1/* Licensed to the Apache Software Foundation (ASF) under one or more 2 * contributor license agreements. See the NOTICE file distributed with 3 * this work for additional information regarding copyright ownership. 4 * The ASF licenses this file to You under the Apache License, Version 2.0 5 * (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include "apr_xml.h" 18 19#include "httpd.h" 20#include "http_protocol.h" 21#include "http_log.h" 22#include "http_core.h" 23 24#include "util_charset.h" 25#include "util_xml.h" 26 27 28/* used for reading input blocks */ 29#define READ_BLOCKSIZE 2048 30 31 32AP_DECLARE(int) ap_xml_parse_input(request_rec * r, apr_xml_doc **pdoc) 33{ 34 apr_xml_parser *parser; 35 apr_bucket_brigade *brigade; 36 int seen_eos; 37 apr_status_t status; 38 char errbuf[200]; 39 apr_size_t total_read = 0; 40 apr_size_t limit_xml_body = ap_get_limit_xml_body(r); 41 int result = HTTP_BAD_REQUEST; 42 43 parser = apr_xml_parser_create(r->pool); 44 brigade = apr_brigade_create(r->pool, r->connection->bucket_alloc); 45 46 seen_eos = 0; 47 total_read = 0; 48 49 do { 50 apr_bucket *bucket; 51 52 /* read the body, stuffing it into the parser */ 53 status = ap_get_brigade(r->input_filters, brigade, 54 AP_MODE_READBYTES, APR_BLOCK_READ, 55 READ_BLOCKSIZE); 56 57 if (status != APR_SUCCESS) { 58 goto read_error; 59 } 60 61 for (bucket = APR_BRIGADE_FIRST(brigade); 62 bucket != APR_BRIGADE_SENTINEL(brigade); 63 bucket = APR_BUCKET_NEXT(bucket)) 64 { 65 const char *data; 66 apr_size_t len; 67 68 if (APR_BUCKET_IS_EOS(bucket)) { 69 seen_eos = 1; 70 break; 71 } 72 73 if (APR_BUCKET_IS_METADATA(bucket)) { 74 continue; 75 } 76 77 status = apr_bucket_read(bucket, &data, &len, APR_BLOCK_READ); 78 if (status != APR_SUCCESS) { 79 goto read_error; 80 } 81 82 total_read += len; 83 if (limit_xml_body && total_read > limit_xml_body) { 84 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, 85 "XML request body is larger than the configured " 86 "limit of %lu", (unsigned long)limit_xml_body); 87 result = HTTP_REQUEST_ENTITY_TOO_LARGE; 88 goto read_error; 89 } 90 91 status = apr_xml_parser_feed(parser, data, len); 92 if (status) { 93 goto parser_error; 94 } 95 } 96 97 apr_brigade_cleanup(brigade); 98 } while (!seen_eos); 99 100 apr_brigade_destroy(brigade); 101 102 /* tell the parser that we're done */ 103 status = apr_xml_parser_done(parser, pdoc); 104 if (status) { 105 /* Some parsers are stupid and return an error on blank documents. */ 106 if (!total_read) { 107 *pdoc = NULL; 108 return OK; 109 } 110 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, 111 "XML parser error (at end). status=%d", status); 112 return HTTP_BAD_REQUEST; 113 } 114 115#if APR_CHARSET_EBCDIC 116 apr_xml_parser_convert_doc(r->pool, *pdoc, ap_hdrs_from_ascii); 117#endif 118 return OK; 119 120 parser_error: 121 (void) apr_xml_parser_geterror(parser, errbuf, sizeof(errbuf)); 122 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, 123 "XML Parser Error: %s", errbuf); 124 125 /* FALLTHRU */ 126 127 read_error: 128 /* make sure the parser is terminated */ 129 (void) apr_xml_parser_done(parser, NULL); 130 131 apr_brigade_destroy(brigade); 132 133 /* Apache will supply a default error, plus the error log above. */ 134 return result; 135} 136