mirror of
https://github.com/sheumann/hush.git
synced 2025-01-03 00:31:16 +00:00
dd1061b6a7
function old new delta percent_decode_in_place - 152 +152 parse_url 304 317 +13 handle_incoming_and_exit 2795 2798 +3 httpd_main 763 760 -3 decodeString 152 - -152 ------------------------------------------------------------------------------ (add/remove: 2/1 grow/shrink: 2/1 up/down: 168/-155) Total: 13 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
70 lines
1.4 KiB
C
70 lines
1.4 KiB
C
/* vi: set sw=4 ts=4: */
|
|
/*
|
|
* Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
|
*/
|
|
|
|
//kbuild:lib-y += percent_decode.o
|
|
|
|
#include "libbb.h"
|
|
|
|
static unsigned hex_to_bin(unsigned char c)
|
|
{
|
|
unsigned v;
|
|
|
|
v = c - '0';
|
|
if (v <= 9)
|
|
return v;
|
|
/* c | 0x20: letters to lower case, non-letters
|
|
* to (potentially different) non-letters */
|
|
v = (unsigned)(c | 0x20) - 'a';
|
|
if (v <= 5)
|
|
return v + 10;
|
|
return ~0;
|
|
/* For testing:
|
|
void t(char c) { printf("'%c'(%u) %u\n", c, c, hex_to_bin(c)); }
|
|
int main() { t(0x10); t(0x20); t('0'); t('9'); t('A'); t('F'); t('a'); t('f');
|
|
t('0'-1); t('9'+1); t('A'-1); t('F'+1); t('a'-1); t('f'+1); return 0; }
|
|
*/
|
|
}
|
|
|
|
char* FAST_FUNC percent_decode_in_place(char *str, int strict)
|
|
{
|
|
/* note that decoded string is always shorter than original */
|
|
char *src = str;
|
|
char *dst = str;
|
|
char c;
|
|
|
|
while ((c = *src++) != '\0') {
|
|
unsigned v;
|
|
|
|
if (!strict && c == '+') {
|
|
*dst++ = ' ';
|
|
continue;
|
|
}
|
|
if (c != '%') {
|
|
*dst++ = c;
|
|
continue;
|
|
}
|
|
v = hex_to_bin(src[0]);
|
|
if (v > 15) {
|
|
bad_hex:
|
|
if (strict)
|
|
return NULL;
|
|
*dst++ = '%';
|
|
continue;
|
|
}
|
|
v = (v * 16) | hex_to_bin(src[1]);
|
|
if (v > 255)
|
|
goto bad_hex;
|
|
if (strict && (v == '/' || v == '\0')) {
|
|
/* caller takes it as indication of invalid
|
|
* (dangerous wrt exploits) chars */
|
|
return str + 1;
|
|
}
|
|
*dst++ = v;
|
|
src += 2;
|
|
}
|
|
*dst = '\0';
|
|
return str;
|
|
}
|