mirror of
https://github.com/J-D-K/JKSV.git
synced 2026-03-21 17:24:37 -05:00
remote::URL & remote::Form: Prevent buffer overflows.
This commit is contained in:
J-D-K
parent
505e640f46
commit
629a0b72dd
|
|
@ -12,7 +12,7 @@ namespace remote
|
|||
/// @brief Appends a parameter to the form/URL encoded text.
|
||||
/// @param param Parameter to append.
|
||||
/// @param value Value to append.
|
||||
Form &append_parameter(std::string_view param, std::string_view value);
|
||||
Form &append_parameter(std::string_view param, std::string_view value) noexcept;
|
||||
|
||||
/// @brief Returns m_form.length()
|
||||
size_t length() const noexcept;
|
||||
|
|
@ -23,10 +23,10 @@ namespace remote
|
|||
|
||||
private:
|
||||
/// @brief Size used for the buffer.
|
||||
static inline constexpr int SIZE_FORM_BUFFER = 0x800;
|
||||
static inline constexpr size_t SIZE_FORM_BUFFER = 0x800;
|
||||
|
||||
/// @brief Current offset if the form.
|
||||
int m_offset{};
|
||||
size_t m_offset{};
|
||||
|
||||
/// @brief Buffer for the form.
|
||||
char m_formBuffer[SIZE_FORM_BUFFER] = {0};
|
||||
|
|
|
|||
|
|
@ -13,30 +13,30 @@ namespace remote
|
|||
|
||||
/// @brief Constructs a URL with a base URL already in place.
|
||||
/// @param base String_view containing the base URL.
|
||||
URL(std::string_view base);
|
||||
URL(std::string_view base) noexcept;
|
||||
|
||||
/// @brief Appends the string passed as a path to the URL
|
||||
/// @param path Path to append;
|
||||
URL &append_path(std::string_view path);
|
||||
URL &append_path(std::string_view path) noexcept;
|
||||
|
||||
/// @brief Appends a string parameter
|
||||
/// @param param Parameter to append.
|
||||
/// @param value Value of the parameter to append.
|
||||
URL &append_parameter(std::string_view param, std::string_view value);
|
||||
URL &append_parameter(std::string_view param, std::string_view value) noexcept;
|
||||
|
||||
/// @brief Appends a trailing slash if needed.
|
||||
URL &append_slash();
|
||||
URL &append_slash() noexcept;
|
||||
|
||||
/// @brief Returns the C string of the url string.
|
||||
const char *get() const noexcept;
|
||||
|
||||
private:
|
||||
static inline constexpr int SIZE_URL_BUFFER = 0x800;
|
||||
static inline constexpr size_t SIZE_URL_BUFFER = 0x800;
|
||||
|
||||
/// @brief This is where the actual URL is held.
|
||||
char m_urlBuffer[SIZE_URL_BUFFER] = {0};
|
||||
|
||||
// Current offset in the buffer.
|
||||
int m_offset{};
|
||||
size_t m_offset{};
|
||||
};
|
||||
} // namespace remote
|
||||
|
|
|
|||
|
|
@ -3,17 +3,22 @@
|
|||
#include <algorithm>
|
||||
#include <cstring>
|
||||
|
||||
remote::Form &remote::Form::append_parameter(std::string_view param, std::string_view value)
|
||||
remote::Form &remote::Form::append_parameter(std::string_view param, std::string_view value) noexcept
|
||||
{
|
||||
const size_t paramLength = param.length();
|
||||
const size_t valueLength = value.length();
|
||||
const size_t endLength = m_offset + paramLength + valueLength + 1;
|
||||
if (endLength >= SIZE_FORM_BUFFER) { return *this; }
|
||||
|
||||
if (m_offset > 0 && m_formBuffer[m_offset] != '&') { m_formBuffer[m_offset++] = '&'; }
|
||||
|
||||
std::copy(param.begin(), param.end(), &m_formBuffer[m_offset]);
|
||||
m_offset += param.length();
|
||||
m_offset += paramLength;
|
||||
|
||||
m_formBuffer[m_offset++] = '=';
|
||||
|
||||
std::copy(value.begin(), value.end(), &m_formBuffer[m_offset]);
|
||||
m_offset += value.length();
|
||||
m_offset += valueLength;
|
||||
|
||||
return *this;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,44 +2,56 @@
|
|||
|
||||
#include <algorithm>
|
||||
|
||||
remote::URL::URL(std::string_view base)
|
||||
remote::URL::URL(std::string_view base) noexcept
|
||||
{
|
||||
const size_t baseLength = base.length();
|
||||
if (baseLength >= SIZE_URL_BUFFER) { return; }
|
||||
|
||||
std::copy(base.begin(), base.end(), &m_urlBuffer[m_offset]);
|
||||
m_offset += base.length();
|
||||
}
|
||||
|
||||
remote::URL &remote::URL::append_path(std::string_view path)
|
||||
remote::URL &remote::URL::append_path(std::string_view path) noexcept
|
||||
{
|
||||
if (path.empty()) { return *this; }
|
||||
|
||||
const size_t pathLength = path.length();
|
||||
if (m_offset + pathLength >= SIZE_URL_BUFFER) { return *this; }
|
||||
|
||||
if (m_urlBuffer[m_offset] != '/' && path.front() != '/') { m_urlBuffer[m_offset++] = '/'; }
|
||||
|
||||
std::copy(path.begin(), path.end(), &m_urlBuffer[m_offset]);
|
||||
m_offset += path.length();
|
||||
m_offset += pathLength;
|
||||
|
||||
return *this;
|
||||
}
|
||||
|
||||
remote::URL &remote::URL::append_parameter(std::string_view param, std::string_view value)
|
||||
remote::URL &remote::URL::append_parameter(std::string_view param, std::string_view value) noexcept
|
||||
{
|
||||
const size_t paramLength = param.length();
|
||||
const size_t valueLength = value.length();
|
||||
const size_t endLength = m_offset + paramLength + valueLength + 2;
|
||||
if (endLength >= SIZE_URL_BUFFER) { return *this; }
|
||||
|
||||
const char *find = std::char_traits<char>::find(m_urlBuffer, m_offset, '?');
|
||||
if (!find) { m_urlBuffer[m_offset++] = '?'; }
|
||||
else { m_urlBuffer[m_offset++] = '&'; }
|
||||
|
||||
std::copy(param.begin(), param.end(), &m_urlBuffer[m_offset]);
|
||||
m_offset += param.length();
|
||||
m_offset += paramLength;
|
||||
|
||||
m_urlBuffer[m_offset++] = '=';
|
||||
|
||||
std::copy(value.begin(), value.end(), &m_urlBuffer[m_offset]);
|
||||
m_offset += value.length();
|
||||
m_offset += valueLength;
|
||||
|
||||
return *this;
|
||||
}
|
||||
|
||||
remote::URL &remote::URL::append_slash()
|
||||
remote::URL &remote::URL::append_slash() noexcept
|
||||
{
|
||||
if (m_urlBuffer[m_offset] != '/') { m_urlBuffer[m_offset++] = '/'; }
|
||||
if (m_offset >= SIZE_URL_BUFFER) { return *this; }
|
||||
else if (m_urlBuffer[m_offset] != '/') { m_urlBuffer[m_offset++] = '/'; }
|
||||
|
||||
return *this;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user