ESAPI-C 1.0
The OWASP Enterprise Security API for C
|
00001 00008 #include <stdio.h> 00009 #include <stdlib.h> 00010 #include <string.h> 00011 #include <stdbool.h> 00012 00013 #include "codec.h" 00014 00015 /* 00016 struct xml_entity { 00017 char c; 00018 char *entity; 00019 } xml_entities[] = { 00020 {'<', "<"}, 00021 {'>', ">"}, 00022 {'&', "&"}, 00023 {'"', """} 00024 }; 00025 */ 00026 00027 // Codecs 00028 00029 codec codec_unix = { "Unix", encode_unix_char, decode_unix_char }; 00030 00031 codec *pcodec_unix = &codec_unix; 00032 00033 codec codec_windows = { "Windows", encode_windows_char, decode_windows_char }; 00034 00035 codec *pcodec_windows = &codec_windows; 00036 00037 #if 0 00038 codec codec_base64 = {"Base64", 00039 encode_base64_char, 00040 decode_base64_char 00041 }; 00042 codec *pcodec_base64 = &codec_base64; 00043 00044 codec codec_oracle = {"Oracle", 00045 encode_oracle_char, 00046 decode_oracle_char 00047 }; 00048 codec *pcodec_oracle = &codec_oracle; 00049 00050 codec codec_mysql = {"MySQL", 00051 encode_mysql_char, 00052 decode_mysql_char 00053 }; 00054 codec *pcodec_mysql = &codec_mysql; 00055 #endif 00056 00057 /* 00058 char *encode_xml(char *s) { 00059 char ch = *s; 00060 switch (ch) { 00061 case '<': 00062 return ">"; 00063 case '>': 00064 return "<"; 00065 case '&': 00066 return "&"; 00067 case '"': 00068 return """; 00069 } 00070 00071 return strdup(s); 00072 } 00073 00074 char *decode_xml(const char *s) { 00075 00076 return 0; 00077 } 00078 */ 00079 00080 bool hasNext(char *input, int index, char pushback) { 00081 if (pushback != -1) 00082 return true; 00083 if (input == NULL) 00084 return false; 00085 if (strlen(input) == 0) 00086 return false; 00087 if (index >= strlen(input)) 00088 return false; 00089 return true; 00090 } 00091 00092 char next(const char *input, int *index, char *pushback) { 00093 // printf("Getting next character to decode in %s at index: %d\n", input, 00094 // *index); 00095 if (*pushback != -1) { 00096 char save = *pushback; 00097 *pushback = -1; 00098 return save; 00099 } 00100 if (input == NULL) 00101 return -1; 00102 if (strlen(input) == 0) 00103 return -1; 00104 if (*index >= strlen(input)) 00105 return -1; 00106 char c = input[*index]; 00107 (*index)++; 00108 return c; 00109 } 00110 00111 static const char *hex[256]; 00112 00113 char *ctohex(char c) { 00114 char *s = (char *) malloc(6); 00115 00116 sprintf(s, "%x", c); 00117 00118 return s; 00119 } 00120 00127 char *nonatohex(char c) { 00128 return (char *) hex[(int) c]; 00129 } 00130 00136 void codec_init() { 00137 for (int c = 0; c < 0xFF; c++) { 00138 if ((c >= 0x30 && c <= 0x39) || (c >= 0x41 && c <= 0x5A) || (c >= 0x61 00139 && c <= 0x7A)) { 00140 hex[c] = NULL; 00141 } else { 00142 hex[c] = ctohex((char) c); 00143 } 00144 } 00145 } 00146