ESAPI-C 1.0
The OWASP Enterprise Security API for C

example/access_ref_example.c

Go to the documentation of this file.
00001 #include <stdlib.h>
00002 #include "../include/access_ref.h"
00003 
00004 /*
00005  * We need two hashed containers for 2-way (direct-indirect) mapping.
00006  * We should support incremented or random indirect references.  Use esapi_fill_random_tokeen for the random reference.
00007  * And put functions should be replaced by add functions that take only a value param (plus the map).
00008  */
00009 
00010 /* 
00011  * Adds/overwrites an entry in the map.
00012  */
00013 void esapi_put_reference(map_t *m, char *key, char *value) {
00014    // get an entry if one exists. if there is one, r
00015    // remove the reference to it
00016    // since there isn't one, create one and insert
00017    map_t *entry = malloc(sizeof(map_t));
00018    entry->key = key;
00019    entry->val = value;
00020    HASH_ADD_STR(m, key, entry);
00021 }
00022 
00023 /*
00024  * Returns indirect object reference for the given value, and stores
00025  * it in the given map.
00026  */
00027 char *esapi_get_indirect_reference(map_t *m, char *direct) {
00028    map_t *indirect;
00029    HASH_FIND_STR(m,direct, indirect);
00030    return indirect->val;
00031 }
00032 
00033 /*
00034  * Returns the direct object reference (the original value) for the
00035  * given indirect reference.
00036  */
00037 char *esapi_get_direct_reference(map_t *m, char *indirect) {
00038    map_t *direct;
00039    HASH_FIND_STR(m,indirect,direct);
00040    return direct->val;
00041 }
00042 
00043 /*
00044  * Removes the direct object reference from the map.
00045  */
00046 void esapi_remove_direct_reference(map_t *m, char *direct) {
00047    map_t *entry;
00048    HASH_FIND_STR(m,direct,entry);
00049    HASH_DEL(m,entry);
00050 }
00051 
00052 void esapi_remove_indirect_reference(map_t *m, char *indirect) {
00053    map_t *entry;
00054    HASH_FIND_STR(m,indirect,entry);
00055    HASH_DEL(m,entry);
00056 }
00057 
00058 char *get_unique_reference() {
00059         char *reference = (char *) malloc(6);
00060         // FIXME: esapi_fill_random_token() does not really need an ESAPI context parameter, but its signature asks for one
00061         esapi_fill_random_token(NULL, reference, 6);
00062 
00063         return reference;
00064 }
 All Data Structures Files Functions Variables Typedefs Defines