1/***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 ***************************************************************************/
22#include "tool_setup.h"
23
24#include "strcase.h"
25
26#define ENABLE_CURLX_PRINTF
27/* use our own printf() functions */
28#include "curlx.h"
29
30#include "tool_cfgable.h"
31#include "tool_doswin.h"
32#include "tool_msgs.h"
33#include "tool_cb_hdr.h"
34#include "tool_cb_wrt.h"
35#include "tool_operate.h"
36
37#include "memdebug.h" /* keep this as LAST include */
38
39static char *parse_filename(const char *ptr, size_t len);
40
41#ifdef WIN32
42#define BOLD
43#define BOLDOFF
44#else
45#define BOLD "\x1b[1m"
46/* Switch off bold by setting "all attributes off" since the explicit
47 bold-off code (21) isn't supported everywhere - like in the mac
48 Terminal. */
49#define BOLDOFF "\x1b[0m"
50#endif
51
52/*
53** callback for CURLOPT_HEADERFUNCTION
54*/
55
56size_t tool_header_cb(char *ptr, size_t size, size_t nmemb, void *userdata)
57{
58 struct per_transfer *per = userdata;
59 struct HdrCbData *hdrcbdata = &per->hdrcbdata;
60 struct OutStruct *outs = &per->outs;
61 struct OutStruct *heads = &per->heads;
62 const char *str = ptr;
63 const size_t cb = size * nmemb;
64 const char *end = (char *)ptr + cb;
65 long protocol = 0;
66
67 /*
68 * Once that libcurl has called back tool_header_cb() the returned value
69 * is checked against the amount that was intended to be written, if
70 * it does not match then it fails with CURLE_WRITE_ERROR. So at this
71 * point returning a value different from sz*nmemb indicates failure.
72 */
73 size_t failure = (size && nmemb) ? 0 : 1;
74
75 if(!heads->config)
76 return failure;
77
78#ifdef DEBUGBUILD
79 if(size * nmemb > (size_t)CURL_MAX_HTTP_HEADER) {
80 warnf(heads->config->global, "Header data exceeds single call write "
81 "limit!\n");
82 return failure;
83 }
84#endif
85
86 /*
87 * Write header data when curl option --dump-header (-D) is given.
88 */
89
90 if(heads->config->headerfile && heads->stream) {
91 size_t rc = fwrite(ptr, size, nmemb, heads->stream);
92 if(rc != cb)
93 return rc;
94 /* flush the stream to send off what we got earlier */
95 (void)fflush(heads->stream);
96 }
97
98 /*
99 * This callback sets the filename where output shall be written when
100 * curl options --remote-name (-O) and --remote-header-name (-J) have
101 * been simultaneously given and additionally server returns an HTTP
102 * Content-Disposition header specifying a filename property.
103 */
104
105 curl_easy_getinfo(per->curl, CURLINFO_PROTOCOL, &protocol);
106 if(hdrcbdata->honor_cd_filename &&
107 (cb > 20) && checkprefix("Content-disposition:", str) &&
108 (protocol & (CURLPROTO_HTTPS|CURLPROTO_HTTP))) {
109 const char *p = str + 20;
110
111 /* look for the 'filename=' parameter
112 (encoded filenames (*=) are not supported) */
113 for(;;) {
114 char *filename;
115 size_t len;
116
117 while(*p && (p < end) && !ISALPHA(*p))
118 p++;
119 if(p > end - 9)
120 break;
121
122 if(memcmp(p, "filename=", 9)) {
123 /* no match, find next parameter */
124 while((p < end) && (*p != ';'))
125 p++;
126 continue;
127 }
128 p += 9;
129
130 /* this expression below typecasts 'cb' only to avoid
131 warning: signed and unsigned type in conditional expression
132 */
133 len = (ssize_t)cb - (p - str);
134 filename = parse_filename(p, len);
135 if(filename) {
136 if(outs->stream) {
137 int rc;
138 /* already opened and possibly written to */
139 if(outs->fopened)
140 fclose(outs->stream);
141 outs->stream = NULL;
142
143 /* rename the initial file name to the new file name */
144 rc = rename(outs->filename, filename);
145 if(rc != 0) {
146 warnf(outs->config->global, "Failed to rename %s -> %s: %s\n",
147 outs->filename, filename, strerror(errno));
148 }
149 if(outs->alloc_filename)
150 Curl_safefree(outs->filename);
151 if(rc != 0) {
152 free(filename);
153 return failure;
154 }
155 }
156 outs->is_cd_filename = TRUE;
157 outs->s_isreg = TRUE;
158 outs->fopened = FALSE;
159 outs->filename = filename;
160 outs->alloc_filename = TRUE;
161 hdrcbdata->honor_cd_filename = FALSE; /* done now! */
162 if(!tool_create_output_file(outs))
163 return failure;
164 }
165 break;
166 }
167 if(!outs->stream && !tool_create_output_file(outs))
168 return failure;
169 }
170
171 if(hdrcbdata->config->show_headers &&
172 (protocol &
173 (CURLPROTO_HTTP|CURLPROTO_HTTPS|CURLPROTO_RTSP|CURLPROTO_FILE))) {
174 /* bold headers only for selected protocols */
175 char *value = NULL;
176
177 if(!outs->stream && !tool_create_output_file(outs))
178 return failure;
179
180 if(hdrcbdata->global->isatty && hdrcbdata->global->styled_output)
181 value = memchr(ptr, ':', cb);
182 if(value) {
183 size_t namelen = value - ptr;
184 fprintf(outs->stream, BOLD "%.*s" BOLDOFF ":", namelen, ptr);
185 fwrite(&value[1], cb - namelen - 1, 1, outs->stream);
186 }
187 else
188 /* not "handled", just show it */
189 fwrite(ptr, cb, 1, outs->stream);
190 }
191 return cb;
192}
193
194/*
195 * Copies a file name part and returns an ALLOCATED data buffer.
196 */
197static char *parse_filename(const char *ptr, size_t len)
198{
199 char *copy;
200 char *p;
201 char *q;
202 char stop = '\0';
203
204 /* simple implementation of strndup() */
205 copy = malloc(len + 1);
206 if(!copy)
207 return NULL;
208 memcpy(copy, ptr, len);
209 copy[len] = '\0';
210
211 p = copy;
212 if(*p == '\'' || *p == '"') {
213 /* store the starting quote */
214 stop = *p;
215 p++;
216 }
217 else
218 stop = ';';
219
220 /* scan for the end letter and stop there */
221 q = strchr(p, stop);
222 if(q)
223 *q = '\0';
224
225 /* if the filename contains a path, only use filename portion */
226 q = strrchr(p, '/');
227 if(q) {
228 p = q + 1;
229 if(!*p) {
230 Curl_safefree(copy);
231 return NULL;
232 }
233 }
234
235 /* If the filename contains a backslash, only use filename portion. The idea
236 is that even systems that don't handle backslashes as path separators
237 probably want the path removed for convenience. */
238 q = strrchr(p, '\\');
239 if(q) {
240 p = q + 1;
241 if(!*p) {
242 Curl_safefree(copy);
243 return NULL;
244 }
245 }
246
247 /* make sure the file name doesn't end in \r or \n */
248 q = strchr(p, '\r');
249 if(q)
250 *q = '\0';
251
252 q = strchr(p, '\n');
253 if(q)
254 *q = '\0';
255
256 if(copy != p)
257 memmove(copy, p, strlen(p) + 1);
258
259#if defined(MSDOS) || defined(WIN32)
260 {
261 char *sanitized;
262 SANITIZEcode sc = sanitize_file_name(&sanitized, copy, 0);
263 Curl_safefree(copy);
264 if(sc)
265 return NULL;
266 copy = sanitized;
267 }
268#endif /* MSDOS || WIN32 */
269
270 /* in case we built debug enabled, we allow an environment variable
271 * named CURL_TESTDIR to prefix the given file name to put it into a
272 * specific directory
273 */
274#ifdef DEBUGBUILD
275 {
276 char *tdir = curlx_getenv("CURL_TESTDIR");
277 if(tdir) {
278 char buffer[512]; /* suitably large */
279 msnprintf(buffer, sizeof(buffer), "%s/%s", tdir, copy);
280 Curl_safefree(copy);
281 copy = strdup(buffer); /* clone the buffer, we don't use the libcurl
282 aprintf() or similar since we want to use the
283 same memory code as the "real" parse_filename
284 function */
285 curl_free(tdir);
286 }
287 }
288#endif
289
290 return copy;
291}
292