util_xml.c revision 1715880355ef7f574cae2e8f973411b51acedede
08cb74ca432a8c24e39f17dedce527e6a47b8001jerenkrantz/* Licensed to the Apache Software Foundation (ASF) under one or more
08cb74ca432a8c24e39f17dedce527e6a47b8001jerenkrantz * contributor license agreements. See the NOTICE file distributed with
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein * this work for additional information regarding copyright ownership.
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * The ASF licenses this file to You under the Apache License, Version 2.0
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * (the "License"); you may not use this file except in compliance with
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * the License. You may obtain a copy of the License at
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein *
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * http://www.apache.org/licenses/LICENSE-2.0
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein *
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * Unless required by applicable law or agreed to in writing, software
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * distributed under the License is distributed on an "AS IS" BASIS,
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * See the License for the specific language governing permissions and
71da3cca78eea6010f89b139ecadb79e6d213c4fnd * limitations under the License.
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein */
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "apr_xml.h"
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "httpd.h"
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "http_protocol.h"
f4c310fd2555c6faca1f980f00b161eadb089023gstein#include "http_log.h"
1b21d7b3d97def358b2e923655edeb16613a1c31gstein#include "http_core.h"
952023a04a2f9d51553babd9094fb857f1c97548trawick
1b21d7b3d97def358b2e923655edeb16613a1c31gstein#include "util_charset.h"
1b21d7b3d97def358b2e923655edeb16613a1c31gstein#include "util_xml.h"
1b21d7b3d97def358b2e923655edeb16613a1c31gstein
1b21d7b3d97def358b2e923655edeb16613a1c31gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein/* used for reading input blocks */
f4c310fd2555c6faca1f980f00b161eadb089023gstein#define READ_BLOCKSIZE 2048
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein/* we know core's module_index is 0 */
f4c310fd2555c6faca1f980f00b161eadb089023gstein#undef APLOG_MODULE_INDEX
f4c310fd2555c6faca1f980f00b161eadb089023gstein#define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
f4c310fd2555c6faca1f980f00b161eadb089023gstein
98e9c4a310bb623ff788680f88b6bd200ff36a24wroweAP_DECLARE(int) ap_xml_parse_input(request_rec * r, apr_xml_doc **pdoc)
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe{
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_xml_parser *parser;
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_bucket_brigade *brigade;
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm int seen_eos;
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_status_t status;
f4c310fd2555c6faca1f980f00b161eadb089023gstein char errbuf[200];
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_size_t total_read = 0;
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_size_t limit_xml_body = ap_get_limit_xml_body(r);
f4c310fd2555c6faca1f980f00b161eadb089023gstein int result = HTTP_BAD_REQUEST;
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein parser = apr_xml_parser_create(r->pool);
f4c310fd2555c6faca1f980f00b161eadb089023gstein brigade = apr_brigade_create(r->pool, r->connection->bucket_alloc);
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein seen_eos = 0;
f4c310fd2555c6faca1f980f00b161eadb089023gstein total_read = 0;
5b03ba47ff7225cacb131f14b019332af27da960gstein
5b03ba47ff7225cacb131f14b019332af27da960gstein do {
5b03ba47ff7225cacb131f14b019332af27da960gstein apr_bucket *bucket;
5b03ba47ff7225cacb131f14b019332af27da960gstein
5b03ba47ff7225cacb131f14b019332af27da960gstein /* read the body, stuffing it into the parser */
5b03ba47ff7225cacb131f14b019332af27da960gstein status = ap_get_brigade(r->input_filters, brigade,
5b03ba47ff7225cacb131f14b019332af27da960gstein AP_MODE_READBYTES, APR_BLOCK_READ,
5b03ba47ff7225cacb131f14b019332af27da960gstein READ_BLOCKSIZE);
5b03ba47ff7225cacb131f14b019332af27da960gstein
5b03ba47ff7225cacb131f14b019332af27da960gstein if (status != APR_SUCCESS) {
5b03ba47ff7225cacb131f14b019332af27da960gstein result = ap_map_http_request_error(status, HTTP_BAD_REQUEST);
5b03ba47ff7225cacb131f14b019332af27da960gstein goto read_error;
5b03ba47ff7225cacb131f14b019332af27da960gstein }
5b03ba47ff7225cacb131f14b019332af27da960gstein
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe for (bucket = APR_BRIGADE_FIRST(brigade);
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe bucket != APR_BRIGADE_SENTINEL(brigade);
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe bucket = APR_BUCKET_NEXT(bucket))
f4c310fd2555c6faca1f980f00b161eadb089023gstein {
1ccd992d37d62c8cb2056126f2234f64ec189bfddougm const char *data;
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_size_t len;
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein if (APR_BUCKET_IS_EOS(bucket)) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein seen_eos = 1;
f4c310fd2555c6faca1f980f00b161eadb089023gstein break;
f4c310fd2555c6faca1f980f00b161eadb089023gstein }
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein if (APR_BUCKET_IS_METADATA(bucket)) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein continue;
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe }
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe
f4c310fd2555c6faca1f980f00b161eadb089023gstein status = apr_bucket_read(bucket, &data, &len, APR_BLOCK_READ);
f4c310fd2555c6faca1f980f00b161eadb089023gstein if (status != APR_SUCCESS) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein goto read_error;
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe }
f4c310fd2555c6faca1f980f00b161eadb089023gstein
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe total_read += len;
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe if (limit_xml_body && total_read > limit_xml_body) {
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00539)
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe "XML request body is larger than the configured "
f4c310fd2555c6faca1f980f00b161eadb089023gstein "limit of %lu", (unsigned long)limit_xml_body);
f4c310fd2555c6faca1f980f00b161eadb089023gstein result = HTTP_REQUEST_ENTITY_TOO_LARGE;
f4c310fd2555c6faca1f980f00b161eadb089023gstein goto read_error;
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe }
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe
f4c310fd2555c6faca1f980f00b161eadb089023gstein status = apr_xml_parser_feed(parser, data, len);
f4c310fd2555c6faca1f980f00b161eadb089023gstein if (status) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein goto parser_error;
f4c310fd2555c6faca1f980f00b161eadb089023gstein }
f4c310fd2555c6faca1f980f00b161eadb089023gstein }
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_brigade_cleanup(brigade);
f4c310fd2555c6faca1f980f00b161eadb089023gstein } while (!seen_eos);
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe apr_brigade_destroy(brigade);
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe /* tell the parser that we're done */
f4c310fd2555c6faca1f980f00b161eadb089023gstein status = apr_xml_parser_done(parser, pdoc);
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe if (status) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein /* Some parsers are stupid and return an error on blank documents. */
f4c310fd2555c6faca1f980f00b161eadb089023gstein if (!total_read) {
f4c310fd2555c6faca1f980f00b161eadb089023gstein *pdoc = NULL;
f4c310fd2555c6faca1f980f00b161eadb089023gstein return OK;
f4c310fd2555c6faca1f980f00b161eadb089023gstein }
f4c310fd2555c6faca1f980f00b161eadb089023gstein ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00540)
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe "XML parser error (at end). status=%d", status);
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe return HTTP_BAD_REQUEST;
f4c310fd2555c6faca1f980f00b161eadb089023gstein }
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein#if APR_CHARSET_EBCDIC
f4c310fd2555c6faca1f980f00b161eadb089023gstein apr_xml_parser_convert_doc(r->pool, *pdoc, ap_hdrs_from_ascii);
f4c310fd2555c6faca1f980f00b161eadb089023gstein#endif
f4c310fd2555c6faca1f980f00b161eadb089023gstein return OK;
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe parser_error:
f4c310fd2555c6faca1f980f00b161eadb089023gstein (void) apr_xml_parser_geterror(parser, errbuf, sizeof(errbuf));
58fd79b56eb624bf011772994e9761d3c2e228c1orlikowski ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00541)
f4c310fd2555c6faca1f980f00b161eadb089023gstein "XML Parser Error: %s", errbuf);
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein /* FALLTHRU */
f4c310fd2555c6faca1f980f00b161eadb089023gstein
f4c310fd2555c6faca1f980f00b161eadb089023gstein read_error:
f4c310fd2555c6faca1f980f00b161eadb089023gstein /* make sure the parser is terminated */
f4c310fd2555c6faca1f980f00b161eadb089023gstein (void) apr_xml_parser_done(parser, NULL);
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe apr_brigade_destroy(brigade);
f4c310fd2555c6faca1f980f00b161eadb089023gstein
58fd79b56eb624bf011772994e9761d3c2e228c1orlikowski /* Apache will supply a default error, plus the error log above. */
f4c310fd2555c6faca1f980f00b161eadb089023gstein return result;
f4c310fd2555c6faca1f980f00b161eadb089023gstein}
f4c310fd2555c6faca1f980f00b161eadb089023gstein