--------------------- PatchSet 10279 Date: 2007/12/19 05:51:49 Author: adri Branch: s27_adri Tag: (none) Log: log_quote() now takes a length parameter; convert the rest of the strBuf() calls in access_log to use explicit buffer+length information. Members: include/util.h:1.17.20.3->1.17.20.4 lib/rfc1738.c:1.7.12.2->1.7.12.3 src/access_log.c:1.43.2.1.4.2->1.43.2.1.4.3 src/helper.c:1.43.6.1->1.43.6.1.4.1 src/protos.h:1.146.2.4.4.26->1.146.2.4.4.27 Index: squid/include/util.h =================================================================== RCS file: /cvsroot/squid-sf//squid/include/util.h,v retrieving revision 1.17.20.3 retrieving revision 1.17.20.4 diff -u -r1.17.20.3 -r1.17.20.4 --- squid/include/util.h 15 Dec 2007 10:43:26 -0000 1.17.20.3 +++ squid/include/util.h 19 Dec 2007 05:51:49 -0000 1.17.20.4 @@ -1,5 +1,5 @@ /* - * $Id: util.h,v 1.17.20.3 2007/12/15 10:43:26 adri Exp $ + * $Id: util.h,v 1.17.20.4 2007/12/19 05:51:49 adri Exp $ * * AUTHOR: Harvest Derived * @@ -80,6 +80,7 @@ extern char *rfc1738_escape(const char *); extern char * rfc1738_escape_str(const char *url, int len); extern char *rfc1738_escape_unescaped(const char *); +extern char *rfc1738_escape_unescaped_str(const char *, int len); extern char *rfc1738_escape_part(const char *); extern char *rfc1738_escape_part_str(const char *, int len); extern void rfc1738_unescape(char *); Index: squid/lib/rfc1738.c =================================================================== RCS file: /cvsroot/squid-sf//squid/lib/rfc1738.c,v retrieving revision 1.7.12.2 retrieving revision 1.7.12.3 diff -u -r1.7.12.2 -r1.7.12.3 --- squid/lib/rfc1738.c 15 Dec 2007 10:43:27 -0000 1.7.12.2 +++ squid/lib/rfc1738.c 19 Dec 2007 05:51:49 -0000 1.7.12.3 @@ -1,5 +1,5 @@ /* - * $Id: rfc1738.c,v 1.7.12.2 2007/12/15 10:43:27 adri Exp $ + * $Id: rfc1738.c,v 1.7.12.3 2007/12/19 05:51:49 adri Exp $ * * DEBUG: * AUTHOR: Harvest Derived @@ -172,6 +172,12 @@ return rfc1738_do_escape(url, strlen(url), -1); } +char * +rfc1738_escape_unescaped_str(const char *url, int len) +{ + return rfc1738_do_escape(url, len, -1); +} + /* * rfc1738_escape_part - Returns a static buffer that contains the * RFC 1738 compliant, escaped version of the given url segment. Index: squid/src/access_log.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/access_log.c,v retrieving revision 1.43.2.1.4.2 retrieving revision 1.43.2.1.4.3 diff -u -r1.43.2.1.4.2 -r1.43.2.1.4.3 --- squid/src/access_log.c 19 Dec 2007 04:00:52 -0000 1.43.2.1.4.2 +++ squid/src/access_log.c 19 Dec 2007 05:51:49 -0000 1.43.2.1.4.3 @@ -1,6 +1,6 @@ /* - * $Id: access_log.c,v 1.43.2.1.4.2 2007/12/19 04:00:52 adri Exp $ + * $Id: access_log.c,v 1.43.2.1.4.3 2007/12/19 05:51:49 adri Exp $ * * DEBUG: section 46 Access Log * AUTHOR: Duane Wessels @@ -86,10 +86,10 @@ /* log_quote -- URL-style encoding on MIME headers. */ char * -log_quote(const char *header) +log_quote(const char *header, int len) { int c; - int i; + int i, j; char *buf; char *buf_cursor; if (header == NULL) { @@ -97,7 +97,7 @@ *buf = '\0'; return buf; } - buf = xcalloc(1, (strlen(header) * 3) + 1); + buf = xcalloc(1, len * 3 + 1); buf_cursor = buf; /* * We escape: \x00-\x1F"#%;<>?{}|\\\\^~`\[\]\x7F-\xFF @@ -105,7 +105,8 @@ * modulo the inclusion of space (x40) to make the raw logs a bit * more readable. */ - while ((c = *(const unsigned char *) header++) != '\0') { + for (j = 0; j < len; j++) { + c = header[j]; #if !OLD_LOG_MIME if (c == '\r') { *buf_cursor++ = '\\'; @@ -453,6 +454,7 @@ logfile = log->logfile; for (fmt = lf->format; fmt != NULL; fmt = fmt->next) { /* for each token */ const char *out = NULL; + int outlen = -1; int quote = 0; long int outint = 0; int doint = 0; @@ -460,18 +462,23 @@ switch (fmt->type) { case LFT_NONE: out = ""; + outlen = 0; break; case LFT_STRING: out = fmt->data.string; + outlen = strlen(out); break; case LFT_CLIENT_IP_ADDRESS: out = inet_ntoa(al->cache.caddr); + outlen = strlen(out); break; case LFT_CLIENT_FQDN: out = fqdncache_gethostbyaddr(al->cache.caddr, FQDN_LOOKUP_IF_MISS); - if (!out) + if (!out) { out = inet_ntoa(al->cache.caddr); + outlen = strlen(out); + } break; case LFT_CLIENT_PORT: @@ -485,16 +492,20 @@ case LFT_SERVER_IP_OR_PEER_NAME: out = al->hier.host; + outlen = strlen(out); break; case LFT_OUTGOING_IP: out = xstrdup(inet_ntoa(al->cache.out_ip)); + outlen = strlen(out); break; /* case LFT_SERVER_PORT: */ case LFT_LOCAL_IP: - if (al->request) + if (al->request) { out = inet_ntoa(al->request->my_addr); + outlen = strlen(out); + } break; case LFT_LOCAL_PORT: @@ -529,6 +540,7 @@ t = gmtime(&squid_curtime); strftime(tmp, sizeof(tmp), spec, t); out = tmp; + outlen = strlen(out); } break; @@ -540,7 +552,8 @@ case LFT_REQUEST_HEADER: if (al->request) sb = httpHeaderGetByName(&al->request->header, fmt->data.header.header); - out = strBuf(sb); + out = strBuf2(sb); + outlen = strLen2(sb); quote = 1; break; @@ -548,6 +561,7 @@ if (al->reply) sb = httpHeaderGetByName(&al->reply->header, fmt->data.header.header); out = strBuf(sb); + outlen = strLen2(sb); quote = 1; break; @@ -555,6 +569,7 @@ if (al->request) sb = httpHeaderGetByNameListMember(&al->request->header, fmt->data.header.header, fmt->data.header.element, fmt->data.header.separator); out = strBuf(sb); + outlen = strLen2(sb); quote = 1; break; @@ -562,16 +577,19 @@ if (al->reply) sb = httpHeaderGetByNameListMember(&al->reply->header, fmt->data.header.header, fmt->data.header.element, fmt->data.header.separator); out = strBuf(sb); + outlen = strLen2(sb); quote = 1; break; case LFT_REQUEST_ALL_HEADERS: out = al->headers.request; + outlen = strlen(out); quote = 1; break; case LFT_REPLY_ALL_HEADERS: out = al->headers.reply; + outlen = strlen(out); quote = 1; break; @@ -583,16 +601,19 @@ if (!out || !*out) out = al->cache.ssluser; #endif + outlen = strlen(out); quote = 1; break; case LFT_USER_LOGIN: out = al->cache.authuser; + outlen = strlen(out); quote = 1; break; case LFT_USER_IDENT: out = al->cache.rfc931; + outlen = strlen(out); quote = 1; break; @@ -602,13 +623,16 @@ #if USE_SSL case LFT_USER_SSL: out = al->cache.ssluser; + outlen = strlen(out); quote = 1; break; #endif case LFT_USER_EXT: - if (al->request) + if (al->request) { out = strBuf(al->request->extacl_log); + outlen = strlen(out); + } quote = 1; break; @@ -625,6 +649,7 @@ case LFT_SQUID_STATUS: out = log_tags[al->cache.code]; + outlen = strlen(out); break; /* case LFT_SQUID_ERROR: */ @@ -633,29 +658,34 @@ if (al->hier.ping.timedout) memBufAppend(&mb, "TIMEOUT_", 8); out = hier_strings[al->hier.code]; + outlen = strlen(out); break; case LFT_MIME_TYPE: - out = strBuf(al->http.content_type); + out = strBuf2(al->http.content_type); + outlen = strLen2(al->http.content_type); break; case LFT_REQUEST_METHOD: out = al->private.method_str; + outlen = strlen(out); break; case LFT_REQUEST_URI: out = rfc1738_escape_unescaped(al->url); + outlen = strlen(out); break; case LFT_REQUEST_URLPATH: if (al->request) { - out = strBuf(al->request->urlpath); + out = strBuf2(al->request->urlpath); + outlen = strLen2(al->request->urlpath); quote = 1; } break; case LFT_REQUEST_VERSION: - snprintf(tmp, sizeof(tmp), "%d.%d", (int) al->http.version.major, (int) al->http.version.minor); + outlen = snprintf(tmp, sizeof(tmp), "%d.%d", (int) al->http.version.major, (int) al->http.version.minor); out = tmp; break; @@ -684,8 +714,10 @@ break; case LFT_EXT_LOG: - if (al->request) - out = strBuf(al->request->extacl_log); + if (al->request) { + out = strBuf2(al->request->extacl_log); + outlen = strLen2(al->request->extacl_log); + } quote = 1; break; @@ -697,12 +729,14 @@ case LFT_EXT_FRESHNESS: out = al->ext_refresh; + outlen = strlen(out); quote = 1; break; case LFT_PERCENT: out = "%"; + outlen = strlen(out); break; } @@ -711,23 +745,27 @@ out = tmp; } if (out && *out) { + assert(outlen >= 0); if (quote || fmt->quote != LOG_QUOTE_NONE) { char *newout = NULL; + int newlen = -1; int newfree = 0; switch (fmt->quote) { case LOG_QUOTE_NONE: - newout = rfc1738_escape_unescaped(out); + newout = rfc1738_escape_unescaped_str(out, outlen); + newlen = strlen(newout); break; case LOG_QUOTE_QUOTES: newout = log_quoted_string(out); newfree = 1; break; case LOG_QUOTE_BRAKETS: - newout = log_quote(out); + newout = log_quote(out, outlen); newfree = 1; break; case LOG_QUOTE_URL: - newout = rfc1738_escape(out); + newout = rfc1738_escape_str(out, outlen); + newlen = strlen(newout); break; case LOG_QUOTE_RAW: break; @@ -736,16 +774,17 @@ if (dofree) safe_free(out); out = newout; + outlen = newlen; dofree = newfree; } } if (fmt->width) { if (fmt->left) - memBufPrintf(&mb, "%-*s", (int) fmt->width, out); + memBufPrintf(&mb, "%-*s", (int) XMIN(outlen, fmt->width), out); else - memBufPrintf(&mb, "%*s", (int) fmt->width, out); + memBufPrintf(&mb, "%*s", (int) XMIN(outlen, fmt->width), out); } else - memBufAppend(&mb, out, strlen(out)); + memBufAppend(&mb, out, outlen); } else { memBufAppend(&mb, "-", 1); } @@ -1072,8 +1111,8 @@ strLen2(al->http.content_type), strBuf2(al->http.content_type)); } else { - char *ereq = log_quote(al->headers.request); - char *erep = log_quote(al->headers.reply); + char *ereq = log_quote(al->headers.request, strlen(al->headers.request)); + char *erep = log_quote(al->headers.reply, strlen(al->headers.reply)); logfilePrintf(logfile, "%9ld.%03d %6d %s %s/%03d %" PRINTF_OFF_T " %s %s %s %s%s/%s %.*s [%s] [%s]\n", (long int) current_time.tv_sec, (int) current_time.tv_usec / 1000, @@ -1124,8 +1163,8 @@ safe_free(user1); safe_free(user2); if (Config.onoff.log_mime_hdrs) { - char *ereq = log_quote(al->headers.request); - char *erep = log_quote(al->headers.reply); + char *ereq = log_quote(al->headers.request, strlen(al->headers.request)); + char *erep = log_quote(al->headers.reply, strlen(al->headers.reply)); logfilePrintf(logfile, " [%s] [%s]\n", ereq, erep); safe_free(ereq); safe_free(erep); Index: squid/src/helper.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/helper.c,v retrieving revision 1.43.6.1 retrieving revision 1.43.6.1.4.1 diff -u -r1.43.6.1 -r1.43.6.1.4.1 --- squid/src/helper.c 27 Nov 2007 08:12:27 -0000 1.43.6.1 +++ squid/src/helper.c 19 Dec 2007 05:51:49 -0000 1.43.6.1.4.1 @@ -1,6 +1,6 @@ /* - * $Id: helper.c,v 1.43.6.1 2007/11/27 08:12:27 adri Exp $ + * $Id: helper.c,v 1.43.6.1.4.1 2007/12/19 05:51:49 adri Exp $ * * DEBUG: section 84 Helper process maintenance * AUTHOR: Harvest Derived? @@ -383,7 +383,7 @@ srv->flags.shutdown ? 'S' : ' ', tt < 0.0 ? 0.0 : tt, srv->roffset, - srv->requests[0] ? log_quote(srv->requests[0]->buf) : "(none)"); + srv->requests[0] ? log_quote(srv->requests[0]->buf, strlen(srv->requests[0]->buf)) : "(none)"); } storeAppendPrintf(sentry, "\nFlags key:\n\n"); storeAppendPrintf(sentry, " B = BUSY\n"); @@ -434,7 +434,7 @@ srv->flags.shutdown ? 'S' : ' ', tt < 0.0 ? 0.0 : tt, srv->offset, - srv->request ? log_quote(srv->request->buf) : "(none)"); + srv->request ? log_quote(srv->request->buf, strlen(srv->request->buf)) : "(none)"); } storeAppendPrintf(sentry, "\nFlags key:\n\n"); storeAppendPrintf(sentry, " B = BUSY\n"); Index: squid/src/protos.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/protos.h,v retrieving revision 1.146.2.4.4.26 retrieving revision 1.146.2.4.4.27 diff -u -r1.146.2.4.4.26 -r1.146.2.4.4.27 --- squid/src/protos.h 19 Dec 2007 04:01:00 -0000 1.146.2.4.4.26 +++ squid/src/protos.h 19 Dec 2007 05:51:49 -0000 1.146.2.4.4.27 @@ -1,6 +1,6 @@ /* - * $Id: protos.h,v 1.146.2.4.4.26 2007/12/19 04:01:00 adri Exp $ + * $Id: protos.h,v 1.146.2.4.4.27 2007/12/19 05:51:49 adri Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -50,7 +50,7 @@ #if HEADERS_LOG extern void headersLog(int cs, int pq, method_t m, void *data); #endif -char *log_quote(const char *header); +char *log_quote(const char *header, int len); /* acl.c */ extern aclCheck_t *aclChecklistCreate(const struct _acl_access *,