projects / m6w6 / ext-http / blob
? search:
summary | shortlog | log | commit | commitdiff | tree | github
history | raw | HEAD
Possible null pointer dereference in php_http_url_mod() fixed.
[m6w6/ext-http] / src / php_http_url.c
1 /*
2 +--------------------------------------------------------------------+
3 | PECL :: http |
4 +--------------------------------------------------------------------+
5 | Redistribution and use in source and binary forms, with or without |
6 | modification, are permitted provided that the conditions mentioned |
7 | in the accompanying LICENSE file are met. |
8 +--------------------------------------------------------------------+
9 | Copyright (c) 2004-2014, Michael Wallner <mike@php.net> |
10 +--------------------------------------------------------------------+
11 */
12
13 #include "php_http_api.h"
14
15 #if PHP_HTTP_HAVE_IDN2
16 # include <idn2.h>
17 #elif PHP_HTTP_HAVE_IDN
18 # include <idna.h>
19 #endif
20
21 #ifdef PHP_HTTP_HAVE_WCHAR
22 # include <wchar.h>
23 # include <wctype.h>
24 #endif
25
26 #ifdef HAVE_ARPA_INET_H
27 # include <arpa/inet.h>
28 #endif
29
30 #include "php_http_utf8.h"
31
32 static inline char *localhostname(void)
33 {
34 char hostname[1024] = {0};
35
36 #ifdef PHP_WIN32
37 if (SUCCESS == gethostname(hostname, lenof(hostname))) {
38 return estrdup(hostname);
39 }
40 #elif defined(HAVE_GETHOSTNAME)
41 if (SUCCESS == gethostname(hostname, lenof(hostname))) {
42 # if defined(HAVE_GETDOMAINNAME)
43 size_t hlen = strlen(hostname);
44 if (hlen <= lenof(hostname) - lenof("(none)")) {
45 hostname[hlen++] = '.';
46 if (SUCCESS == getdomainname(&hostname[hlen], lenof(hostname) - hlen)) {
47 if (!strcmp(&hostname[hlen], "(none)")) {
48 hostname[hlen - 1] = '\0';
49 }
50 return estrdup(hostname);
51 }
52 }
53 # endif
54 if (strcmp(hostname, "(none)")) {
55 return estrdup(hostname);
56 }
57 }
58 #endif
59 return estrndup("localhost", lenof("localhost"));
60 }
61
62 #define url(buf) ((php_http_url_t *) (buf).data)
63
64 static php_http_url_t *php_http_url_from_env(void)
65 {
66 zval *https, *zhost, *zport;
67 long port;
68 php_http_buffer_t buf;
69
70 php_http_buffer_init_ex(&buf, MAX(PHP_HTTP_BUFFER_DEFAULT_SIZE, sizeof(php_http_url_t)<<2), PHP_HTTP_BUFFER_INIT_PREALLOC);
71 php_http_buffer_account(&buf, sizeof(php_http_url_t));
72 memset(buf.data, 0, buf.used);
73
74 /* scheme */
75 url(buf)->scheme = &buf.data[buf.used];
76 https = php_http_env_get_server_var(ZEND_STRL("HTTPS"), 1);
77 if (https && !strcasecmp(Z_STRVAL_P(https), "ON")) {
78 php_http_buffer_append(&buf, "https", sizeof("https"));
79 } else {
80 php_http_buffer_append(&buf, "http", sizeof("http"));
81 }
82
83 /* host */
84 url(buf)->host = &buf.data[buf.used];
85 if ((((zhost = php_http_env_get_server_var(ZEND_STRL("HTTP_HOST"), 1)) ||
86 (zhost = php_http_env_get_server_var(ZEND_STRL("SERVER_NAME"), 1)) ||
87 (zhost = php_http_env_get_server_var(ZEND_STRL("SERVER_ADDR"), 1)))) && Z_STRLEN_P(zhost)) {
88 size_t stop_at = strspn(Z_STRVAL_P(zhost), "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-.");
89
90 php_http_buffer_append(&buf, Z_STRVAL_P(zhost), stop_at);
91 php_http_buffer_append(&buf, "", 1);
92 } else {
93 char *host_str = localhostname();
94
95 php_http_buffer_append(&buf, host_str, strlen(host_str) + 1);
96 efree(host_str);
97 }
98
99 /* port */
100 zport = php_http_env_get_server_var(ZEND_STRL("SERVER_PORT"), 1);
101 if (zport && IS_LONG == is_numeric_string(Z_STRVAL_P(zport), Z_STRLEN_P(zport), &port, NULL, 0)) {
102 url(buf)->port = port;
103 }
104
105 /* path */
106 if (SG(request_info).request_uri && SG(request_info).request_uri[0]) {
107 const char *q = strchr(SG(request_info).request_uri, '?');
108
109 url(buf)->path = &buf.data[buf.used];
110
111 if (q) {
112 php_http_buffer_append(&buf, SG(request_info).request_uri, q - SG(request_info).request_uri);
113 php_http_buffer_append(&buf, "", 1);
114 } else {
115 php_http_buffer_append(&buf, SG(request_info).request_uri, strlen(SG(request_info).request_uri) + 1);
116 }
117 }
118
119 /* query */
120 if (SG(request_info).query_string && SG(request_info).query_string[0]) {
121 url(buf)->query = &buf.data[buf.used];
122 php_http_buffer_append(&buf, SG(request_info).query_string, strlen(SG(request_info).query_string) + 1);
123 }
124
125 return url(buf);
126 }
127
128 #define url_isset(u,n) \
129 ((u)&&(u)->n)
130 #define url_append(buf, append) do { \
131 char *_ptr = (buf)->data; \
132 php_http_url_t *_url = (php_http_url_t *) _ptr, _mem = *_url; \
133 append; \
134 /* relocate */ \
135 if (_ptr != (buf)->data) { \
136 ptrdiff_t diff = (buf)->data - _ptr; \
137 _url = (php_http_url_t *) (buf)->data; \
138 if (_mem.scheme) _url->scheme += diff; \
139 if (_mem.user) _url->user += diff; \
140 if (_mem.pass) _url->pass += diff; \
141 if (_mem.host) _url->host += diff; \
142 if (_mem.path) _url->path += diff; \
143 if (_mem.query) _url->query += diff; \
144 if (_mem.fragment) _url->fragment += diff; \
145 } \
146 } while (0)
147 #define url_copy(n) do { \
148 if (url_isset(new_url, n)) { \
149 url(buf)->n = &buf.data[buf.used]; \
150 url_append(&buf, php_http_buffer_append(&buf, new_url->n, strlen(new_url->n) + 1)); \
151 } else if (url_isset(old_url, n)) { \
152 url(buf)->n = &buf.data[buf.used]; \
153 url_append(&buf, php_http_buffer_append(&buf, old_url->n, strlen(old_url->n) + 1)); \
154 } \
155 } while (0)
156
157 php_http_url_t *php_http_url_mod(const php_http_url_t *old_url, const php_http_url_t *new_url, unsigned flags)
158 {
159 php_http_url_t *tmp_url = NULL;
160 php_http_buffer_t buf;
161
162 php_http_buffer_init_ex(&buf, MAX(PHP_HTTP_BUFFER_DEFAULT_SIZE, sizeof(php_http_url_t)<<2), PHP_HTTP_BUFFER_INIT_PREALLOC);
163 php_http_buffer_account(&buf, sizeof(php_http_url_t));
164 memset(buf.data, 0, buf.used);
165
166 /* set from env if requested */
167 if (flags & PHP_HTTP_URL_FROM_ENV) {
168 php_http_url_t *env_url = php_http_url_from_env();
169
170 old_url = tmp_url = php_http_url_mod(env_url, old_url, flags ^ PHP_HTTP_URL_FROM_ENV);
171 php_http_url_free(&env_url);
172 }
173
174 url_copy(scheme);
175
176 if (!(flags & PHP_HTTP_URL_STRIP_USER)) {
177 url_copy(user);
178 }
179
180 if (!(flags & PHP_HTTP_URL_STRIP_PASS)) {
181 url_copy(pass);
182 }
183
184 url_copy(host);
185
186 if (!(flags & PHP_HTTP_URL_STRIP_PORT)) {
187 url(buf)->port = url_isset(new_url, port) ? new_url->port : ((old_url) ? old_url->port : 0);
188 }
189
190 if (!(flags & PHP_HTTP_URL_STRIP_PATH)) {
191 if ((flags & PHP_HTTP_URL_JOIN_PATH) && url_isset(old_url, path) && url_isset(new_url, path) && *new_url->path != '/') {
192 size_t old_path_len = strlen(old_url->path), new_path_len = strlen(new_url->path);
193 char *path = ecalloc(1, old_path_len + new_path_len + 1 + 1);
194
195 strcat(path, old_url->path);
196 if (path[old_path_len - 1] != '/') {
197 php_dirname(path, old_path_len);
198 strcat(path, "/");
199 }
200 strcat(path, new_url->path);
201
202 url(buf)->path = &buf.data[buf.used];
203 if (path[0] != '/') {
204 url_append(&buf, php_http_buffer_append(&buf, "/", 1));
205 }
206 url_append(&buf, php_http_buffer_append(&buf, path, strlen(path) + 1));
207 efree(path);
208 } else {
209 const char *path = NULL;
210
211 if (url_isset(new_url, path)) {
212 path = new_url->path;
213 } else if (url_isset(old_url, path)) {
214 path = old_url->path;
215 }
216
217 if (path) {
218 url(buf)->path = &buf.data[buf.used];
219
220 url_append(&buf, php_http_buffer_append(&buf, path, strlen(path) + 1));
221 }
222
223
224 }
225 }
226
227 if (!(flags & PHP_HTTP_URL_STRIP_QUERY)) {
228 if ((flags & PHP_HTTP_URL_JOIN_QUERY) && url_isset(new_url, query) && url_isset(old_url, query)) {
229 zval qarr, qstr;
230
231 array_init(&qarr);
232
233 ZVAL_STRING(&qstr, old_url->query);
234 php_http_querystring_update(&qarr, &qstr, NULL);
235 zval_ptr_dtor(&qstr);
236 ZVAL_STRING(&qstr, new_url->query);
237 php_http_querystring_update(&qarr, &qstr, NULL);
238 zval_ptr_dtor(&qstr);
239
240 ZVAL_NULL(&qstr);
241 php_http_querystring_update(&qarr, NULL, &qstr);
242
243 url(buf)->query = &buf.data[buf.used];
244 url_append(&buf, php_http_buffer_append(&buf, Z_STRVAL(qstr), Z_STRLEN(qstr) + 1));
245
246 zval_dtor(&qstr);
247 zval_dtor(&qarr);
248 } else {
249 url_copy(query);
250 }
251 }
252
253 if (!(flags & PHP_HTTP_URL_STRIP_FRAGMENT)) {
254 url_copy(fragment);
255 }
256
257 /* done with copy & combine & strip */
258
259 if (flags & PHP_HTTP_URL_FROM_ENV) {
260 /* free old_url we tainted above */
261 php_http_url_free(&tmp_url);
262 }
263
264 /* replace directory references if path is not a single slash */
265 if ((flags & PHP_HTTP_URL_SANITIZE_PATH)
266 && url(buf)->path
267 && url(buf)->path[0] && url(buf)->path[1]) {
268 char *ptr, *end = url(buf)->path + strlen(url(buf)->path) + 1;
269
270 for (ptr = strchr(url(buf)->path, '/'); ptr; ptr = strchr(ptr, '/')) {
271 switch (ptr[1]) {
272 case '/':
273 memmove(&ptr[1], &ptr[2], end - &ptr[2]);
274 break;
275
276 case '.':
277 switch (ptr[2]) {
278 case '\0':
279 ptr[1] = '\0';
280 break;
281
282 case '/':
283 memmove(&ptr[1], &ptr[3], end - &ptr[3]);
284 break;
285
286 case '.':
287 if (ptr[3] == '/') {
288 char *pos = &ptr[4];
289 while (ptr != url(buf)->path) {
290 if (*--ptr == '/') {
291 break;
292 }
293 }
294 memmove(&ptr[1], pos, end - pos);
295 break;
296 } else if (!ptr[3]) {
297 /* .. at the end */
298 ptr[1] = '\0';
299 }
300 /* no break */
301
302 default:
303 /* something else */
304 ++ptr;
305 break;
306 }
307 break;
308
309 default:
310 ++ptr;
311 break;
312 }
313 }
314 }
315 /* unset default ports */
316 if (url(buf)->port) {
317 if ( ((url(buf)->port == 80) && url(buf)->scheme && !strcmp(url(buf)->scheme, "http"))
318 || ((url(buf)->port ==443) && url(buf)->scheme && !strcmp(url(buf)->scheme, "https"))
319 ) {
320 url(buf)->port = 0;
321 }
322 }
323
324 return url(buf);
325 }
326
327 char *php_http_url_to_string(const php_http_url_t *url, char **url_str, size_t *url_len, zend_bool persistent)
328 {
329 php_http_buffer_t buf;
330
331 php_http_buffer_init_ex(&buf, PHP_HTTP_BUFFER_DEFAULT_SIZE, persistent ?
332 PHP_HTTP_BUFFER_INIT_PERSISTENT : 0);
333
334 if (url->scheme && *url->scheme) {
335 php_http_buffer_appendl(&buf, url->scheme);
336 php_http_buffer_appends(&buf, "://");
337 } else if ((url->user && *url->user) || (url->host && *url->host)) {
338 php_http_buffer_appends(&buf, "//");
339 }
340
341 if (url->user && *url->user) {
342 php_http_buffer_appendl(&buf, url->user);
343 if (url->pass && *url->pass) {
344 php_http_buffer_appends(&buf, ":");
345 php_http_buffer_appendl(&buf, url->pass);
346 }
347 php_http_buffer_appends(&buf, "@");
348 }
349
350 if (url->host && *url->host) {
351 php_http_buffer_appendl(&buf, url->host);
352 if (url->port) {
353 php_http_buffer_appendf(&buf, ":%hu", url->port);
354 }
355 }
356
357 if (url->path && *url->path) {
358 if (*url->path != '/') {
359 php_http_buffer_appends(&buf, "/");
360 }
361 php_http_buffer_appendl(&buf, url->path);
362 } else if (buf.used) {
363 php_http_buffer_appends(&buf, "/");
364 }
365
366 if (url->query && *url->query) {
367 php_http_buffer_appends(&buf, "?");
368 php_http_buffer_appendl(&buf, url->query);
369 }
370
371 if (url->fragment && *url->fragment) {
372 php_http_buffer_appends(&buf, "#");
373 php_http_buffer_appendl(&buf, url->fragment);
374 }
375
376 php_http_buffer_shrink(&buf);
377 php_http_buffer_fix(&buf);
378
379 if (url_len) {
380 *url_len = buf.used;
381 }
382
383 if (url_str) {
384 *url_str = buf.data;
385 }
386
387 return buf.data;
388 }
389
390 char *php_http_url_authority_to_string(const php_http_url_t *url, char **url_str, size_t *url_len)
391 {
392 php_http_buffer_t buf;
393
394 php_http_buffer_init(&buf);
395
396 if (url->user && *url->user) {
397 php_http_buffer_appendl(&buf, url->user);
398 if (url->pass && *url->pass) {
399 php_http_buffer_appends(&buf, ":");
400 php_http_buffer_appendl(&buf, url->pass);
401 }
402 php_http_buffer_appends(&buf, "@");
403 }
404
405 if (url->host && *url->host) {
406 php_http_buffer_appendl(&buf, url->host);
407 if (url->port) {
408 php_http_buffer_appendf(&buf, ":%hu", url->port);
409 }
410 }
411
412 php_http_buffer_shrink(&buf);
413 php_http_buffer_fix(&buf);
414
415 if (url_len) {
416 *url_len = buf.used;
417 }
418
419 if (url_str) {
420 *url_str = buf.data;
421 }
422
423 return buf.data;
424 }
425
426 php_http_url_t *php_http_url_from_zval(zval *value, unsigned flags)
427 {
428 zend_string *zs;
429 php_http_url_t *purl;
430
431 switch (Z_TYPE_P(value)) {
432 case IS_ARRAY:
433 case IS_OBJECT:
434 purl = php_http_url_from_struct(HASH_OF(value));
435 break;
436
437 default:
438 zs = zval_get_string(value);
439 purl = php_http_url_parse(zs->val, zs->len, flags);
440 zend_string_release(zs);
441 }
442
443 return purl;
444 }
445
446 php_http_url_t *php_http_url_from_struct(HashTable *ht)
447 {
448 zval *e;
449 php_http_buffer_t buf;
450
451 php_http_buffer_init_ex(&buf, MAX(PHP_HTTP_BUFFER_DEFAULT_SIZE, sizeof(php_http_url_t)<<2), PHP_HTTP_BUFFER_INIT_PREALLOC);
452 php_http_buffer_account(&buf, sizeof(php_http_url_t));
453 memset(buf.data, 0, buf.used);
454
455 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("scheme")))) {
456 zend_string *zs = zval_get_string(e);
457 url(buf)->scheme = &buf.data[buf.used];
458 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
459 zend_string_release(zs);
460 }
461 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("user")))) {
462 zend_string *zs = zval_get_string(e);
463 url(buf)->user = &buf.data[buf.used];
464 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
465 zend_string_release(zs);
466 }
467 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("pass")))) {
468 zend_string *zs = zval_get_string(e);
469 url(buf)->pass = &buf.data[buf.used];
470 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
471 zend_string_release(zs);
472 }
473 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("host")))) {
474 zend_string *zs = zval_get_string(e);
475 url(buf)->host = &buf.data[buf.used];
476 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
477 zend_string_release(zs);
478 }
479 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("port")))) {
480 url(buf)->port = (unsigned short) zval_get_long(e);
481 }
482 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("path")))) {
483 zend_string *zs = zval_get_string(e);
484 url(buf)->path = &buf.data[buf.used];
485 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
486 zend_string_release(zs);
487 }
488 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("query")))) {
489 zend_string *zs = zval_get_string(e);
490 url(buf)->query = &buf.data[buf.used];
491 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
492 zend_string_release(zs);
493 }
494 if ((e = zend_hash_str_find_ind(ht, ZEND_STRL("fragment")))) {
495 zend_string *zs = zval_get_string(e);
496 url(buf)->fragment = &buf.data[buf.used];
497 url_append(&buf, php_http_buffer_append(&buf, zs->val, zs->len + 1));
498 zend_string_release(zs);
499 }
500
501 return url(buf);
502 }
503
504 HashTable *php_http_url_to_struct(const php_http_url_t *url, zval *strct)
505 {
506 HashTable *ht;
507 zval tmp;
508
509 if (strct) {
510 switch (Z_TYPE_P(strct)) {
511 default:
512 zval_dtor(strct);
513 array_init(strct);
514 /* no break */
515 case IS_ARRAY:
516 case IS_OBJECT:
517 ht = HASH_OF(strct);
518 break;
519 }
520 } else {
521 ALLOC_HASHTABLE(ht);
522 zend_hash_init(ht, 8, NULL, ZVAL_PTR_DTOR, 0);
523 }
524
525 #define url_struct_add(part) \
526 if (Z_TYPE_P(strct) == IS_ARRAY) { \
527 zend_hash_str_update(Z_ARRVAL_P(strct), part, lenof(part), &tmp); \
528 } else { \
529 zend_update_property(Z_OBJCE_P(strct), strct, part, lenof(part), &tmp); \
530 zval_ptr_dtor(&tmp); \
531 }
532
533 if (url) {
534 if (url->scheme) {
535 ZVAL_STRING(&tmp, url->scheme);
536 url_struct_add("scheme");
537 }
538 if (url->user) {
539 ZVAL_STRING(&tmp, url->user);
540 url_struct_add("user");
541 }
542 if (url->pass) {
543 ZVAL_STRING(&tmp, url->pass);
544 url_struct_add("pass");
545 }
546 if (url->host) {
547 ZVAL_STRING(&tmp, url->host);
548 url_struct_add("host");
549 }
550 if (url->port) {
551 ZVAL_LONG(&tmp, url->port);
552 url_struct_add("port");
553 }
554 if (url->path) {
555 ZVAL_STRING(&tmp, url->path);
556 url_struct_add("path");
557 }
558 if (url->query) {
559 ZVAL_STRING(&tmp, url->query);
560 url_struct_add("query");
561 }
562 if (url->fragment) {
563 ZVAL_STRING(&tmp, url->fragment);
564 url_struct_add("fragment");
565 }
566 }
567
568 return ht;
569 }
570
571 ZEND_RESULT_CODE php_http_url_encode_hash(HashTable *hash, const char *pre_encoded_str, size_t pre_encoded_len, char **encoded_str, size_t *encoded_len)
572 {
573 const char *arg_sep_str = "&";
574 size_t arg_sep_len = 1;
575 php_http_buffer_t *qstr = php_http_buffer_new();
576
577 php_http_url_argsep(&arg_sep_str, &arg_sep_len);
578
579 if (SUCCESS != php_http_url_encode_hash_ex(hash, qstr, arg_sep_str, arg_sep_len, "=", 1, pre_encoded_str, pre_encoded_len)) {
580 php_http_buffer_free(&qstr);
581 return FAILURE;
582 }
583
584 php_http_buffer_data(qstr, encoded_str, encoded_len);
585 php_http_buffer_free(&qstr);
586
587 return SUCCESS;
588 }
589
590 ZEND_RESULT_CODE php_http_url_encode_hash_ex(HashTable *hash, php_http_buffer_t *qstr, const char *arg_sep_str, size_t arg_sep_len, const char *val_sep_str, size_t val_sep_len, const char *pre_encoded_str, size_t pre_encoded_len)
591 {
592 if (pre_encoded_len && pre_encoded_str) {
593 php_http_buffer_append(qstr, pre_encoded_str, pre_encoded_len);
594 }
595
596 if (!php_http_params_to_string(qstr, hash, arg_sep_str, arg_sep_len, "", 0, val_sep_str, val_sep_len, PHP_HTTP_PARAMS_QUERY)) {
597 return FAILURE;
598 }
599
600 return SUCCESS;
601 }
602
603 struct parse_state {
604 php_http_url_t url;
605 const char *ptr;
606 const char *end;
607 size_t maxlen;
608 off_t offset;
609 unsigned flags;
610 char buffer[1]; /* last member */
611 };
612
613 void php_http_url_free(php_http_url_t **url)
614 {
615 if (*url) {
616 efree(*url);
617 *url = NULL;
618 }
619 }
620
621 php_http_url_t *php_http_url_copy(const php_http_url_t *url, zend_bool persistent)
622 {
623 php_http_url_t *cpy;
624 const char *end = NULL, *url_ptr = (const char *) url;
625 char *cpy_ptr;
626
627 end = MAX(url->scheme, end);
628 end = MAX(url->pass, end);
629 end = MAX(url->user, end);
630 end = MAX(url->host, end);
631 end = MAX(url->path, end);
632 end = MAX(url->query, end);
633 end = MAX(url->fragment, end);
634
635 if (end) {
636 end += strlen(end) + 1;
637 cpy_ptr = pecalloc(1, end - url_ptr, persistent);
638 cpy = (php_http_url_t *) cpy_ptr;
639
640 memcpy(cpy_ptr + sizeof(*cpy), url_ptr + sizeof(*url), end - url_ptr - sizeof(*url));
641
642 cpy->scheme = url->scheme ? cpy_ptr + (url->scheme - url_ptr) : NULL;
643 cpy->pass = url->pass ? cpy_ptr + (url->pass - url_ptr) : NULL;
644 cpy->user = url->user ? cpy_ptr + (url->user - url_ptr) : NULL;
645 cpy->host = url->host ? cpy_ptr + (url->host - url_ptr) : NULL;
646 cpy->path = url->path ? cpy_ptr + (url->path - url_ptr) : NULL;
647 cpy->query = url->query ? cpy_ptr + (url->query - url_ptr) : NULL;
648 cpy->fragment = url->fragment ? cpy_ptr + (url->fragment - url_ptr) : NULL;
649 } else {
650 cpy = ecalloc(1, sizeof(*url));
651 }
652
653 cpy->port = url->port;
654
655 return cpy;
656 }
657
658 static size_t parse_mb_utf8(unsigned *wc, const char *ptr, const char *end)
659 {
660 unsigned wchar;
661 size_t consumed = utf8towc(&wchar, (const unsigned char *) ptr, end - ptr);
662
663 if (!consumed || consumed == (size_t) -1) {
664 return 0;
665 }
666
667 if (wc) {
668 *wc = wchar;
669 }
670 return consumed;
671 }
672
673 #ifdef PHP_HTTP_HAVE_WCHAR
674 static size_t parse_mb_loc(unsigned *wc, const char *ptr, const char *end)
675 {
676 wchar_t wchar;
677 size_t consumed = 0;
678 #if defined(HAVE_MBRTOWC)
679 mbstate_t ps;
680
681 memset(&ps, 0, sizeof(ps));
682 consumed = mbrtowc(&wchar, ptr, end - ptr, &ps);
683 #elif defined(HAVE_MBTOWC)
684 consumed = mbtowc(&wchar, ptr, end - ptr);
685 #endif
686
687 if (!consumed || consumed == (size_t) -1) {
688 return 0;
689 }
690
691 if (wc) {
692 *wc = wchar;
693 }
694 return consumed;
695 }
696 #endif
697
698 typedef enum parse_mb_what {
699 PARSE_SCHEME,
700 PARSE_USERINFO,
701 PARSE_HOSTINFO,
702 PARSE_PATH,
703 PARSE_QUERY,
704 PARSE_FRAGMENT
705 } parse_mb_what_t;
706
707 static const char * const parse_what[] = {
708 "scheme",
709 "userinfo",
710 "hostinfo",
711 "path",
712 "query",
713 "fragment"
714 };
715
716 static const char parse_xdigits[] = "0123456789ABCDEF";
717
718 static size_t parse_mb(struct parse_state *state, parse_mb_what_t what, const char *ptr, const char *end, const char *begin, zend_bool silent)
719 {
720 unsigned wchar;
721 size_t consumed = 0;
722
723 if (state->flags & PHP_HTTP_URL_PARSE_MBUTF8) {
724 consumed = parse_mb_utf8(&wchar, ptr, end);
725 }
726 #ifdef PHP_HTTP_HAVE_WCHAR
727 else if (state->flags & PHP_HTTP_URL_PARSE_MBLOC) {
728 consumed = parse_mb_loc(&wchar, ptr, end);
729 }
730 #endif
731
732 while (consumed) {
733 if (!(state->flags & PHP_HTTP_URL_PARSE_TOPCT) || what == PARSE_HOSTINFO || what == PARSE_SCHEME) {
734 if (what == PARSE_HOSTINFO && (state->flags & PHP_HTTP_URL_PARSE_TOIDN)) {
735 /* idna */
736 } else if (state->flags & PHP_HTTP_URL_PARSE_MBUTF8) {
737 if (!isualnum(wchar)) {
738 break;
739 }
740 #ifdef PHP_HTTP_HAVE_WCHAR
741 } else if (state->flags & PHP_HTTP_URL_PARSE_MBLOC) {
742 if (!iswalnum(wchar)) {
743 break;
744 }
745 #endif
746 }
747 PHP_HTTP_DUFF(consumed, state->buffer[state->offset++] = *ptr++);
748 } else {
749 int i = 0;
750
751 PHP_HTTP_DUFF(consumed,
752 state->buffer[state->offset++] = '%';
753 state->buffer[state->offset++] = parse_xdigits[((unsigned char) ptr[i]) >> 4];
754 state->buffer[state->offset++] = parse_xdigits[((unsigned char) ptr[i]) & 0xf];
755 ++i;
756 );
757 }
758
759 return consumed;
760 }
761
762 if (!silent) {
763 if (consumed) {
764 php_error_docref(NULL, E_WARNING,
765 "Failed to parse %s; unexpected multibyte sequence 0x%x at pos %u in '%s'",
766 parse_what[what], wchar, (unsigned) (ptr - begin), begin);
767 } else {
768 php_error_docref(NULL, E_WARNING,
769 "Failed to parse %s; unexpected byte 0x%02x at pos %u in '%s'",
770 parse_what[what], (unsigned char) *ptr, (unsigned) (ptr - begin), begin);
771 }
772 }
773
774 return 0;
775 }
776
777 static ZEND_RESULT_CODE parse_userinfo(struct parse_state *state, const char *ptr)
778 {
779 size_t mb;
780 const char *password = NULL, *end = state->ptr, *tmp = ptr;
781
782 state->url.user = &state->buffer[state->offset];
783
784 do {
785 switch (*ptr) {
786 case ':':
787 if (password) {
788 php_error_docref(NULL, E_WARNING,
789 "Failed to parse password; duplicate ':' at pos %u in '%s'",
790 (unsigned) (ptr - tmp), tmp);
791 return FAILURE;
792 }
793 password = ptr + 1;
794 state->buffer[state->offset++] = 0;
795 state->url.pass = &state->buffer[state->offset];
796 break;
797
798 case '%':
799 if (ptr[1] != '%' && (end - ptr <= 2 || !isxdigit(*(ptr+1)) || !isxdigit(*(ptr+2)))) {
800 php_error_docref(NULL, E_WARNING,
801 "Failed to parse userinfo; invalid percent encoding at pos %u in '%s'",
802 (unsigned) (ptr - tmp), tmp);
803 return FAILURE;
804 }
805 state->buffer[state->offset++] = *ptr++;
806 state->buffer[state->offset++] = *ptr++;
807 state->buffer[state->offset++] = *ptr;
808 break;
809
810 case '!': case '$': case '&': case '\'': case '(': case ')': case '*':
811 case '+': case ',': case ';': case '=': /* sub-delims */
812 case '-': case '.': case '_': case '~': /* unreserved */
813 case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G':
814 case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N':
815 case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':
816 case 'V': case 'W': case 'X': case 'Y': case 'Z':
817 case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g':
818 case 'h': case 'i': case 'j': case 'k': case 'l': case 'm': case 'n':
819 case 'o': case 'p': case 'q': case 'r': case 's': case 't': case 'u':
820 case 'v': case 'w': case 'x': case 'y': case 'z':
821 case '0': case '1': case '2': case '3': case '4': case '5': case '6':
822 case '7': case '8': case '9':
823 /* allowed */
824 state->buffer[state->offset++] = *ptr;
825 break;
826
827 default:
828 if (!(mb = parse_mb(state, PARSE_USERINFO, ptr, end, tmp, 0))) {
829 return FAILURE;
830 }
831 ptr += mb - 1;
832 }
833 } while(++ptr != end);
834
835
836 state->buffer[state->offset++] = 0;
837
838 return SUCCESS;
839 }
840
841 #if defined(PHP_WIN32) || defined(HAVE_UIDNA_IDNTOASCII)
842 typedef size_t (*parse_mb_func)(unsigned *wc, const char *ptr, const char *end);
843 static ZEND_RESULT_CODE to_utf16(parse_mb_func fn, const char *u8, uint16_t **u16, size_t *len)
844 {
845 size_t offset = 0, u8_len = strlen(u8);
846
847 *u16 = ecalloc(4 * sizeof(uint16_t), u8_len + 1);
848 *len = 0;
849
850 while (offset < u8_len) {
851 unsigned wc;
852 uint16_t buf[2], *ptr = buf;
853 size_t consumed = fn(&wc, &u8[offset], &u8[u8_len]);
854
855 if (!consumed) {
856 efree(*u16);
857 php_error_docref(NULL, E_WARNING, "Failed to parse UTF-8 at pos %zu of '%s'", offset, u8);
858 return FAILURE;
859 } else {
860 offset += consumed;
861 }
862
863 switch (wctoutf16(buf, wc)) {
864 case 2:
865 (*u16)[(*len)++] = *ptr++;
866 /* no break */
867 case 1:
868 (*u16)[(*len)++] = *ptr++;
869 break;
870 case 0:
871 default:
872 efree(*u16);
873 php_error_docref(NULL, E_WARNING, "Failed to convert UTF-32 'U+%X' to UTF-16", wc);
874 return FAILURE;
875 }
876 }
877
878 return SUCCESS;
879 }
880 #endif
881
882 #ifndef MAXHOSTNAMELEN
883 # define MAXHOSTNAMELEN 256
884 #endif
885
886 #if PHP_HTTP_HAVE_IDN2
887 static ZEND_RESULT_CODE parse_idn2(struct parse_state *state, size_t prev_len)
888 {
889 char *idn = NULL;
890 int rv = -1;
891
892 if (state->flags & PHP_HTTP_URL_PARSE_MBUTF8) {
893 rv = idn2_lookup_u8((const unsigned char *) state->url.host, (unsigned char **) &idn, IDN2_NFC_INPUT);
894 }
895 # ifdef PHP_HTTP_HAVE_WCHAR
896 else if (state->flags & PHP_HTTP_URL_PARSE_MBLOC) {
897 rv = idn2_lookup_ul(state->url.host, &idn, 0);
898 }
899 # endif
900 if (rv != IDN2_OK) {
901 php_error_docref(NULL, E_WARNING, "Failed to parse IDN; %s", idn2_strerror(rv));
902 return FAILURE;
903 } else {
904 size_t idnlen = strlen(idn);
905 memcpy(state->url.host, idn, idnlen + 1);
906 free(idn);
907 state->offset += idnlen - prev_len;
908 return SUCCESS;
909 }
910 }
911 #elif PHP_HTTP_HAVE_IDN
912 static ZEND_RESULT_CODE parse_idn(struct parse_state *state, size_t prev_len)
913 {
914 char *idn = NULL;
915 int rv = -1;
916
917 if (state->flags & PHP_HTTP_URL_PARSE_MBUTF8) {
918 rv = idna_to_ascii_8z(state->url.host, &idn, IDNA_ALLOW_UNASSIGNED|IDNA_USE_STD3_ASCII_RULES);
919 }
920 # ifdef PHP_HTTP_HAVE_WCHAR
921 else if (state->flags & PHP_HTTP_URL_PARSE_MBLOC) {
922 rv = idna_to_ascii_lz(state->url.host, &idn, IDNA_ALLOW_UNASSIGNED|IDNA_USE_STD3_ASCII_RULES);
923 }
924 # endif
925 if (rv != IDNA_SUCCESS) {
926 php_error_docref(NULL, E_WARNING, "Failed to parse IDN; %s", idna_strerror(rv));
927 return FAILURE;
928 } else {
929 size_t idnlen = strlen(idn);
930 memcpy(state->url.host, idn, idnlen + 1);
931 free(idn);
932 state->offset += idnlen - prev_len;
933 return SUCCESS;
934 }
935 }
936 #endif
937
938 #ifdef HAVE_UIDNA_IDNTOASCII
939 # if HAVE_UNICODE_UIDNA_H
940 # include <unicode/uidna.h>
941 # else
942 typedef uint16_t UChar;
943 typedef enum { U_ZERO_ERROR = 0 } UErrorCode;
944 int32_t uidna_IDNToASCII(const UChar *src, int32_t srcLength, UChar *dest, int32_t destCapacity, int32_t options, void *parseError, UErrorCode *status);
945 # endif
946 static ZEND_RESULT_CODE parse_uidn(struct parse_state *state)
947 {
948 char *host_ptr;
949 uint16_t *uhost_str, ahost_str[MAXHOSTNAMELEN], *ahost_ptr;
950 size_t uhost_len, ahost_len;
951 UErrorCode error = U_ZERO_ERROR;
952
953 if (state->flags & PHP_HTTP_URL_PARSE_MBUTF8) {
954 if (SUCCESS != to_utf16(parse_mb_utf8, state->url.host, &uhost_str, &uhost_len)) {
955 return FAILURE;
956 }
957 #ifdef PHP_HTTP_HAVE_WCHAR
958 } else if (state->flags & PHP_HTTP_URL_PARSE_MBLOC) {
959 if (SUCCESS != to_utf16(parse_mb_loc, state->url.host, &uhost_str, &uhost_len)) {
960 return FAILURE;
961 }
962 #endif
963 } else {
964 php_error_docref(NULL, E_WARNING, "Failed to parse IDN; codepage not specified");
965 return FAILURE;
966 }
967
968 ahost_len = uidna_IDNToASCII(uhost_str, uhost_len, ahost_str, MAXHOSTNAMELEN, 3, NULL, &error);
969 efree(uhost_str);
970
971 if (error != U_ZERO_ERROR) {
972 php_error_docref(NULL, E_WARNING, "Failed to parse IDN; ICU error %d", error);
973 return FAILURE;
974 }
975
976 host_ptr = state->url.host;
977 ahost_ptr = ahost_str;
978 PHP_HTTP_DUFF(ahost_len, *host_ptr++ = *ahost_ptr++);
979
980 *host_ptr = '\0';
981 state->offset += host_ptr - state->url.host;
982
983 return SUCCESS;
984 }
985 #endif
986
987 #if 0 && defined(PHP_WIN32)
988 static ZEND_RESULT_CODE parse_widn(struct parse_state *state)
989 {
990 char *host_ptr;
991 uint16_t *uhost_str, ahost_str[MAXHOSTNAMELEN], *ahost_ptr;
992 size_t uhost_len;
993
994 if (state->flags & PHP_HTTP_URL_PARSE_MBUTF8) {
995 if (SUCCESS != to_utf16(parse_mb_utf8, state->url.host, &uhost_str, &uhost_len)) {
996 php_error_docref(NULL, E_WARNING, "Failed to parse IDN");
997 return FAILURE;
998 }
999 #ifdef PHP_HTTP_HAVE_WCHAR
1000 } else if (state->flags & PHP_HTTP_URL_PARSE_MBLOC) {
1001 if (SUCCESS != to_utf16(parse_mb_loc, state->url.host, &uhost_str, &uhost_len)) {
1002 php_error_docref(NULL, E_WARNING, "Failed to parse IDN");
1003 return FAILURE;
1004 }
1005 #endif
1006 } else {
1007 php_error_docref(NULL, E_WARNING, "Failed to parse IDN");
1008 return FAILURE;
1009 }
1010
1011 if (!IdnToAscii(IDN_ALLOW_UNASSIGNED|IDN_USE_STD3_ASCII_RULES, uhost_str, uhost_len, ahost_str, MAXHOSTNAMELEN)) {
1012 efree(uhost_str);
1013 php_error_docref(NULL, E_WARNING, "Failed to parse IDN");
1014 return FAILURE;
1015 }
1016
1017 efree(uhost_str);
1018 host_ptr = state->url.host;
1019 ahost_ptr = ahost_str;
1020 PHP_HTTP_DUFF(wcslen(ahost_str), *host_ptr++ = *ahost_ptr++);
1021 efree(ahost_str);
1022
1023 *host_ptr = '\0';
1024 state->offset += host_ptr - state->url.host;
1025
1026 return SUCCESS;
1027 }
1028 #endif
1029
1030 #ifdef HAVE_INET_PTON
1031 static const char *parse_ip6(struct parse_state *state, const char *ptr)
1032 {
1033 const char *error = NULL, *end = state->ptr, *tmp = memchr(ptr, ']', end - ptr);
1034
1035 if (tmp) {
1036 size_t addrlen = tmp - ptr + 1;
1037 char buf[16], *addr = estrndup(ptr + 1, addrlen - 2);
1038 int rv = inet_pton(AF_INET6, addr, buf);
1039
1040 if (rv == 1) {
1041 state->buffer[state->offset] = '[';
1042 state->url.host = &state->buffer[state->offset];
1043 inet_ntop(AF_INET6, buf, state->url.host + 1, state->maxlen - state->offset);
1044 state->offset += strlen(state->url.host);
1045 state->buffer[state->offset++] = ']';
1046 state->buffer[state->offset++] = 0;
1047 ptr = tmp + 1;
1048 } else if (rv == -1) {
1049 error = strerror(errno);
1050 } else {
1051 error = "unexpected '['";
1052 }
1053 efree(addr);
1054 } else {
1055 error = "expected ']'";
1056 }
1057
1058 if (error) {
1059 php_error_docref(NULL, E_WARNING, "Failed to parse hostinfo; %s", error);
1060 return NULL;
1061 }
1062
1063 return ptr;
1064 }
1065 #endif
1066
1067 static ZEND_RESULT_CODE parse_hostinfo(struct parse_state *state, const char *ptr)
1068 {
1069 size_t mb, len;
1070 const char *end = state->ptr, *tmp = ptr, *port = NULL, *label = NULL;
1071
1072 #ifdef HAVE_INET_PTON
1073 if (*ptr == '[' && !(ptr = parse_ip6(state, ptr))) {
1074 return FAILURE;
1075 }
1076 #endif
1077
1078 if (ptr != end) do {
1079 switch (*ptr) {
1080 case ':':
1081 if (port) {
1082 php_error_docref(NULL, E_WARNING,
1083 "Failed to parse port; unexpected ':' at pos %u in '%s'",
1084 (unsigned) (ptr - tmp), tmp);
1085 return FAILURE;
1086 }
1087 port = ptr + 1;
1088 break;
1089
1090 case '%':
1091 if (ptr[1] != '%' && (end - ptr <= 2 || !isxdigit(*(ptr+1)) || !isxdigit(*(ptr+2)))) {
1092 php_error_docref(NULL, E_WARNING,
1093 "Failed to parse hostinfo; invalid percent encoding at pos %u in '%s'",
1094 (unsigned) (ptr - tmp), tmp);
1095 return FAILURE;
1096 }
1097 state->buffer[state->offset++] = *ptr++;
1098 state->buffer[state->offset++] = *ptr++;
1099 state->buffer[state->offset++] = *ptr;
1100 break;
1101
1102 case '!': case '$': case '&': case '\'': case '(': case ')': case '*':
1103 case '+': case ',': case ';': case '=': /* sub-delims */
1104 case '-': case '.': case '_': case '~': /* unreserved */
1105 if (port || !label) {
1106 /* sort of a compromise, just ensure we don't end up
1107 * with a dot at the beginning or two consecutive dots
1108 */
1109 php_error_docref(NULL, E_WARNING,
1110 "Failed to parse %s; unexpected '%c' at pos %u in '%s'",
1111 port ? "port" : "host",
1112 (unsigned char) *ptr, (unsigned) (ptr - tmp), tmp);
1113 return FAILURE;
1114 }
1115 state->buffer[state->offset++] = *ptr;
1116 label = NULL;
1117 break;
1118
1119 case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G':
1120 case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N':
1121 case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':
1122 case 'V': case 'W': case 'X': case 'Y': case 'Z':
1123 case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g':
1124 case 'h': case 'i': case 'j': case 'k': case 'l': case 'm': case 'n':
1125 case 'o': case 'p': case 'q': case 'r': case 's': case 't': case 'u':
1126 case 'v': case 'w': case 'x': case 'y': case 'z':
1127 if (port) {
1128 php_error_docref(NULL, E_WARNING,
1129 "Failed to parse port; unexpected char '%c' at pos %u in '%s'",
1130 (unsigned char) *ptr, (unsigned) (ptr - tmp), tmp);
1131 return FAILURE;
1132 }
1133 /* no break */
1134 case '0': case '1': case '2': case '3': case '4': case '5': case '6':
1135 case '7': case '8': case '9':
1136 /* allowed */
1137 if (port) {
1138 state->url.port *= 10;
1139 state->url.port += *ptr - '0';
1140 } else {
1141 label = ptr;
1142 state->buffer[state->offset++] = *ptr;
1143 }
1144 break;
1145
1146 default:
1147 if (ptr == end) {
1148 break;
1149 } else if (port) {
1150 php_error_docref(NULL, E_WARNING,
1151 "Failed to parse port; unexpected byte 0x%02x at pos %u in '%s'",
1152 (unsigned char) *ptr, (unsigned) (ptr - tmp), tmp);
1153 return FAILURE;
1154 } else if (!(mb = parse_mb(state, PARSE_HOSTINFO, ptr, end, tmp, 0))) {
1155 return FAILURE;
1156 }
1157 label = ptr;
1158 ptr += mb - 1;
1159 }
1160 } while (++ptr != end);
1161
1162 if (!state->url.host) {
1163 len = (port ? port - tmp - 1 : end - tmp);
1164 state->url.host = &state->buffer[state->offset - len];
1165 state->buffer[state->offset++] = 0;
1166 }
1167
1168 if (state->flags & PHP_HTTP_URL_PARSE_TOIDN) {
1169 #if PHP_HTTP_HAVE_IDN2
1170 return parse_idn2(state, len);
1171 #elif PHP_HTTP_HAVE_IDN
1172 return parse_idn(state, len);
1173 #endif
1174 #ifdef HAVE_UIDNA_IDNTOASCII
1175 return parse_uidn(state);
1176 #endif
1177 #if 0 && defined(PHP_WIN32)
1178 return parse_widn(state);
1179 #endif
1180 }
1181
1182 return SUCCESS;
1183 }
1184
1185 static const char *parse_authority(struct parse_state *state)
1186 {
1187 const char *tmp = state->ptr, *host = NULL;
1188
1189 do {
1190 switch (*state->ptr) {
1191 case '@':
1192 /* userinfo delimiter */
1193 if (host) {
1194 php_error_docref(NULL, E_WARNING,
1195 "Failed to parse userinfo; unexpected '@'");
1196 return NULL;
1197 }
1198 host = state->ptr + 1;
1199 if (tmp != state->ptr && SUCCESS != parse_userinfo(state, tmp)) {
1200 return NULL;
1201 }
1202 tmp = state->ptr + 1;
1203 break;
1204
1205 case '/':
1206 case '?':
1207 case '#':
1208 case '\0':
1209 EOD:
1210 /* host delimiter */
1211 if (tmp != state->ptr && SUCCESS != parse_hostinfo(state, tmp)) {
1212 return NULL;
1213 }
1214 return state->ptr;
1215 }
1216 } while (++state->ptr <= state->end);
1217
1218 --state->ptr;
1219 goto EOD;
1220 }
1221
1222 static const char *parse_path(struct parse_state *state)
1223 {
1224 size_t mb;
1225 const char *tmp;
1226
1227 /* is there actually a path to parse? */
1228 if (!*state->ptr) {
1229 return state->ptr;
1230 }
1231 tmp = state->ptr;
1232 state->url.path = &state->buffer[state->offset];
1233
1234 do {
1235 switch (*state->ptr) {
1236 case '#':
1237 case '?':
1238 goto done;
1239
1240 case '%':
1241 if (state->ptr[1] != '%' && (state->end - state->ptr <= 2 || !isxdigit(*(state->ptr+1)) || !isxdigit(*(state->ptr+2)))) {
1242 php_error_docref(NULL, E_WARNING,
1243 "Failed to parse path; invalid percent encoding at pos %u in '%s'",
1244 (unsigned) (state->ptr - tmp), tmp);
1245 return NULL;
1246 }
1247 state->buffer[state->offset++] = *state->ptr++;
1248 state->buffer[state->offset++] = *state->ptr++;
1249 state->buffer[state->offset++] = *state->ptr;
1250 break;
1251
1252 case '/': /* yeah, well */
1253 case '!': case '$': case '&': case '\'': case '(': case ')': case '*':
1254 case '+': case ',': case ';': case '=': /* sub-delims */
1255 case '-': case '.': case '_': case '~': /* unreserved */
1256 case ':': case '@': /* pchar */
1257 case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G':
1258 case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N':
1259 case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':
1260 case 'V': case 'W': case 'X': case 'Y': case 'Z':
1261 case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g':
1262 case 'h': case 'i': case 'j': case 'k': case 'l': case 'm': case 'n':
1263 case 'o': case 'p': case 'q': case 'r': case 's': case 't': case 'u':
1264 case 'v': case 'w': case 'x': case 'y': case 'z':
1265 case '0': case '1': case '2': case '3': case '4': case '5': case '6':
1266 case '7': case '8': case '9':
1267 /* allowed */
1268 state->buffer[state->offset++] = *state->ptr;
1269 break;
1270
1271 default:
1272 if (!(mb = parse_mb(state, PARSE_PATH, state->ptr, state->end, tmp, 0))) {
1273 return NULL;
1274 }
1275 state->ptr += mb - 1;
1276 }
1277 } while (++state->ptr < state->end);
1278
1279 done:
1280 /* did we have any path component ? */
1281 if (tmp != state->ptr) {
1282 state->buffer[state->offset++] = 0;
1283 } else {
1284 state->url.path = NULL;
1285 }
1286 return state->ptr;
1287 }
1288
1289 static const char *parse_query(struct parse_state *state)
1290 {
1291 size_t mb;
1292 const char *tmp = state->ptr + !!*state->ptr;
1293
1294 /* is there actually a query to parse? */
1295 if (*state->ptr != '?') {
1296 return state->ptr;
1297 }
1298
1299 /* skip initial '?' */
1300 tmp = ++state->ptr;
1301 state->url.query = &state->buffer[state->offset];
1302
1303 while (state->ptr < state->end) {
1304 switch (*state->ptr) {
1305 case '#':
1306 goto done;
1307
1308 case '%':
1309 if (state->ptr[1] != '%' && (state->end - state->ptr <= 2 || !isxdigit(*(state->ptr+1)) || !isxdigit(*(state->ptr+2)))) {
1310 php_error_docref(NULL, E_WARNING,
1311 "Failed to parse query; invalid percent encoding at pos %u in '%s'",
1312 (unsigned) (state->ptr - tmp), tmp);
1313 return NULL;
1314 }
1315 state->buffer[state->offset++] = *state->ptr++;
1316 state->buffer[state->offset++] = *state->ptr++;
1317 state->buffer[state->offset++] = *state->ptr;
1318 break;
1319
1320 /* RFC1738 unsafe */
1321 case '{': case '}':
1322 case '<': case '>':
1323 case '[': case ']':
1324 case '|': case '\\': case '^': case '`': case '"': case ' ':
1325 if (state->flags & PHP_HTTP_URL_PARSE_TOPCT) {
1326 state->buffer[state->offset++] = '%';
1327 state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) >> 4];
1328 state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) & 0xf];
1329 break;
1330 }
1331 /* no break */
1332
1333 case '?': case '/': /* yeah, well */
1334 case '!': case '$': case '&': case '\'': case '(': case ')': case '*':
1335 case '+': case ',': case ';': case '=': /* sub-delims */
1336 case '-': case '.': case '_': case '~': /* unreserved */
1337 case ':': case '@': /* pchar */
1338 case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G':
1339 case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N':
1340 case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':
1341 case 'V': case 'W': case 'X': case 'Y': case 'Z':
1342 case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g':
1343 case 'h': case 'i': case 'j': case 'k': case 'l': case 'm': case 'n':
1344 case 'o': case 'p': case 'q': case 'r': case 's': case 't': case 'u':
1345 case 'v': case 'w': case 'x': case 'y': case 'z':
1346 case '0': case '1': case '2': case '3': case '4': case '5': case '6':
1347 case '7': case '8': case '9':
1348 /* allowed */
1349 state->buffer[state->offset++] = *state->ptr;
1350 break;
1351
1352 default:
1353 if (!(mb = parse_mb(state, PARSE_QUERY, state->ptr, state->end, tmp, 0))) {
1354 return NULL;
1355 }
1356 state->ptr += mb - 1;
1357 }
1358
1359 ++state->ptr;
1360 }
1361
1362 done:
1363 state->buffer[state->offset++] = 0;
1364 return state->ptr;
1365 }
1366
1367 static const char *parse_fragment(struct parse_state *state)
1368 {
1369 size_t mb;
1370 const char *tmp;
1371
1372 /* is there actually a fragment to parse? */
1373 if (*state->ptr != '#') {
1374 return state->ptr;
1375 }
1376
1377 /* skip initial '#' */
1378 tmp = ++state->ptr;
1379 state->url.fragment = &state->buffer[state->offset];
1380
1381 do {
1382 switch (*state->ptr) {
1383 case '%':
1384 if (state->ptr[1] != '%' && (state->end - state->ptr <= 2 || !isxdigit(*(state->ptr+1)) || !isxdigit(*(state->ptr+2)))) {
1385 php_error_docref(NULL, E_WARNING,
1386 "Failed to parse fragment; invalid percent encoding at pos %u in '%s'",
1387 (unsigned) (state->ptr - tmp), tmp);
1388 return NULL;
1389 }
1390 state->buffer[state->offset++] = *state->ptr++;
1391 state->buffer[state->offset++] = *state->ptr++;
1392 state->buffer[state->offset++] = *state->ptr;
1393 break;
1394
1395 /* RFC1738 unsafe */
1396 case '{': case '}':
1397 case '<': case '>':
1398 case '[': case ']':
1399 case '|': case '\\': case '^': case '`': case '"': case ' ':
1400 if (state->flags & PHP_HTTP_URL_PARSE_TOPCT) {
1401 state->buffer[state->offset++] = '%';
1402 state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) >> 4];
1403 state->buffer[state->offset++] = parse_xdigits[((unsigned char) *state->ptr) & 0xf];
1404 break;
1405 }
1406 /* no break */
1407
1408 case '?': case '/':
1409 case '!': case '$': case '&': case '\'': case '(': case ')': case '*':
1410 case '+': case ',': case ';': case '=': /* sub-delims */
1411 case '-': case '.': case '_': case '~': /* unreserved */
1412 case ':': case '@': /* pchar */
1413 case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G':
1414 case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N':
1415 case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':
1416 case 'V': case 'W': case 'X': case 'Y': case 'Z':
1417 case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g':
1418 case 'h': case 'i': case 'j': case 'k': case 'l': case 'm': case 'n':
1419 case 'o': case 'p': case 'q': case 'r': case 's': case 't': case 'u':
1420 case 'v': case 'w': case 'x': case 'y': case 'z':
1421 case '0': case '1': case '2': case '3': case '4': case '5': case '6':
1422 case '7': case '8': case '9':
1423 /* allowed */
1424 state->buffer[state->offset++] = *state->ptr;
1425 break;
1426
1427 default:
1428 if (!(mb = parse_mb(state, PARSE_FRAGMENT, state->ptr, state->end, tmp, 0))) {
1429 return NULL;
1430 }
1431 state->ptr += mb - 1;
1432 }
1433 } while (++state->ptr < state->end);
1434
1435 state->buffer[state->offset++] = 0;
1436 return state->ptr;
1437 }
1438
1439 static const char *parse_hier(struct parse_state *state)
1440 {
1441 if (*state->ptr == '/') {
1442 if (state->end - state->ptr > 1) {
1443 if (*(state->ptr + 1) == '/') {
1444 state->ptr += 2;
1445 if (!(state->ptr = parse_authority(state))) {
1446 return NULL;
1447 }
1448 }
1449 }
1450 }
1451 return parse_path(state);
1452 }
1453
1454 static const char *parse_scheme(struct parse_state *state)
1455 {
1456 size_t mb;
1457 const char *tmp = state->ptr;
1458
1459 do {
1460 switch (*state->ptr) {
1461 case ':':
1462 /* scheme delimiter */
1463 state->url.scheme = &state->buffer[0];
1464 state->buffer[state->offset++] = 0;
1465 return ++state->ptr;
1466
1467 case '0': case '1': case '2': case '3': case '4': case '5': case '6':
1468 case '7': case '8': case '9':
1469 case '+': case '-': case '.':
1470 if (state->ptr == tmp) {
1471 return tmp;
1472 }
1473 /* no break */
1474 case 'A': case 'B': case 'C': case 'D': case 'E': case 'F': case 'G':
1475 case 'H': case 'I': case 'J': case 'K': case 'L': case 'M': case 'N':
1476 case 'O': case 'P': case 'Q': case 'R': case 'S': case 'T': case 'U':
1477 case 'V': case 'W': case 'X': case 'Y': case 'Z':
1478 case 'a': case 'b': case 'c': case 'd': case 'e': case 'f': case 'g':
1479 case 'h': case 'i': case 'j': case 'k': case 'l': case 'm': case 'n':
1480 case 'o': case 'p': case 'q': case 'r': case 's': case 't': case 'u':
1481 case 'v': case 'w': case 'x': case 'y': case 'z':
1482 /* scheme part */
1483 state->buffer[state->offset++] = *state->ptr;
1484 break;
1485
1486 default:
1487 if (!(mb = parse_mb(state, PARSE_SCHEME, state->ptr, state->end, tmp, 1))) {
1488 /* soft fail; parse path next */
1489 return tmp;
1490 }
1491 state->ptr += mb - 1;
1492 }
1493 } while (++state->ptr != state->end);
1494
1495 return state->ptr = tmp;
1496 }
1497
1498 php_http_url_t *php_http_url_parse(const char *str, size_t len, unsigned flags)
1499 {
1500 size_t maxlen = 3 * len;
1501 struct parse_state *state = ecalloc(1, sizeof(*state) + maxlen);
1502
1503 state->end = str + len;
1504 state->ptr = str;
1505 state->flags = flags;
1506 state->maxlen = maxlen;
1507
1508 if (!parse_scheme(state)) {
1509 php_error_docref(NULL, E_WARNING, "Failed to parse URL scheme: '%s'", state->ptr);
1510 efree(state);
1511 return NULL;
1512 }
1513
1514 if (!parse_hier(state)) {
1515 efree(state);
1516 return NULL;
1517 }
1518
1519 if (!parse_query(state)) {
1520 php_error_docref(NULL, E_WARNING, "Failed to parse URL query: '%s'", state->ptr);
1521 efree(state);
1522 return NULL;
1523 }
1524
1525 if (!parse_fragment(state)) {
1526 php_error_docref(NULL, E_WARNING, "Failed to parse URL fragment: '%s'", state->ptr);
1527 efree(state);
1528 return NULL;
1529 }
1530
1531 return (php_http_url_t *) state;
1532 }
1533
1534 php_http_url_t *php_http_url_parse_authority(const char *str, size_t len, unsigned flags)
1535 {
1536 size_t maxlen = 3 * len;
1537 struct parse_state *state = ecalloc(1, sizeof(*state) + maxlen);
1538
1539 state->end = str + len;
1540 state->ptr = str;
1541 state->flags = flags;
1542 state->maxlen = maxlen;
1543
1544 if (!(state->ptr = parse_authority(state))) {
1545 efree(state);
1546 return NULL;
1547 }
1548
1549 if (state->ptr != state->end) {
1550 php_error_docref(NULL, E_WARNING,
1551 "Failed to parse URL authority, unexpected character at pos %u in '%s'",
1552 (unsigned) (state->ptr - str), str);
1553 efree(state);
1554 return NULL;
1555 }
1556
1557 return (php_http_url_t *) state;
1558 }
1559
1560 static zend_class_entry *php_http_url_class_entry;
1561 static zend_class_entry *php_http_env_url_class_entry;
1562
1563 zend_class_entry *php_http_url_get_class_entry(void)
1564 {
1565 return php_http_url_class_entry;
1566 }
1567
1568 zend_class_entry *php_http_get_env_url_class_entry(void)
1569 {
1570 return php_http_env_url_class_entry;
1571 }
1572
1573 ZEND_BEGIN_ARG_INFO_EX(ai_HttpUrl___construct, 0, 0, 0)
1574 ZEND_ARG_INFO(0, old_url)
1575 ZEND_ARG_INFO(0, new_url)
1576 ZEND_ARG_INFO(0, flags)
1577 ZEND_END_ARG_INFO();
1578 PHP_METHOD(HttpUrl, __construct)
1579 {
1580 zval *new_url = NULL, *old_url = NULL;
1581 zend_long flags = 0;
1582 zend_error_handling zeh;
1583
1584 php_http_expect(SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS(), "|z!z!l", &old_url, &new_url, &flags), invalid_arg, return);
1585
1586 /* always set http\Url::FROM_ENV for instances of http\Env\Url */
1587 if (instanceof_function(Z_OBJCE_P(getThis()), php_http_env_url_class_entry)) {
1588 flags |= PHP_HTTP_URL_FROM_ENV;
1589 }
1590
1591 zend_replace_error_handling(EH_THROW, php_http_get_exception_bad_url_class_entry(), &zeh);
1592 {
1593 php_http_url_t *res_purl, *new_purl = NULL, *old_purl = NULL;
1594
1595 if (new_url) {
1596 new_purl = php_http_url_from_zval(new_url, flags);
1597 if (!new_purl) {
1598 zend_restore_error_handling(&zeh);
1599 return;
1600 }
1601 }
1602 if (old_url) {
1603 old_purl = php_http_url_from_zval(old_url, flags);
1604 if (!old_purl) {
1605 if (new_purl) {
1606 php_http_url_free(&new_purl);
1607 }
1608 zend_restore_error_handling(&zeh);
1609 return;
1610 }
1611 }
1612
1613 res_purl = php_http_url_mod(old_purl, new_purl, flags);
1614 php_http_url_to_struct(res_purl, getThis());
1615
1616 php_http_url_free(&res_purl);
1617 if (old_purl) {
1618 php_http_url_free(&old_purl);
1619 }
1620 if (new_purl) {
1621 php_http_url_free(&new_purl);
1622 }
1623 }
1624 zend_restore_error_handling(&zeh);
1625 }
1626
1627 ZEND_BEGIN_ARG_INFO_EX(ai_HttpUrl_mod, 0, 0, 1)
1628 ZEND_ARG_INFO(0, more_url_parts)
1629 ZEND_ARG_INFO(0, flags)
1630 ZEND_END_ARG_INFO();
1631 PHP_METHOD(HttpUrl, mod)
1632 {
1633 zval *new_url = NULL;
1634 zend_long flags = PHP_HTTP_URL_JOIN_PATH | PHP_HTTP_URL_JOIN_QUERY | PHP_HTTP_URL_SANITIZE_PATH;
1635 zend_error_handling zeh;
1636
1637 php_http_expect(SUCCESS == zend_parse_parameters(ZEND_NUM_ARGS(), "z!|l", &new_url, &flags), invalid_arg, return);
1638
1639 zend_replace_error_handling(EH_THROW, php_http_get_exception_bad_url_class_entry(), &zeh);
1640 {
1641 php_http_url_t *new_purl = NULL, *old_purl = NULL;
1642
1643 if (new_url) {
1644 new_purl = php_http_url_from_zval(new_url, flags);
1645 if (!new_purl) {
1646 zend_restore_error_handling(&zeh);
1647 return;
1648 }
1649 }
1650
1651 if ((old_purl = php_http_url_from_struct(HASH_OF(getThis())))) {
1652 php_http_url_t *res_purl;
1653
1654 ZVAL_OBJ(return_value, zend_objects_clone_obj(getThis()));
1655
1656 res_purl = php_http_url_mod(old_purl, new_purl, flags);
1657 php_http_url_to_struct(res_purl, return_value);
1658
1659 php_http_url_free(&res_purl);
1660 php_http_url_free(&old_purl);
1661 }
1662 if (new_purl) {
1663 php_http_url_free(&new_purl);
1664 }
1665 }
1666 zend_restore_error_handling(&zeh);
1667 }
1668
1669 ZEND_BEGIN_ARG_INFO_EX(ai_HttpUrl_toString, 0, 0, 0)
1670 ZEND_END_ARG_INFO();
1671 PHP_METHOD(HttpUrl, toString)
1672 {
1673 if (SUCCESS == zend_parse_parameters_none()) {
1674 php_http_url_t *purl;
1675
1676 if ((purl = php_http_url_from_struct(HASH_OF(getThis())))) {
1677 char *str;
1678 size_t len;
1679
1680 php_http_url_to_string(purl, &str, &len, 0);
1681 php_http_url_free(&purl);
1682 RETURN_STR(php_http_cs2zs(str, len));
1683 }
1684 }
1685 RETURN_EMPTY_STRING();
1686 }
1687
1688 ZEND_BEGIN_ARG_INFO_EX(ai_HttpUrl_toArray, 0, 0, 0)
1689 ZEND_END_ARG_INFO();
1690 PHP_METHOD(HttpUrl, toArray)
1691 {
1692 php_http_url_t *purl;
1693
1694 if (SUCCESS != zend_parse_parameters_none()) {
1695 return;
1696 }
1697
1698 /* strip any non-URL properties */
1699 purl = php_http_url_from_struct(HASH_OF(getThis()));
1700 php_http_url_to_struct(purl, return_value);
1701 php_http_url_free(&purl);
1702 }
1703
1704 static zend_function_entry php_http_url_methods[] = {
1705 PHP_ME(HttpUrl, __construct, ai_HttpUrl___construct, ZEND_ACC_PUBLIC|ZEND_ACC_CTOR)
1706 PHP_ME(HttpUrl, mod, ai_HttpUrl_mod, ZEND_ACC_PUBLIC)
1707 PHP_ME(HttpUrl, toString, ai_HttpUrl_toString, ZEND_ACC_PUBLIC)
1708 ZEND_MALIAS(HttpUrl, __toString, toString, ai_HttpUrl_toString, ZEND_ACC_PUBLIC)
1709 PHP_ME(HttpUrl, toArray, ai_HttpUrl_toArray, ZEND_ACC_PUBLIC)
1710 EMPTY_FUNCTION_ENTRY
1711 };
1712
1713 PHP_MINIT_FUNCTION(http_url)
1714 {
1715 zend_class_entry ce = {0};
1716
1717 INIT_NS_CLASS_ENTRY(ce, "http", "Url", php_http_url_methods);
1718 php_http_url_class_entry = zend_register_internal_class(&ce);
1719
1720 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("scheme"), ZEND_ACC_PUBLIC);
1721 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("user"), ZEND_ACC_PUBLIC);
1722 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("pass"), ZEND_ACC_PUBLIC);
1723 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("host"), ZEND_ACC_PUBLIC);
1724 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("port"), ZEND_ACC_PUBLIC);
1725 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("path"), ZEND_ACC_PUBLIC);
1726 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("query"), ZEND_ACC_PUBLIC);
1727 zend_declare_property_null(php_http_url_class_entry, ZEND_STRL("fragment"), ZEND_ACC_PUBLIC);
1728
1729 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("REPLACE"), PHP_HTTP_URL_REPLACE);
1730 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("JOIN_PATH"), PHP_HTTP_URL_JOIN_PATH);
1731 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("JOIN_QUERY"), PHP_HTTP_URL_JOIN_QUERY);
1732 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_USER"), PHP_HTTP_URL_STRIP_USER);
1733 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_PASS"), PHP_HTTP_URL_STRIP_PASS);
1734 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_AUTH"), PHP_HTTP_URL_STRIP_AUTH);
1735 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_PORT"), PHP_HTTP_URL_STRIP_PORT);
1736 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_PATH"), PHP_HTTP_URL_STRIP_PATH);
1737 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_QUERY"), PHP_HTTP_URL_STRIP_QUERY);
1738 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_FRAGMENT"), PHP_HTTP_URL_STRIP_FRAGMENT);
1739 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("STRIP_ALL"), PHP_HTTP_URL_STRIP_ALL);
1740 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("FROM_ENV"), PHP_HTTP_URL_FROM_ENV);
1741 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("SANITIZE_PATH"), PHP_HTTP_URL_SANITIZE_PATH);
1742
1743 #ifdef PHP_HTTP_HAVE_WCHAR
1744 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("PARSE_MBLOC"), PHP_HTTP_URL_PARSE_MBLOC);
1745 #endif
1746 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("PARSE_MBUTF8"), PHP_HTTP_URL_PARSE_MBUTF8);
1747 #if defined(PHP_HTTP_HAVE_IDN2) || defined(PHP_HTTP_HAVE_IDN) || defined(HAVE_UIDNA_IDNTOASCII)
1748 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("PARSE_TOIDN"), PHP_HTTP_URL_PARSE_TOIDN);
1749 #endif
1750 zend_declare_class_constant_long(php_http_url_class_entry, ZEND_STRL("PARSE_TOPCT"), PHP_HTTP_URL_PARSE_TOPCT);
1751
1752 INIT_NS_CLASS_ENTRY(ce, "http\\Env", "Url", php_http_url_methods);
1753 php_http_env_url_class_entry = zend_register_internal_class_ex(&ce, php_http_url_class_entry);
1754
1755 return SUCCESS;
1756 }
1757
1758
1759 /*
1760 * Local variables:
1761 * tab-width: 4
1762 * c-basic-offset: 4
1763 * End:
1764 * vim600: noet sw=4 ts=4 fdm=marker
1765 * vim<600: noet sw=4 ts=4
1766 */
1767
Extended HTTP Support