-2000]"
|
||||||
@ -125,9 +127,9 @@ int glob_range(char *pattern, int pos) {
|
|||||||
URLPattern *pat;
|
URLPattern *pat;
|
||||||
char *c;
|
char *c;
|
||||||
|
|
||||||
pat = (URLPattern*)&glob_expand->pattern[glob_expand->size / 2];
|
pat = (URLPattern*)&glob->pattern[glob->size / 2];
|
||||||
/* patterns 0,1,2,... correspond to size=1,3,5,... */
|
/* patterns 0,1,2,... correspond to size=1,3,5,... */
|
||||||
++glob_expand->size;
|
++glob->size;
|
||||||
|
|
||||||
if (isalpha((int)*pattern)) { /* character range detected */
|
if (isalpha((int)*pattern)) { /* character range detected */
|
||||||
pat->type = UPTCharRange;
|
pat->type = UPTCharRange;
|
||||||
@ -141,7 +143,7 @@ int glob_range(char *pattern, int pos) {
|
|||||||
pat->content.CharRange.ptr_c = pat->content.CharRange.min_c;
|
pat->content.CharRange.ptr_c = pat->content.CharRange.min_c;
|
||||||
/* always check for a literal (may be "") between patterns */
|
/* always check for a literal (may be "") between patterns */
|
||||||
return (pat->content.CharRange.max_c - pat->content.CharRange.min_c + 1) *
|
return (pat->content.CharRange.max_c - pat->content.CharRange.min_c + 1) *
|
||||||
glob_word(pattern + 4, pos + 4);
|
glob_word(glob, pattern + 4, pos + 4);
|
||||||
}
|
}
|
||||||
if (isdigit((int)*pattern)) { /* numeric range detected */
|
if (isdigit((int)*pattern)) { /* numeric range detected */
|
||||||
pat->type = UPTNumRange;
|
pat->type = UPTNumRange;
|
||||||
@ -162,17 +164,18 @@ int glob_range(char *pattern, int pos) {
|
|||||||
c = (char*)(strchr(pattern, ']') + 1); /* continue after next ']' */
|
c = (char*)(strchr(pattern, ']') + 1); /* continue after next ']' */
|
||||||
/* always check for a literal (may be "") between patterns */
|
/* always check for a literal (may be "") between patterns */
|
||||||
return (pat->content.NumRange.max_n - pat->content.NumRange.min_n + 1) *
|
return (pat->content.NumRange.max_n - pat->content.NumRange.min_n + 1) *
|
||||||
glob_word(c, pos + (c - pattern));
|
glob_word(glob, c, pos + (c - pattern));
|
||||||
}
|
}
|
||||||
printf("error: illegal character in range specification at pos %d\n", pos);
|
printf("error: illegal character in range specification at pos %d\n", pos);
|
||||||
exit (CURLE_URL_MALFORMAT);
|
exit (CURLE_URL_MALFORMAT);
|
||||||
}
|
}
|
||||||
|
|
||||||
int glob_word(char *pattern, int pos) {
|
int glob_word(URLGlob *glob, char *pattern, int pos)
|
||||||
|
{
|
||||||
/* processes a literal string component of a URL
|
/* processes a literal string component of a URL
|
||||||
special characters '{' and '[' branch to set/range processing functions
|
special characters '{' and '[' branch to set/range processing functions
|
||||||
*/
|
*/
|
||||||
char* buf = glob_buffer;
|
char* buf = glob->glob_buffer;
|
||||||
int litindex;
|
int litindex;
|
||||||
|
|
||||||
while (*pattern != '\0' && *pattern != '{' && *pattern != '[') {
|
while (*pattern != '\0' && *pattern != '{' && *pattern != '[') {
|
||||||
@ -192,17 +195,17 @@ int glob_word(char *pattern, int pos) {
|
|||||||
++pos;
|
++pos;
|
||||||
}
|
}
|
||||||
*buf = '\0';
|
*buf = '\0';
|
||||||
litindex = glob_expand->size / 2;
|
litindex = glob->size / 2;
|
||||||
/* literals 0,1,2,... correspond to size=0,2,4,... */
|
/* literals 0,1,2,... correspond to size=0,2,4,... */
|
||||||
glob_expand->literal[litindex] = strdup(glob_buffer);
|
glob->literal[litindex] = strdup(glob->glob_buffer);
|
||||||
++glob_expand->size;
|
++glob->size;
|
||||||
if (*pattern == '\0')
|
if (*pattern == '\0')
|
||||||
return 1; /* singular URL processed */
|
return 1; /* singular URL processed */
|
||||||
if (*pattern == '{') {
|
if (*pattern == '{') {
|
||||||
return glob_set(++pattern, ++pos); /* process set pattern */
|
return glob_set(glob, ++pattern, ++pos); /* process set pattern */
|
||||||
}
|
}
|
||||||
if (*pattern == '[') {
|
if (*pattern == '[') {
|
||||||
return glob_range(++pattern, ++pos);/* process range pattern */
|
return glob_range(glob, ++pattern, ++pos);/* process range pattern */
|
||||||
}
|
}
|
||||||
printf("internal error\n");
|
printf("internal error\n");
|
||||||
exit (CURLE_FAILED_INIT);
|
exit (CURLE_FAILED_INIT);
|
||||||
@ -214,18 +217,26 @@ int glob_url(URLGlob** glob, char* url, int *urlnum)
|
|||||||
* We can deal with any-size, just make a buffer with the same length
|
* We can deal with any-size, just make a buffer with the same length
|
||||||
* as the specified URL!
|
* as the specified URL!
|
||||||
*/
|
*/
|
||||||
glob_buffer=(char *)malloc(strlen(url)+1);
|
URLGlob *glob_expand;
|
||||||
|
char *glob_buffer=(char *)malloc(strlen(url)+1);
|
||||||
if(NULL == glob_buffer)
|
if(NULL == glob_buffer)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
glob_expand = (URLGlob*)malloc(sizeof(URLGlob));
|
glob_expand = (URLGlob*)malloc(sizeof(URLGlob));
|
||||||
|
if(NULL == glob_expand) {
|
||||||
|
free(glob_buffer);
|
||||||
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
}
|
||||||
glob_expand->size = 0;
|
glob_expand->size = 0;
|
||||||
*urlnum = glob_word(url, 1);
|
glob_expand->urllen = strlen(url);
|
||||||
|
glob_expand->glob_buffer = glob_buffer;
|
||||||
|
*urlnum = glob_word(glob_expand, url, 1);
|
||||||
*glob = glob_expand;
|
*glob = glob_expand;
|
||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
void glob_cleanup(URLGlob* glob) {
|
void glob_cleanup(URLGlob* glob)
|
||||||
|
{
|
||||||
int i, elem;
|
int i, elem;
|
||||||
|
|
||||||
for (i = glob->size - 1; i >= 0; --i) {
|
for (i = glob->size - 1; i >= 0; --i) {
|
||||||
@ -240,14 +251,14 @@ void glob_cleanup(URLGlob* glob) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
free(glob->glob_buffer);
|
||||||
free(glob);
|
free(glob);
|
||||||
free(glob_buffer);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
char *next_url(URLGlob *glob)
|
char *next_url(URLGlob *glob)
|
||||||
{
|
{
|
||||||
static int beenhere = 0;
|
static int beenhere = 0;
|
||||||
char *buf = glob_buffer;
|
char *buf = glob->glob_buffer;
|
||||||
URLPattern *pat;
|
URLPattern *pat;
|
||||||
char *lit;
|
char *lit;
|
||||||
signed int i;
|
signed int i;
|
||||||
@ -318,48 +329,83 @@ char *next_url(URLGlob *glob)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
*buf = '\0';
|
*buf = '\0';
|
||||||
return strdup(glob_buffer);
|
return strdup(glob->glob_buffer);
|
||||||
}
|
}
|
||||||
|
|
||||||
char *match_url(char *filename, URLGlob glob) {
|
char *match_url(char *filename, URLGlob *glob)
|
||||||
char *buf = glob_buffer;
|
{
|
||||||
|
char *target;
|
||||||
URLPattern pat;
|
URLPattern pat;
|
||||||
int i;
|
int i;
|
||||||
|
int allocsize;
|
||||||
|
int stringlen=0;
|
||||||
|
char numbuf[18];
|
||||||
|
char *appendthis;
|
||||||
|
size_t appendlen;
|
||||||
|
|
||||||
|
/* We cannot use the glob_buffer for storage here since the filename may
|
||||||
|
* be longer than the URL we use. We allocate a good start size, then
|
||||||
|
* we need to realloc in case of need.
|
||||||
|
*/
|
||||||
|
allocsize=strlen(filename);
|
||||||
|
target = malloc(allocsize);
|
||||||
|
if(NULL == target)
|
||||||
|
return NULL; /* major failure */
|
||||||
|
|
||||||
while (*filename != '\0') {
|
while (*filename != '\0') {
|
||||||
if (*filename == '#') {
|
if (*filename == '#') {
|
||||||
if (!isdigit((int)*++filename) ||
|
if (!isdigit((int)*++filename) ||
|
||||||
*filename == '0') { /* only '#1' ... '#9' allowed */
|
*filename == '0') { /* only '#1' ... '#9' allowed */
|
||||||
printf("illegal matching expression\n");
|
/* printf("illegal matching expression\n");
|
||||||
exit(CURLE_URL_MALFORMAT);
|
exit(CURLE_URL_MALFORMAT);*/
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
i = *filename - '1';
|
i = *filename - '1';
|
||||||
if (i + 1 > glob.size / 2) {
|
if (i + 1 > glob->size / 2) {
|
||||||
printf("match against nonexisting pattern\n");
|
/*printf("match against nonexisting pattern\n");
|
||||||
exit(CURLE_URL_MALFORMAT);
|
exit(CURLE_URL_MALFORMAT);*/
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
pat = glob.pattern[i];
|
pat = glob->pattern[i];
|
||||||
switch (pat.type) {
|
switch (pat.type) {
|
||||||
case UPTSet:
|
case UPTSet:
|
||||||
strcpy(buf, pat.content.Set.elements[pat.content.Set.ptr_s]);
|
appendthis = pat.content.Set.elements[pat.content.Set.ptr_s];
|
||||||
buf += strlen(pat.content.Set.elements[pat.content.Set.ptr_s]);
|
appendlen = strlen(pat.content.Set.elements[pat.content.Set.ptr_s]);
|
||||||
break;
|
break;
|
||||||
case UPTCharRange:
|
case UPTCharRange:
|
||||||
*buf++ = pat.content.CharRange.ptr_c;
|
numbuf[0]=pat.content.CharRange.ptr_c;
|
||||||
|
numbuf[1]=0;
|
||||||
|
appendthis=numbuf;
|
||||||
|
appendlen=1;
|
||||||
break;
|
break;
|
||||||
case UPTNumRange:
|
case UPTNumRange:
|
||||||
sprintf(buf, "%0*d", pat.content.NumRange.padlength, pat.content.NumRange.ptr_n);
|
sprintf(numbuf, "%0*d", pat.content.NumRange.padlength, pat.content.NumRange.ptr_n);
|
||||||
buf += strlen(buf);
|
appendthis = numbuf;
|
||||||
|
appendlen = strlen(numbuf);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
printf("internal error: invalid pattern type (%d)\n", pat.type);
|
printf("internal error: invalid pattern type (%d)\n", pat.type);
|
||||||
exit (CURLE_FAILED_INIT);
|
return NULL;
|
||||||
}
|
}
|
||||||
++filename;
|
++filename;
|
||||||
}
|
}
|
||||||
else
|
else {
|
||||||
*buf++ = *filename++;
|
appendthis=filename++;
|
||||||
|
appendlen=1;
|
||||||
}
|
}
|
||||||
*buf = '\0';
|
if(appendlen + stringlen >= allocsize) {
|
||||||
return strdup(glob_buffer);
|
char *newstr;
|
||||||
|
allocsize = (appendlen + stringlen)*2;
|
||||||
|
newstr=realloc(target, allocsize);
|
||||||
|
if(NULL ==newstr) {
|
||||||
|
free(target);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
target=newstr;
|
||||||
|
}
|
||||||
|
memcpy(&target[stringlen], appendthis, appendlen);
|
||||||
|
stringlen += appendlen;
|
||||||
|
}
|
||||||
|
target[stringlen]= '\0';
|
||||||
|
return target;
|
||||||
}
|
}
|
||||||
|
@ -65,11 +65,13 @@ typedef struct {
|
|||||||
char* literal[10];
|
char* literal[10];
|
||||||
URLPattern pattern[9];
|
URLPattern pattern[9];
|
||||||
int size;
|
int size;
|
||||||
|
int urllen;
|
||||||
|
char *glob_buffer;
|
||||||
} URLGlob;
|
} URLGlob;
|
||||||
|
|
||||||
int glob_url(URLGlob**, char*, int *);
|
int glob_url(URLGlob**, char*, int *);
|
||||||
char* next_url(URLGlob*);
|
char* next_url(URLGlob*);
|
||||||
char* match_url(char*, URLGlob);
|
char* match_url(char*, URLGlob *);
|
||||||
void glob_cleanup(URLGlob* glob);
|
void glob_cleanup(URLGlob* glob);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user