From b4a284c5ff08e93be3b496361a66051f576e26b6 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Fri, 13 Jul 2018 20:51:09 +0200 Subject: [PATCH 1/4] Mark function md5() as deprecated and compile md5.c again MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Quote from issue #15: > libcgi contains an implementation of the md5 hash function, however > its not used inside the library itself and the status regarding > license or potential security issues (despite the weekness of md5 > itself) is not clear. If a user needs md5 he or she could get it from > a specialized library. Although md5 is deprecated (#15) we can not simply remove the code from the API. Do that later. The HAVE_MD5 macro is useless, that was a relict from the old autotools build and actually meant »build with md5«, so we can simply drop the build time generated file and that macro. Fixes: 0643151cf9ee8e09f4a613256bada8cde24b75c4 Signed-off-by: Alexander Dahl --- src/CMakeLists.txt | 7 +------ src/cgi.h | 14 ++++++++++++-- src/config.h.cmake.in | 1 - src/md5.c | 4 ---- 4 files changed, 13 insertions(+), 13 deletions(-) delete mode 100644 src/config.h.cmake.in diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 5994132..c61d4b1 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -2,11 +2,6 @@ # Copyright 2013,2016,2018 Alexander Dahl # -configure_file( - "${CMAKE_CURRENT_SOURCE_DIR}/config.h.cmake.in" - "${CMAKE_CURRENT_BINARY_DIR}/config.h" -) - set(CGI_SRC base64.c cgi.c @@ -14,7 +9,7 @@ set(CGI_SRC error.c general.c list.c - # md5.c + md5.c session.c string.c ) diff --git a/src/cgi.h b/src/cgi.h index 4874a68..be8edfc 100644 --- a/src/cgi.h +++ b/src/cgi.h @@ -23,11 +23,21 @@ #include +#if defined(__GNUC__) +#define CGI_DEPRECATED __attribute__ ((deprecated)) +#elif defined(_MSC_VER) +#define CGI_DEPRECATED __declspec(deprecated) +#elif defined(__clang__) +#define CGI_DEPRECATED __deprecated +#else +#pragma message("WARNING: You need to implement CGI_DEPRECATED for this compiler") +#define CGI_DEPRECATED +#endif + #ifdef __cplusplus extern "C" { #endif - // general purpose linked list. Actually isn't very portable // because uses only 'name' and 'value' variables to store data. // Problably, in a future release, this will be replaced by @@ -81,7 +91,7 @@ extern char *stripslashes(char *str); extern char *str_base64_encode(char *str); extern char *str_base64_decode(char *str); extern char *recvline(FILE *fp); -extern char *md5(const char *str); +CGI_DEPRECATED char *md5(const char *str); extern char *cgi_ltrim(char *str); extern char *cgi_rtrim(char *str); extern char *cgi_trim(char *str); diff --git a/src/config.h.cmake.in b/src/config.h.cmake.in deleted file mode 100644 index 29271cf..0000000 --- a/src/config.h.cmake.in +++ /dev/null @@ -1 +0,0 @@ -#define HAVE_MD5 0 diff --git a/src/md5.c b/src/md5.c index 56cf5c0..a004e15 100644 --- a/src/md5.c +++ b/src/md5.c @@ -23,7 +23,6 @@ #include #include -#include "config.h" #include "error.h" #include "cgi.h" @@ -31,8 +30,6 @@ * @{ */ -#if HAVE_MD5 - #ifndef MD5_H #define MD5_H @@ -95,7 +92,6 @@ char *md5(const char *str) // returning a encrypted string return tmp; } -#endif /*=======================================================================*/ From dfbc91e1b1323f36f4cdf1474531b4990bfd4194 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Sat, 14 Jul 2018 01:04:21 +0200 Subject: [PATCH 2/4] Add new API function cgi_version() Straight forward string output of the current library version. Signed-off-by: Alexander Dahl --- .gitignore | 1 - src/CMakeLists.txt | 5 +++++ src/cgi.c | 5 +++++ src/cgi.h | 7 +++++++ src/config.h.in | 16 ++++++++++++++++ test/CMakeLists.txt | 3 +++ test/test.c | 13 +++++++++++++ 7 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 src/config.h.in diff --git a/.gitignore b/.gitignore index f48c7c1..70d2f8e 100644 --- a/.gitignore +++ b/.gitignore @@ -8,5 +8,4 @@ libcgi.a libcgi.so autom4te.cache configure -src/config.h *swp diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c61d4b1..5b9f55a 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -2,6 +2,11 @@ # Copyright 2013,2016,2018 Alexander Dahl # +configure_file( + "${CMAKE_CURRENT_SOURCE_DIR}/config.h.in" + "${CMAKE_CURRENT_BINARY_DIR}/config.h" +) + set(CGI_SRC base64.c cgi.c diff --git a/src/cgi.c b/src/cgi.c index 904c207..3066e74 100644 --- a/src/cgi.c +++ b/src/cgi.c @@ -26,6 +26,7 @@ #include /* for cgi_include() */ #include "cgi.h" +#include "config.h" #include "error.h" // There's no reason to not have this initialised. @@ -551,6 +552,10 @@ void cgi_send_header(const char *header) printf("%s\r\n", header); } +const char *cgi_version( void ) +{ + return CGI_VERSION; +} /** * @} diff --git a/src/cgi.h b/src/cgi.h index be8edfc..e3eda36 100644 --- a/src/cgi.h +++ b/src/cgi.h @@ -136,6 +136,13 @@ extern void cgi_session_save_path(const char *path); */ void cgi_session_free( void ); +/** + * The version of this library. + * + * @return Version string. + */ +const char *cgi_version( void ); + #ifdef __cplusplus } #endif diff --git a/src/config.h.in b/src/config.h.in new file mode 100644 index 0000000..ee5b254 --- /dev/null +++ b/src/config.h.in @@ -0,0 +1,16 @@ +/*******************************************************************//** + * @file config.h + * + * @brief Stuff set by the build system. + * + * @author Alexander Dahl + * + * SPDX-License-Identifier: LGPL-2.1-or-later + * License-Filename: COPYING + * + * @copyright 2018 Alexander Dahl and libcgi contributors + **********************************************************************/ + +#pragma once + +#define CGI_VERSION "v@PROJECT_VERSION@" diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 87d7f45..32c2139 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -28,6 +28,9 @@ add_test(NAME cgi_ltrim add_test(NAME cgi_rtrim COMMAND cgi-test rtrim ) +add_test(NAME cgi_version + COMMAND cgi-test version +) # slist add_executable(cgi-test-slist diff --git a/test/test.c b/test/test.c index c315b5c..3171cc8 100644 --- a/test/test.c +++ b/test/test.c @@ -8,6 +8,7 @@ #include "cgi_test.h" #include "cgi.h" +#include "config.h" extern formvars * process_data(const char *query, formvars **start, formvars **last, @@ -23,6 +24,7 @@ static int test_cgi_param_multiple( void ); static int test_cgi_process_form( void ); static int _test_ltrim( void ); static int _test_rtrim( void ); +static int version( void ); int main( int argc, char *argv[] ) { @@ -33,6 +35,7 @@ int main( int argc, char *argv[] ) { "process_form", test_cgi_process_form }, { "ltrim", _test_ltrim }, { "rtrim", _test_rtrim }, + { "version", version }, }; /* require at least one argument to select test */ @@ -312,3 +315,13 @@ int _test_rtrim( void ) error: return EXIT_FAILURE; } + +int version( void ) +{ + check( 0 == strcmp( CGI_VERSION, cgi_version() ), + "strcmp( '%s', '%s' )", CGI_VERSION, cgi_version() ); + + return EXIT_SUCCESS; +error: + return EXIT_FAILURE; +} From 94e5ce66bcf92cb4b3b8e7b4bc02519b5111ccb7 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Mon, 16 Jul 2018 08:51:52 +0200 Subject: [PATCH 3/4] test: Fix possible segfault on array access When compiling with RelWithDebInfo gcc warned about out of bounds array access. The line removed now tried to ensure the string is null-terminated, but _after_ the actual array. The for loop initializing the array however uses integer overflow and str[255] will contain the necessary zero byte. Otherwise the strlen() check would fail anyway. While at it set two compile definitions needed for this test exutable. Signed-off-by: Alexander Dahl --- test/CMakeLists.txt | 5 +++++ test/test.c | 1 - 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 32c2139..0d9dc54 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -7,6 +7,11 @@ add_executable(cgi-test cgi_test.c test.c ) +target_compile_definitions(cgi-test + PRIVATE + _POSIX_C_SOURCE=200112L + _XOPEN_SOURCE +) target_link_libraries(cgi-test ${PROJECT_NAME} ) diff --git a/test/test.c b/test/test.c index 3171cc8..10ca8ce 100644 --- a/test/test.c +++ b/test/test.c @@ -64,7 +64,6 @@ int test_cgi_escape_special_chars( void ) for (c = 0; c < 256; ++c) str[c] = (char) c + 1; - str[c] = 0; check( strlen(str) == 255, "strlen" ); check( esc = cgi_escape_special_chars(str), "escape" ); From d5bf4380cc2edd06f6d126f775312be9fb231b39 Mon Sep 17 00:00:00 2001 From: Alexander Dahl Date: Mon, 16 Jul 2018 21:59:16 +0200 Subject: [PATCH 4/4] Move header files to separate directory This way the include paths inside the project are similar to the ones a user would use, and building examples with CMake from inside this projects will be possible, if that is desired in the future. Signed-off-by: Alexander Dahl --- CMakeLists.txt | 1 + include/libcgi/CMakeLists.txt | 15 +++++++++++++++ {src => include/libcgi}/cgi.h | 0 {src => include/libcgi}/config.h.in | 0 {src => include/libcgi}/error.h | 0 {src => include/libcgi}/session.h | 0 src/CMakeLists.txt | 17 ++--------------- src/base64.c | 2 +- src/cgi.c | 6 +++--- src/cookie.c | 4 ++-- src/error.c | 4 ++-- src/general.c | 4 ++-- src/list.c | 4 ++-- src/md5.c | 4 ++-- src/session.c | 6 +++--- src/string.c | 4 ++-- test/test.c | 4 ++-- test/test_session.c | 2 +- test/test_slist.c | 2 +- test/test_trim.c | 2 +- 20 files changed, 42 insertions(+), 39 deletions(-) create mode 100644 include/libcgi/CMakeLists.txt rename {src => include/libcgi}/cgi.h (100%) rename {src => include/libcgi}/config.h.in (100%) rename {src => include/libcgi}/error.h (100%) rename {src => include/libcgi}/session.h (100%) diff --git a/CMakeLists.txt b/CMakeLists.txt index 31ee4e0..5164c11 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -28,6 +28,7 @@ option(BUILD_SHARED_LIBS ) # subdirectories +add_subdirectory("include/libcgi") add_subdirectory("src") # test diff --git a/include/libcgi/CMakeLists.txt b/include/libcgi/CMakeLists.txt new file mode 100644 index 0000000..0657840 --- /dev/null +++ b/include/libcgi/CMakeLists.txt @@ -0,0 +1,15 @@ +# +# Copyright 2018 Alexander Dahl +# + +configure_file( + "${CMAKE_CURRENT_SOURCE_DIR}/config.h.in" + "${CMAKE_CURRENT_BINARY_DIR}/config.h" +) + +install(FILES + cgi.h + error.h + session.h + DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/libcgi" +) diff --git a/src/cgi.h b/include/libcgi/cgi.h similarity index 100% rename from src/cgi.h rename to include/libcgi/cgi.h diff --git a/src/config.h.in b/include/libcgi/config.h.in similarity index 100% rename from src/config.h.in rename to include/libcgi/config.h.in diff --git a/src/error.h b/include/libcgi/error.h similarity index 100% rename from src/error.h rename to include/libcgi/error.h diff --git a/src/session.h b/include/libcgi/session.h similarity index 100% rename from src/session.h rename to include/libcgi/session.h diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 5b9f55a..23f3a40 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -2,11 +2,6 @@ # Copyright 2013,2016,2018 Alexander Dahl # -configure_file( - "${CMAKE_CURRENT_SOURCE_DIR}/config.h.in" - "${CMAKE_CURRENT_BINARY_DIR}/config.h" -) - set(CGI_SRC base64.c cgi.c @@ -32,8 +27,8 @@ set_target_properties(${PROJECT_NAME} PROPERTIES target_include_directories(${PROJECT_NAME} PUBLIC - $ - $ + $ + $ $ ) @@ -49,11 +44,3 @@ install(EXPORT ${PROJECT_NAME}-targets NAMESPACE ${PROJECT_NAME}:: DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/${PROJECT_NAME}" ) - -# install headers -install(FILES - cgi.h - error.h - session.h - DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/lib${PROJECT_NAME}" -) diff --git a/src/base64.c b/src/base64.c index dd56fce..44aaf8a 100644 --- a/src/base64.c +++ b/src/base64.c @@ -32,7 +32,7 @@ LICENCE: Copyright (c) 2001 Bob Trower, Trantor Standard Systems Inc. #include #include -#include "error.h" +#include "libcgi/error.h" static const char cb64[]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static const char cd64[]="|$$$}rstuvwxyz{$$$$$$$>?@ABCDEFGHIJKLMNOPQRSTUVW$$$$$$XYZ[\\]^_`abcdefghijklmnopq"; diff --git a/src/cgi.c b/src/cgi.c index 3066e74..fd25cd7 100644 --- a/src/cgi.c +++ b/src/cgi.c @@ -25,9 +25,9 @@ #include #include /* for cgi_include() */ -#include "cgi.h" -#include "config.h" -#include "error.h" +#include "libcgi/cgi.h" +#include "libcgi/config.h" +#include "libcgi/error.h" // There's no reason to not have this initialised. static const char hextable[256] = { diff --git a/src/cookie.c b/src/cookie.c index 6e84c81..2272e91 100644 --- a/src/cookie.c +++ b/src/cookie.c @@ -23,8 +23,8 @@ #include #include -#include "error.h" -#include "cgi.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" formvars *cookies_start = NULL; formvars *cookies_last = NULL; diff --git a/src/error.c b/src/error.c index 2f48b3b..0e64c09 100644 --- a/src/error.c +++ b/src/error.c @@ -2,8 +2,8 @@ #include #include -#include "error.h" -#include "cgi.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" const char *libcgi_error_type[] = { "LibCGI Warning", diff --git a/src/general.c b/src/general.c index 9662ece..2df3a31 100644 --- a/src/general.c +++ b/src/general.c @@ -23,8 +23,8 @@ #include #include -#include "error.h" -#include "cgi.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" struct iso8859_15 { char code; diff --git a/src/list.c b/src/list.c index 43c17bd..b995997 100644 --- a/src/list.c +++ b/src/list.c @@ -25,8 +25,8 @@ #include #include -#include "error.h" -#include "cgi.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" // Add a new item to the list void slist_add(formvars *item, formvars **start, formvars **last) diff --git a/src/md5.c b/src/md5.c index a004e15..986945e 100644 --- a/src/md5.c +++ b/src/md5.c @@ -23,8 +23,8 @@ #include #include -#include "error.h" -#include "cgi.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" /** @ingroup libcgi_general * @{ diff --git a/src/session.c b/src/session.c index 981d544..b85abb8 100644 --- a/src/session.c +++ b/src/session.c @@ -67,9 +67,9 @@ #include #include -#include "cgi.h" -#include "session.h" -#include "error.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" +#include "libcgi/session.h" // session id length #define SESS_ID_LEN 45 diff --git a/src/string.c b/src/string.c index 410d58d..c5564f9 100644 --- a/src/string.c +++ b/src/string.c @@ -25,8 +25,8 @@ #include #include -#include "cgi.h" -#include "error.h" +#include "libcgi/cgi.h" +#include "libcgi/error.h" /********************************************************* * STRING GROUP diff --git a/test/test.c b/test/test.c index 10ca8ce..fc263b3 100644 --- a/test/test.c +++ b/test/test.c @@ -7,8 +7,8 @@ #include "cgi_test.h" -#include "cgi.h" -#include "config.h" +#include "libcgi/cgi.h" +#include "libcgi/config.h" extern formvars * process_data(const char *query, formvars **start, formvars **last, diff --git a/test/test_session.c b/test/test_session.c index 936f26d..9b0e9a4 100644 --- a/test/test_session.c +++ b/test/test_session.c @@ -14,7 +14,7 @@ #include "cgi_test.h" -#include "cgi.h" +#include "libcgi/cgi.h" #define CGI_TEST_SHRT_COOKIE_NAME "cgi_sess" #define CGI_TEST_COOKIE_NAME_49 "_______ten____twenty____thirty____fourty_____fift" diff --git a/test/test_slist.c b/test/test_slist.c index 8ac58e4..e3c69a5 100644 --- a/test/test_slist.c +++ b/test/test_slist.c @@ -13,7 +13,7 @@ #include "cgi_test.h" -#include "cgi.h" +#include "libcgi/cgi.h" /* declarations for functions not declared in src */ formvars *process_data(const char *query, formvars **start, formvars **last, diff --git a/test/test_trim.c b/test/test_trim.c index dc25166..4eb62c3 100644 --- a/test/test_trim.c +++ b/test/test_trim.c @@ -13,7 +13,7 @@ #include "cgi_test.h" -#include "cgi.h" +#include "libcgi/cgi.h" /* trim.c */ char* ltrim(char* s);