bool SymbolTable::Impl::add(const std::string& name, int type, std::vector<int>* signature)
{
if(m_filled >= m_size*2){
growTable();
}
int key = hash(name);
if(!m_symTab[key]){
m_symTab[key] = new SymbolTableData(name, type, signature);
}
else{
SymbolTableData* currSym = m_symTab[key];
if(!currSym->m_name.compare(name)){
delete signature;
return false;
}
while(currSym->m_next){
currSym = currSym->m_next;
if(!currSym->m_name.compare(name)){
delete signature;
return false;
}
}
currSym->m_next = new SymbolTableData(name, type, signature);
}
m_filled++;
return true;
}
void DOMNodeIDMap::add(DOMAttr *attr)
{
//
// If the table is getting too full, grow it. We arbitrarily limit
// the table to 80 full, which should limit the average number of
// rehashes to a reasonable value.
//
if (fNumEntries >= fMaxEntries)
growTable();
fNumEntries++;
//
// Hash the value string from the ID attribute being added to the table
// 0 < Initial hash value < table size.
// An initial hash of zero would cause the rehash to fail.
//
const XMLCh *id=attr->getValue();
XMLSize_t initalHash = XMLString::hash(id, fSize-1, ((DOMDocumentImpl *)fDoc)->getMemoryManager());
initalHash++;
XMLSize_t currentHash = initalHash;
//
// Loop looking for an empty slot for this ID.
// Don't even bother checking to see if the ID is already there -
// the table is only filled by the parser from valid documents, which
// can not have duplicates. Behavior of invalid docs is not defined.
//
while (true)
{
DOMAttr *tableSlot = fTable[currentHash];
if (tableSlot == 0 ||
tableSlot == (DOMAttr *)-1)
break;
currentHash += initalHash; // rehash
if (currentHash >= fSize)
currentHash = currentHash % fSize;
}
//
// We've found our slot. Stick the pointer to the attr into it.
//
fTable[currentHash] = attr;
}
/*
* Add the shapeObj UTFDATA and UTFITEM to the lookup table.
*/
band_type addToTable(UTFGridRenderer *r, shapeObj *p)
{
band_type utfvalue;
/* Looks for duplicates. */
if(r->duplicates==0 && r->useutfitem==1) {
int i;
for(i=0; i<r->data->counter; i++) {
if(!strcmp(p->values[r->utflayer->utfitemindex],r->data->table[i].itemvalue)) {
/* Found a copy of the values in the table. */
utfvalue = r->data->table[i].utfvalue;
return utfvalue;
}
}
}
/* Grow size of table if necessary */
if(r->data->size == r->data->counter)
growTable(r->data);
utfvalue = (r->data->counter+1);
/* Simple operation so we don't have unavailable char in the JSON */
utfvalue = encodeForRendering(utfvalue);
/* Datas are added to the table */
r->data->table[r->data->counter].datavalues = msEvalTextExpressionJSonEscape(&r->utflayer->utfdata, p);
/* If UTFITEM is set in the mapfiles we add its value to the table */
if(r->useutfitem)
r->data->table[r->data->counter].itemvalue = msStrdup(p->values[r->utflayer->utfitemindex]);
r->data->table[r->data->counter].serialid = r->data->counter+1;
r->data->table[r->data->counter].utfvalue = utfvalue;
r->data->counter++;
return utfvalue;
}
bool AutoBan::addKey(long ip, DetectVal* d) {
long tabsize = m_tableSize - 1;
unsigned long i = (unsigned long)ip & tabsize;
do {
if(m_detectKeys[i] == ip) {
m_detectKeys[i] = ip;
m_detectVals[i].m_flags = d->m_flags;
m_detectVals[i].m_minuteCount = d->m_minuteCount;
m_detectVals[i].m_dayCount = d->m_dayCount;
m_detectVals[i].m_minuteExpires = d->m_minuteExpires;
m_detectVals[i].m_dayExpires = d->m_dayExpires;
m_detectVals[i].m_timesBanned = d->m_timesBanned;
break;
}
if(m_detectKeys[i] == 0) {
if(m_numEntries * 1.2 > m_tableSize ) {
//here we grow the table and adjust i to an
//empty slot in the new (bigger) table
if(!growTable()) return false;
long tabsize = m_tableSize - 1;
i = (unsigned long)ip & tabsize;
while(m_detectKeys[i] != 0)
i = (i + 1) & tabsize;
}
m_detectKeys[i] = ip;
m_detectVals[i].m_flags = d->m_flags;
m_detectVals[i].m_minuteCount = d->m_minuteCount;
m_detectVals[i].m_dayCount = d->m_dayCount;
m_detectVals[i].m_minuteExpires = d->m_minuteExpires;
m_detectVals[i].m_dayExpires = d->m_dayExpires;
m_detectVals[i].m_timesBanned = d->m_timesBanned;
m_numEntries++;
break;
}
i = (i + 1) & tabsize;
} while(1);
return true;
}
bool AutoBan::hasPerm(long ip,
char *code, long codeLen,
char *uip, long uipLen,
TcpSocket *s,
HttpRequest *r,
SafeBuf* testBuf,
bool justCheck ) {
char *reqStr = r->getRequest();
long reqLen = r->getRequestLen();
long raw = r->getLong("xml", 0);
long isHuman = 0;
if(code && hasCode(code, codeLen, ip )) {
//don't close client's sockets
if(s) s->m_prefLevel++;
//no ip, but valid code, let them through.
if(!uip) return true;
ip = atoip(uip, uipLen);
// log(LOG_WARN, "has uip %s", uip);
if(!ip) return true;
//has code and uip, do the check.
//the front end can administer a turing test
//and tell us to unban them
isHuman = r->getLong("ishuman", 0);
}
// if ip is local and uip is there, use it
if ( uip && r->isLocal() ) {
// it's local, let it through
if( ! uip ) return true;
// get the new ip then
ip = atoip(uip, uipLen);
// log(LOG_WARN, "has uip %s", uip);
if ( !ip ) return true;
//has code and uip, do the check.
}
//now we check the ip block which the ip is in.
unsigned long ipBlock = (unsigned long)ip & 0x0000ffff;
unsigned long i = getSlot((unsigned long)ipBlock);
if((unsigned long)m_detectKeys[i] == ipBlock) {
if(m_detectVals[i].m_flags & ALLOW) {
if ( justCheck ) return true;
m_detectVals[i].m_dayCount++;
if(s) s->m_prefLevel++;
return true;
}
if(m_detectVals[i].m_flags & DENY) {
if ( justCheck ) return false;
m_detectVals[i].m_dayCount++;
return false;
}
}
//now we check the ip group which the ip is in.
unsigned long ipGroup = (unsigned long)ip & 0x00ffffff;
i = getSlot((unsigned long)ipGroup);
if((unsigned long)m_detectKeys[i] == ipGroup) {
if(m_detectVals[i].m_flags & ALLOW) {
if ( justCheck ) return true;
m_detectVals[i].m_dayCount++;
if(s) s->m_prefLevel++;
return true;
}
if(m_detectVals[i].m_flags & DENY) {
if ( justCheck ) return false;
m_detectVals[i].m_dayCount++;
return false;
}
}
i = getSlot((unsigned long)ip);
long now = getTime();
long banTest = r->getLong("bantest",0);
if ( banTest ) {
log("autoban: doing ban test");
goto doTuringTest;
}
if(m_detectKeys[i] == ip) {
if(m_detectVals[i].m_flags & ALLOW) {
// do not inc if just checking, like for a gif file
if ( justCheck ) return true;
//explicitly allowed.
//log(LOG_WARN,"autoban: %li allowed.", ip);
m_detectVals[i].m_dayCount++;
if(s) s->m_prefLevel++;
return true;
}
if(m_detectVals[i].m_flags & DENY) {
// do not inc if just checking, like for a gif file
if ( justCheck ) return false;
//banned by autoban, or explicity banned by matt.
long explicitBan = m_detectVals[i].m_flags & FROMCONF;
//log(LOG_WARN,"autoban: %li rejected.", ip);
if(!explicitBan &&
// MDW yippy project - no! don't unban bots!
//(m_detectVals[i].m_dayExpires < now || isHuman)) {
(isHuman)) {
//they are unbanned for now, I guess.
m_detectVals[i].m_flags &= ~DENY;
m_detectVals[i].m_dayExpires = now + ONE_DAY;
m_detectVals[i].m_minuteExpires = now + 60;
m_detectVals[i].m_dayCount = 1;
m_detectVals[i].m_minuteCount = 1;
log("autoban: auto-unbanning %s",iptoa(ip));
//return true;
goto checkSubstr;
}
m_detectVals[i].m_dayCount++;
if(explicitBan) return false;
if(uip) return false;
goto doTuringTest;
}
// do not inc if just checking, like a gif file
if ( justCheck ) return true;
/*
if( m_detectVals[i].m_minuteCount > 0 &&
// two requests in one second?
now == m_detectVals[i].m_minuteExpires - 60 ) {
m_detectVals[i].m_flags |= DENY;
log("autoban: second-banning %s",iptoa(ip));
long banUntil = now +
(ONE_DAY *
(m_detectVals[i].m_timesBanned + 1));
if(banUntil < 0 ||
m_detectVals[i].m_timesBanned == 255 ) {
m_detectVals[i].m_dayExpires =
0x7fffffff;
}
else {
m_detectVals[i].m_timesBanned++;
m_detectVals[i].m_dayExpires =banUntil;
}
return false;
}
*/
if(m_detectVals[i].m_minuteCount >=
g_conf.m_numFreeQueriesPerMinute) {
if(m_detectVals[i].m_minuteExpires > now) {
//ban 'em, they are a cowbot, so they
//don't get the turing test
m_detectVals[i].m_flags |= DENY;
log("autoban: minute-banning %s",iptoa(ip));
long banUntil = now +
(ONE_DAY *
(m_detectVals[i].m_timesBanned + 1));
if(banUntil < 0 || m_detectVals[i].m_timesBanned == 255 ) {
m_detectVals[i].m_dayExpires = 0x7fffffff;
}
else {
m_detectVals[i].m_timesBanned++;
m_detectVals[i].m_dayExpires = banUntil;
}
return false;
//goto doTuringTest;
}
else {
m_detectVals[i].m_minuteExpires = now + 60;
m_detectVals[i].m_minuteCount = 0;
}
}
if((unsigned long)m_detectVals[i].m_dayCount >=
g_conf.m_numFreeQueriesPerDay) {
if(m_detectVals[i].m_dayExpires > now) {
//ban 'em
log("autoban: day-banning %s",iptoa(ip));
m_detectVals[i].m_flags |= DENY;
if(m_detectVals[i].m_timesBanned != 255)
m_detectVals[i].m_timesBanned++;
m_detectVals[i].m_dayExpires = now +
(ONE_DAY * m_detectVals[i].
m_timesBanned);
if(uip) return false;
goto doTuringTest;
}
else {
m_detectVals[i].m_dayExpires = now + ONE_DAY;
m_detectVals[i].m_dayCount = 0;
}
}
m_detectVals[i].m_minuteCount++;
m_detectVals[i].m_dayCount++;
//return true;
goto checkSubstr;
}
// do not inc if just checking, like for a gif file
if ( justCheck ) return true;
if(m_detectKeys[i] == 0) {
if(m_numEntries * 1.2 > m_tableSize ) {
//here we grow the table and adjust i to an
//empty slot in the new (bigger) table
if(!growTable())
//return true;
goto checkSubstr;
i = getSlot(ip);
}
m_detectKeys[i] = ip;
m_detectVals[i].m_flags = 0;
m_detectVals[i].m_minuteCount = 1;
m_detectVals[i].m_dayCount = 1;
m_detectVals[i].m_minuteExpires = now + 60;
m_detectVals[i].m_dayExpires = now + ONE_DAY;
m_detectVals[i].m_timesBanned = 0;
++m_numEntries;
//log(LOG_WARN,"autoban: %li adding to empty slot.",
//ip);
//return true;
goto checkSubstr;
}
//we go here if someone is banned and they are trying to search
doTuringTest:
// sanity!
if ( justCheck ) { char *xx=NULL;*xx=0; }
if( raw == 0 ) {
// did we get a good response from the turing test?
if( g_turingTest.isHuman(r)) {
m_detectVals[i].m_flags &= ~DENY;
//log("autoban: turing-unbanning %s",iptoa(ip));
m_detectVals[i].m_dayExpires = now + ONE_DAY;
m_detectVals[i].m_minuteExpires = now + 60;
m_detectVals[i].m_dayCount = 1;
m_detectVals[i].m_minuteCount = 1;
log(LOG_INFO, "autoban: ip %s has unbanned "
"themselves", iptoa(ip));
return true;
}
testBuf->safePrintf("<form method=get>");
long queryLen = 0;
char* query = r->getValue("q" , &queryLen);
long start = r->getLong("s" , 0);
if ( query )
testBuf->safePrintf("<input type=hidden name=\"q\" "
"value=\"%s\">\n", query);
if ( start > 0 )
testBuf->safePrintf("<input type=hidden name=\"s\" "
"value=\"%li\">\n", start);
long gigabits = r->getLong("gigabits",0);
if ( gigabits )
testBuf->safePrintf("<input type=hidden name=gigabits "
"value=1>\n");
//
// yippy parms
//
char *ifs = r->getString("input-form",NULL);
if ( ifs )
testBuf->safePrintf("<input type=hidden "
"name=\"input-form\" "
"value=\"%s\">\n", ifs );
char *vs = r->getString("v:sources",NULL);
if ( vs )
testBuf->safePrintf("<input type=hidden "
"name=\"v:sources\" "
"value=\"%s\">\n", vs );
char *vp = r->getString("v:project",NULL);
if ( vp )
testBuf->safePrintf("<input type=hidden "
"name=\"v:project\" "
"value=\"%s\">\n", vp );
char *qp = r->getString("query",NULL);
if ( qp )
testBuf->safePrintf("<input type=hidden "
"name=\"query\" "
"value=\"%s\">\n", qp);
if ( banTest )
testBuf->safePrintf("<input type=hidden "
"name=\"bantest\" "
"value=\"1\">\n");
//
// end yippy parms
//
// display the turing test so they can unban themselves
g_turingTest.printTest(testBuf);
testBuf->safePrintf("<br><center><input type=submit "
"value=\"submit\"></center><br>");
testBuf->safePrintf("</form>");
}
return false;
checkSubstr:
// sanity!
if ( justCheck ) { char *xx=NULL;*xx=0; }
// Look for regular expressions that may serve as a signature of
// a botnet attack
char *banRegex = g_conf.m_banRegex;
long banRegexLen = g_conf.m_banRegexLen;
if (!banRegex || !banRegexLen) return true;
// Don't do regex...look for comma-separated lists of substrings
long start = 0;
bool gotMatch = false;
bool missedMatch = false;
for (long i=0;i<= banRegexLen;i++) {
if (i != banRegexLen &&
banRegex[i] && banRegex[i] != '\n' && banRegex[i] != '\r'
&& banRegex[i] != ',')
continue;
char c = banRegex[i];
// NULL terminate
banRegex[i] = '\0';
// search for substr (must be longer than 2 chars
if ( i - start > 2){
if (strnstr(reqStr, reqLen, &banRegex[start]))
gotMatch = true;
else missedMatch = true;
}
banRegex[i] = c;
start = i+1;
// check the next substr if we're not at the
// end of line or end of buffer
if (c != '\n' && c != '\r' && c != '\0') continue;
// did we get all the substrings?
if (gotMatch && !missedMatch) return false;
// reset for the next set of substrings
gotMatch = false;
missedMatch = false;
}
return true;
}
