1/*	$NetBSD: percent_x.c,v 1.4.66.1 2012/04/23 16:48:54 riz Exp $	*/
2
3 /*
4  * percent_x() takes a string and performs %<char> expansions. It aborts the
5  * program when the expansion would overflow the output buffer. The result
6  * of %<char> expansion may be passed on to a shell process. For this
7  * reason, characters with a special meaning to shells are replaced by
8  * underscores.
9  *
10  * Diagnostics are reported through syslog(3).
11  *
12  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
13  */
14
15#include <sys/cdefs.h>
16#ifndef lint
17#if 0
18static char sccsid[] = "@(#) percent_x.c 1.4 94/12/28 17:42:37";
19#else
20__RCSID("$NetBSD: percent_x.c,v 1.4.66.1 2012/04/23 16:48:54 riz Exp $");
21#endif
22#endif
23
24/* System libraries. */
25
26#include <stdio.h>
27#include <syslog.h>
28#include <stdlib.h>
29#include <unistd.h>
30#include <string.h>
31
32/* Local stuff. */
33
34#include "tcpd.h"
35
36/* percent_x - do %<char> expansion, abort if result buffer is too small */
37
38char   *percent_x(result, result_len, string, request)
39char   *result;
40int     result_len;
41char   *string;
42struct request_info *request;
43{
44    char   *bp = result;
45    char   *end = result + result_len - 1;	/* end of result buffer */
46    char   *expansion;
47    int     expansion_len;
48    static char ok_chars[] = "1234567890!@%-_=+:,./\
49abcdefghijklmnopqrstuvwxyz\
50ABCDEFGHIJKLMNOPQRSTUVWXYZ";
51    char   *str = string;
52    char   *cp;
53    int     ch;
54
55    /*
56     * Warning: we may be called from a child process or after pattern
57     * matching, so we cannot use clean_exit() or tcpd_jump().
58     */
59
60    while (*str) {
61	if (*str == '%' && (ch = str[1]) != 0) {
62	    str += 2;
63	    expansion =
64		ch == 'a' ? eval_hostaddr(request->client) :
65		ch == 'A' ? eval_hostaddr(request->server) :
66		ch == 'c' ? eval_client(request) :
67		ch == 'd' ? eval_daemon(request) :
68		ch == 'h' ? eval_hostinfo(request->client) :
69		ch == 'H' ? eval_hostinfo(request->server) :
70		ch == 'n' ? eval_hostname(request->client) :
71		ch == 'N' ? eval_hostname(request->server) :
72		ch == 'p' ? eval_pid(request) :
73		ch == 's' ? eval_server(request) :
74		ch == 'u' ? eval_user(request) :
75		ch == '%' ? "%" : (tcpd_warn("unrecognized %%%c", ch), "");
76	    for (cp = expansion; *(cp += strspn(cp, ok_chars)); /* */ )
77		*cp = '_';
78	    expansion_len = cp - expansion;
79	} else {
80	    expansion = str++;
81	    expansion_len = 1;
82	}
83	if (bp + expansion_len >= end) {
84	    tcpd_warn("percent_x: expansion too long: %.30s...", result);
85	    sleep(5);
86	    exit(0);
87	}
88	memcpy(bp, expansion, expansion_len);
89	bp += expansion_len;
90    }
91    *bp = 0;
92    return (result);
93}
94