From ba8d7d3916d4ccbf0ddb152807ad80307d427777 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki <ole@ans.pl>
Date: Sat, 10 Oct 2009 21:06:03 +0200
Subject: [PATCH] [MINOR] Add chunk_htmlencode and chunk_asciiencode

Add two functions to encode input chunk replacing
non-printable, non ascii or special characters
with:
 "&#%u;"  - chunk_htmlencode
 "<%02X>" - chunk_asciiencode

Above functions should be used when adding strings, received
from possible unsafe sources, to html stats or logs.
---
 include/proto/buffers.h |  3 ++
 src/buffers.c           | 82 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)

diff --git a/include/proto/buffers.h b/include/proto/buffers.h
index 89f746776..801ea1a1d 100644
--- a/include/proto/buffers.h
+++ b/include/proto/buffers.h
@@ -485,6 +485,9 @@ static inline int chunk_strcpy(struct chunk *chk, const char *str) {
 int chunk_printf(struct chunk *chk, const char *fmt, ...)
 	__attribute__ ((format(printf, 2, 3)));
 
+int chunk_htmlencode(struct chunk *dst, struct chunk *src);
+int chunk_asciiencode(struct chunk *dst, struct chunk *src, char qc);
+
 static inline void chunk_reset(struct chunk *chk) {
 	chk->str  = NULL;
 	chk->len  = -1;
diff --git a/src/buffers.c b/src/buffers.c
index f5a8c8b64..68ede265b 100644
--- a/src/buffers.c
+++ b/src/buffers.c
@@ -10,6 +10,7 @@
  *
  */
 
+#include <ctype.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <string.h>
@@ -324,6 +325,87 @@ int chunk_printf(struct chunk *chk, const char *fmt, ...)
 	return chk->len;
 }
 
+/*
+ * Encode chunk <src> into chunk <dst>, respecting the limit of at most
+ * chk->size chars. Replace non-printable or special chracters with "&#%d;".
+ * If the chk->len is over, nothing is added. Returns the new chunk size.
+ */
+int chunk_htmlencode(struct chunk *dst, struct chunk *src) {
+
+	int i, l;
+	int olen, free;
+	char c;
+
+	olen = dst->len;
+
+	for (i = 0; i < src->len; i++) {
+		free = dst->size - dst->len;
+
+		if (!free) {
+			dst->len = olen;
+			return dst->len;
+		}
+
+		c = src->str[i];
+
+		if (!isascii(c) || !isprint(c) || c == '&' || c == '"' || c == '\'' || c == '<' || c == '>') {
+			l = snprintf(dst->str + dst->len, free, "&#%u;", (unsigned char)c);
+
+			if (free < l) {
+				dst->len = olen;
+				return dst->len;
+			}
+
+			dst->len += l;
+		} else {
+			dst->str[dst->len] = c;
+			dst->len++;
+		}
+	}
+
+	return dst->len;
+}
+
+/*
+ * Encode chunk <src> into chunk <dst>, respecting the limit of at most
+ * chk->size chars. Replace non-printable or char passed in qc with "<%02X>".
+ * If the chk->len is over, nothing is added. Returns the new chunk size.
+ */
+int chunk_asciiencode(struct chunk *dst, struct chunk *src, char qc) {
+	int i, l;
+	int olen, free;
+	char c;
+
+	olen = dst->len;
+
+	for (i = 0; i < src->len; i++) {
+		free = dst->size - dst->len;
+
+		if (!free) {
+			dst->len = olen;
+			return dst->len;
+		}
+
+		c = src->str[i];
+
+		if (!isascii(c) || !isprint(c) || c == '<' || c == '>' || c == qc) {
+			l = snprintf(dst->str + dst->len, free, "<%02X>", (unsigned char)c);
+
+			if (free < l) {
+				dst->len = olen;
+				return dst->len;
+			}
+
+			dst->len += l;
+		} else {
+			dst->str[dst->len] = c;
+			dst->len++;
+		}
+	}
+
+	return dst->len;
+}
+
 /*
  * Dumps part or all of a buffer.
  */