/** * Destroys multipart part. * * @param part */ void htp_mpart_part_destroy(htp_mpart_part_t *part) { if (part == NULL) return; if (part->file != NULL) { bstr_free(&part->file->filename); if (part->file->tmpname != NULL) { unlink(part->file->tmpname); free(part->file->tmpname); } free(part->file); part->file = NULL; } bstr_free(&part->name); bstr_free(&part->value); if (part->headers != NULL) { // Destroy request_headers htp_header_t *h = NULL; table_iterator_reset(part->headers); while (table_iterator_next(part->headers, (void **) & h) != NULL) { bstr_free(&h->name); bstr_free(&h->value); free(h); } table_destroy(&part->headers); } free(part); }
virtual void TearDown() { bstr_free(output); bstr_free(o_boxing_wizards); decompressor->destroy(decompressor); htp_connp_destroy_all(connp); htp_config_destroy(cfg); }
TEST(BstrTest, IndexOf) { bstr *haystack = bstr_dup_mem("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", 20); bstr *p1 = bstr_dup_c("NOPQ"); bstr *p2 = bstr_dup_c("siej"); bstr *p3 = bstr_dup_c("TUVWXYZ"); bstr *p4 = bstr_dup_c("nopq"); EXPECT_EQ(13, bstr_index_of(haystack, p1)); EXPECT_EQ(-1, bstr_index_of(haystack, p2)); EXPECT_EQ(-1, bstr_index_of(haystack, p3)); EXPECT_EQ(-1, bstr_index_of(haystack, p4)); EXPECT_EQ(13, bstr_index_of_nocase(haystack, p4)); EXPECT_EQ(16, bstr_index_of_c(haystack, "QRS")); EXPECT_EQ(-1, bstr_index_of_c(haystack, "qrs")); EXPECT_EQ(16, bstr_index_of_c_nocase(haystack, "qrs")); EXPECT_EQ(16, bstr_index_of_mem(haystack, "QRSSDF",3)); EXPECT_EQ(-1, bstr_index_of_mem(haystack, "qrssdf",3)); EXPECT_EQ(16, bstr_index_of_mem_nocase(haystack, "qrssdf",3)); bstr_free(p1); bstr_free(p2); bstr_free(p3); bstr_free(p4); bstr_free(haystack); }
void RemoveUninstall(char *startmenu, char *product, BOOL delexe) { bstr *inipath, *uninstpath, *uninstlink; inipath = bstr_new(); uninstpath = bstr_new(); uninstlink = bstr_new(); bstr_assign(uninstlink, startmenu); bstr_appendpath(uninstlink, "Uninstall "); bstr_append(uninstlink, product); bstr_append(uninstlink, ".LNK"); DeleteFile(uninstlink->text); if (delexe) { bstr_assign_windir(inipath); bstr_assign(uninstpath, inipath->text); bstr_appendpath(inipath, "wininit.ini"); bstr_appendpath(uninstpath, UninstallEXE); if (!WritePrivateProfileString("Renane", "NUL", uninstpath->text, inipath->text)) { DisplayError("Cannot write to wininit.ini: ", TRUE, FALSE); } } bstr_free(uninstlink, TRUE); bstr_free(uninstpath, TRUE); bstr_free(inipath, TRUE); }
htp_status_t htp_tx_res_set_header(htp_tx_t *tx, const char *name, size_t name_len, const char *value, size_t value_len, enum htp_alloc_strategy_t alloc) { if ((tx == NULL) || (name == NULL) || (value == NULL)) return HTP_ERROR; htp_header_t *h = calloc(1, sizeof (htp_header_t)); if (h == NULL) return HTP_ERROR; h->name = copy_or_wrap_mem(name, name_len, alloc); if (h->name == NULL) { free(h); return HTP_ERROR; } h->value = copy_or_wrap_mem(value, value_len, alloc); if (h->value == NULL) { bstr_free(h->name); free(h); return HTP_ERROR; } if (htp_table_add(tx->response_headers, h->name, h) != HTP_OK) { bstr_free(h->name); bstr_free(h->value); free(h); return HTP_ERROR; } return HTP_OK; }
/** * Destroys an existing URLENCODED parser. * * @param urlenp */ void htp_urlenp_destroy(htp_urlenp_t **_urlenp) { if ((_urlenp == NULL)||(*_urlenp == NULL)) return; htp_urlenp_t *urlenp = *_urlenp; if (urlenp->_name != NULL) { bstr_free(&urlenp->_name); } bstr_builder_destroy(urlenp->_bb); if (urlenp->params != NULL) { // Destroy parameters bstr *value = NULL; table_iterator_reset(urlenp->params); while (table_iterator_next(urlenp->params, (void **) & value) != NULL) { bstr_free(&value); } table_destroy(&urlenp->params); } free(urlenp); *_urlenp = NULL; }
TEST(BstrTest, DupBin) { bstr *src = bstr_dup_mem("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", 20); bstr *dst; dst = bstr_dup(src); EXPECT_EQ(bstr_len(src), bstr_len(dst)); EXPECT_EQ(0, memcmp(bstr_ptr(src), bstr_ptr(dst), bstr_len(src))); bstr_free(src); bstr_free(dst); }
TEST(BstrTest, DupLower) { bstr *p1; bstr *p2; p1 = bstr_dup_c("0123456789ABCDEFGhIJKL"); p2 = bstr_dup_lower(p1); EXPECT_EQ(0, memcmp("0123456789abcdefghijkl", bstr_ptr(p2), 22)); bstr_free(p1); bstr_free(p2); }
TEST(BstrTest, DupStr) { bstr *p1; bstr *p2; p1 = bstr_dup_c("s0123456789abcdefghijklmnopqrstuvwxyz"); p2 = bstr_dup(p1); EXPECT_EQ(bstr_len(p1), bstr_len(p2)); EXPECT_EQ(0, memcmp(bstr_ptr(p1), bstr_ptr(p2), bstr_len(p1))); bstr_free(p1); bstr_free(p2); }
TEST(BstrTest, Chop) { bstr *p1 = bstr_dup_c("abcdef"); bstr *p2 = bstr_alloc(10); bstr_chop(p1); EXPECT_EQ(0, bstr_cmp_c(p1,"abcde")); bstr_chop(p2); EXPECT_EQ(0, bstr_len(p2)); bstr_free(p1); bstr_free(p2); }
TEST(BstrTest, DupEx) { bstr *p1; bstr *p2; p1 = bstr_dup_c("0123456789abcdefghijkl"); p2 = bstr_dup_ex(p1, 4, 10); EXPECT_EQ(10, bstr_size(p2)); EXPECT_EQ(10, bstr_len(p2)); EXPECT_EQ(0, memcmp("456789abcd", bstr_ptr(p2),10)); bstr_free(p1); bstr_free(p2); }
TEST(BstrTest, BeginsWith2) { bstr *haystack = bstr_dup_c("ABC"); bstr *p1 = bstr_dup_c("ABCD"); bstr *p2 = bstr_dup_c("EDFG"); EXPECT_EQ(0, bstr_begins_with_mem(haystack, bstr_ptr(p1), bstr_len(p1))); EXPECT_EQ(0, bstr_begins_with_mem_nocase(haystack, bstr_ptr(p1), bstr_len(p1))); EXPECT_EQ(0, bstr_begins_with_mem_nocase(haystack, bstr_ptr(p2), bstr_len(p2))); bstr_free(p1); bstr_free(p2); bstr_free(haystack); }
TEST(UtilTest, ParseContentType6) { bstr *i = bstr_dup_c("multipart/form-data\t boundary=X"); bstr *e = bstr_dup_c("multipart/form-data\t"); bstr *ct = NULL; ASSERT_EQ(HTP_OK, htp_parse_ct_header(i, &ct)); ASSERT_TRUE(ct != NULL); ASSERT_TRUE(bstr_cmp(e, ct) == 0); bstr_free(ct); bstr_free(e); bstr_free(i); }
TEST(BstrTest, AddNoex) { bstr *p1; bstr *p2; bstr *p3; p1 = bstr_alloc(10); p1 = bstr_add_c(p1, "12345"); p2 = bstr_dup_c("abcdef"); p3 = bstr_add_noex(p1,p2); EXPECT_EQ(p1,p3); EXPECT_EQ(0,bstr_cmp_c(p3,"12345abcde")); bstr_free(p1); bstr_free(p2); }
/** * Extract one request header. A header can span multiple lines, in * which case they will be folded into one before parsing is attempted. * * @param[in] connp * @param[in] data * @param[in] len * @return HTP_OK or HTP_ERROR */ htp_status_t htp_process_request_header_generic(htp_connp_t *connp, unsigned char *data, size_t len) { // Create a new header structure. htp_header_t *h = calloc(1, sizeof (htp_header_t)); if (h == NULL) return HTP_ERROR; // Now try to parse the header. if (htp_parse_request_header_generic(connp, h, data, len) != HTP_OK) { free(h); return HTP_ERROR; } #ifdef HTP_DEBUG fprint_bstr(stderr, "Header name", h->name); fprint_bstr(stderr, "Header value", h->value); #endif // Do we already have a header with the same name? htp_header_t *h_existing = htp_table_get(connp->in_tx->request_headers, h->name); if (h_existing != NULL) { // TODO Do we want to have a list of the headers that are // allowed to be combined in this way? // Add to the existing header. bstr *new_value = bstr_expand(h_existing->value, bstr_len(h_existing->value) + 2 + bstr_len(h->value)); if (new_value == NULL) { bstr_free(h->name); bstr_free(h->value); free(h); return HTP_ERROR; } h_existing->value = new_value; bstr_add_mem_noex(h_existing->value, ", ", 2); bstr_add_noex(h_existing->value, h->value); // The new header structure is no longer needed. bstr_free(h->name); bstr_free(h->value); free(h); // Keep track of repeated same-name headers. h_existing->flags |= HTP_FIELD_REPEATED; } else { // Add as a new header. htp_table_add(connp->in_tx->request_headers, h->name, h); } return HTP_OK; }
TEST(BstrTest, Add) { bstr *src1; bstr *src2; bstr *dest; src1 = bstr_dup_c("testtest"); src2 = bstr_dup_c("0123456789abcdefghijklmnopqrstuvwxyz"); dest = bstr_add(src1, src2); EXPECT_EQ(0, bstr_cmp_c(dest, "testtest0123456789abcdefghijklmnopqrstuvwxyz")); // src1 is either invalid or the same as dest after bstr_add bstr_free(src2); bstr_free(dest); }
TEST(UtilTest, ParseHostPort1) { bstr *i = bstr_dup_c("www.example.com"); bstr *host; int port; uint64_t flags = 0; ASSERT_EQ(HTP_OK, htp_parse_hostport(i, &host, &port, &flags)); ASSERT_TRUE(bstr_cmp(i, host) == 0); ASSERT_EQ(-1, port); ASSERT_EQ(0, flags); bstr_free(host); bstr_free(i); }
TEST(BstrTest, Alloc) { bstr *p1; p1 = bstr_alloc(10); EXPECT_EQ(10, bstr_size(p1)); EXPECT_EQ(0, bstr_len(p1)); bstr_free(p1); }
TEST(BstrTest, DupMem) { bstr *dst; dst = bstr_dup_mem("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", 18); EXPECT_EQ(0, memcmp("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", bstr_ptr(dst), 18)); bstr_free(dst); }
void DeleteFileList(InstFiles *listpt, HWND hwnd, InstFiles *keepfiles) { bstr *str; char *sep; InstFiles *keeppt; str = bstr_new(); for (; listpt; listpt = listpt->next) { keeppt = keepfiles; while (keeppt && strcmp(keeppt->filename, listpt->filename) != 0) { keeppt = keeppt->next; } if (keeppt) { keeppt->filesize = 1; /* Mark that this file is already * installed */ } else { bstr_assign(str, "Deleting file: "); bstr_append(str, listpt->filename); SendMessage(hwnd, WM_SETTEXT, 0, (LPARAM)str->text); DeleteFile(listpt->filename); sep = strrchr(listpt->filename, '\\'); if (sep) { *sep = '\0'; RemoveWholeDirectory(listpt->filename); *sep = '\\'; } } } bstr_free(str, TRUE); }
/** * Parses a single v0 request cookie and places the results into tx->request_cookies. * * @param[in] connp * @param[in] data * @param[in] len * @return HTP_OK on success, HTP_ERROR on error. */ int htp_parse_single_cookie_v0(htp_connp_t *connp, unsigned char *data, size_t len) { if (len == 0) return HTP_OK; size_t pos = 0; // Look for '=' while ((pos < len) && (data[pos] != '=')) pos++; if (pos == 0) return HTP_OK; // Ignore nameless cookies bstr *name = bstr_dup_mem(data, pos); if (name == NULL) return HTP_ERROR; bstr *value = NULL; if (pos == len) { // Cookie is empty value = bstr_dup_c(""); } else { // Cookie is not empty value = bstr_dup_mem(data + pos + 1, len - pos - 1); } if (value == NULL) { bstr_free(name); return HTP_ERROR; } // Add cookie directly htp_table_addn(connp->in_tx->request_cookies, name, value); return HTP_OK; }
TEST(BstrTest, CharAt) { bstr *str = bstr_dup_mem("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", 20); EXPECT_EQ('\000', bstr_char_at(str, 12)); EXPECT_EQ(-1, bstr_char_at(str, 45)); bstr_free(str); }
TEST(UtilTest, ParseContentLength) { bstr *str = bstr_dup_c("134"); EXPECT_EQ(134, htp_parse_content_length(str)); bstr_free(str); }
char *GetInstallDir(char *product) { HKEY key; bstr *str; DWORD keytype, keylen; char *installdir; str = bstr_new(); bstr_assign(str, UninstallKey); bstr_appendpath(str, product); if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, str->text, 0, KEY_ALL_ACCESS, &key) != ERROR_SUCCESS) { DisplayError("Could not open registry", FALSE, TRUE); } if (RegQueryValueEx(key, "InstallDirectory", NULL, &keytype, NULL, &keylen) != ERROR_SUCCESS || keytype != REG_SZ) { DisplayError("Could not query registry key", FALSE, TRUE); } installdir = bmalloc(keylen); if (RegQueryValueEx(key, "InstallDirectory", NULL, &keytype, installdir, &keylen) != ERROR_SUCCESS) { DisplayError("Could not get registry key value", FALSE, TRUE); } RegCloseKey(key); bstr_free(str, TRUE); return installdir; }
htp_status_t htp_tx_state_request_complete(htp_tx_t *tx) { // Finalize request body. if (htp_tx_req_has_body(tx)) { int rc = htp_tx_req_process_body_data(tx, NULL, 0); if (rc != HTP_OK) return rc; } // Run hook REQUEST_COMPLETE. int rc = htp_hook_run_all(tx->connp->cfg->hook_request_complete, tx->connp); if (rc != HTP_OK) return rc; // Clean-up. if (tx->connp->put_file != NULL) { bstr_free(tx->connp->put_file->filename); free(tx->connp->put_file); tx->connp->put_file = NULL; } // Update the transaction status, but only if it did already // move on. This may happen when we're processing a CONNECT // request and need to wait for the response to determine how // to continue to treat the rest of the TCP stream. if (tx->progress < HTP_REQUEST_COMPLETE) { tx->progress = HTP_REQUEST_COMPLETE; } return HTP_OK; }
TEST(BstrBuilder, Append) { bstr_builder_t *bb = bstr_builder_create(); bstr *str1 = bstr_dup_c("0123456789"); bstr *str2 = bstr_dup_c("abcdefghijklmnopqrstuvwxyz"); EXPECT_EQ(0, bstr_builder_size(bb)); bstr_builder_appendn(bb, str1); bstr_builder_append_c(bb, "#"); bstr_builder_appendn(bb, str2); bstr_builder_append_c(bb, "#"); bstr_builder_append_mem(bb, "!@#$%^&*()", 4); EXPECT_EQ(5, bstr_builder_size(bb)); bstr *result = bstr_builder_to_str(bb); EXPECT_EQ(42, bstr_len(result)); EXPECT_EQ(0, memcmp("0123456789#abcdefghijklmnopqrstuvwxyz#!@#$", bstr_ptr(result),42)); bstr_free(result); bstr_builder_clear(bb); EXPECT_EQ(0, bstr_builder_size(bb)); bstr_builder_destroy(bb); }
TEST(UtilTest, Method) { bstr *method = bstr_dup_c("GET"); EXPECT_EQ(HTP_M_GET, htp_convert_method_to_number(method)); bstr_free(method); }
TEST(BstrTest, RChr) { bstr *b = bstr_dup_c("---I---I---"); EXPECT_EQ(bstr_rchr(b, 'I'), 7); EXPECT_EQ(bstr_rchr(b, 'M'), -1); bstr_free(b); }
TEST(BstrTest, CharAtEnd) { bstr *str = bstr_dup_mem("ABCDEFGHIJKL\000NOPQRSTUVWXYZ", 20); EXPECT_EQ('T', bstr_char_at_end(str, 0)); EXPECT_EQ('\000', bstr_char_at_end(str, 7)); EXPECT_EQ(-1, bstr_char_at_end(str, bstr_len(str))); bstr_free(str); }
TEST(BstrTest, AdjustLen) { bstr *p1 = bstr_dup_c("abcdef"); bstr_adjust_len(p1, 3); EXPECT_EQ(3, bstr_len(p1)); EXPECT_EQ(0, bstr_cmp_c(p1,"abc")); bstr_free(p1); }