1 /*
2  * Copyright (c) 2020, 2022 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "gmid.h"
18 
19 #include <ctype.h>
20 #include <string.h>
21 
22 static inline int
23 unreserved(int p)
24 {
25 	return isalnum(p)
26 		|| p == '-'
27 		|| p == '.'
28 		|| p == '_'
29 		|| p == '~';
30 }
31 
32 static inline int
33 sub_delimiters(int p)
34 {
35 	return p == '!'
36 		|| p == '$'
37 		|| p == '&'
38 		|| p == '\''
39 		|| p == '('
40 		|| p == ')'
41 		|| p == '*'
42 		|| p == '+'
43 		|| p == ','
44 		|| p == ';'
45 		|| p == '=';
46 }
47 
48 static int
49 valid_pct_enc_string(char *s)
50 {
51 	if (*s != '%')
52 		return 1;
53 
54 	if (!isxdigit((unsigned char)s[1]) ||
55 	    !isxdigit((unsigned char)s[2]))
56 		return 0;
57 
58 	if (s[1] == '0' && s[2] == '0')
59 		return 0;
60 
61 	return 1;
62 }
63 
64 static int
65 valid_pct_encoded(struct parser *p)
66 {
67 	if (p->iri[0] != '%')
68 		return 0;
69 
70 	if (!valid_pct_enc_string(p->iri)) {
71 		p->err = "illegal percent-encoding";
72 		return 0;
73 	}
74 
75 	p->iri += 2;
76 	return 1;
77 }
78 
79 static void
80 pct_decode(char *s)
81 {
82 	sscanf(s+1, "%2hhx", s);
83 	memmove(s+1, s+3, strlen(s+3)+1);
84 }
85 
86 static int
87 parse_pct_encoded(struct parser *p)
88 {
89 	if (p->iri[0] != '%')
90 		return 0;
91 
92 	if (!valid_pct_enc_string(p->iri)) {
93 		p->err = "illegal percent-encoding";
94 		return 0;
95 	}
96 
97 	pct_decode(p->iri);
98 	if (*p->iri == '\0') {
99 		p->err = "illegal percent-encoding";
100 		return 0;
101 	}
102 
103 	return 1;
104 }
105 
106 /* ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) "://" */
107 static int
108 parse_scheme(struct parser *p)
109 {
110 	p->parsed->schema = p->iri;
111 
112 	if (!isalpha(*p->iri)) {
113 		p->err = "illegal character in scheme";
114 		return 0;
115 	}
116 
117 	do {
118 		/*
119 		 * normalize the scheme (i.e. lowercase it)
120 		 *
121 		 * XXX: since we cannot have good things, tolower
122 		 * behaviour depends on the LC_CTYPE locale.  The good
123 		 * news is that we're sure p->iri points to something
124 		 * that's in the ASCII range, so tolower can't
125 		 * mis-behave on some systems due to the locale.
126 		 */
127 		*p->iri = tolower(*p->iri);
128 		p->iri++;
129 	} while (isalnum(*p->iri)
130 	    || *p->iri == '+'
131 	    || *p->iri == '-'
132 	    || *p->iri == '.');
133 
134 	if (*p->iri != ':') {
135 		p->err = "illegal character in scheme";
136 		return 0;
137 	}
138 
139 	*p->iri = '\0';
140 	if (p->iri[1] != '/' || p->iri[2] != '/') {
141 		p->err = "invalid marker after scheme";
142 		return 0;
143 	}
144 
145 	p->iri += 3;
146 	return 1;
147 }
148 
149 /* *DIGIT */
150 static int
151 parse_port(struct parser *p)
152 {
153 	uint32_t i = 0;
154 
155 	p->parsed->port = p->iri;
156 
157 	for (; isdigit((unsigned char)*p->iri); p->iri++) {
158 		i = i * 10 + *p->iri - '0';
159 		if (i > UINT16_MAX) {
160 			p->err = "port number too large";
161 			return 0;
162 		}
163 	}
164 
165 	if (*p->iri != '/' && *p->iri != '\0') {
166 		p->err = "illegal character in port number";
167 		return 0;
168 	}
169 
170 	p->parsed->port_no = i;
171 
172 	if (*p->iri != '\0') {
173 		*p->iri = '\0';
174 		p->iri++;
175 	}
176 
177 	return 1;
178 }
179 
180 /* TODO: add support for ip-literal and ipv4addr ? */
181 /* *( unreserved / sub-delims / pct-encoded ) */
182 static int
183 parse_authority(struct parser *p)
184 {
185 	p->parsed->host = p->iri;
186 
187 	while (unreserved(*p->iri)
188 	    || sub_delimiters(*p->iri)
189 	    || parse_pct_encoded(p)
190 	    || valid_multibyte_utf8(p)) {
191 		/* normalize the host name. */
192 		if (*p->iri < 0x7F)
193 			*p->iri = tolower(*p->iri);
194 		p->iri++;
195 	}
196 
197 	if (p->err != NULL)
198 		return 0;
199 
200 	if (*p->iri == ':') {
201 		*p->iri = '\0';
202 		p->iri++;
203 		return parse_port(p);
204 	} else
205 		p->parsed->port_no = 1965;
206 
207 	if (*p->iri == '/') {
208 		*p->iri = '\0';
209 		p->iri++;
210 		return 1;
211 	}
212 
213 	if (*p->iri == '\0')
214 		return 1;
215 
216 	p->err = "illegal character in authority section";
217 	return 0;
218 }
219 
220 /*
221  * Routine for path_clean.  Elide the pointed .. with the preceding
222  * element.  Return 0 if it's not possible.  incr is the length of
223  * the increment, 3 for ../ and 2 for ..
224  */
225 static int
226 path_elide_dotdot(char *path, char *i, int incr)
227 {
228 	char *j;
229 
230 	if (i == path)
231 		return 0;
232 	for (j = i-2; j != path && *j != '/'; j--)
233 		/* noop */ ;
234 	if (*j == '/')
235 		j++;
236 	i += incr;
237 	memmove(j, i, strlen(i)+1);
238 	return 1;
239 }
240 
241 /*
242  * Use an algorithm similar to the one implemented in go' path.Clean:
243  *
244  * 1. Replace multiple slashes with a single slash
245  * 2. Eliminate each . path name element
246  * 3. Eliminate each inner .. along with the non-.. element that precedes it
247  * 4. Eliminate trailing .. if possible or error (go would only discard)
248  *
249  * Unlike path.Clean, this function return the empty string if the
250  * original path is equivalent to "/".
251  */
252 static int
253 path_clean(char *path)
254 {
255 	char *i;
256 
257 	/* 1. replace multiple slashes with a single one */
258 	for (i = path; *i; ++i) {
259 		if (*i == '/' && *(i+1) == '/') {
260 			memmove(i, i+1, strlen(i)); /* move also the \0 */
261 			i--;
262 		}
263 	}
264 
265 	/* 2. eliminate each . path name element */
266 	for (i = path; *i; ++i) {
267 		if ((i == path || *i == '/') &&
268 		    *i != '.' && i[1] == '.' && i[2] == '/') {
269 			/* move also the \0 */
270 			memmove(i, i+2, strlen(i)-1);
271 			i--;
272 		}
273 	}
274 	if (!strcmp(path, ".") || !strcmp(path, "/.")) {
275 		*path = '\0';
276 		return 1;
277 	}
278 
279 	/* 3. eliminate each inner .. along with the preceding non-.. */
280 	for (i = strstr(path, "../"); i != NULL; i = strstr(path, "..")) {
281 		/* break if we've found a trailing .. */
282 		if (i[2] == '\0')
283 			break;
284 		if (!path_elide_dotdot(path, i, 3))
285 			return 0;
286 	}
287 
288 	/* 4. eliminate trailing ..*/
289 	if ((i = strstr(path, "..")) != NULL)
290 		if (!path_elide_dotdot(path, i, 2))
291 			return 0;
292 
293 	return 1;
294 }
295 
296 static int
297 parse_query(struct parser *p)
298 {
299 	p->parsed->query = p->iri;
300 	if (*p->iri == '\0')
301 		return 1;
302 
303 	while (unreserved(*p->iri)
304 	    || sub_delimiters(*p->iri)
305 	    || *p->iri == '/'
306 	    || *p->iri == '?'
307 	    || *p->iri == ':'
308 	    || *p->iri == '@'
309 	    || valid_pct_encoded(p)
310 	    || valid_multibyte_utf8(p))
311 		p->iri++;
312 
313 	if (p->err != NULL)
314 		return 0;
315 
316 	if (*p->iri != '\0' && *p->iri != '#') {
317 		p->err = "illegal character in query";
318 		return 0;
319 	}
320 
321 	if (*p->iri != '\0') {
322 		*p->iri = '\0';
323 		p->iri++;
324 	}
325 
326 	return 1;
327 }
328 
329 /* don't even bother */
330 static int
331 parse_fragment(struct parser *p)
332 {
333 	p->parsed->fragment = p->iri;
334 	return 1;
335 }
336 
337 /* XXX: is it too broad? */
338 /* *(pchar / "/") */
339 static int
340 parse_path(struct parser *p)
341 {
342 	char c;
343 
344 	/* trim initial slashes */
345 	while (*p->iri == '/')
346 		p->iri++;
347 
348 	p->parsed->path = p->iri;
349 	if (*p->iri == '\0') {
350 		p->parsed->query = p->parsed->fragment = p->iri;
351 		return 1;
352 	}
353 
354 	while (unreserved(*p->iri)
355 	    || sub_delimiters(*p->iri)
356 	    || *p->iri == '@'
357 	    || *p->iri == ':'
358 	    || *p->iri == '/'
359 	    || parse_pct_encoded(p)
360 	    || valid_multibyte_utf8(p))
361 		p->iri++;
362 
363 	if (p->err != NULL)
364 		return 0;
365 
366 	if (*p->iri != '\0' && *p->iri != '?' && *p->iri != '#') {
367 		p->err = "illegal character in path";
368 		return 0;
369 	}
370 
371 	if (*p->iri != '\0') {
372 		c = *p->iri;
373 		*p->iri = '\0';
374 		p->iri++;
375 
376 		if (c == '#') {
377 			if (!parse_fragment(p))
378 				return 0;
379 		} else
380 			if (!parse_query(p) || !parse_fragment(p))
381 				return 0;
382 	}
383 
384 	if (!path_clean(p->parsed->path)) {
385 		p->err = "illegal path";
386 		return 0;
387 	}
388 
389 	return 1;
390 }
391 
392 int
393 parse_iri(char *iri, struct iri *ret, const char **err_ret)
394 {
395 	char *end;
396 	struct parser p = {
397 		.iri = iri,
398 		.parsed = ret,
399 		.err = NULL,
400 	};
401 
402 	memset(ret, 0, sizeof(*ret));
403 
404 	/* initialize optional stuff to the empty string */
405 	end = iri + strlen(iri);
406 	p.parsed->host = end;
407 	p.parsed->port = end;
408 	p.parsed->path = end;
409 	p.parsed->query = end;
410 	p.parsed->fragment = end;
411 
412 	if (!parse_scheme(&p) || !parse_authority(&p) || !parse_path(&p)) {
413 		*err_ret = p.err;
414 		return 0;
415 	}
416 
417 	*err_ret = NULL;
418 	return 1;
419 }
420 
421 int
422 serialize_iri(struct iri *i, char *buf, size_t len)
423 {
424 	size_t l = 0;
425 
426 	/* in ex.c we receive empty "" strings as NULL */
427 	if (i->schema == NULL || i->host == NULL) {
428 		memset(buf, 0, len);
429 		return 0;
430 	}
431 
432 	strlcpy(buf, i->schema, len);
433 	strlcat(buf, "://", len);
434 	strlcat(buf, i->host, len);
435 	strlcat(buf, "/", len);
436 
437 	if (i->path != NULL)
438 		l = strlcat(buf, i->path, len);
439 
440 	if (i->query != NULL && *i->query != '\0') {
441 		strlcat(buf, "?", len);
442 		l = strlcat(buf, i->query, len);
443 	}
444 
445 	return l < len;
446 }
447 
448 int
449 encode_path(char *buf, size_t len, const char *path)
450 {
451 	char *p = buf;
452 	int a, b;
453 
454 	memset(buf, 0, len);
455 	while (*path != '\0') {
456 		if (len == 1)	/* NUL */
457 			return -1;
458 
459 		if (unreserved(*path) ||
460 		    sub_delimiters(*path) ||
461 		    *path == '@' ||
462 		    *path == ':' ||
463 		    *path == '/') {
464 			*p++ = *path++;
465 			len--;
466 		} else if (len < 4)
467 			return -1;
468 		else {
469 			a = (*path & 0xF0) >> 4;
470 			b = (*path & 0x0F);
471 
472 			p[0] = '%';
473 			p[1] = a <= 9 ? ('0' + a) : ('7' + a);
474 			p[2] = b <= 9 ? ('0' + b) : ('7' + b);
475 
476 			path++;
477 			p += 3;
478 			len -= 3;
479 		}
480 	}
481 
482 	return 0;
483 }
484 
485 char *
486 pct_decode_str(char *s)
487 {
488 	char *t;
489 
490 	for (t = s; *t; ++t) {
491 		if (*t == '%' && valid_pct_enc_string(t))
492 			pct_decode(t);
493 	}
494 
495 	return s;
496 }