1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | https://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Author: Zeev Suraski <zeev@php.net> |
14 +----------------------------------------------------------------------+
15 */
16
17 #include "php.h"
18 #include "php_browscap.h"
19 #include "php_ini.h"
20 #include "php_string.h"
21 #include "ext/pcre/php_pcre.h"
22
23 #include "zend_ini_scanner.h"
24 #include "zend_globals.h"
25
26 #define BROWSCAP_NUM_CONTAINS 5
27
28 typedef struct {
29 zend_string *key;
30 zend_string *value;
31 } browscap_kv;
32
33 typedef struct {
34 zend_string *pattern;
35 zend_string *parent;
36 uint32_t kv_start;
37 uint32_t kv_end;
38 /* We ensure that the length fits in 16 bits, so this is fine */
39 uint16_t contains_start[BROWSCAP_NUM_CONTAINS];
40 uint8_t contains_len[BROWSCAP_NUM_CONTAINS];
41 uint8_t prefix_len;
42 } browscap_entry;
43
44 typedef struct {
45 HashTable *htab;
46 browscap_kv *kv;
47 uint32_t kv_used;
48 uint32_t kv_size;
49 char filename[MAXPATHLEN];
50 } browser_data;
51
52 /* browser data defined in startup phase, eagerly loaded in MINIT */
53 static browser_data global_bdata = {0};
54
55 /* browser data defined in activation phase, lazily loaded in get_browser.
56 * Per request and per thread, if applicable */
ZEND_BEGIN_MODULE_GLOBALS(browscap)57 ZEND_BEGIN_MODULE_GLOBALS(browscap)
58 browser_data activation_bdata;
59 ZEND_END_MODULE_GLOBALS(browscap)
60
61 ZEND_DECLARE_MODULE_GLOBALS(browscap)
62 #define BROWSCAP_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(browscap, v)
63
64 #define DEFAULT_SECTION_NAME "Default Browser Capability Settings"
65
66 /* OBJECTS_FIXME: This whole extension needs going through. The use of objects looks pretty broken here */
67
68 static void browscap_entry_dtor(zval *zvalue)
69 {
70 browscap_entry *entry = Z_PTR_P(zvalue);
71 zend_string_release_ex(entry->pattern, 0);
72 if (entry->parent) {
73 zend_string_release_ex(entry->parent, 0);
74 }
75 efree(entry);
76 }
77
browscap_entry_dtor_persistent(zval * zvalue)78 static void browscap_entry_dtor_persistent(zval *zvalue)
79 {
80 browscap_entry *entry = Z_PTR_P(zvalue);
81 zend_string_release_ex(entry->pattern, 1);
82 if (entry->parent) {
83 zend_string_release_ex(entry->parent, 1);
84 }
85 pefree(entry, 1);
86 }
87
is_placeholder(char c)88 static inline bool is_placeholder(char c) {
89 return c == '?' || c == '*';
90 }
91
92 /* Length of prefix not containing any wildcards */
browscap_compute_prefix_len(zend_string * pattern)93 static uint8_t browscap_compute_prefix_len(zend_string *pattern) {
94 size_t i;
95 for (i = 0; i < ZSTR_LEN(pattern); i++) {
96 if (is_placeholder(ZSTR_VAL(pattern)[i])) {
97 break;
98 }
99 }
100 return (uint8_t)MIN(i, UINT8_MAX);
101 }
102
browscap_compute_contains(zend_string * pattern,size_t start_pos,uint16_t * contains_start,uint8_t * contains_len)103 static size_t browscap_compute_contains(
104 zend_string *pattern, size_t start_pos,
105 uint16_t *contains_start, uint8_t *contains_len) {
106 size_t i = start_pos;
107 /* Find first non-placeholder character after prefix */
108 for (; i < ZSTR_LEN(pattern); i++) {
109 if (!is_placeholder(ZSTR_VAL(pattern)[i])) {
110 /* Skip the case of a single non-placeholder character.
111 * Let's try to find something longer instead. */
112 if (i + 1 < ZSTR_LEN(pattern) &&
113 !is_placeholder(ZSTR_VAL(pattern)[i + 1])) {
114 break;
115 }
116 }
117 }
118 *contains_start = (uint16_t)i;
119
120 /* Find first placeholder character after that */
121 for (; i < ZSTR_LEN(pattern); i++) {
122 if (is_placeholder(ZSTR_VAL(pattern)[i])) {
123 break;
124 }
125 }
126 *contains_len = (uint8_t)MIN(i - *contains_start, UINT8_MAX);
127 return i;
128 }
129
130 /* Length of regex, including escapes, anchors, etc. */
browscap_compute_regex_len(zend_string * pattern)131 static size_t browscap_compute_regex_len(zend_string *pattern) {
132 size_t i, len = ZSTR_LEN(pattern);
133 for (i = 0; i < ZSTR_LEN(pattern); i++) {
134 switch (ZSTR_VAL(pattern)[i]) {
135 case '*':
136 case '.':
137 case '\\':
138 case '(':
139 case ')':
140 case '~':
141 case '+':
142 len++;
143 break;
144 }
145 }
146
147 return len + sizeof("~^$~")-1;
148 }
149
browscap_convert_pattern(zend_string * pattern,int persistent)150 static zend_string *browscap_convert_pattern(zend_string *pattern, int persistent) /* {{{ */
151 {
152 size_t i, j=0;
153 char *t;
154 zend_string *res;
155
156 res = zend_string_alloc(browscap_compute_regex_len(pattern), persistent);
157 t = ZSTR_VAL(res);
158
159 t[j++] = '~';
160 t[j++] = '^';
161
162 for (i = 0; i < ZSTR_LEN(pattern); i++, j++) {
163 char c = ZSTR_VAL(pattern)[i];
164 switch (c) {
165 case '?':
166 t[j] = '.';
167 break;
168 case '*':
169 t[j++] = '.';
170 t[j] = '*';
171 break;
172 case '.':
173 t[j++] = '\\';
174 t[j] = '.';
175 break;
176 case '\\':
177 t[j++] = '\\';
178 t[j] = '\\';
179 break;
180 case '(':
181 t[j++] = '\\';
182 t[j] = '(';
183 break;
184 case ')':
185 t[j++] = '\\';
186 t[j] = ')';
187 break;
188 case '~':
189 t[j++] = '\\';
190 t[j] = '~';
191 break;
192 case '+':
193 t[j++] = '\\';
194 t[j] = '+';
195 break;
196 default:
197 t[j] = zend_tolower_ascii(c);
198 break;
199 }
200 }
201
202 t[j++] = '$';
203 t[j++] = '~';
204 t[j]=0;
205
206 ZSTR_LEN(res) = j;
207 return res;
208 }
209 /* }}} */
210
211 typedef struct _browscap_parser_ctx {
212 browser_data *bdata;
213 browscap_entry *current_entry;
214 zend_string *current_section_name;
215 HashTable str_interned;
216 } browscap_parser_ctx;
217
browscap_intern_str(browscap_parser_ctx * ctx,zend_string * str,bool persistent)218 static zend_string *browscap_intern_str(
219 browscap_parser_ctx *ctx, zend_string *str, bool persistent) {
220 zend_string *interned = zend_hash_find_ptr(&ctx->str_interned, str);
221 if (interned) {
222 zend_string_addref(interned);
223 } else {
224 interned = zend_string_copy(str);
225 if (persistent) {
226 interned = zend_new_interned_string(interned);
227 }
228 zend_hash_add_new_ptr(&ctx->str_interned, interned, interned);
229 }
230
231 return interned;
232 }
233
browscap_intern_str_ci(browscap_parser_ctx * ctx,zend_string * str,bool persistent)234 static zend_string *browscap_intern_str_ci(
235 browscap_parser_ctx *ctx, zend_string *str, bool persistent) {
236 zend_string *lcname;
237 zend_string *interned;
238 ALLOCA_FLAG(use_heap);
239
240 ZSTR_ALLOCA_ALLOC(lcname, ZSTR_LEN(str), use_heap);
241 zend_str_tolower_copy(ZSTR_VAL(lcname), ZSTR_VAL(str), ZSTR_LEN(str));
242 interned = zend_hash_find_ptr(&ctx->str_interned, lcname);
243
244 if (interned) {
245 zend_string_addref(interned);
246 } else {
247 interned = zend_string_init(ZSTR_VAL(lcname), ZSTR_LEN(lcname), persistent);
248 if (persistent) {
249 interned = zend_new_interned_string(interned);
250 }
251 zend_hash_add_new_ptr(&ctx->str_interned, interned, interned);
252 }
253
254 ZSTR_ALLOCA_FREE(lcname, use_heap);
255 return interned;
256 }
257
browscap_add_kv(browser_data * bdata,zend_string * key,zend_string * value,bool persistent)258 static void browscap_add_kv(
259 browser_data *bdata, zend_string *key, zend_string *value, bool persistent) {
260 if (bdata->kv_used == bdata->kv_size) {
261 bdata->kv_size *= 2;
262 bdata->kv = safe_perealloc(bdata->kv, sizeof(browscap_kv), bdata->kv_size, 0, persistent);
263 }
264
265 bdata->kv[bdata->kv_used].key = key;
266 bdata->kv[bdata->kv_used].value = value;
267 bdata->kv_used++;
268 }
269
browscap_entry_add_kv_to_existing_array(browser_data * bdata,browscap_entry * entry,HashTable * ht)270 static void browscap_entry_add_kv_to_existing_array(browser_data *bdata, browscap_entry *entry, HashTable *ht) {
271 for (uint32_t i = entry->kv_start; i < entry->kv_end; i++) {
272 zval tmp;
273 ZVAL_STR_COPY(&tmp, bdata->kv[i].value);
274 zend_hash_add(ht, bdata->kv[i].key, &tmp);
275 }
276 }
277
browscap_entry_to_array(browser_data * bdata,browscap_entry * entry)278 static HashTable *browscap_entry_to_array(browser_data *bdata, browscap_entry *entry) {
279 zval tmp;
280 HashTable *ht = zend_new_array(2 + (entry->parent ? 1 : 0) + (entry->kv_end - entry->kv_start));
281
282 ZVAL_STR(&tmp, browscap_convert_pattern(entry->pattern, 0));
283 zend_string *key = ZSTR_INIT_LITERAL("browser_name_regex", 0);
284 ZSTR_H(key) = zend_inline_hash_func("browser_name_regex", sizeof("browser_name_regex")-1);
285 zend_hash_add_new(ht, key, &tmp);
286 zend_string_release_ex(key, false);
287
288 ZVAL_STR_COPY(&tmp, entry->pattern);
289 key = ZSTR_INIT_LITERAL("browser_name_pattern", 0);
290 ZSTR_H(key) = zend_inline_hash_func("browser_name_pattern", sizeof("browser_name_pattern")-1);
291 zend_hash_add_new(ht, key, &tmp);
292 zend_string_release_ex(key, false);
293
294 if (entry->parent) {
295 ZVAL_STR_COPY(&tmp, entry->parent);
296 key = ZSTR_INIT_LITERAL("parent", 0);
297 ZSTR_H(key) = zend_inline_hash_func("parent", sizeof("parent")-1);
298 zend_hash_add_new(ht, key, &tmp);
299 zend_string_release_ex(key, false);
300 }
301
302 browscap_entry_add_kv_to_existing_array(bdata, entry, ht);
303
304 return ht;
305 }
306
php_browscap_parser_cb(zval * arg1,zval * arg2,zval * arg3,int callback_type,void * arg)307 static void php_browscap_parser_cb(zval *arg1, zval *arg2, zval *arg3, int callback_type, void *arg) /* {{{ */
308 {
309 browscap_parser_ctx *ctx = arg;
310 browser_data *bdata = ctx->bdata;
311 int persistent = GC_FLAGS(bdata->htab) & IS_ARRAY_PERSISTENT;
312
313 if (!arg1) {
314 return;
315 }
316
317 switch (callback_type) {
318 case ZEND_INI_PARSER_ENTRY:
319 if (ctx->current_entry != NULL && arg2) {
320 zend_string *new_key, *new_value;
321
322 /* Set proper value for true/false settings */
323 if (zend_string_equals_literal_ci(Z_STR_P(arg2), "on")
324 || zend_string_equals_literal_ci(Z_STR_P(arg2), "yes")
325 || zend_string_equals_literal_ci(Z_STR_P(arg2), "true")
326 ) {
327 new_value = ZSTR_CHAR('1');
328 } else if (zend_string_equals_literal_ci(Z_STR_P(arg2), "no")
329 || zend_string_equals_literal_ci(Z_STR_P(arg2), "off")
330 || zend_string_equals_literal_ci(Z_STR_P(arg2), "none")
331 || zend_string_equals_literal_ci(Z_STR_P(arg2), "false")
332 ) {
333 new_value = ZSTR_EMPTY_ALLOC();
334 } else { /* Other than true/false setting */
335 new_value = browscap_intern_str(ctx, Z_STR_P(arg2), persistent);
336 }
337
338 if (zend_string_equals_literal_ci(Z_STR_P(arg1), "parent")) {
339 /* parent entry cannot be same as current section -> causes infinite loop! */
340 if (ctx->current_section_name != NULL &&
341 zend_string_equals_ci(ctx->current_section_name, Z_STR_P(arg2))
342 ) {
343 zend_error(E_CORE_ERROR, "Invalid browscap ini file: "
344 "'Parent' value cannot be same as the section name: %s "
345 "(in file %s)", ZSTR_VAL(ctx->current_section_name), INI_STR("browscap"));
346 return;
347 }
348
349 if (ctx->current_entry->parent) {
350 zend_string_release(ctx->current_entry->parent);
351 }
352
353 ctx->current_entry->parent = new_value;
354 } else {
355 new_key = browscap_intern_str_ci(ctx, Z_STR_P(arg1), persistent);
356 browscap_add_kv(bdata, new_key, new_value, persistent);
357 ctx->current_entry->kv_end = bdata->kv_used;
358 }
359 }
360 break;
361 case ZEND_INI_PARSER_SECTION:
362 {
363 browscap_entry *entry;
364 zend_string *pattern = Z_STR_P(arg1);
365 size_t pos;
366 int i;
367
368 if (ZSTR_LEN(pattern) > UINT16_MAX) {
369 php_error_docref(NULL, E_WARNING,
370 "Skipping excessively long pattern of length %zd", ZSTR_LEN(pattern));
371 break;
372 }
373
374 if (persistent) {
375 pattern = zend_new_interned_string(zend_string_copy(pattern));
376 if (ZSTR_IS_INTERNED(pattern)) {
377 Z_TYPE_FLAGS_P(arg1) = 0;
378 } else {
379 zend_string_release(pattern);
380 }
381 }
382
383 entry = ctx->current_entry
384 = pemalloc(sizeof(browscap_entry), persistent);
385 zend_hash_update_ptr(bdata->htab, pattern, entry);
386
387 if (ctx->current_section_name) {
388 zend_string_release(ctx->current_section_name);
389 }
390 ctx->current_section_name = zend_string_copy(pattern);
391
392 entry->pattern = zend_string_copy(pattern);
393 entry->kv_end = entry->kv_start = bdata->kv_used;
394 entry->parent = NULL;
395
396 pos = entry->prefix_len = browscap_compute_prefix_len(pattern);
397 for (i = 0; i < BROWSCAP_NUM_CONTAINS; i++) {
398 pos = browscap_compute_contains(pattern, pos,
399 &entry->contains_start[i], &entry->contains_len[i]);
400 }
401 break;
402 }
403 }
404 }
405 /* }}} */
406
browscap_read_file(char * filename,browser_data * browdata,int persistent)407 static int browscap_read_file(char *filename, browser_data *browdata, int persistent) /* {{{ */
408 {
409 zend_file_handle fh;
410 browscap_parser_ctx ctx = {0};
411 FILE *fp;
412
413 if (filename == NULL || filename[0] == '\0') {
414 return FAILURE;
415 }
416
417 fp = VCWD_FOPEN(filename, "r");
418 if (!fp) {
419 zend_error(E_CORE_WARNING, "Cannot open \"%s\" for reading", filename);
420 return FAILURE;
421 }
422 zend_stream_init_fp(&fh, fp, filename);
423
424 browdata->htab = pemalloc(sizeof *browdata->htab, persistent);
425 zend_hash_init(browdata->htab, 0, NULL,
426 persistent ? browscap_entry_dtor_persistent : browscap_entry_dtor, persistent);
427
428 browdata->kv_size = 16 * 1024;
429 browdata->kv_used = 0;
430 browdata->kv = pemalloc(sizeof(browscap_kv) * browdata->kv_size, persistent);
431
432 /* Create parser context */
433 ctx.bdata = browdata;
434 ctx.current_entry = NULL;
435 ctx.current_section_name = NULL;
436 /* No dtor because we don't inc the refcount for the reference stored within the hash table's entry value
437 * as the hash table is only temporary anyway. */
438 zend_hash_init(&ctx.str_interned, 8, NULL, NULL, persistent);
439
440 zend_parse_ini_file(&fh, persistent, ZEND_INI_SCANNER_RAW,
441 (zend_ini_parser_cb_t) php_browscap_parser_cb, &ctx);
442
443 /* Destroy parser context */
444 if (ctx.current_section_name) {
445 zend_string_release(ctx.current_section_name);
446 }
447 zend_hash_destroy(&ctx.str_interned);
448 zend_destroy_file_handle(&fh);
449
450 return SUCCESS;
451 }
452 /* }}} */
453
454 #ifdef ZTS
browscap_globals_ctor(zend_browscap_globals * browscap_globals)455 static void browscap_globals_ctor(zend_browscap_globals *browscap_globals) /* {{{ */
456 {
457 browscap_globals->activation_bdata.htab = NULL;
458 browscap_globals->activation_bdata.kv = NULL;
459 browscap_globals->activation_bdata.filename[0] = '\0';
460 }
461 /* }}} */
462 #endif
463
browscap_bdata_dtor(browser_data * bdata,int persistent)464 static void browscap_bdata_dtor(browser_data *bdata, int persistent) /* {{{ */
465 {
466 if (bdata->htab != NULL) {
467 uint32_t i;
468
469 zend_hash_destroy(bdata->htab);
470 pefree(bdata->htab, persistent);
471 bdata->htab = NULL;
472
473 for (i = 0; i < bdata->kv_used; i++) {
474 zend_string_release(bdata->kv[i].key);
475 zend_string_release(bdata->kv[i].value);
476 }
477 pefree(bdata->kv, persistent);
478 bdata->kv = NULL;
479 }
480 bdata->filename[0] = '\0';
481 }
482 /* }}} */
483
484 /* {{{ PHP_INI_MH */
PHP_INI_MH(OnChangeBrowscap)485 PHP_INI_MH(OnChangeBrowscap)
486 {
487 if (stage == PHP_INI_STAGE_STARTUP) {
488 /* value handled in browscap.c's MINIT */
489 return SUCCESS;
490 } else if (stage == PHP_INI_STAGE_ACTIVATE) {
491 browser_data *bdata = &BROWSCAP_G(activation_bdata);
492 if (bdata->filename[0] != '\0') {
493 browscap_bdata_dtor(bdata, 0);
494 }
495 if (VCWD_REALPATH(ZSTR_VAL(new_value), bdata->filename) == NULL) {
496 return FAILURE;
497 }
498 return SUCCESS;
499 }
500
501 return FAILURE;
502 }
503 /* }}} */
504
PHP_MINIT_FUNCTION(browscap)505 PHP_MINIT_FUNCTION(browscap) /* {{{ */
506 {
507 char *browscap = INI_STR("browscap");
508
509 #ifdef ZTS
510 ts_allocate_id(&browscap_globals_id, sizeof(browser_data), (ts_allocate_ctor) browscap_globals_ctor, NULL);
511 #endif
512 /* ctor call not really needed for non-ZTS */
513
514 if (browscap && browscap[0]) {
515 if (browscap_read_file(browscap, &global_bdata, 1) == FAILURE) {
516 return FAILURE;
517 }
518 }
519
520 return SUCCESS;
521 }
522 /* }}} */
523
PHP_RSHUTDOWN_FUNCTION(browscap)524 PHP_RSHUTDOWN_FUNCTION(browscap) /* {{{ */
525 {
526 browser_data *bdata = &BROWSCAP_G(activation_bdata);
527 if (bdata->filename[0] != '\0') {
528 browscap_bdata_dtor(bdata, 0);
529 }
530
531 return SUCCESS;
532 }
533 /* }}} */
534
PHP_MSHUTDOWN_FUNCTION(browscap)535 PHP_MSHUTDOWN_FUNCTION(browscap) /* {{{ */
536 {
537 browscap_bdata_dtor(&global_bdata, 1);
538
539 return SUCCESS;
540 }
541 /* }}} */
542
browscap_get_minimum_length(browscap_entry * entry)543 static inline size_t browscap_get_minimum_length(browscap_entry *entry) {
544 size_t len = entry->prefix_len;
545 int i;
546 for (i = 0; i < BROWSCAP_NUM_CONTAINS; i++) {
547 len += entry->contains_len[i];
548 }
549 return len;
550 }
551
browscap_match_string_wildcard(const char * s,const char * s_end,const char * pattern,const char * pattern_end)552 static bool browscap_match_string_wildcard(const char *s, const char *s_end, const char *pattern, const char *pattern_end)
553 {
554 const char *pattern_current = pattern;
555 const char *s_current = s;
556
557 const char *wildcard_pattern_restore_pos = NULL;
558 const char *wildcard_s_restore_pos = NULL;
559
560 while (s_current < s_end) {
561 char pattern_char = *pattern_current;
562 char s_char = *s_current;
563
564 if (pattern_char == '*') {
565 /* Collapse wildcards */
566 pattern_current++;
567 while (pattern_current < pattern_end && *pattern_current == '*') {
568 pattern_current++;
569 }
570
571 /* If we're at the end of the pattern, it means that the ending was just '*', so this is a trivial match */
572 if (pattern_current == pattern_end) {
573 return true;
574 }
575
576 /* Optimization: if there is a non-wildcard character X after a *, then we can immediately jump to the first
577 * character X in s starting from s_current because it is the only way to match beyond the *. */
578 if (*pattern_current != '?') {
579 while (s_current < s_end && *s_current != *pattern_current) {
580 s_current++;
581 }
582 }
583
584 /* We will first assume the skipped part by * is a 0-length string (or n-length if the optimization above skipped n characters).
585 * When a mismatch happens we will backtrack and move s one position to assume * skipped a 1-length string.
586 * Then 2, 3, 4, ... */
587 wildcard_pattern_restore_pos = pattern_current;
588 wildcard_s_restore_pos = s_current;
589
590 continue;
591 } else if (pattern_char == s_char || pattern_char == '?') {
592 /* Match */
593 pattern_current++;
594 s_current++;
595
596 /* If this was the last character of the pattern, we either fully matched s, or we have a mismatch */
597 if (pattern_current == pattern_end) {
598 if (s_current == s_end) {
599 return true;
600 }
601 /* Fallthrough to mismatch */
602 } else {
603 continue;
604 }
605 }
606
607 /* Mismatch */
608 if (wildcard_pattern_restore_pos) {
609 pattern_current = wildcard_pattern_restore_pos;
610 wildcard_s_restore_pos++;
611 s_current = wildcard_s_restore_pos;
612 } else {
613 /* No wildcard is active, so it is impossible to match */
614 return false;
615 }
616 }
617
618 /* Skip remaining * wildcards, they match nothing here as we are at the end of s */
619 while (pattern_current < pattern_end && *pattern_current == '*') {
620 pattern_current++;
621 }
622
623 ZEND_ASSERT(s_current == s_end);
624 return pattern_current == pattern_end;
625 }
626
browser_reg_compare(browscap_entry * entry,zend_string * agent_name,browscap_entry ** found_entry_ptr,size_t * cached_prev_len)627 static int browser_reg_compare(browscap_entry *entry, zend_string *agent_name, browscap_entry **found_entry_ptr, size_t *cached_prev_len) /* {{{ */
628 {
629 browscap_entry *found_entry = *found_entry_ptr;
630 ALLOCA_FLAG(use_heap)
631 zend_string *pattern_lc;
632 const char *cur;
633 int i;
634
635 /* Lowercase the pattern, the agent name is already lowercase */
636 ZSTR_ALLOCA_ALLOC(pattern_lc, ZSTR_LEN(entry->pattern), use_heap);
637 zend_str_tolower_copy(ZSTR_VAL(pattern_lc), ZSTR_VAL(entry->pattern), ZSTR_LEN(entry->pattern));
638
639 /* Check if the agent contains the "contains" portions */
640 cur = ZSTR_VAL(agent_name) + entry->prefix_len;
641 for (i = 0; i < BROWSCAP_NUM_CONTAINS; i++) {
642 if (entry->contains_len[i] != 0) {
643 cur = zend_memnstr(cur,
644 ZSTR_VAL(pattern_lc) + entry->contains_start[i],
645 entry->contains_len[i],
646 ZSTR_VAL(agent_name) + ZSTR_LEN(agent_name));
647 if (!cur) {
648 ZSTR_ALLOCA_FREE(pattern_lc, use_heap);
649 return 0;
650 }
651 cur += entry->contains_len[i];
652 }
653 }
654
655 /* See if we have an exact match, if so, we're done... */
656 if (zend_string_equals(agent_name, pattern_lc)) {
657 *found_entry_ptr = entry;
658 /* cached_prev_len doesn't matter here because we end the search when an exact match is found. */
659 ZSTR_ALLOCA_FREE(pattern_lc, use_heap);
660 return 1;
661 }
662
663 if (browscap_match_string_wildcard(
664 ZSTR_VAL(agent_name) + entry->prefix_len,
665 ZSTR_VAL(agent_name) + ZSTR_LEN(agent_name),
666 ZSTR_VAL(pattern_lc) + entry->prefix_len,
667 ZSTR_VAL(pattern_lc) + ZSTR_LEN(pattern_lc)
668 )) {
669 /* If we've found a possible browser, we need to do a comparison of the
670 number of characters changed in the user agent being checked versus
671 the previous match found and the current match. */
672 size_t curr_len = entry->prefix_len; /* Start from the prefix because the prefix is free of wildcards */
673 zend_string *current_match = entry->pattern;
674 for (size_t i = curr_len; i < ZSTR_LEN(current_match); i++) {
675 switch (ZSTR_VAL(current_match)[i]) {
676 case '?':
677 case '*':
678 /* do nothing, ignore these characters in the count */
679 break;
680
681 default:
682 ++curr_len;
683 }
684 }
685
686 if (found_entry) {
687 /* Pick which browser pattern replaces the least amount of
688 characters when compared to the original user agent string... */
689 if (*cached_prev_len < curr_len) {
690 *found_entry_ptr = entry;
691 *cached_prev_len = curr_len;
692 }
693 } else {
694 *found_entry_ptr = entry;
695 *cached_prev_len = curr_len;
696 }
697 }
698
699 ZSTR_ALLOCA_FREE(pattern_lc, use_heap);
700 return 0;
701 }
702 /* }}} */
703
704 /* {{{ Get information about the capabilities of a browser. If browser_name is omitted or null, HTTP_USER_AGENT is used. Returns an object by default; if return_array is true, returns an array. */
PHP_FUNCTION(get_browser)705 PHP_FUNCTION(get_browser)
706 {
707 zend_string *agent_name = NULL, *lookup_browser_name;
708 bool return_array = 0;
709 browser_data *bdata;
710 browscap_entry *found_entry = NULL;
711 HashTable *agent_ht;
712
713 ZEND_PARSE_PARAMETERS_START(0, 2)
714 Z_PARAM_OPTIONAL
715 Z_PARAM_STR_OR_NULL(agent_name)
716 Z_PARAM_BOOL(return_array)
717 ZEND_PARSE_PARAMETERS_END();
718
719 if (BROWSCAP_G(activation_bdata).filename[0] != '\0') {
720 bdata = &BROWSCAP_G(activation_bdata);
721 if (bdata->htab == NULL) { /* not initialized yet */
722 if (browscap_read_file(bdata->filename, bdata, 0) == FAILURE) {
723 RETURN_FALSE;
724 }
725 }
726 } else {
727 if (!global_bdata.htab) {
728 php_error_docref(NULL, E_WARNING, "browscap ini directive not set");
729 RETURN_FALSE;
730 }
731 bdata = &global_bdata;
732 }
733
734 if (agent_name == NULL) {
735 zval *http_user_agent = NULL;
736 if (Z_TYPE(PG(http_globals)[TRACK_VARS_SERVER]) == IS_ARRAY
737 || zend_is_auto_global(ZSTR_KNOWN(ZEND_STR_AUTOGLOBAL_SERVER))) {
738 http_user_agent = zend_hash_str_find(
739 Z_ARRVAL_P(&PG(http_globals)[TRACK_VARS_SERVER]),
740 "HTTP_USER_AGENT", sizeof("HTTP_USER_AGENT")-1);
741 }
742 if (http_user_agent == NULL) {
743 php_error_docref(NULL, E_WARNING, "HTTP_USER_AGENT variable is not set, cannot determine user agent name");
744 RETURN_FALSE;
745 }
746 agent_name = Z_STR_P(http_user_agent);
747 }
748
749 lookup_browser_name = zend_string_tolower(agent_name);
750 found_entry = zend_hash_find_ptr(bdata->htab, lookup_browser_name);
751 if (found_entry == NULL) {
752 browscap_entry *entry;
753 size_t cached_prev_len = 0; /* silence compiler warning */
754
755 ZEND_HASH_MAP_FOREACH_PTR(bdata->htab, entry) {
756 /* The following two early-skip checks are inside this loop instead of inside browser_reg_compare().
757 * That's because we want to avoid the call frame overhead, especially as browser_reg_compare() is
758 * a function that uses alloca(). */
759
760 /* Agent name too short */
761 if (ZSTR_LEN(lookup_browser_name) < browscap_get_minimum_length(entry)) {
762 continue;
763 }
764
765 /* Quickly discard patterns where the prefix doesn't match. */
766 bool prefix_matches = true;
767 for (size_t i = 0; i < entry->prefix_len; i++) {
768 if (ZSTR_VAL(lookup_browser_name)[i] != zend_tolower_ascii(ZSTR_VAL(entry->pattern)[i])) {
769 prefix_matches = false;
770 break;
771 }
772 }
773 if (!prefix_matches) {
774 continue;
775 }
776
777 if (browser_reg_compare(entry, lookup_browser_name, &found_entry, &cached_prev_len)) {
778 break;
779 }
780 } ZEND_HASH_FOREACH_END();
781
782 if (found_entry == NULL) {
783 found_entry = zend_hash_str_find_ptr(bdata->htab,
784 DEFAULT_SECTION_NAME, sizeof(DEFAULT_SECTION_NAME)-1);
785 if (found_entry == NULL) {
786 zend_string_release_ex(lookup_browser_name, false);
787 RETURN_FALSE;
788 }
789 }
790 }
791
792 zend_string_release_ex(lookup_browser_name, false);
793
794 agent_ht = browscap_entry_to_array(bdata, found_entry);
795
796 if (return_array) {
797 RETVAL_ARR(agent_ht);
798 } else {
799 object_and_properties_init(return_value, zend_standard_class_def, agent_ht);
800 }
801
802 HashTable *target_ht = return_array ? Z_ARRVAL_P(return_value) : Z_OBJPROP_P(return_value);
803
804 while (found_entry->parent) {
805 found_entry = zend_hash_find_ptr(bdata->htab, found_entry->parent);
806 if (found_entry == NULL) {
807 break;
808 }
809
810 browscap_entry_add_kv_to_existing_array(bdata, found_entry, target_ht);
811 }
812 }
813 /* }}} */
814