moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity
2e00872c04
curl/lib/formdata.c
Daniel Stenberg 365c5ba395 formpost: better random boundaries 
When doing multi-part formposts, libcurl used a pseudo-random value that
was seeded with time(). This turns out to be bad for users who formpost
data that is provided with users who then can guess how the boundary
string will look like and then they can forge a different formpost part
and trick the receiver.

My advice to such implementors is (still even after this change) to not
rely on the boundary strings being cryptographically strong. Fix your
code and logic to not depend on them that much!

I moved the Curl_rand() function into the sslgen.c source file now to be
able to take advantage of the SSL library's random function if it
provides one. If not, try to use the RANDOM_FILE for seeding and as a
last resort keep the old logic, just modified to also add microseconds
which makes it harder to properly guess the exact seed.

The formboundary() function in formdata.c is now using 64 bit entropy
for the boundary and therefore the string of dashes was reduced by 4
letters and there are 16 hex digits following it. The total length is
thus still the same.

Bug: http://curl.haxx.se/bug/view.cgi?id=1251
Reported-by: "Floris"
2013-06-25 09:55:49 +02:00

1499 lines
43 KiB
C
Raw Blame History

/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
#include "curl_setup.h"
#include <curl/curl.h>
#if !defined(CURL_DISABLE_HTTP) || defined(USE_SSLEAY)
#if defined(HAVE_LIBGEN_H) && defined(HAVE_BASENAME)
#include <libgen.h>
#endif
#include "urldata.h" /* for struct SessionHandle */
#include "formdata.h"
#include "sslgen.h"
#include "strequal.h"
#include "curl_memory.h"
#include "sendf.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
/* The last #include file should be: */
#include "memdebug.h"
#endif /* !defined(CURL_DISABLE_HTTP) || defined(USE_SSLEAY) */
#ifndef CURL_DISABLE_HTTP
#ifndef HAVE_BASENAME
static char *Curl_basename(char *path);
#define basename(x) Curl_basename((x))
#endif
static size_t readfromfile(struct Form *form, char *buffer, size_t size);
static char *formboundary(struct SessionHandle *data);
/* What kind of Content-Type to use on un-specified files with unrecognized
extensions. */
#define HTTPPOST_CONTENTTYPE_DEFAULT "application/octet-stream"
#define FORM_FILE_SEPARATOR ','
#define FORM_TYPE_SEPARATOR ';'
/***************************************************************************
*
* AddHttpPost()
*
* Adds a HttpPost structure to the list, if parent_post is given becomes
* a subpost of parent_post instead of a direct list element.
*
* Returns newly allocated HttpPost on success and NULL if malloc failed.
*
***************************************************************************/
static struct curl_httppost *
AddHttpPost(char *name, size_t namelength,
char *value, size_t contentslength,
char *buffer, size_t bufferlength,
char *contenttype,
long flags,
struct curl_slist* contentHeader,
char *showfilename, char *userp,
struct curl_httppost *parent_post,
struct curl_httppost **httppost,
struct curl_httppost **last_post)
{
struct curl_httppost *post;
post = calloc(1, sizeof(struct curl_httppost));
if(post) {
post->name = name;
post->namelength = (long)(name?(namelength?namelength:strlen(name)):0);
post->contents = value;
post->contentslength = (long)contentslength;
post->buffer = buffer;
post->bufferlength = (long)bufferlength;
post->contenttype = contenttype;
post->contentheader = contentHeader;
post->showfilename = showfilename;
post->userp = userp,
post->flags = flags;
}
else
return NULL;
if(parent_post) {
/* now, point our 'more' to the original 'more' */
post->more = parent_post->more;
/* then move the original 'more' to point to ourselves */
parent_post->more = post;
}
else {
/* make the previous point to this */
if(*last_post)
(*last_post)->next = post;
else
(*httppost) = post;
(*last_post) = post;
}
return post;
}
/***************************************************************************
*
* AddFormInfo()
*
* Adds a FormInfo structure to the list presented by parent_form_info.
*
* Returns newly allocated FormInfo on success and NULL if malloc failed/
* parent_form_info is NULL.
*
***************************************************************************/
static FormInfo * AddFormInfo(char *value,
char *contenttype,
FormInfo *parent_form_info)
{
FormInfo *form_info;
form_info = calloc(1, sizeof(struct FormInfo));
if(form_info) {
if(value)
form_info->value = value;
if(contenttype)
form_info->contenttype = contenttype;
form_info->flags = HTTPPOST_FILENAME;
}
else
return NULL;
if(parent_form_info) {
/* now, point our 'more' to the original 'more' */
form_info->more = parent_form_info->more;
/* then move the original 'more' to point to ourselves */
parent_form_info->more = form_info;
}
return form_info;
}
/***************************************************************************
*
* ContentTypeForFilename()
*
* Provides content type for filename if one of the known types (else
* (either the prevtype or the default is returned).
*
* Returns some valid contenttype for filename.
*
***************************************************************************/
static const char * ContentTypeForFilename (const char *filename,
const char *prevtype)
{
const char *contenttype = NULL;
unsigned int i;
/*
* No type was specified, we scan through a few well-known
* extensions and pick the first we match!
*/
struct ContentType {
char extension[6];
const char *type;
};
static const struct ContentType ctts[]={
{".gif", "image/gif"},
{".jpg", "image/jpeg"},
{".jpeg", "image/jpeg"},
{".txt", "text/plain"},
{".html", "text/html"},
{".xml", "application/xml"}
};
if(prevtype)
/* default to the previously set/used! */
contenttype = prevtype;
else
contenttype = HTTPPOST_CONTENTTYPE_DEFAULT;
if(filename) { /* in case a NULL was passed in */
for(i=0; i<sizeof(ctts)/sizeof(ctts[0]); i++) {
if(strlen(filename) >= strlen(ctts[i].extension)) {
if(strequal(filename +
strlen(filename) - strlen(ctts[i].extension),
ctts[i].extension)) {
contenttype = ctts[i].type;
break;
}
}
}
}
/* we have a contenttype by now */
return contenttype;
}
/***************************************************************************
*
* memdup()
*
* Copies the 'source' data to a newly allocated buffer buffer (that is
* returned). Uses buffer_length if not null, else uses strlen to determine
* the length of the buffer to be copied
*
* Returns the new pointer or NULL on failure.
*
***************************************************************************/
static char *memdup(const char *src, size_t buffer_length)
{
size_t length;
bool add = FALSE;
char *buffer;
if(buffer_length)
length = buffer_length;
else if(src) {
length = strlen(src);
add = TRUE;
}
else
/* no length and a NULL src pointer! */
return strdup("");
buffer = malloc(length+add);
if(!buffer)
return NULL; /* fail */
memcpy(buffer, src, length);
/* if length unknown do null termination */
if(add)
buffer[length] = '\0';
return buffer;
}
/***************************************************************************
*
* FormAdd()
*
* Stores a formpost parameter and builds the appropriate linked list.
*
* Has two principal functionalities: using files and byte arrays as
* post parts. Byte arrays are either copied or just the pointer is stored
* (as the user requests) while for files only the filename and not the
* content is stored.
*
* While you may have only one byte array for each name, multiple filenames
* are allowed (and because of this feature CURLFORM_END is needed after
* using CURLFORM_FILE).
*
* Examples:
*
* Simple name/value pair with copied contents:
* curl_formadd (&post, &last, CURLFORM_COPYNAME, "name",
* CURLFORM_COPYCONTENTS, "value", CURLFORM_END);
*
* name/value pair where only the content pointer is remembered:
* curl_formadd (&post, &last, CURLFORM_COPYNAME, "name",
* CURLFORM_PTRCONTENTS, ptr, CURLFORM_CONTENTSLENGTH, 10, CURLFORM_END);
* (if CURLFORM_CONTENTSLENGTH is missing strlen () is used)
*
* storing a filename (CONTENTTYPE is optional!):
* curl_formadd (&post, &last, CURLFORM_COPYNAME, "name",
* CURLFORM_FILE, "filename1", CURLFORM_CONTENTTYPE, "plain/text",
* CURLFORM_END);
*
* storing multiple filenames:
* curl_formadd (&post, &last, CURLFORM_COPYNAME, "name",
* CURLFORM_FILE, "filename1", CURLFORM_FILE, "filename2", CURLFORM_END);
*
* Returns:
* CURL_FORMADD_OK on success
* CURL_FORMADD_MEMORY if the FormInfo allocation fails
* CURL_FORMADD_OPTION_TWICE if one option is given twice for one Form
* CURL_FORMADD_NULL if a null pointer was given for a char
* CURL_FORMADD_MEMORY if the allocation of a FormInfo struct failed
* CURL_FORMADD_UNKNOWN_OPTION if an unknown option was used
* CURL_FORMADD_INCOMPLETE if the some FormInfo is not complete (or error)
* CURL_FORMADD_MEMORY if a HttpPost struct cannot be allocated
* CURL_FORMADD_MEMORY if some allocation for string copying failed.
* CURL_FORMADD_ILLEGAL_ARRAY if an illegal option is used in an array
*
***************************************************************************/
static
CURLFORMcode FormAdd(struct curl_httppost **httppost,
struct curl_httppost **last_post,
va_list params)
{
FormInfo *first_form, *current_form, *form = NULL;
CURLFORMcode return_value = CURL_FORMADD_OK;
const char *prevtype = NULL;
struct curl_httppost *post = NULL;
CURLformoption option;
struct curl_forms *forms = NULL;
char *array_value=NULL; /* value read from an array */
/* This is a state variable, that if TRUE means that we're parsing an
array that we got passed to us. If FALSE we're parsing the input
va_list arguments. */
bool array_state = FALSE;
/*
* We need to allocate the first struct to fill in.
*/
first_form = calloc(1, sizeof(struct FormInfo));
if(!first_form)
return CURL_FORMADD_MEMORY;
current_form = first_form;
/*
* Loop through all the options set. Break if we have an error to report.
*/
while(return_value == CURL_FORMADD_OK) {
/* first see if we have more parts of the array param */
if(array_state && forms) {
/* get the upcoming option from the given array */
option = forms->option;
array_value = (char *)forms->value;
forms++; /* advance this to next entry */
if(CURLFORM_END == option) {
/* end of array state */
array_state = FALSE;
continue;
}
}
else {
/* This is not array-state, get next option */
option = va_arg(params, CURLformoption);
if(CURLFORM_END == option)
break;
}
switch (option) {
case CURLFORM_ARRAY:
if(array_state)
/* we don't support an array from within an array */
return_value = CURL_FORMADD_ILLEGAL_ARRAY;
else {
forms = va_arg(params, struct curl_forms *);
if(forms)
array_state = TRUE;
else
return_value = CURL_FORMADD_NULL;
}
break;
/*
* Set the Name property.
*/
case CURLFORM_PTRNAME:
#ifdef CURL_DOES_CONVERSIONS
/* Treat CURLFORM_PTR like CURLFORM_COPYNAME so that libcurl will copy
* the data in all cases so that we'll have safe memory for the eventual
* conversion.
*/
#else
current_form->flags |= HTTPPOST_PTRNAME; /* fall through */
#endif
case CURLFORM_COPYNAME:
if(current_form->name)
return_value = CURL_FORMADD_OPTION_TWICE;
else {
char *name = array_state?
array_value:va_arg(params, char *);
if(name)
current_form->name = name; /* store for the moment */
else
return_value = CURL_FORMADD_NULL;
}
break;
case CURLFORM_NAMELENGTH:
if(current_form->namelength)
return_value = CURL_FORMADD_OPTION_TWICE;
else
current_form->namelength =
array_state?(size_t)array_value:(size_t)va_arg(params, long);
break;
/*
* Set the contents property.
*/
case CURLFORM_PTRCONTENTS:
current_form->flags |= HTTPPOST_PTRCONTENTS; /* fall through */
case CURLFORM_COPYCONTENTS:
if(current_form->value)
return_value = CURL_FORMADD_OPTION_TWICE;
else {
char *value =
array_state?array_value:va_arg(params, char *);
if(value)
current_form->value = value; /* store for the moment */
else
return_value = CURL_FORMADD_NULL;
}
break;
case CURLFORM_CONTENTSLENGTH:
if(current_form->contentslength)
return_value = CURL_FORMADD_OPTION_TWICE;
else
current_form->contentslength =
array_state?(size_t)array_value:(size_t)va_arg(params, long);
break;
/* Get contents from a given file name */
case CURLFORM_FILECONTENT:
if(current_form->flags != 0)
return_value = CURL_FORMADD_OPTION_TWICE;
else {
const char *filename = array_state?
array_value:va_arg(params, char *);
if(filename) {
current_form->value = strdup(filename);
if(!current_form->value)
return_value = CURL_FORMADD_MEMORY;
else {
current_form->flags |= HTTPPOST_READFILE;
current_form->value_alloc = TRUE;
}
}
else
return_value = CURL_FORMADD_NULL;
}
break;
/* We upload a file */
case CURLFORM_FILE:
{
const char *filename = array_state?array_value:
va_arg(params, char *);
if(current_form->value) {
if(current_form->flags & HTTPPOST_FILENAME) {
if(filename) {
char *fname = strdup(filename);
if(!fname)
return_value = CURL_FORMADD_MEMORY;
else {
form = AddFormInfo(fname, NULL, current_form);
if(!form) {
Curl_safefree(fname);
return_value = CURL_FORMADD_MEMORY;
}
else {
form->value_alloc = TRUE;
current_form = form;
form = NULL;
}
}
}
else
return_value = CURL_FORMADD_NULL;
}
else
return_value = CURL_FORMADD_OPTION_TWICE;
}
else {
if(filename) {
current_form->value = strdup(filename);
if(!current_form->value)
return_value = CURL_FORMADD_MEMORY;
else {
current_form->flags |= HTTPPOST_FILENAME;
current_form->value_alloc = TRUE;
}
}
else
return_value = CURL_FORMADD_NULL;
}
break;
}
case CURLFORM_BUFFERPTR:
current_form->flags |= HTTPPOST_PTRBUFFER|HTTPPOST_BUFFER;
if(current_form->buffer)
return_value = CURL_FORMADD_OPTION_TWICE;
else {
char *buffer =
array_state?array_value:va_arg(params, char *);
if(buffer) {
current_form->buffer = buffer; /* store for the moment */
current_form->value = buffer; /* make it non-NULL to be accepted
as fine */
}
else
return_value = CURL_FORMADD_NULL;
}
break;
case CURLFORM_BUFFERLENGTH:
if(current_form->bufferlength)
return_value = CURL_FORMADD_OPTION_TWICE;
else
current_form->bufferlength =
array_state?(size_t)array_value:(size_t)va_arg(params, long);
break;
case CURLFORM_STREAM:
current_form->flags |= HTTPPOST_CALLBACK;
if(current_form->userp)
return_value = CURL_FORMADD_OPTION_TWICE;
else {
char *userp =
array_state?array_value:va_arg(params, char *);
if(userp) {
current_form->userp = userp;
current_form->value = userp; /* this isn't strictly true but we
derive a value from this later on
and we need this non-NULL to be
accepted as a fine form part */
}
else
return_value = CURL_FORMADD_NULL;
}
break;
case CURLFORM_CONTENTTYPE:
{
const char *contenttype =
array_state?array_value:va_arg(params, char *);
if(current_form->contenttype) {
if(current_form->flags & HTTPPOST_FILENAME) {
if(contenttype) {
char *type = strdup(contenttype);
if(!type)
return_value = CURL_FORMADD_MEMORY;
else {
form = AddFormInfo(NULL, type, current_form);
if(!form) {
Curl_safefree(type);
return_value = CURL_FORMADD_MEMORY;
}
else {
form->contenttype_alloc = TRUE;
current_form = form;
form = NULL;
}
}
}
else
return_value = CURL_FORMADD_NULL;
}
else
return_value = CURL_FORMADD_OPTION_TWICE;
}
else {
if(contenttype) {
current_form->contenttype = strdup(contenttype);
if(!current_form->contenttype)
return_value = CURL_FORMADD_MEMORY;
else
current_form->contenttype_alloc = TRUE;
}
else
return_value = CURL_FORMADD_NULL;
}
break;
}
case CURLFORM_CONTENTHEADER:
{
/* this "cast increases required alignment of target type" but
we consider it OK anyway */
struct curl_slist* list = array_state?
(struct curl_slist*)array_value:
va_arg(params, struct curl_slist*);
if(current_form->contentheader)
return_value = CURL_FORMADD_OPTION_TWICE;
else
current_form->contentheader = list;
break;
}
case CURLFORM_FILENAME:
case CURLFORM_BUFFER:
{
const char *filename = array_state?array_value:
va_arg(params, char *);
if(current_form->showfilename)
return_value = CURL_FORMADD_OPTION_TWICE;
else {
current_form->showfilename = strdup(filename);
if(!current_form->showfilename)
return_value = CURL_FORMADD_MEMORY;
else
current_form->showfilename_alloc = TRUE;
}
break;
}
default:
return_value = CURL_FORMADD_UNKNOWN_OPTION;
break;
}
}
if(CURL_FORMADD_OK != return_value) {
/* On error, free allocated fields for all nodes of the FormInfo linked
list without deallocating nodes. List nodes are deallocated later on */
FormInfo *ptr;
for(ptr = first_form; ptr != NULL; ptr = ptr->more) {
if(ptr->name_alloc) {
Curl_safefree(ptr->name);
ptr->name_alloc = FALSE;
}
if(ptr->value_alloc) {
Curl_safefree(ptr->value);
ptr->value_alloc = FALSE;
}
if(ptr->contenttype_alloc) {
Curl_safefree(ptr->contenttype);
ptr->contenttype_alloc = FALSE;
}
if(ptr->showfilename_alloc) {
Curl_safefree(ptr->showfilename);
ptr->showfilename_alloc = FALSE;
}
}
}
if(CURL_FORMADD_OK == return_value) {
/* go through the list, check for completeness and if everything is
* alright add the HttpPost item otherwise set return_value accordingly */
post = NULL;
for(form = first_form;
form != NULL;
form = form->more) {
if(((!form->name || !form->value) && !post) ||
( (form->contentslength) &&
(form->flags & HTTPPOST_FILENAME) ) ||
( (form->flags & HTTPPOST_FILENAME) &&
(form->flags & HTTPPOST_PTRCONTENTS) ) ||
( (!form->buffer) &&
(form->flags & HTTPPOST_BUFFER) &&
(form->flags & HTTPPOST_PTRBUFFER) ) ||
( (form->flags & HTTPPOST_READFILE) &&
(form->flags & HTTPPOST_PTRCONTENTS) )
) {
return_value = CURL_FORMADD_INCOMPLETE;
break;
}
else {
if(((form->flags & HTTPPOST_FILENAME) ||
(form->flags & HTTPPOST_BUFFER)) &&
!form->contenttype ) {
/* our contenttype is missing */
form->contenttype
= strdup(ContentTypeForFilename(form->value, prevtype));
if(!form->contenttype) {
return_value = CURL_FORMADD_MEMORY;
break;
}
form->contenttype_alloc = TRUE;
}
if(!(form->flags & HTTPPOST_PTRNAME) &&
(form == first_form) ) {
/* Note that there's small risk that form->name is NULL here if the
app passed in a bad combo, so we better check for that first. */
if(form->name)
/* copy name (without strdup; possibly contains null characters) */
form->name = memdup(form->name, form->namelength);
if(!form->name) {
return_value = CURL_FORMADD_MEMORY;
break;
}
form->name_alloc = TRUE;
}
if(!(form->flags & (HTTPPOST_FILENAME | HTTPPOST_READFILE |
HTTPPOST_PTRCONTENTS | HTTPPOST_PTRBUFFER |
HTTPPOST_CALLBACK)) ) {
/* copy value (without strdup; possibly contains null characters) */
form->value = memdup(form->value, form->contentslength);
if(!form->value) {
return_value = CURL_FORMADD_MEMORY;
break;
}
form->value_alloc = TRUE;
}
post = AddHttpPost(form->name, form->namelength,
form->value, form->contentslength,
form->buffer, form->bufferlength,
form->contenttype, form->flags,
form->contentheader, form->showfilename,
form->userp,
post, httppost,
last_post);
if(!post) {
return_value = CURL_FORMADD_MEMORY;
break;
}
if(form->contenttype)
prevtype = form->contenttype;
}
}
if(CURL_FORMADD_OK != return_value) {
/* On error, free allocated fields for nodes of the FormInfo linked
list which are not already owned by the httppost linked list
without deallocating nodes. List nodes are deallocated later on */
FormInfo *ptr;
for(ptr = form; ptr != NULL; ptr = ptr->more) {
if(ptr->name_alloc) {
Curl_safefree(ptr->name);
ptr->name_alloc = FALSE;
}
if(ptr->value_alloc) {
Curl_safefree(ptr->value);
ptr->value_alloc = FALSE;
}
if(ptr->contenttype_alloc) {
Curl_safefree(ptr->contenttype);
ptr->contenttype_alloc = FALSE;
}
if(ptr->showfilename_alloc) {
Curl_safefree(ptr->showfilename);
ptr->showfilename_alloc = FALSE;
}
}
}
}
/* Always deallocate FormInfo linked list nodes without touching node
fields given that these have either been deallocated or are owned
now by the httppost linked list */
while(first_form) {
FormInfo *ptr = first_form->more;
Curl_safefree(first_form);
first_form = ptr;
}
return return_value;
}
/*
* curl_formadd() is a public API to add a section to the multipart formpost.
*
* @unittest: 1308
*/
CURLFORMcode curl_formadd(struct curl_httppost **httppost,
struct curl_httppost **last_post,
...)
{
va_list arg;
CURLFORMcode result;
va_start(arg, last_post);
result = FormAdd(httppost, last_post, arg);
va_end(arg);
return result;
}
/*
* AddFormData() adds a chunk of data to the FormData linked list.
*
* size is incremented by the chunk length, unless it is NULL
*/
static CURLcode AddFormData(struct FormData **formp,
enum formtype type,
const void *line,
size_t length,
curl_off_t *size)
{
struct FormData *newform = malloc(sizeof(struct FormData));
if(!newform)
return CURLE_OUT_OF_MEMORY;
newform->next = NULL;
if(type <= FORM_CONTENT) {
/* we make it easier for plain strings: */
if(!length)
length = strlen((char *)line);
newform->line = malloc(length+1);
if(!newform->line) {
free(newform);
return CURLE_OUT_OF_MEMORY;
}
memcpy(newform->line, line, length);
newform->length = length;
newform->line[length]=0; /* zero terminate for easier debugging */
}
else
/* For callbacks and files we don't have any actual data so we just keep a
pointer to whatever this points to */
newform->line = (char *)line;
newform->type = type;
if(*formp) {
(*formp)->next = newform;
*formp = newform;
}
else
*formp = newform;
if(size) {
if(type != FORM_FILE)
/* for static content as well as callback data we add the size given
as input argument */
*size += length;
else {
/* Since this is a file to be uploaded here, add the size of the actual
file */
if(!strequal("-", newform->line)) {
struct_stat file;
if(!stat(newform->line, &file) && !S_ISDIR(file.st_mode))
*size += file.st_size;
else
return CURLE_BAD_FUNCTION_ARGUMENT;
}
}
}
return CURLE_OK;
}
/*
* AddFormDataf() adds printf()-style formatted data to the formdata chain.
*/
static CURLcode AddFormDataf(struct FormData **formp,
curl_off_t *size,
const char *fmt, ...)
{
char s[4096];
va_list ap;
va_start(ap, fmt);
vsnprintf(s, sizeof(s), fmt, ap);
va_end(ap);
return AddFormData(formp, FORM_DATA, s, 0, size);
}
/*
* Curl_formclean() is used from http.c, this cleans a built FormData linked
* list
*/
void Curl_formclean(struct FormData **form_ptr)
{
struct FormData *next, *form;
form = *form_ptr;
if(!form)
return;
do {
next=form->next; /* the following form line */
if(form->type <= FORM_CONTENT)
free(form->line); /* free the line */
free(form); /* free the struct */
} while((form = next) != NULL); /* continue */
*form_ptr = NULL;
}
/*
* curl_formget()
* Serialize a curl_httppost struct.
* Returns 0 on success.
*
* @unittest: 1308
*/
int curl_formget(struct curl_httppost *form, void *arg,
curl_formget_callback append)
{
CURLcode rc;
curl_off_t size;
struct FormData *data, *ptr;
rc = Curl_getformdata(NULL, &data, form, NULL, &size);
if(rc != CURLE_OK)
return (int)rc;
for(ptr = data; ptr; ptr = ptr->next) {
if((ptr->type == FORM_FILE) || (ptr->type == FORM_CALLBACK)) {
char buffer[8192];
size_t nread;
struct Form temp;
Curl_FormInit(&temp, ptr);
do {
nread = readfromfile(&temp, buffer, sizeof(buffer));
if((nread == (size_t) -1) ||
(nread > sizeof(buffer)) ||
(nread != append(arg, buffer, nread))) {
if(temp.fp)
fclose(temp.fp);
Curl_formclean(&data);
return -1;
}
} while(nread);
}
else {
if(ptr->length != append(arg, ptr->line, ptr->length)) {
Curl_formclean(&data);
return -1;
}
}
}
Curl_formclean(&data);
return 0;
}
/*
* curl_formfree() is an external function to free up a whole form post
* chain
*/
void curl_formfree(struct curl_httppost *form)
{
struct curl_httppost *next;
if(!form)
/* no form to free, just get out of this */
return;
do {
next=form->next; /* the following form line */
/* recurse to sub-contents */
if(form->more)
curl_formfree(form->more);
if(!(form->flags & HTTPPOST_PTRNAME) && form->name)
free(form->name); /* free the name */
if(!(form->flags &
(HTTPPOST_PTRCONTENTS|HTTPPOST_BUFFER|HTTPPOST_CALLBACK)) &&
form->contents)
free(form->contents); /* free the contents */
if(form->contenttype)
free(form->contenttype); /* free the content type */
if(form->showfilename)
free(form->showfilename); /* free the faked file name */
free(form); /* free the struct */
} while((form = next) != NULL); /* continue */
}
#ifndef HAVE_BASENAME
/*
(Quote from The Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004
Edition)
The basename() function shall take the pathname pointed to by path and
return a pointer to the final component of the pathname, deleting any
trailing '/' characters.
If the string pointed to by path consists entirely of the '/' character,
basename() shall return a pointer to the string "/". If the string pointed
to by path is exactly "//", it is implementation-defined whether '/' or "//"
is returned.
If path is a null pointer or points to an empty string, basename() shall
return a pointer to the string ".".
The basename() function may modify the string pointed to by path, and may
return a pointer to static storage that may then be overwritten by a
subsequent call to basename().
The basename() function need not be reentrant. A function that is not
required to be reentrant is not required to be thread-safe.
*/
static char *Curl_basename(char *path)
{
/* Ignore all the details above for now and make a quick and simple
implementaion here */
char *s1;
char *s2;
s1=strrchr(path, '/');
s2=strrchr(path, '\\');
if(s1 && s2) {
path = (s1 > s2? s1 : s2)+1;
}
else if(s1)
path = s1 + 1;
else if(s2)
path = s2 + 1;
return path;
}
#endif
static char *strippath(const char *fullfile)
{
char *filename;
char *base;
filename = strdup(fullfile); /* duplicate since basename() may ruin the
buffer it works on */
if(!filename)
return NULL;
base = strdup(basename(filename));
free(filename); /* free temporary buffer */
return base; /* returns an allocated string or NULL ! */
}
static CURLcode formdata_add_filename(const struct curl_httppost *file,
struct FormData **form,
curl_off_t *size)
{
CURLcode result = CURLE_OK;
char *filename = file->showfilename;
char *filebasename = NULL;
char *filename_escaped = NULL;
if(!filename) {
filebasename = strippath(file->contents);
if(!filebasename)
return CURLE_OUT_OF_MEMORY;
filename = filebasename;
}
if(strchr(filename, '\\') || strchr(filename, '"')) {
char *p0, *p1;
/* filename need be escaped */
filename_escaped = malloc(strlen(filename)*2+1);
if(!filename_escaped)
return CURLE_OUT_OF_MEMORY;
p0 = filename_escaped;
p1 = filename;
while(*p1) {
if(*p1 == '\\' || *p1 == '"')
*p0++ = '\\';
*p0++ = *p1++;
}
*p0 = '\0';
filename = filename_escaped;
}
result = AddFormDataf(form, size,
"; filename=\"%s\"",
filename);
Curl_safefree(filename_escaped);
Curl_safefree(filebasename);
return result;
}
/*
* Curl_getformdata() converts a linked list of "meta data" into a complete
* (possibly huge) multipart formdata. The input list is in 'post', while the
* output resulting linked lists gets stored in '*finalform'. *sizep will get
* the total size of the whole POST.
* A multipart/form_data content-type is built, unless a custom content-type
* is passed in 'custom_content_type'.
*
* This function will not do a failf() for the potential memory failures but
* should for all other errors it spots. Just note that this function MAY get
* a NULL pointer in the 'data' argument.
*/
CURLcode Curl_getformdata(struct SessionHandle *data,
struct FormData **finalform,
struct curl_httppost *post,
const char *custom_content_type,
curl_off_t *sizep)
{
struct FormData *form = NULL;
struct FormData *firstform;
struct curl_httppost *file;
CURLcode result = CURLE_OK;
curl_off_t size = 0; /* support potentially ENORMOUS formposts */
char *boundary;
char *fileboundary = NULL;
struct curl_slist* curList;
*finalform = NULL; /* default form is empty */
if(!post)
return result; /* no input => no output! */
boundary = formboundary(data);
if(!boundary)
return CURLE_OUT_OF_MEMORY;
/* Make the first line of the output */
result = AddFormDataf(&form, NULL,
"%s; boundary=%s\r\n",
custom_content_type?custom_content_type:
"Content-Type: multipart/form-data",
boundary);
if(result) {
Curl_safefree(boundary);
return result;
}
/* we DO NOT include that line in the total size of the POST, since it'll be
part of the header! */
firstform = form;
do {
if(size) {
result = AddFormDataf(&form, &size, "\r\n");
if(result)
break;
}
/* boundary */
result = AddFormDataf(&form, &size, "--%s\r\n", boundary);
if(result)
break;
/* Maybe later this should be disabled when a custom_content_type is
passed, since Content-Disposition is not meaningful for all multipart
types.
*/
result = AddFormDataf(&form, &size,
"Content-Disposition: form-data; name=\"");
if(result)
break;
result = AddFormData(&form, FORM_DATA, post->name, post->namelength,
&size);
if(result)
break;
result = AddFormDataf(&form, &size, "\"");
if(result)
break;
if(post->more) {
/* If used, this is a link to more file names, we must then do
the magic to include several files with the same field name */
Curl_safefree(fileboundary);
fileboundary = formboundary(data);
if(!fileboundary) {
result = CURLE_OUT_OF_MEMORY;
break;
}
result = AddFormDataf(&form, &size,
"\r\nContent-Type: multipart/mixed,"
" boundary=%s\r\n",
fileboundary);
if(result)
break;
}
file = post;
do {
/* If 'showfilename' is set, that is a faked name passed on to us
to use to in the formpost. If that is not set, the actually used
local file name should be added. */
if(post->more) {
/* if multiple-file */
result = AddFormDataf(&form, &size,
"\r\n--%s\r\nContent-Disposition: "
"attachment",
fileboundary);
if(result)
break;
result = formdata_add_filename(file, &form, &size);
if(result)
break;
}
else if(post->flags & (HTTPPOST_FILENAME|HTTPPOST_BUFFER|
HTTPPOST_CALLBACK)) {
/* it should be noted that for the HTTPPOST_FILENAME and
HTTPPOST_CALLBACK cases the ->showfilename struct member is always
assigned at this point */
if(post->showfilename || (post->flags & HTTPPOST_FILENAME)) {
result = formdata_add_filename(post, &form, &size);
}
if(result)
break;
}
if(file->contenttype) {
/* we have a specified type */
result = AddFormDataf(&form, &size,
"\r\nContent-Type: %s",
file->contenttype);
if(result)
break;
}
curList = file->contentheader;
while(curList) {
/* Process the additional headers specified for this form */
result = AddFormDataf( &form, &size, "\r\n%s", curList->data );
if(result)
break;
curList = curList->next;
}
if(result)
break;
result = AddFormDataf(&form, &size, "\r\n\r\n");
if(result)
break;
if((post->flags & HTTPPOST_FILENAME) ||
(post->flags & HTTPPOST_READFILE)) {
/* we should include the contents from the specified file */
FILE *fileread;
fileread = strequal("-", file->contents)?
stdin:fopen(file->contents, "rb"); /* binary read for win32 */
/*
* VMS: This only allows for stream files on VMS. Stream files are
* OK, as are FIXED & VAR files WITHOUT implied CC For implied CC,
* every record needs to have a \n appended & 1 added to SIZE
*/
if(fileread) {
if(fileread != stdin) {
/* close the file */
fclose(fileread);
/* add the file name only - for later reading from this */
result = AddFormData(&form, FORM_FILE, file->contents, 0, &size);
}
else {
/* When uploading from stdin, we can't know the size of the file,
* thus must read the full file as before. We *could* use chunked
* transfer-encoding, but that only works for HTTP 1.1 and we
* can't be sure we work with such a server.
*/
size_t nread;
char buffer[512];
while((nread = fread(buffer, 1, sizeof(buffer), fileread)) != 0) {
result = AddFormData(&form, FORM_CONTENT, buffer, nread, &size);
if(result)
break;
}
}
}
else {
if(data)
failf(data, "couldn't open file \"%s\"", file->contents);
*finalform = NULL;
result = CURLE_READ_ERROR;
}
}
else if(post->flags & HTTPPOST_BUFFER)
/* include contents of buffer */
result = AddFormData(&form, FORM_CONTENT, post->buffer,
post->bufferlength, &size);
else if(post->flags & HTTPPOST_CALLBACK)
/* the contents should be read with the callback and the size
is set with the contentslength */
result = AddFormData(&form, FORM_CALLBACK, post->userp,
post->contentslength, &size);
else
/* include the contents we got */
result = AddFormData(&form, FORM_CONTENT, post->contents,
post->contentslength, &size);
file = file->more;
} while(file && !result); /* for each specified file for this field */
if(result)
break;
if(post->more) {
/* this was a multiple-file inclusion, make a termination file
boundary: */
result = AddFormDataf(&form, &size,
"\r\n--%s--",
fileboundary);
if(result)
break;
}
} while((post = post->next) != NULL); /* for each field */
/* end-boundary for everything */
if(CURLE_OK == result)
result = AddFormDataf(&form, &size,
"\r\n--%s--\r\n",
boundary);
if(result) {
Curl_formclean(&firstform);
Curl_safefree(fileboundary);
Curl_safefree(boundary);
return result;
}
*sizep = size;
Curl_safefree(fileboundary);
Curl_safefree(boundary);
*finalform = firstform;
return result;
}
/*
* Curl_FormInit() inits the struct 'form' points to with the 'formdata'
* and resets the 'sent' counter.
*/
int Curl_FormInit(struct Form *form, struct FormData *formdata )
{
if(!formdata)
return 1; /* error */
form->data = formdata;
form->sent = 0;
form->fp = NULL;
form->fread_func = ZERO_NULL;
return 0;
}
/*
* readfromfile()
*
* The read callback that this function may use can return a value larger than
* 'size' (which then this function returns) that indicates a problem and it
* must be properly dealt with
*/
static size_t readfromfile(struct Form *form, char *buffer,
size_t size)
{
size_t nread;
bool callback = (form->data->type == FORM_CALLBACK)?TRUE:FALSE;
if(callback) {
if(form->fread_func == ZERO_NULL)
return 0;
else
nread = form->fread_func(buffer, 1, size, form->data->line);
}
else {
if(!form->fp) {
/* this file hasn't yet been opened */
form->fp = fopen(form->data->line, "rb"); /* b is for binary */
if(!form->fp)
return (size_t)-1; /* failure */
}
nread = fread(buffer, 1, size, form->fp);
}
if(!nread) {
/* this is the last chunk from the file, move on */
if(form->fp) {
fclose(form->fp);
form->fp = NULL;
}
form->data = form->data->next;
}
return nread;
}
/*
* Curl_FormReader() is the fread() emulation function that will be used to
* deliver the formdata to the transfer loop and then sent away to the peer.
*/
size_t Curl_FormReader(char *buffer,
size_t size,
size_t nitems,
FILE *mydata)
{
struct Form *form;
size_t wantedsize;
size_t gotsize = 0;
form=(struct Form *)mydata;
wantedsize = size * nitems;
if(!form->data)
return 0; /* nothing, error, empty */
if((form->data->type == FORM_FILE) ||
(form->data->type == FORM_CALLBACK)) {
gotsize = readfromfile(form, buffer, wantedsize);
if(gotsize)
/* If positive or -1, return. If zero, continue! */
return gotsize;
}
do {
if((form->data->length - form->sent ) > wantedsize - gotsize) {
memcpy(buffer + gotsize , form->data->line + form->sent,
wantedsize - gotsize);
form->sent += wantedsize-gotsize;
return wantedsize;
}
memcpy(buffer+gotsize,
form->data->line + form->sent,
(form->data->length - form->sent) );
gotsize += form->data->length - form->sent;
form->sent = 0;
form->data = form->data->next; /* advance */
} while(form->data && (form->data->type < FORM_CALLBACK));
/* If we got an empty line and we have more data, we proceed to the next
line immediately to avoid returning zero before we've reached the end. */
return gotsize;
}
/*
* Curl_formpostheader() returns the first line of the formpost, the
* request-header part (which is not part of the request-body like the rest of
* the post).
*/
char *Curl_formpostheader(void *formp, size_t *len)
{
char *header;
struct Form *form=(struct Form *)formp;
if(!form->data)
return 0; /* nothing, ERROR! */
header = form->data->line;
*len = form->data->length;
form->data = form->data->next; /* advance */
return header;
}
/*
* formboundary() creates a suitable boundary string and returns an allocated
* one.
*/
static char *formboundary(struct SessionHandle *data)
{
/* 24 dashes and 16 hexadecimal digits makes 64 bit (18446744073709551615)
combinations */
return aprintf("------------------------%08x%08x",
Curl_rand(data), Curl_rand(data));
}
#else /* CURL_DISABLE_HTTP */
CURLFORMcode curl_formadd(struct curl_httppost **httppost,
struct curl_httppost **last_post,
...)
{
(void)httppost;
(void)last_post;
return CURL_FORMADD_DISABLED;
}
int curl_formget(struct curl_httppost *form, void *arg,
curl_formget_callback append)
{
(void) form;
(void) arg;
(void) append;
return CURL_FORMADD_DISABLED;
}
void curl_formfree(struct curl_httppost *form)
{
(void)form;
/* does nothing HTTP is disabled */
}
#endif /* !defined(CURL_DISABLE_HTTP) */
Reference in New Issue View Git Blame Copy Permalink