1 /***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22 #include "tool_setup.h"
23
24 #include "strcase.h"
25
26 #define ENABLE_CURLX_PRINTF
27 /* use our own printf() functions */
28 #include "curlx.h"
29
30 #include "tool_cfgable.h"
31 #include "tool_doswin.h"
32 #include "tool_msgs.h"
33 #include "tool_cb_hdr.h"
34 #include "tool_cb_wrt.h"
35 #include "tool_operate.h"
36
37 #include "memdebug.h" /* keep this as LAST include */
38
39 static char *parse_filename(const char *ptr, size_t len);
40
41 #ifdef WIN32
42 #define BOLD
43 #define BOLDOFF
44 #else
45 #define BOLD "\x1b[1m"
46 /* Switch off bold by setting "all attributes off" since the explicit
47 bold-off code (21) isn't supported everywhere - like in the mac
48 Terminal. */
49 #define BOLDOFF "\x1b[0m"
50 #endif
51
52 /*
53 ** callback for CURLOPT_HEADERFUNCTION
54 */
55
tool_header_cb(char * ptr,size_t size,size_t nmemb,void * userdata)56 size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
57 {
58 struct per_transfer *per = userdata;
59 struct HdrCbData *hdrcbdata = &per->hdrcbdata;
60 struct OutStruct *outs = &per->outs;
61 struct OutStruct *heads = &per->heads;
62 struct OutStruct *etag_save = &per->etag_save;
63 const char *str = ptr;
64 const size_t cb = size * nmemb;
65 const char *end = (char *)ptr + cb;
66 long protocol = 0;
67
68 /*
69 * Once that libcurl has called back tool_header_cb() the returned value
70 * is checked against the amount that was intended to be written, if
71 * it does not match then it fails with CURLE_WRITE_ERROR. So at this
72 * point returning a value different from sz*nmemb indicates failure.
73 */
74 size_t failure = (size && nmemb) ? 0 : 1;
75
76 if(!per->config)
77 return failure;
78
79 #ifdef DEBUGBUILD
80 if(size * nmemb > (size_t)CURL_MAX_HTTP_HEADER) {
81 warnf(per->config->global, "Header data exceeds single call write "
82 "limit!\n");
83 return failure;
84 }
85 #endif
86
87 /*
88 * Write header data when curl option --dump-header (-D) is given.
89 */
90
91 if(per->config->headerfile && heads->stream) {
92 size_t rc = fwrite(ptr, size, nmemb, heads->stream);
93 if(rc != cb)
94 return rc;
95 /* flush the stream to send off what we got earlier */
96 (void)fflush(heads->stream);
97 }
98
99 /*
100 * Write etag to file when --etag-save option is given.
101 */
102 if(per->config->etag_save_file && etag_save->stream) {
103 /* match only header that start with etag (case insensitive) */
104 if(curl_strnequal(str, "etag:", 5)) {
105 const char *etag_h = &str[5];
106 const char *eot = end - 1;
107 if(*eot == '\n') {
108 while(ISSPACE(*etag_h) && (etag_h < eot))
109 etag_h++;
110 while(ISSPACE(*eot))
111 eot--;
112
113 if(eot >= etag_h) {
114 size_t etag_length = eot - etag_h + 1;
115 fwrite(etag_h, size, etag_length, etag_save->stream);
116 /* terminate with newline */
117 fputc('\n', etag_save->stream);
118 (void)fflush(etag_save->stream);
119 }
120 }
121 }
122 }
123
124 /*
125 * This callback sets the filename where output shall be written when
126 * curl options --remote-name (-O) and --remote-header-name (-J) have
127 * been simultaneously given and additionally server returns an HTTP
128 * Content-Disposition header specifying a filename property.
129 */
130
131 curl_easy_getinfo(per->curl, CURLINFO_PROTOCOL, &protocol);
132 if(hdrcbdata->honor_cd_filename &&
133 (cb > 20) && checkprefix("Content-disposition:", str) &&
134 (protocol & (CURLPROTO_HTTPS|CURLPROTO_HTTP))) {
135 const char *p = str + 20;
136
137 /* look for the 'filename=' parameter
138 (encoded filenames (*=) are not supported) */
139 for(;;) {
140 char *filename;
141 size_t len;
142
143 while(*p && (p < end) && !ISALPHA(*p))
144 p++;
145 if(p > end - 9)
146 break;
147
148 if(memcmp(p, "filename=", 9)) {
149 /* no match, find next parameter */
150 while((p < end) && (*p != ';'))
151 p++;
152 continue;
153 }
154 p += 9;
155
156 /* this expression below typecasts 'cb' only to avoid
157 warning: signed and unsigned type in conditional expression
158 */
159 len = (ssize_t)cb - (p - str);
160 filename = parse_filename(p, len);
161 if(filename) {
162 if(outs->stream) {
163 /* indication of problem, get out! */
164 free(filename);
165 return failure;
166 }
167
168 outs->is_cd_filename = TRUE;
169 outs->s_isreg = TRUE;
170 outs->fopened = FALSE;
171 outs->filename = filename;
172 outs->alloc_filename = TRUE;
173 hdrcbdata->honor_cd_filename = FALSE; /* done now! */
174 if(!tool_create_output_file(outs, per->config))
175 return failure;
176 }
177 break;
178 }
179 if(!outs->stream && !tool_create_output_file(outs, per->config))
180 return failure;
181 }
182 if(hdrcbdata->config->writeout) {
183 char *value = memchr(ptr, ':', cb);
184 if(value) {
185 if(per->was_last_header_empty)
186 per->num_headers = 0;
187 per->was_last_header_empty = FALSE;
188 per->num_headers++;
189 }
190 else if(ptr[0] == '\r' || ptr[0] == '\n')
191 per->was_last_header_empty = TRUE;
192 }
193 if(hdrcbdata->config->show_headers &&
194 (protocol &
195 (CURLPROTO_HTTP|CURLPROTO_HTTPS|CURLPROTO_RTSP|CURLPROTO_FILE))) {
196 /* bold headers only for selected protocols */
197 char *value = NULL;
198
199 if(!outs->stream && !tool_create_output_file(outs, per->config))
200 return failure;
201
202 if(hdrcbdata->global->isatty && hdrcbdata->global->styled_output)
203 value = memchr(ptr, ':', cb);
204 if(value) {
205 size_t namelen = value - ptr;
206 fprintf(outs->stream, BOLD "%.*s" BOLDOFF ":", namelen, ptr);
207 fwrite(&value[1], cb - namelen - 1, 1, outs->stream);
208 }
209 else
210 /* not "handled", just show it */
211 fwrite(ptr, cb, 1, outs->stream);
212 }
213 return cb;
214 }
215
216 /*
217 * Copies a file name part and returns an ALLOCATED data buffer.
218 */
parse_filename(const char * ptr,size_t len)219 static char *parse_filename(const char *ptr, size_t len)
220 {
221 char *copy;
222 char *p;
223 char *q;
224 char stop = '\0';
225
226 /* simple implementation of strndup() */
227 copy = malloc(len + 1);
228 if(!copy)
229 return NULL;
230 memcpy(copy, ptr, len);
231 copy[len] = '\0';
232
233 p = copy;
234 if(*p == '\'' || *p == '"') {
235 /* store the starting quote */
236 stop = *p;
237 p++;
238 }
239 else
240 stop = ';';
241
242 /* scan for the end letter and stop there */
243 q = strchr(p, stop);
244 if(q)
245 *q = '\0';
246
247 /* if the filename contains a path, only use filename portion */
248 q = strrchr(p, '/');
249 if(q) {
250 p = q + 1;
251 if(!*p) {
252 Curl_safefree(copy);
253 return NULL;
254 }
255 }
256
257 /* If the filename contains a backslash, only use filename portion. The idea
258 is that even systems that don't handle backslashes as path separators
259 probably want the path removed for convenience. */
260 q = strrchr(p, '\\');
261 if(q) {
262 p = q + 1;
263 if(!*p) {
264 Curl_safefree(copy);
265 return NULL;
266 }
267 }
268
269 /* make sure the file name doesn't end in \r or \n */
270 q = strchr(p, '\r');
271 if(q)
272 *q = '\0';
273
274 q = strchr(p, '\n');
275 if(q)
276 *q = '\0';
277
278 if(copy != p)
279 memmove(copy, p, strlen(p) + 1);
280
281 #if defined(MSDOS) || defined(WIN32)
282 {
283 char *sanitized;
284 SANITIZEcode sc = sanitize_file_name(&sanitized, copy, 0);
285 Curl_safefree(copy);
286 if(sc)
287 return NULL;
288 copy = sanitized;
289 }
290 #endif /* MSDOS || WIN32 */
291
292 /* in case we built debug enabled, we allow an environment variable
293 * named CURL_TESTDIR to prefix the given file name to put it into a
294 * specific directory
295 */
296 #ifdef DEBUGBUILD
297 {
298 char *tdir = curlx_getenv("CURL_TESTDIR");
299 if(tdir) {
300 char buffer[512]; /* suitably large */
301 msnprintf(buffer, sizeof(buffer), "%s/%s", tdir, copy);
302 Curl_safefree(copy);
303 copy = strdup(buffer); /* clone the buffer, we don't use the libcurl
304 aprintf() or similar since we want to use the
305 same memory code as the "real" parse_filename
306 function */
307 curl_free(tdir);
308 }
309 }
310 #endif
311
312 return copy;
313 }
314