ESAPI-C 1.0
The OWASP Enterprise Security API for C
|
00001 #include <stdlib.h> 00002 #include "../include/access_ref.h" 00003 00004 /* 00005 * We need two hashed containers for 2-way (direct-indirect) mapping. 00006 * We should support incremented or random indirect references. Use esapi_fill_random_tokeen for the random reference. 00007 * And put functions should be replaced by add functions that take only a value param (plus the map). 00008 */ 00009 00010 /* 00011 * Adds/overwrites an entry in the map. 00012 */ 00013 void esapi_put_reference(map_t *m, char *key, char *value) { 00014 // get an entry if one exists. if there is one, r 00015 // remove the reference to it 00016 // since there isn't one, create one and insert 00017 map_t *entry = malloc(sizeof(map_t)); 00018 entry->key = key; 00019 entry->val = value; 00020 HASH_ADD_STR(m, key, entry); 00021 } 00022 00023 /* 00024 * Returns indirect object reference for the given value, and stores 00025 * it in the given map. 00026 */ 00027 char *esapi_get_indirect_reference(map_t *m, char *direct) { 00028 map_t *indirect; 00029 HASH_FIND_STR(m,direct, indirect); 00030 return indirect->val; 00031 } 00032 00033 /* 00034 * Returns the direct object reference (the original value) for the 00035 * given indirect reference. 00036 */ 00037 char *esapi_get_direct_reference(map_t *m, char *indirect) { 00038 map_t *direct; 00039 HASH_FIND_STR(m,indirect,direct); 00040 return direct->val; 00041 } 00042 00043 /* 00044 * Removes the direct object reference from the map. 00045 */ 00046 void esapi_remove_direct_reference(map_t *m, char *direct) { 00047 map_t *entry; 00048 HASH_FIND_STR(m,direct,entry); 00049 HASH_DEL(m,entry); 00050 } 00051 00052 void esapi_remove_indirect_reference(map_t *m, char *indirect) { 00053 map_t *entry; 00054 HASH_FIND_STR(m,indirect,entry); 00055 HASH_DEL(m,entry); 00056 } 00057 00058 char *get_unique_reference() { 00059 char *reference = (char *) malloc(6); 00060 // FIXME: esapi_fill_random_token() does not really need an ESAPI context parameter, but its signature asks for one 00061 esapi_fill_random_token(NULL, reference, 6); 00062 00063 return reference; 00064 }