1251881Speter/* 2251881Speter * validate.c: validation routines 3251881Speter * 4251881Speter * ==================================================================== 5251881Speter * Licensed to the Apache Software Foundation (ASF) under one 6251881Speter * or more contributor license agreements. See the NOTICE file 7251881Speter * distributed with this work for additional information 8251881Speter * regarding copyright ownership. The ASF licenses this file 9251881Speter * to you under the Apache License, Version 2.0 (the 10251881Speter * "License"); you may not use this file except in compliance 11251881Speter * with the License. You may obtain a copy of the License at 12251881Speter * 13251881Speter * http://www.apache.org/licenses/LICENSE-2.0 14251881Speter * 15251881Speter * Unless required by applicable law or agreed to in writing, 16251881Speter * software distributed under the License is distributed on an 17251881Speter * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 18251881Speter * KIND, either express or implied. See the License for the 19251881Speter * specific language governing permissions and limitations 20251881Speter * under the License. 21251881Speter * ==================================================================== 22251881Speter */ 23251881Speter 24251881Speter/* ==================================================================== */ 25251881Speter 26251881Speter 27251881Speter 28251881Speter/*** Includes. ***/ 29251881Speter 30251881Speter#define APR_WANT_STRFUNC 31251881Speter#include <apr_want.h> 32251881Speter 33251881Speter#include "svn_error.h" 34251881Speter#include "svn_ctype.h" 35251881Speter#include "svn_private_config.h" 36251881Speter 37251881Speter 38251881Speter 39251881Speter/*** Code. ***/ 40251881Speter 41251881Spetersvn_error_t * 42251881Spetersvn_mime_type_validate(const char *mime_type, apr_pool_t *pool) 43251881Speter{ 44251881Speter /* Since svn:mime-type can actually contain a full content type 45251881Speter specification, e.g., "text/html; charset=UTF-8", make sure we're 46251881Speter only looking at the media type here. */ 47251881Speter const apr_size_t len = strcspn(mime_type, "; "); 48251881Speter const apr_size_t len2 = strlen(mime_type); 49251881Speter const char *const slash_pos = strchr(mime_type, '/'); 50251881Speter apr_size_t i; 51251881Speter const char *tspecials = "()<>@,;:\\\"/[]?="; 52251881Speter 53251881Speter if (len == 0) 54251881Speter return svn_error_createf 55251881Speter (SVN_ERR_BAD_MIME_TYPE, NULL, 56251881Speter _("MIME type '%s' has empty media type"), mime_type); 57251881Speter 58251881Speter if (slash_pos == NULL || slash_pos >= &mime_type[len]) 59251881Speter return svn_error_createf 60251881Speter (SVN_ERR_BAD_MIME_TYPE, NULL, 61251881Speter _("MIME type '%s' does not contain '/'"), mime_type); 62251881Speter 63251881Speter /* Check the mime type for illegal characters. See RFC 1521. */ 64251881Speter for (i = 0; i < len; i++) 65251881Speter { 66251881Speter if (&mime_type[i] != slash_pos 67251881Speter && (! svn_ctype_isascii(mime_type[i]) 68251881Speter || svn_ctype_iscntrl(mime_type[i]) 69251881Speter || svn_ctype_isspace(mime_type[i]) 70251881Speter || (strchr(tspecials, mime_type[i]) != NULL))) 71251881Speter return svn_error_createf 72251881Speter (SVN_ERR_BAD_MIME_TYPE, NULL, 73251881Speter _("MIME type '%s' contains invalid character '%c' " 74251881Speter "in media type"), 75251881Speter mime_type, mime_type[i]); 76251881Speter } 77251881Speter 78251881Speter /* Check the whole string for unsafe characters. (issue #2872) */ 79251881Speter for (i = 0; i < len2; i++) 80251881Speter { 81251881Speter if (svn_ctype_iscntrl(mime_type[i]) && mime_type[i] != '\t') 82251881Speter return svn_error_createf( 83251881Speter SVN_ERR_BAD_MIME_TYPE, NULL, 84251881Speter _("MIME type '%s' contains invalid character '0x%02x' " 85251881Speter "in postfix"), 86251881Speter mime_type, mime_type[i]); 87251881Speter } 88251881Speter 89251881Speter return SVN_NO_ERROR; 90251881Speter} 91251881Speter 92251881Speter 93251881Spetersvn_boolean_t 94251881Spetersvn_mime_type_is_binary(const char *mime_type) 95251881Speter{ 96251881Speter /* See comment in svn_mime_type_validate() above. */ 97251881Speter const apr_size_t len = strcspn(mime_type, "; "); 98251881Speter return ((strncmp(mime_type, "text/", 5) != 0) 99251881Speter && (len != 15 || strncmp(mime_type, "image/x-xbitmap", len) != 0) 100251881Speter && (len != 15 || strncmp(mime_type, "image/x-xpixmap", len) != 0) 101251881Speter ); 102251881Speter} 103