1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 4*7c478bd9Sstevel@tonic-gate */ 5*7c478bd9Sstevel@tonic-gate 6*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 7*7c478bd9Sstevel@tonic-gate 8*7c478bd9Sstevel@tonic-gate /* 9*7c478bd9Sstevel@tonic-gate * percent_x() takes a string and performs %<char> expansions. It aborts the 10*7c478bd9Sstevel@tonic-gate * program when the expansion would overflow the output buffer. The result 11*7c478bd9Sstevel@tonic-gate * of %<char> expansion may be passed on to a shell process. For this 12*7c478bd9Sstevel@tonic-gate * reason, characters with a special meaning to shells are replaced by 13*7c478bd9Sstevel@tonic-gate * underscores. 14*7c478bd9Sstevel@tonic-gate * 15*7c478bd9Sstevel@tonic-gate * Diagnostics are reported through syslog(3). 16*7c478bd9Sstevel@tonic-gate * 17*7c478bd9Sstevel@tonic-gate * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. 18*7c478bd9Sstevel@tonic-gate */ 19*7c478bd9Sstevel@tonic-gate 20*7c478bd9Sstevel@tonic-gate #ifndef lint 21*7c478bd9Sstevel@tonic-gate static char sccsid[] = "@(#) percent_x.c 1.4 94/12/28 17:42:37"; 22*7c478bd9Sstevel@tonic-gate #endif 23*7c478bd9Sstevel@tonic-gate 24*7c478bd9Sstevel@tonic-gate /* System libraries. */ 25*7c478bd9Sstevel@tonic-gate 26*7c478bd9Sstevel@tonic-gate #include <stdio.h> 27*7c478bd9Sstevel@tonic-gate #include <stdlib.h> 28*7c478bd9Sstevel@tonic-gate #include <unistd.h> 29*7c478bd9Sstevel@tonic-gate #include <syslog.h> 30*7c478bd9Sstevel@tonic-gate #include <string.h> 31*7c478bd9Sstevel@tonic-gate 32*7c478bd9Sstevel@tonic-gate extern void exit(); 33*7c478bd9Sstevel@tonic-gate 34*7c478bd9Sstevel@tonic-gate /* Local stuff. */ 35*7c478bd9Sstevel@tonic-gate 36*7c478bd9Sstevel@tonic-gate #include "tcpd.h" 37*7c478bd9Sstevel@tonic-gate 38*7c478bd9Sstevel@tonic-gate /* percent_x - do %<char> expansion, abort if result buffer is too small */ 39*7c478bd9Sstevel@tonic-gate 40*7c478bd9Sstevel@tonic-gate char *percent_x(result, result_len, string, request) 41*7c478bd9Sstevel@tonic-gate char *result; 42*7c478bd9Sstevel@tonic-gate int result_len; 43*7c478bd9Sstevel@tonic-gate char *string; 44*7c478bd9Sstevel@tonic-gate struct request_info *request; 45*7c478bd9Sstevel@tonic-gate { 46*7c478bd9Sstevel@tonic-gate char *bp = result; 47*7c478bd9Sstevel@tonic-gate char *end = result + result_len - 1; /* end of result buffer */ 48*7c478bd9Sstevel@tonic-gate char *expansion; 49*7c478bd9Sstevel@tonic-gate int expansion_len; 50*7c478bd9Sstevel@tonic-gate static char ok_chars[] = "1234567890!@%-_=+:,./\ 51*7c478bd9Sstevel@tonic-gate abcdefghijklmnopqrstuvwxyz\ 52*7c478bd9Sstevel@tonic-gate ABCDEFGHIJKLMNOPQRSTUVWXYZ"; 53*7c478bd9Sstevel@tonic-gate char *str = string; 54*7c478bd9Sstevel@tonic-gate char *cp; 55*7c478bd9Sstevel@tonic-gate int ch; 56*7c478bd9Sstevel@tonic-gate 57*7c478bd9Sstevel@tonic-gate /* 58*7c478bd9Sstevel@tonic-gate * Warning: we may be called from a child process or after pattern 59*7c478bd9Sstevel@tonic-gate * matching, so we cannot use clean_exit() or tcpd_jump(). 60*7c478bd9Sstevel@tonic-gate */ 61*7c478bd9Sstevel@tonic-gate 62*7c478bd9Sstevel@tonic-gate while (*str) { 63*7c478bd9Sstevel@tonic-gate if (*str == '%' && (ch = str[1]) != 0) { 64*7c478bd9Sstevel@tonic-gate str += 2; 65*7c478bd9Sstevel@tonic-gate expansion = 66*7c478bd9Sstevel@tonic-gate ch == 'a' ? eval_hostaddr(request->client) : 67*7c478bd9Sstevel@tonic-gate ch == 'A' ? eval_hostaddr(request->server) : 68*7c478bd9Sstevel@tonic-gate ch == 'c' ? eval_client(request) : 69*7c478bd9Sstevel@tonic-gate ch == 'd' ? eval_daemon(request) : 70*7c478bd9Sstevel@tonic-gate ch == 'h' ? eval_hostinfo(request->client) : 71*7c478bd9Sstevel@tonic-gate ch == 'H' ? eval_hostinfo(request->server) : 72*7c478bd9Sstevel@tonic-gate ch == 'n' ? eval_hostname(request->client) : 73*7c478bd9Sstevel@tonic-gate ch == 'N' ? eval_hostname(request->server) : 74*7c478bd9Sstevel@tonic-gate ch == 'p' ? eval_pid(request) : 75*7c478bd9Sstevel@tonic-gate ch == 's' ? eval_server(request) : 76*7c478bd9Sstevel@tonic-gate ch == 'u' ? eval_user(request) : 77*7c478bd9Sstevel@tonic-gate ch == '%' ? "%" : (tcpd_warn("unrecognized %%%c", ch), ""); 78*7c478bd9Sstevel@tonic-gate for (cp = expansion; *(cp += strspn(cp, ok_chars)); /* */ ) 79*7c478bd9Sstevel@tonic-gate *cp = '_'; 80*7c478bd9Sstevel@tonic-gate expansion_len = cp - expansion; 81*7c478bd9Sstevel@tonic-gate } else { 82*7c478bd9Sstevel@tonic-gate expansion = str++; 83*7c478bd9Sstevel@tonic-gate expansion_len = 1; 84*7c478bd9Sstevel@tonic-gate } 85*7c478bd9Sstevel@tonic-gate if (bp + expansion_len >= end) { 86*7c478bd9Sstevel@tonic-gate tcpd_warn("percent_x: expansion too long: %.30s...", result); 87*7c478bd9Sstevel@tonic-gate sleep(5); 88*7c478bd9Sstevel@tonic-gate exit(0); 89*7c478bd9Sstevel@tonic-gate } 90*7c478bd9Sstevel@tonic-gate memcpy(bp, expansion, expansion_len); 91*7c478bd9Sstevel@tonic-gate bp += expansion_len; 92*7c478bd9Sstevel@tonic-gate } 93*7c478bd9Sstevel@tonic-gate *bp = 0; 94*7c478bd9Sstevel@tonic-gate return (result); 95*7c478bd9Sstevel@tonic-gate } 96