void Tokenizer::shiftFilepath() { // do not call shift file in the middle of a block comment BOOST_ASSERT(!mBlockComment); // we do not support files with whitespaces in the beggining skipWhiteSpaces(); mpCurrent.reset(new Token); mpCurrent->setLine(line()); mpCurrent->setBeginColumn(column()); mpCurrent->setType(Token::TYPE_FILEPATH); while (!eof()) { auto ch = mpInput->get(); if (!isPortableFilepathChar(ch)) { mpInput->clear(); mpInput->unget(); break; } absorbed(ch); mpCurrent->addChar(ch); } mpCurrent->setEndColumn(column()); }
/** * @brief Retrieves the action out of the given user-rule suffix. * The user rule suffix should contain the action as it first field (maybe after some spaces and tabs), * and the action should be one of the following constant strings: ACCEPT_STRING, DROP_STRING. * The function promotes the user rule suffix to the first whitespace after the action. * * @param userRulePtr - a pointer to the user-rule suffix, which is a string of maximum length USER_RULE_MAX_LENGTH - 1. * @param action - out parameter, which will contain the rule's action in kernel-format. * * @return TRUE for success, FALSE for failure. */ Bool getActionFromUserRule(char ** userRulePtr, unsigned short * action, int userRuleNum) { char actionString[USER_RULE_MAX_LENGTH] = ""; skipWhiteSpaces(userRulePtr); if (sscanf(*userRulePtr, "%s", actionString) != 1) { printf("User-rule #%d: invalid action.\n", userRuleNum); return FALSE; } if (strcmp(actionString, ACCEPT_STRING) == 0) { *action = ACTION_ACCEPT; } else if (strcmp(actionString, DROP_STRING) == 0) { *action = ACTION_DROP; } else { printf("User-rule #%d: invalid action. The valid actions are: %s, %s.\n", userRuleNum, ACCEPT_STRING, DROP_STRING); return FALSE; } *userRulePtr += strlen(actionString); return TRUE; }
/** * @brief Retrieves the ack out of the given user-rule suffix. * The user rule suffix should contain the ack as it first field (maybe after some spaces and tabs), * and the ack should be one of the following constant strings: YES_STRING, NO_STRING, ANY_STRING. * The function promotes the user rule suffix to the first whitespace after the ack. * * @param userRulePtr - a pointer to the user-rule suffix, which is a string of maximum length USER_RULE_MAX_LENGTH - 1. * @param ack - out parameter, which will contain the rule's ack in kernel-format. * * @return TRUE for success, FALSE for failure. */ Bool getAckFromUserRule(char ** userRulePtr, unsigned short * ack, int userRuleNum) { char ackStr[USER_RULE_MAX_LENGTH] = ""; skipWhiteSpaces(userRulePtr); if (sscanf(*userRulePtr, "%s", ackStr) != 1) { printf("User-rule #%d: invalid ack.\n", userRuleNum); return FALSE; } if (strcmp(ackStr, YES_STRING) == 0) { *ack = ACK_YES; } else if (strcmp(ackStr, NO_STRING) == 0) { *ack = ACK_NO; } else if (strcmp(ackStr, ANY_STRING) == 0) { *ack = ACK_ANY; } else { printf("User-rule #%d: invalid ack. The valid values for ack are: %s, %s, %s.\n", userRuleNum, YES_STRING, NO_STRING, ANY_STRING); return FALSE; } *userRulePtr += strlen(ackStr); return TRUE; }
/** * @brief Retrieves the port out of the given user-rule suffix. * The user rule suffix should contain the port as it first field (maybe after some spaces and tabs), * and the port should be either the constant string PORT_ABOVE_1023_STRING, ANY_STRING, or an unsigned short. * The function promotes the user rule suffix to the first whitespace after the port. * * @param userRulePtr - a pointer to the user-rule suffix, which is a string of maximum length USER_RULE_MAX_LENGTH - 1. * @param port - out parameter, which will contain the rule's port in kernel-format. * * @return TRUE for success, FALSE for failure. */ Bool getPortFromUserRule(char ** userRulePtr, unsigned short * port, int userRuleNum) { char portStr[USER_RULE_MAX_LENGTH] = ""; char tempStr[3] = ""; skipWhiteSpaces(userRulePtr); if (sscanf(*userRulePtr, "%s", portStr) != 1) { printf("User-rule #%d: invalid port.\n", userRuleNum); return FALSE; } if (strcmp(portStr, PORT_ABOVE_1023_STRING) == 0) { *port = PORT_ABOVE_1023; } else if (strcmp(portStr, ANY_STRING) == 0) { *port = PORT_ANY; } else if (sscanf(portStr, "%hu%2s", port, tempStr) != 1) { printf("User-rule #%d: invalid port: Valid port should be '%s', '%s' or an unsigned short.\n", userRuleNum, ANY_STRING, PORT_ABOVE_1023_STRING); return FALSE; } *userRulePtr += strlen(portStr); return TRUE; }
/** * @brief Retrieves the direction out of the given user-rule suffix. * The user rule suffix should contain the direction as it first field (maybe after some spaces and tabs), * and the direction should be one of the following constant strings: IN_STRING, OUT_STRING, OUT_STRING. * The function promotes the user rule suffix to the first whitespace after the direction. * * @param userRulePtr - a pointer to the user-rule suffix, which is a string of maximum length USER_RULE_MAX_LENGTH - 1. * @param direction - out parameter, which will contain the rule's direction in kernel-format. * * @return TRUE for success, FALSE for failure. */ Bool getDirectionFromUserRule(char ** userRulePtr, unsigned short * direction, int userRuleNum) { char directionStr[USER_RULE_MAX_LENGTH] = ""; skipWhiteSpaces(userRulePtr); if (sscanf(*userRulePtr, "%100s", directionStr) != 1) { printf("User-rule #%d: invalid direction.\n", userRuleNum); return FALSE; } if (strcmp(directionStr, IN_STRING) == 0) { *direction = DIRECTION_IN; } else if (strcmp(directionStr, OUT_STRING) == 0) { *direction = DIRECTION_OUT; } else if (strcmp(directionStr, ANY_STRING) == 0) { *direction = DIRECTION_ANY; } else { printf("User-rule #%d: invalid direction. Valid directions are: %s, %s, %s.\n", userRuleNum, IN_STRING, OUT_STRING, ANY_STRING); return FALSE; } *userRulePtr += strlen(directionStr); return TRUE; }
/** * @brief Retrieves the subnet's ip and prefix-size out of the given user-rule suffix. * The user rule suffix should contain the subnet as it first field (maybe after some spaces and tabs), * and the subnet should be ANY_STRING or of the format <ip>/<prefix-size>. * The function promotes the user rule suffix to the first whitespace after the subnet. * * @param userRulePtr - a pointer to the user-rule suffix, which is a string of maximum length USER_RULE_MAX_LENGTH - 1. * @param ip - out parameter, which will contain the subnet's ip. * @param prefixSize - out parameter, which will contain the size of the subnet's prefix. * * @return TRUE for success, FALSE for failure. */ Bool getSubnetFromUserRule(char ** userRulePtr, unsigned int * ip, unsigned short * prefixSize, int userRuleNum) { char subnetStr[USER_RULE_MAX_LENGTH] = ""; char * slashPtr = NULL; int slashIndex = 0; char ipStr[USER_RULE_MAX_LENGTH] = ""; char prefixSizeStr[USER_RULE_MAX_LENGTH] = ""; skipWhiteSpaces(userRulePtr); /* Retrieving the subnet */ if (sscanf(*userRulePtr, "%s", subnetStr) != 1) { printf("User-rule #%d: invalid subnet.\n", userRuleNum); return FALSE; } if (strcmp(subnetStr, ANY_STRING) == 0) { *ip = 0; *prefixSize = 0; *userRulePtr += strlen(subnetStr); return TRUE; } /* Retrieving the slash index in order to distinguish between the ip and the prefix size */ slashPtr = strchr(subnetStr, (int)'/'); if (NULL == slashPtr) { /* Only IP */ slashIndex = strlen(subnetStr); *prefixSize = PREFIX_SIZE_MAX; } else { /* IP/nps */ slashIndex = slashPtr - (char *)subnetStr; /* Retrieving the prefix size */ strncpy(prefixSizeStr, slashPtr + 1, strlen(subnetStr) - slashIndex); if (!getPrefixSizeFromString(prefixSizeStr, prefixSize)) { printf("User-rule #%d: invalid prefix size: %s\n", userRuleNum, prefixSizeStr); return FALSE; } } /* Retrieving the ip */ strncpy(ipStr, subnetStr, slashIndex); ipStr[slashIndex] = 0; if (!getIpAddrFromString(ipStr, ip)) { printf("User-rule #%d: invalid ip: %s\n", userRuleNum, ipStr); return FALSE; } *userRulePtr += strlen(subnetStr); return TRUE; }
/** * @brief Retrieves the protocol out of the given user-rule suffix. * The user rule suffix should contain the protocol as it first field (maybe after some spaces and tabs), * and the protocol should be one of the following constant strings: * ICMP_STRING, TCP_STRING, UDP_STRING, OTHER_STRING, ANY_STRING. * The function promotes the user rule suffix to the first whitespace after the protocol. * * @param userRulePtr - a pointer to the user-rule suffix, which is a string of maximum length USER_RULE_MAX_LENGTH - 1. * @param protocol - out parameter, which will contain the rule's protocol in kernel-format. * * @return TRUE for success, FALSE for failure. */ Bool getProtocolFromUserRule(char ** userRulePtr, unsigned short * protocol, int userRuleNum) { char protocolStr[USER_RULE_MAX_LENGTH] = ""; skipWhiteSpaces(userRulePtr); if (sscanf(*userRulePtr, "%s", protocolStr) != 1) { printf("User-rule #%d: invalid protocol.\n", userRuleNum); return FALSE; } if (strcmp(protocolStr, TCP_STRING) == 0) { *protocol = PROT_TCP; } else if (strcmp(protocolStr, ICMP_STRING) == 0) { *protocol = PROT_ICMP; } else if (strcmp(protocolStr, UDP_STRING) == 0) { *protocol = PROT_UDP; } else if (strcmp(protocolStr, OTHER_STRING) == 0) { *protocol = PROT_OTHER; } else if (strcmp(protocolStr, ANY_STRING) == 0) { *protocol = PROT_ANY; } else { printf("User-rule #%d: invalid protocol: The only valid protocols are: %s, %s, %s, %s, %s\n", userRuleNum, ICMP_STRING, TCP_STRING, UDP_STRING, OTHER_STRING, ANY_STRING); return FALSE; } *userRulePtr += strlen(protocolStr); return TRUE; }
void Tokenizer::shift() { mpCurrent.reset(); if (mBlockComment) { skipEOL(); } else { skipWhiteSpaces(); if (mpInput->eof()) return; } mpCurrent.reset(new Token); mpCurrent->setLine(line()); mpCurrent->setBeginColumn(column()); if (mBlockComment) { consumeCStyleBlockComment(); return; } auto ch = mpInput->get(); if (isLetter(ch) || isUnderscore(ch)) { consumeIdentifier(ch); } else if (isBiwiseOperatorSymbol(ch)) { mpCurrent->setType(Token::TYPE_BITWISE_OPERATOR); absorbed(ch); mpCurrent->addChar(ch); mpCurrent->setEndColumn(column()); } else if (isDot(ch) && consumeDot(ch)) { // nothing } else if ((isDecimalDigit(ch) || isDot(ch) || isSign(ch)) && consumeNumber(ch)) { // nothing } else if (isQuotationMark(ch)) { if (!consumeString(ch)) shift(); } else if (isCStyleInitialCommentChar(ch)) { consumeComment(ch); } else if (isArrowSymbol(ch) && consumeArrow(ch)) { // nothing } else if (isBracket(ch)) { mpCurrent->setType(Token::TYPE_BRACKET); absorbed(ch); mpCurrent->addChar(ch); mpCurrent->setEndColumn(column()); } else if (isAngleBracket(ch)) { mpCurrent->setType(Token::TYPE_ANGLE_BRACKET); absorbed(ch); mpCurrent->addChar(ch); mpCurrent->setEndColumn(column()); } else if (isDelimiter(ch)) { mpCurrent->setType(Token::TYPE_DELIMITER); absorbed(ch); mpCurrent->addChar(ch); mpCurrent->setEndColumn(column()); } else if (isOperator(ch) && consumeEqualOperator(ch)) { // nothing } else if (isOperator(ch)) { mpCurrent->setType(Token::TYPE_OPERATOR); absorbed(ch); mpCurrent->addChar(ch); mpCurrent->setEndColumn(column()); } else if (isAsterisk(ch)) { mpCurrent->setType(Token::TYPE_ASTERISK); absorbed(ch); mpCurrent->addChar(ch); mpCurrent->setEndColumn(column()); } else { mpCurrent.reset(); } }
void XMLStreamDecoder::handleData () { State before = mState; while (true) { if (mState != before && mStateChange) { mStateChange (); } before = mState; if (mState == XS_Closed || mState == XS_Error) return; skipWhiteSpaces (mInputBuffer); switch (mState) { case XS_Start:{ int code = xml::xmlBeginning(mInputBuffer); if (code == 0) return; if (code < 0) { mErrorText = "Invalid XML Begin"; mError = error::BadDeserialization; mState = XS_Error; continue; } // we have enough mInputBuffer.l_truncate(code); mState = XS_ReadXmlBegin; continue; } case XS_ReadXmlBegin: { int code = xml::fullTag (mInputBuffer); if (code < 0) { mErrorText = "Invalid Start Element"; mError = error::BadDeserialization; mState = XS_Error; continue; } if (code == 0) return; // we have enough Error e = fillElement (mInputBuffer.const_c_array(), code, &mOpener); if (e) { mError = e; mErrorText = "Invalid Start element"; mState = XS_Error; continue; } mInputBuffer.l_truncate(code); mState = XS_ReadOpener; continue; } case XS_ReadOpener:{ int code = xml::fullTag (mInputBuffer); if (code < 0) { mErrorText = "InvalidElement"; mError = error::BadDeserialization; mState = XS_Error; continue; } if (code == 0) return; if (mInputBuffer[0] == '<' && mInputBuffer[1] == '/') { mInputBuffer.l_truncate(code); mState = XS_Closed; continue; } code = xml::completionDetection(mInputBuffer); if (code < 0) { mErrorText = "Invalid Element"; mError = error::BadDeserialization; mState = XS_Error; continue; } if (code == 0) return; XMLChunk chunk = xml::parseDocument(mInputBuffer.const_c_array(), code); if (chunk.error() || chunk.children().size() != 1){ mErrorText = "Invalid Element"; mError = error::BadDeserialization; mState = XS_Error; continue; } if (mChunkRead){ mChunkRead (chunk.children()[0]); } mInputBuffer.l_truncate(code); continue; } default: assert (!"Should not come here!"); return; } } }
/** * @brief Builds a kernel-rule out of the given user-rule, and adds it to the kernel rules buffer. * * @param kernelRules - out parameter, which will hold the kernel rule. * @param userRule - the user rule from which the kernel rule should be built. Must end with a newline character. * * @return the number of bytes written to the kernelRules buffer, or 0 in case of failure. */ int addKernelRuleByUserRule(char * kernelRules, char * userRule, int userRuleNum) { /* Variable declarations */ char name[20] = ""; unsigned short direction = 0; unsigned int srcIp = 0; unsigned short srcPrefixSize = 0; unsigned int dstIp = 0; unsigned short dstPrefixSize = 0; unsigned short protocol = 0; unsigned short srcPort = 0; unsigned short dstPort = 0; unsigned short ack = 0; unsigned short action = 0; int sprintfResult = 0; /* Retrieving the fields of the kernel rules from the user rule */ if (!getNameFromUserRule(&userRule, name, userRuleNum)) { return 0; } if (!getDirectionFromUserRule(&userRule, &direction, userRuleNum)) { return 0; } if (!getSubnetFromUserRule(&userRule, &srcIp, &srcPrefixSize, userRuleNum)) { return 0; } if (!getSubnetFromUserRule(&userRule, &dstIp, &dstPrefixSize, userRuleNum)) { return 0; } if (!getProtocolFromUserRule(&userRule, &protocol, userRuleNum)) { return 0; } if (!getPortFromUserRule(&userRule, &srcPort, userRuleNum)) { return 0; } if (!getPortFromUserRule(&userRule, &dstPort, userRuleNum)) { return 0; } if (!getAckFromUserRule(&userRule, &ack, userRuleNum)) { return 0; } if (!getActionFromUserRule(&userRule, &action, userRuleNum)) { return 0; } skipWhiteSpaces(&userRule); if (!isEndOfLine(userRule)) { printf("User-rule #%d: too many arguments.\n", userRuleNum); return 0; } if (!verifyRuleMakeSense(userRuleNum, protocol, ack, srcPort, dstPort)) { return 0; } /* Writing the fields into the kernel rule buffer */ sprintfResult = sprintf(kernelRules, "%s %hu %d %hu %d %hu %hu %hu %hu %hu %hu\n", name, direction, srcIp, srcPrefixSize, dstIp, dstPrefixSize, protocol, srcPort, dstPort, ack, action); if (sprintfResult == -1) { printf("User-rule #%d: Error in sprintf.\n", userRuleNum); return 0; } return sprintfResult; }