xref: /PHP-8.0/ext/mbstring/mb_gpc.c (revision 7eddcabe) 
1 /*
2    +----------------------------------------------------------------------+
3    | Copyright (c) The PHP Group                                          |
4    +----------------------------------------------------------------------+
5    | This source file is subject to version 3.01 of the PHP license,      |
6    | that is bundled with this package in the file LICENSE, and is        |
7    | available through the world-wide-web at the following url:           |
8    | http://www.php.net/license/3_01.txt                                  |
9    | If you did not receive a copy of the PHP license and are unable to   |
10    | obtain it through the world-wide-web, please send a note to          |
11    | license@php.net so we can mail you a copy immediately.               |
12    +----------------------------------------------------------------------+
13    | Author: Rui Hirokawa <hirokawa@php.net>                              |
14    |         Moriyoshi Koizumi <moriyoshi@php.net>                        |
15    +----------------------------------------------------------------------+
16  */
17 
18 /* {{{ includes */
19 #include "php.h"
20 #include "php_ini.h"
21 #include "php_variables.h"
22 #include "libmbfl/mbfl/mbfilter_pass.h"
23 #include "mbstring.h"
24 #include "ext/standard/php_string.h"
25 #include "ext/standard/php_mail.h"
26 #include "ext/standard/url.h"
27 #include "main/php_output.h"
28 #include "ext/standard/info.h"
29 
30 #include "php_variables.h"
31 #include "php_globals.h"
32 #include "rfc1867.h"
33 #include "php_content_types.h"
34 #include "SAPI.h"
35 #include "TSRM.h"
36 
37 #include "mb_gpc.h"
38 /* }}} */
39 
ZEND_EXTERN_MODULE_GLOBALS(mbstring)40 ZEND_EXTERN_MODULE_GLOBALS(mbstring)
41 
42 /* {{{ MBSTRING_API SAPI_TREAT_DATA_FUNC(mbstr_treat_data)
43  * http input processing */
44 MBSTRING_API SAPI_TREAT_DATA_FUNC(mbstr_treat_data)
45 {
46 	char *res = NULL, *separator=NULL;
47 	const char *c_var;
48 	zval v_array;
49 	int free_buffer=0;
50 	const mbfl_encoding *detected;
51 	php_mb_encoding_handler_info_t info;
52 
53 	if (!MBSTRG(encoding_translation)) {
54 		php_default_treat_data(arg, str, destArray);
55 		return;
56 	}
57 
58 	switch (arg) {
59 		case PARSE_POST:
60 		case PARSE_GET:
61 		case PARSE_COOKIE:
62 			array_init(&v_array);
63 			switch (arg) {
64 				case PARSE_POST:
65 					ZVAL_COPY_VALUE(&PG(http_globals)[TRACK_VARS_POST], &v_array);
66 					break;
67 				case PARSE_GET:
68 					ZVAL_COPY_VALUE(&PG(http_globals)[TRACK_VARS_GET], &v_array);
69 					break;
70 				case PARSE_COOKIE:
71 					ZVAL_COPY_VALUE(&PG(http_globals)[TRACK_VARS_COOKIE], &v_array);
72 					break;
73 			}
74 			break;
75 		default:
76 			ZVAL_COPY_VALUE(&v_array, destArray);
77 			break;
78 	}
79 
80 	switch (arg) {
81 		case PARSE_POST:
82 			sapi_handle_post(&v_array);
83 			return;
84 		case PARSE_GET: /* GET data */
85 			c_var = SG(request_info).query_string;
86 			if (c_var && *c_var) {
87 				res = (char *) estrdup(c_var);
88 				free_buffer = 1;
89 			}
90 			break;
91 		case PARSE_COOKIE: /* Cookie data */
92 			c_var = SG(request_info).cookie_data;
93 			if (c_var && *c_var) {
94 				res = (char *) estrdup(c_var);
95 				free_buffer = 1;
96 			}
97 			break;
98 		case PARSE_STRING: /* String data */
99 			res = str;
100 			free_buffer = 1;
101 			break;
102 	}
103 
104 	if (!res) {
105 		return;
106 	}
107 
108 	switch (arg) {
109 		case PARSE_POST:
110 		case PARSE_GET:
111 		case PARSE_STRING:
112 			separator = (char *) estrdup(PG(arg_separator).input);
113 			break;
114 		case PARSE_COOKIE:
115 			separator = ";\0";
116 			break;
117 	}
118 
119 	switch (arg) {
120 		case PARSE_POST:
121 			MBSTRG(http_input_identify_post) = NULL;
122 			break;
123 		case PARSE_GET:
124 			MBSTRG(http_input_identify_get) = NULL;
125 			break;
126 		case PARSE_COOKIE:
127 			MBSTRG(http_input_identify_cookie) = NULL;
128 			break;
129 		case PARSE_STRING:
130 			MBSTRG(http_input_identify_string) = NULL;
131 			break;
132 	}
133 
134 	info.data_type              = arg;
135 	info.separator              = separator;
136 	info.report_errors          = 0;
137 	info.to_encoding            = MBSTRG(internal_encoding);
138 	info.to_language            = MBSTRG(language);
139 	info.from_encodings         = MBSTRG(http_input_list);
140 	info.num_from_encodings     = MBSTRG(http_input_list_size);
141 	info.from_language          = MBSTRG(language);
142 
143 	MBSTRG(illegalchars) = 0;
144 
145 	detected = _php_mb_encoding_handler_ex(&info, &v_array, res);
146 	MBSTRG(http_input_identify) = detected;
147 
148 	if (detected) {
149 		switch(arg){
150 		case PARSE_POST:
151 			MBSTRG(http_input_identify_post) = detected;
152 			break;
153 		case PARSE_GET:
154 			MBSTRG(http_input_identify_get) = detected;
155 			break;
156 		case PARSE_COOKIE:
157 			MBSTRG(http_input_identify_cookie) = detected;
158 			break;
159 		case PARSE_STRING:
160 			MBSTRG(http_input_identify_string) = detected;
161 			break;
162 		}
163 	}
164 
165 	if (arg != PARSE_COOKIE) {
166 		efree(separator);
167 	}
168 
169 	if (free_buffer) {
170 		efree(res);
171 	}
172 }
173 /* }}} */
174 
175 /* {{{ mbfl_no_encoding _php_mb_encoding_handler_ex() */
_php_mb_encoding_handler_ex(const php_mb_encoding_handler_info_t * info,zval * arg,char * res)176 const mbfl_encoding *_php_mb_encoding_handler_ex(const php_mb_encoding_handler_info_t *info, zval *arg, char *res)
177 {
178 	char *var, *val;
179 	const char *s1, *s2;
180 	char *strtok_buf = NULL, **val_list = NULL;
181 	zval *array_ptr = (zval *) arg;
182 	size_t n, num, *len_list = NULL;
183 	size_t val_len, new_val_len;
184 	mbfl_string string, resvar, resval;
185 	const mbfl_encoding *from_encoding = NULL;
186 	mbfl_encoding_detector *identd = NULL;
187 	mbfl_buffer_converter *convd = NULL;
188 
189 	mbfl_string_init_set(&string, info->to_encoding);
190 	mbfl_string_init_set(&resvar, info->to_encoding);
191 	mbfl_string_init_set(&resval, info->to_encoding);
192 
193 	if (!res || *res == '\0') {
194 		goto out;
195 	}
196 
197 	/* count the variables(separators) contained in the "res".
198 	 * separator may contain multiple separator chars.
199 	 */
200 	num = 1;
201 	for (s1=res; *s1 != '\0'; s1++) {
202 		for (s2=info->separator; *s2 != '\0'; s2++) {
203 			if (*s1 == *s2) {
204 				num++;
205 			}
206 		}
207 	}
208 	num *= 2; /* need space for variable name and value */
209 
210 	val_list = (char **)ecalloc(num, sizeof(char *));
211 	len_list = (size_t *)ecalloc(num, sizeof(size_t));
212 
213 	/* split and decode the query */
214 	n = 0;
215 	strtok_buf = NULL;
216 	var = php_strtok_r(res, info->separator, &strtok_buf);
217 	while (var)  {
218 		val = strchr(var, '=');
219 		if (val) { /* have a value */
220 			len_list[n] = php_url_decode(var, val-var);
221 			val_list[n] = var;
222 			n++;
223 
224 			*val++ = '\0';
225 			val_list[n] = val;
226 			len_list[n] = php_url_decode(val, strlen(val));
227 		} else {
228 			len_list[n] = php_url_decode(var, strlen(var));
229 			val_list[n] = var;
230 			n++;
231 
232 			val_list[n] = "";
233 			len_list[n] = 0;
234 		}
235 		n++;
236 		var = php_strtok_r(NULL, info->separator, &strtok_buf);
237 	}
238 
239 	if (ZEND_SIZE_T_GT_ZEND_LONG(n, (PG(max_input_vars) * 2))) {
240 		php_error_docref(NULL, E_WARNING, "Input variables exceeded " ZEND_LONG_FMT ". To increase the limit change max_input_vars in php.ini.", PG(max_input_vars));
241 		goto out;
242 	}
243 
244 	num = n; /* make sure to process initialized vars only */
245 
246 	/* initialize converter */
247 	if (info->num_from_encodings == 0) {
248 		from_encoding = &mbfl_encoding_pass;
249 	} else if (info->num_from_encodings == 1) {
250 		from_encoding = info->from_encodings[0];
251 	} else {
252 		/* auto detect */
253 		from_encoding = NULL;
254 		identd = mbfl_encoding_detector_new(info->from_encodings, info->num_from_encodings, MBSTRG(strict_detection));
255 		if (identd != NULL) {
256 			n = 0;
257 			while (n < num) {
258 				string.val = (unsigned char *)val_list[n];
259 				string.len = len_list[n];
260 				if (mbfl_encoding_detector_feed(identd, &string)) {
261 					break;
262 				}
263 				n++;
264 			}
265 			from_encoding = mbfl_encoding_detector_judge(identd);
266 			mbfl_encoding_detector_delete(identd);
267 		}
268 		if (!from_encoding) {
269 			if (info->report_errors) {
270 				php_error_docref(NULL, E_WARNING, "Unable to detect encoding");
271 			}
272 			from_encoding = &mbfl_encoding_pass;
273 		}
274 	}
275 
276 	convd = NULL;
277 	if (from_encoding != &mbfl_encoding_pass) {
278 		convd = mbfl_buffer_converter_new(from_encoding, info->to_encoding, 0);
279 		if (convd != NULL) {
280 			mbfl_buffer_converter_illegal_mode(convd, MBSTRG(current_filter_illegal_mode));
281 			mbfl_buffer_converter_illegal_substchar(convd, MBSTRG(current_filter_illegal_substchar));
282 		} else {
283 			if (info->report_errors) {
284 				php_error_docref(NULL, E_WARNING, "Unable to create converter");
285 			}
286 			goto out;
287 		}
288 	}
289 
290 	/* convert encoding */
291 	string.encoding = from_encoding;
292 
293 	n = 0;
294 	while (n < num) {
295 		string.val = (unsigned char *)val_list[n];
296 		string.len = len_list[n];
297 		if (convd != NULL && mbfl_buffer_converter_feed_result(convd, &string, &resvar) != NULL) {
298 			var = (char *)resvar.val;
299 		} else {
300 			var = val_list[n];
301 		}
302 		n++;
303 		string.val = (unsigned char *)val_list[n];
304 		string.len = len_list[n];
305 		if (convd != NULL && mbfl_buffer_converter_feed_result(convd, &string, &resval) != NULL) {
306 			val = (char *)resval.val;
307 			val_len = resval.len;
308 		} else {
309 			val = val_list[n];
310 			val_len = len_list[n];
311 		}
312 		n++;
313 		/* we need val to be emalloc()ed */
314 		val = estrndup(val, val_len);
315 		if (sapi_module.input_filter(info->data_type, var, &val, val_len, &new_val_len)) {
316 			/* add variable to symbol table */
317 			php_register_variable_safe(var, val, new_val_len, array_ptr);
318 		}
319 		efree(val);
320 
321 		if (convd != NULL){
322 			mbfl_string_clear(&resvar);
323 			mbfl_string_clear(&resval);
324 		}
325 	}
326 
327 out:
328 	if (convd != NULL) {
329 		MBSTRG(illegalchars) += mbfl_buffer_illegalchars(convd);
330 		mbfl_buffer_converter_delete(convd);
331 	}
332 	if (val_list != NULL) {
333 		efree((void *)val_list);
334 	}
335 	if (len_list != NULL) {
336 		efree((void *)len_list);
337 	}
338 
339 	return from_encoding;
340 }
341 /* }}} */
342 
343 /* {{{ SAPI_POST_HANDLER_FUNC(php_mb_post_handler) */
SAPI_POST_HANDLER_FUNC(php_mb_post_handler)344 SAPI_POST_HANDLER_FUNC(php_mb_post_handler)
345 {
346 	const mbfl_encoding *detected;
347 	php_mb_encoding_handler_info_t info;
348 	zend_string *post_data_str = NULL;
349 
350 	MBSTRG(http_input_identify_post) = NULL;
351 
352 	info.data_type              = PARSE_POST;
353 	info.separator              = "&";
354 	info.report_errors          = 0;
355 	info.to_encoding            = MBSTRG(internal_encoding);
356 	info.to_language            = MBSTRG(language);
357 	info.from_encodings         = MBSTRG(http_input_list);
358 	info.num_from_encodings     = MBSTRG(http_input_list_size);
359 	info.from_language          = MBSTRG(language);
360 
361 	php_stream_rewind(SG(request_info).request_body);
362 	post_data_str = php_stream_copy_to_mem(SG(request_info).request_body, PHP_STREAM_COPY_ALL, 0);
363 	detected = _php_mb_encoding_handler_ex(&info, arg, post_data_str ? ZSTR_VAL(post_data_str) : NULL);
364 	if (post_data_str) {
365 		zend_string_release_ex(post_data_str, 0);
366 	}
367 
368 	MBSTRG(http_input_identify) = detected;
369 	if (detected) {
370 		MBSTRG(http_input_identify_post) = detected;
371 	}
372 }
373 /* }}} */
374