ESAPI-C 1.0
The OWASP Enterprise Security API for C
|
00001 00008 #include <stdio.h> 00009 #include <stdlib.h> 00010 #include <string.h> 00011 #include <stdbool.h> 00012 00013 #include "codec.h" 00014 #include "unix_codec.h" 00015 00016 char *unix_codec_name = "Unix"; 00017 00021 const char digits[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 00022 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 00023 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' }; 00024 00032 static bool contains_char(char c, char array[]) { 00033 int i; 00034 for (i = 0; array[i]; i++) { 00035 if (c == array[i]) 00036 return true; 00037 } 00038 return false; 00039 } 00040 00041 /* 00042 * Returns backslash-encoded character 00043 * 00044 * @param immune 00045 */ 00046 char *encode_unix_char(char *tokenbuff, char ch) { 00047 00048 // FIXME: Pass in a list of characters that should not be encoded 00049 const char *immune = ""; 00050 00051 // check for immune characters 00052 if (strchr(immune, ch)) { 00053 tokenbuff[0] = ch; 00054 tokenbuff[1] = '\0'; 00055 } else { 00056 // check for alphanumeric characters 00057 char *hex = nonatohex(ch); 00058 if (hex == NULL) { 00059 tokenbuff[0] = ch; 00060 tokenbuff[1] = '\0'; 00061 } else { 00062 tokenbuff[0] = '\\'; 00063 tokenbuff[1] = ch; 00064 tokenbuff[2] = '\0'; 00065 } 00066 } 00067 00068 return tokenbuff; 00069 } 00070 00071 /* 00072 * Returns the decoded version of the character starting at index, or 00073 * -1 if no decoding is possible. 00074 * 00075 * Formats all are legal both upper/lower case: 00076 * \x - all special characters 00077 * 00078 */ 00079 char decode_unix_char(const char *input, int *index, char *pushback) { 00080 //input.mark(); 00081 char temp = *pushback; 00082 char mark = *index; 00083 char first = next(input, index, pushback); 00084 if (first == -1) { 00085 //input.reset(); 00086 *pushback = temp; 00087 *index = mark; 00088 return -1; 00089 } 00090 00091 // if this is not an encoded character, return -1 00092 if (first != '\\') { 00093 //input.reset(); 00094 *pushback = temp; 00095 *index = mark; 00096 return -1; 00097 } 00098 00099 char second = next(input, index, pushback); 00100 return second; 00101 }