1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 ***************************************************************************/
23 #include "curl_setup.h"
27 #include "curl_memory.h"
28 /* The last #include file should be: */
32 * "Remove Dot Segments"
33 * https://tools.ietf.org/html/rfc3986#section-5.2.4
40 * This function gets a zero-terminated path with dot and dotdot sequences
41 * passed in and strips them off according to the rules in RFC 3986 section
44 * The function handles a query part ('?' + stuff) appended but it expects
45 * that fragments ('#' + stuff) have already been cut off.
49 * an allocated dedotdotified output string
51 char *Curl_dedotdotify(const char *input)
53 size_t inlen = strlen(input);
55 size_t clen = inlen; /* the length of the cloned input */
56 char *out = malloc(inlen+1);
61 return NULL; /* out of memory */
63 /* get a cloned copy of the input */
64 clone = strdup(input);
73 /* zero length string, return that */
79 * To handle query-parts properly, we must find it and remove it during the
80 * dotdot-operation and then append it again at the end to the output
83 queryp = strchr(clone, '?');
89 /* A. If the input buffer begins with a prefix of "../" or "./", then
90 remove that prefix from the input buffer; otherwise, */
92 if(!strncmp("./", clone, 2)) {
96 else if(!strncmp("../", clone, 3)) {
101 /* B. if the input buffer begins with a prefix of "/./" or "/.", where
102 "." is a complete path segment, then replace that prefix with "/" in
103 the input buffer; otherwise, */
104 else if(!strncmp("/./", clone, 3)) {
108 else if(!strcmp("/.", clone)) {
114 /* C. if the input buffer begins with a prefix of "/../" or "/..", where
115 ".." is a complete path segment, then replace that prefix with "/" in
116 the input buffer and remove the last segment and its preceding "/" (if
117 any) from the output buffer; otherwise, */
119 else if(!strncmp("/../", clone, 4)) {
122 /* remove the last segment from the output buffer */
123 while(outptr > out) {
128 *outptr = 0; /* zero-terminate where it stops */
130 else if(!strcmp("/..", clone)) {
134 /* remove the last segment from the output buffer */
135 while(outptr > out) {
140 *outptr = 0; /* zero-terminate where it stops */
143 /* D. if the input buffer consists only of "." or "..", then remove
144 that from the input buffer; otherwise, */
146 else if(!strcmp(".", clone) || !strcmp("..", clone)) {
151 /* E. move the first path segment in the input buffer to the end of
152 the output buffer, including the initial "/" character (if any) and
153 any subsequent characters up to, but not including, the next "/"
154 character or the end of the input buffer. */
157 *outptr++ = *clone++;
159 } while(*clone && (*clone != '/'));
167 /* There was a query part, append that to the output. The 'clone' string
168 may now have been altered so we copy from the original input string
169 from the correct index. */
170 size_t oindex = queryp - orgclone;
171 qlen = strlen(&input[oindex]);
172 memcpy(outptr, &input[oindex], qlen+1); /* include the ending zero byte */