summaryrefslogtreecommitdiffstats
path: root/subversion/libsvn_subr/validate.c
blob: 205233989d3629d8401000e6061aa12ed4c062a8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
/*
 * validate.c:  validation routines
 *
 * ====================================================================
 *    Licensed to the Apache Software Foundation (ASF) under one
 *    or more contributor license agreements.  See the NOTICE file
 *    distributed with this work for additional information
 *    regarding copyright ownership.  The ASF licenses this file
 *    to you under the Apache License, Version 2.0 (the
 *    "License"); you may not use this file except in compliance
 *    with the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *    Unless required by applicable law or agreed to in writing,
 *    software distributed under the License is distributed on an
 *    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 *    KIND, either express or implied.  See the License for the
 *    specific language governing permissions and limitations
 *    under the License.
 * ====================================================================
 */

/* ==================================================================== */



/*** Includes. ***/

#define APR_WANT_STRFUNC
#include <apr_want.h>

#include "svn_error.h"
#include "svn_ctype.h"
#include "svn_private_config.h"



/*** Code. ***/

svn_error_t *
svn_mime_type_validate(const char *mime_type, apr_pool_t *pool)
{
  /* Since svn:mime-type can actually contain a full content type
     specification, e.g., "text/html; charset=UTF-8", make sure we're
     only looking at the media type here. */
  const apr_size_t len = strcspn(mime_type, "; ");
  const apr_size_t len2 = strlen(mime_type);
  const char *const slash_pos = strchr(mime_type, '/');
  apr_size_t i;
  const char *tspecials = "()<>@,;:\\\"/[]?=";

  if (len == 0)
    return svn_error_createf
      (SVN_ERR_BAD_MIME_TYPE, NULL,
       _("MIME type '%s' has empty media type"), mime_type);

  if (slash_pos == NULL || slash_pos >= &mime_type[len])
    return svn_error_createf
      (SVN_ERR_BAD_MIME_TYPE, NULL,
       _("MIME type '%s' does not contain '/'"), mime_type);

  /* Check the mime type for illegal characters. See RFC 1521. */
  for (i = 0; i < len; i++)
    {
      if (&mime_type[i] != slash_pos
         && (! svn_ctype_isascii(mime_type[i])
            || svn_ctype_iscntrl(mime_type[i])
            || svn_ctype_isspace(mime_type[i])
            || (strchr(tspecials, mime_type[i]) != NULL)))
        return svn_error_createf
          (SVN_ERR_BAD_MIME_TYPE, NULL,
           _("MIME type '%s' contains invalid character '%c' "
             "in media type"),
           mime_type, mime_type[i]);
    }

  /* Check the whole string for unsafe characters. (issue #2872) */
  for (i = 0; i < len2; i++)
    {
      if (svn_ctype_iscntrl(mime_type[i]) && mime_type[i] != '\t')
        return svn_error_createf(
           SVN_ERR_BAD_MIME_TYPE, NULL,
           _("MIME type '%s' contains invalid character '0x%02x' "
             "in postfix"),
           mime_type, mime_type[i]);
    }

  return SVN_NO_ERROR;
}


svn_boolean_t
svn_mime_type_is_binary(const char *mime_type)
{
  /* See comment in svn_mime_type_validate() above. */
  const apr_size_t len = strcspn(mime_type, "; ");
  return ((strncmp(mime_type, "text/", 5) != 0)
          && (len != 15 || strncmp(mime_type, "image/x-xbitmap", len) != 0)
          && (len != 15 || strncmp(mime_type, "image/x-xpixmap", len) != 0)
          );
}
OpenPOWER on IntegriCloud