src/server/safs/cgi.h

Tue, 20 Aug 2024 12:34:32 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Tue, 20 Aug 2024 12:34:32 +0200
changeset 553
a166a15f7b74
parent 534
bf62eddbdb9b
permissions
-rw-r--r--

fix pg ext uninitialized memory acces - fixes #420

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2016 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef CGI_H
#define CGI_H

#include "../public/nsapi.h"
#include <cx/buffer.h>

#ifdef __cplusplus
extern "C" {
#endif
    
enum CgiIOResult {
    CGI_IO_COMPLETE = 0,
    CGI_IO_NEED_READ,
    CGI_IO_NEED_WRITE,
    CGI_IO_ERROR
};

typedef enum CgiIOResult CgiIOResult;
    
typedef struct {
    int in[2];
    int out[2];
    int err[2];
    pid_t pid;
} CGIProcess;

typedef struct {
    Session   *sn;
    Request   *rq;
    CxBuffer  tmp;
    int       status;
    char      *msg;
    size_t    response_length;
    WSBool    cgiheader;
} CGIResponseParser;

typedef struct CGIHandler {
    CGIProcess process;
    CGIResponseParser *parser;
    HttpResponseWriter *response;
    
    /*
     * request path (rq->vars path)
     */
    char *path;
    
    /*
     * event object for pollin
     * active by default and my be deactivated/reactivated in some cases
     */
    Event *readev;
    
    /*
     * event object prepared for pollout
     * only activated if write returns EWOULDBLOCK
     */
    Event *writeev;
    
    /*
     * temp buffer used for parsing stderr lines
     */
    char *stderr_tmp;
    /*
     * current length of stderr_tmp
     */
    int stderr_tmplen;
    
    /*
     * allocation size of stderr_tmp
     */
    int stderr_tmpalloc;
    
    /*
     * output buffer
     */
    char *writebuf;
    
    /*
     * writebuf allocation size
     */
    size_t writebuf_alloc;
    
    /*
     * currently used size of writebuf
     */
    size_t writebuf_size;
    
    /*
     * current writebuf pos (writebuf_size - write_buf_pos = remaining)
     */
    size_t writebuf_pos;
    
    /*
     * number of bytes of the response body sent to the client
     * at the end count_write should have the same value as parser->response_length
     */
    size_t count_write;
    
    /*
     * poll_out event active
     */
    WSBool poll_out;
    
    /*
     * last read returned EWOULDBLOCK
     * waiting for the next read event
     */
    WSBool wait_read;
    
    /*
     * cgi pipe (stdout) EOF
     */
    WSBool cgi_eof;
    
    /*
     * Last kill signal sent to the cgi process
     */
    int cgi_kill;
    
    WSBool debug_finished;
    
    /*
     * number of currently open events (stdout, stderr, [stdout])
     */
    int events;
    
    /*
     * error indicator
     */
    int result;
} CGIHandler;
    
int send_cgi(pblock *pb, Session *sn, Request *rq);

char** cgi_add_vars(char **env, Session *sn, Request *rq);

int cgi_start(CGIProcess *p, char *path, char *const argv[], char *const envp[]);

int cgi_close(CGIProcess *p);

int cgi_stdout_readevent(EventHandler *ev, Event *event);
int cgi_stderr_readevent(EventHandler *ev, Event *event);
int cgi_event_finish(EventHandler *ev, Event *event);
int cgi_writeevent(EventHandler *ev, Event *event);

CgiIOResult cgi_read_output(CGIHandler *handler, EventHandler *ev, const char *debug_log);

CGIResponseParser* cgi_parser_new(Session *sn, Request *rq);
void cgi_parser_free(CGIResponseParser *parser);
int cgi_parse_response(CGIResponseParser *parser, char *buf, size_t len, size_t *bpos);

#ifdef __cplusplus
}
#endif

#endif /* CGI_H */

mercurial