/*
* Empire - A multi-player, client/server Internet based war game.
- * Copyright (C) 1986-2008, Dave Pare, Jeff Bailey, Thomas Ruschak,
- * Ken Stevens, Steve McClure
+ * Copyright (C) 1986-2020, Dave Pare, Jeff Bailey, Thomas Ruschak,
+ * Ken Stevens, Steve McClure, Markus Armbruster
*
- * This program is free software; you can redistribute it and/or modify
+ * Empire is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* ---
*
* ---
*
* secure.c: Check redir etc. to protect against tampering deity
- *
+ *
* Known contributors to this file:
- * Markus Armbruster, 2007
+ * Markus Armbruster, 2007-2017
*/
#include <config.h>
#include <assert.h>
+#include <ctype.h>
+#include <stdio.h>
#include <string.h>
#include "ringbuf.h"
#include "secure.h"
-struct ring recent_input;
-static size_t saved_bytes;
+static struct ring recent_input;
/*
- * Remember line of input INP for a while.
- * It must end with a newline.
- * Return value is suitable for forget_input(): it makes it forget all
- * input up to and including this line.
+ * Remember input @inp for a while.
*/
-size_t
-save_input(char *inp)
+void
+save_input(char inp)
{
- size_t len = strlen(inp);
- int left;
+ int eol;
- assert(len && inp[len - 1] == '\n');
-
- left = ring_putm(&recent_input, inp, len);
- if (left < 0) {
- ring_discard(&recent_input, ring_search(&recent_input, "\n"));
- ring_putm(&recent_input, inp, len);
+ while (ring_putc(&recent_input, inp) < 0) {
+ eol = ring_search(&recent_input, "\n", 0);
+ assert(eol >= 0);
+ ring_discard(&recent_input, eol + 1);
}
- saved_bytes += len;
- return saved_bytes;
}
/*
- * Can you still remember a line of input that ends with TAIL?
+ * Can you still remember a line of input that ends with @tail?
* It must end with a newline.
- * Return non-zero iff TAIL can be remembered.
- * Passing that value to forget_input() will forget all input up to
- * and including this line.
*/
-size_t
+int
seen_input(char *tail)
{
size_t len = strlen(tail);
- size_t remembered = ring_len(&recent_input);
- int dist;
assert(len && tail[len - 1] == '\n');
-
- dist = ring_search(&recent_input, tail);
- if (dist < 0)
- return 0;
-
- assert(dist + len <= remembered && remembered <= saved_bytes);
- return saved_bytes - remembered + dist + len;
+ return ring_search(&recent_input, tail, 0) >= 0;
}
/*
- * Forget remembered input up to SEEN.
- * SEEN should be obtained from save_input() or seen_input().
+ * Can you still remember input that looks like an execute @arg?
+ * @arg must end with a newline.
*/
-void
-forget_input(size_t seen)
+int
+seen_exec_input(char *arg)
{
- size_t forgotten = saved_bytes - ring_len(&recent_input);
+ size_t len = strlen(arg);
+ int n, i, j, ch;
+ unsigned char buf[RING_SIZE + 1];
+
+ assert(len && arg[len - 1] == '\n');
+
+ n = 1;
+ for (;;) {
+ /* find next line ending with arg */
+ n = ring_search(&recent_input, arg, n + 1);
+ if (n <= 0)
+ return 0;
- assert(seen);
+ /* extract command (same or previous line) */
+ i = n - 1;
+ if (ring_peek(&recent_input, i) == '\n')
+ i--;
+ j = sizeof(buf);
+ buf[--j] = 0;
+ for (; i >= 0 && (ch = ring_peek(&recent_input, i)) != '\n'; i--)
+ buf[--j] = ch;
- if (seen > forgotten) {
- assert(ring_peek(&recent_input, seen - forgotten - 1) == '\n');
- ring_discard(&recent_input, seen - forgotten);
+ /* compare command */
+ for (; isspace(buf[j]); j++) ;
+ for (i = j; buf[i] && !isspace(buf[i]); i++) ;
+ if (i - j >= 2 && !strncmp("execute", (char *)buf + j, i - j))
+ return 1;
}
}