1 /*
2  * percent_x() takes a string and performs %<char> expansions. It aborts the
3  * program when the expansion would overflow the output buffer. The result
4  * of %<char> expansion may be passed on to a shell process. For this
5  * reason, characters with a special meaning to shells are replaced by
6  * underscores.
7  *
8  * Diagnostics are reported through syslog(3).
9  *
10  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
11  */
12
13#ifndef lint
14static char sccsid[] = "@(#) percent_x.c 1.4 94/12/28 17:42:37";
15#endif
16
17/* System libraries. */
18
19#include <stdio.h>
20#include <syslog.h>
21#include <string.h>
22#include <unistd.h>
23
24extern void exit();
25
26/* Local stuff. */
27
28#include "tcpd.h"
29
30/* percent_x - do %<char> expansion, abort if result buffer is too small */
31
32char   *percent_x(result, result_len, string, request)
33char   *result;
34int     result_len;
35char   *string;
36struct request_info *request;
37{
38    char   *bp = result;
39    char   *end = result + result_len - 1;	/* end of result buffer */
40    char   *expansion;
41    int     expansion_len;
42    static char ok_chars[] = "1234567890!@%-_=+:,./\
43abcdefghijklmnopqrstuvwxyz\
44ABCDEFGHIJKLMNOPQRSTUVWXYZ";
45    char   *str = string;
46    char   *cp;
47    int     ch;
48
49    /*
50     * Warning: we may be called from a child process or after pattern
51     * matching, so we cannot use clean_exit() or tcpd_jump().
52     */
53
54    while (*str) {
55	if (*str == '%' && (ch = str[1]) != 0) {
56	    str += 2;
57	    expansion =
58		ch == 'a' ? eval_hostaddr(request->client) :
59		ch == 'A' ? eval_hostaddr(request->server) :
60		ch == 'c' ? eval_client(request) :
61		ch == 'd' ? eval_daemon(request) :
62		ch == 'h' ? eval_hostinfo(request->client) :
63		ch == 'H' ? eval_hostinfo(request->server) :
64		ch == 'n' ? eval_hostname(request->client) :
65		ch == 'N' ? eval_hostname(request->server) :
66		ch == 'p' ? eval_pid(request) :
67		ch == 's' ? eval_server(request) :
68		ch == 'u' ? eval_user(request) :
69		ch == '%' ? "%" : (tcpd_warn("unrecognized %%%c", ch), "");
70	    for (cp = expansion; *(cp += strspn(cp, ok_chars)); /* */ )
71		*cp = '_';
72	    expansion_len = cp - expansion;
73	} else {
74	    expansion = str++;
75	    expansion_len = 1;
76	}
77	if (bp + expansion_len >= end) {
78	    tcpd_warn("percent_x: expansion too long: %.30s...", result);
79	    sleep(5);
80	    exit(0);
81	}
82	memcpy(bp, expansion, expansion_len);
83	bp += expansion_len;
84    }
85    *bp = 0;
86    return (result);
87}
88