minor url_decode improvements

Signed-off-by: Michael Krelin <hacker@klever.net>

1 files changed, 3 insertions, 4 deletions

diff --git a/lib/util.cc b/lib/util.cc
index 4028697..02f9473 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -92,261 +92,260 @@ namespace opkele {
 	}
 
 	BIGNUM *dec_to_bignum(const string& dec) {
 	    BIGNUM *rv = 0;
 	    if(!BN_dec2bn(&rv,dec.c_str()))
 		throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()");
 	    return rv;
 	}
 
 	string bignum_to_base64(const BIGNUM *bn) {
 	    vector<unsigned char> bin(BN_num_bytes(bn)+1);
 	    unsigned char *binptr = &(bin.front())+1;
 	    int l = BN_bn2bin(bn,binptr);
 	    if(l && (*binptr)&0x80){
 		(*(--binptr)) = 0; ++l;
 	    }
 	    return encode_base64(binptr,l);
 	}
 
 	/*
 	 * w3c times
 	 */
 
 	string time_to_w3c(time_t t) {
 	    struct tm tm_t;
 	    if(!gmtime_r(&t,&tm_t))
 		throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()");
 	    char rv[25];
 	    if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t))
 		throw failed_conversion(OPKELE_CP_ "failed to strftime()");
 	    return rv;
 	}
 
 #ifndef HAVE_TIMEGM
 	static time_t timegm(struct tm *t) {
 	    char *tz = getenv("TZ");
 	    setenv("TZ","",1); tzset();
 	    time_t rv = mktime(t);
 	    if(tz)
 		setenv("TZ",tz,1);
 	    else
 		unsetenv("TZ");
 	    tzset();
 	    return rv;
 	}
 #	define timegm opkele::util::timegm
 #endif /* HAVE_TIMEGM */
 
 	time_t w3c_to_time(const string& w) {
 	    int fraction;
 	    struct tm tm_t;
 	    memset(&tm_t,0,sizeof(tm_t));
 	    if( (
 			sscanf(
 			    w.c_str(),
 			    "%04d-%02d-%02dT%02d:%02d:%02dZ",
 			    &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday,
 			    &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec
 			    ) != 6
 		) && (
 		    sscanf(
 			w.c_str(),
 			"%04d-%02d-%02dT%02d:%02d:%02d.%03dZ",
 			&tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday,
 			&tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec,
 			&fraction
 			) != 7
 		    ) )
 		throw failed_conversion(OPKELE_CP_ "failed to sscanf()");
 	    tm_t.tm_mon--;
 	    tm_t.tm_year-=1900;
 	    time_t rv = timegm(&tm_t);
 	    if(rv==(time_t)-1)
 		throw failed_conversion(OPKELE_CP_ "failed to gmtime()");
 	    return rv;
 	}
 
 	/*
 	 *
 	 */
 
 	static inline bool isrfc3986unreserved(int c) {
 	    if(c<'-') return false;
 	    if(c<='.') return true;
 	    if(c<'0') return false; if(c<='9') return true;
 	    if(c<'A') return false; if(c<='Z') return true;
 	    if(c<'_') return false;
 	    if(c=='_') return true;
 	    if(c<'a') return false; if(c<='z') return true;
 	    if(c=='~') return true;
 	    return false;
 	}
 
 	struct __url_encoder : public unary_function<char,void> {
 	    public:
 		string& rv;
 
 		__url_encoder(string& r) : rv(r) { }
 
 		result_type operator()(argument_type c) {
 		    if(isrfc3986unreserved(c))
 			rv += c;
 		    else{
 			char tmp[4];
 			snprintf(tmp,sizeof(tmp),"%%%02X",
 				(c&0xff));
 			rv += tmp;
 		    }
 		}
 	};
 
 	string url_encode(const string& str) {
 	    string rv;
 	    for_each(str.begin(),str.end(),
 		    __url_encoder(rv));
 	    return rv;
 	}
 
 	string url_decode(const string& str) {
 	    string rv;
 	    back_insert_iterator<string> ii(rv);
 	    char tmp[3]; tmp[2] = 0;
 	    for(string::const_iterator i=str.begin(),ie=str.end();
 		    i!=ie;++i) {
 		switch(*i) {
 		    case '+':
 			*(ii++) = ' '; break;
 		    case '%':
-			++i;
-			if(i==ie)
+			if((++i)==ie)
 			    throw failed_conversion(OPKELE_CP_ "trailing percent in the url-encoded string");
-			tmp[0] = *(i++);
-			if(i==ie)
+			tmp[0] = *i;
+			if((++i)==ie)
 			    throw failed_conversion(OPKELE_CP_ "not enough hexadecimals after the percent sign in url-encoded string");
 			tmp[1] = *i;
 			if(!(isxdigit(tmp[0]) && isxdigit(tmp[1])))
 			    throw failed_conversion(OPKELE_CP_ "non-hex follows percent in url-encoded string");
 			*(ii++) = (char)strtol(tmp,0,16);
 			break;
 		    default:
 			*(ii++) = *i; break;
 		}
 	    }
 	    return rv;
 	}
 
 	string attr_escape(const string& str) {
 	    static const char *unsafechars = "<>&\n\"'";
 	    string rv;
 	    string::size_type p=0;
 	    while(true) {
 		string::size_type us = str.find_first_of(unsafechars,p);
 		if(us==string::npos) {
 		    if(p!=str.length())
 			rv.append(str,p,str.length()-p);
 		    return rv;
 		}
 		rv.append(str,p,us-p);
 		rv += "&#";
 		rv += long_to_string((long)str[us]);
 		rv += ';';
 		p = us+1;
 	    }
 	}
 
 	string long_to_string(long l) {
 	    char rv[32];
 	    int r=snprintf(rv,sizeof(rv),"%ld",l);
 	    if(r<0 || r>=(int)sizeof(rv))
 		throw failed_conversion(OPKELE_CP_ "failed to snprintf()");
 	    return rv;
 	}
 
 	long string_to_long(const string& s) {
 	    char *endptr = 0;
 	    long rv = strtol(s.c_str(),&endptr,10);
 	    if((!endptr) || endptr==s.c_str())
 		throw failed_conversion(OPKELE_CP_ "failed to strtol()");
 	    return rv;
 	}
 
 	/*
 	 * Normalize URL according to the rules, described in rfc 3986, section 6
 	 *
 	 * - uppercase hex triplets (e.g. %ab -> %AB)
 	 * - lowercase scheme and host
 	 * - decode %-encoded characters, specified as unreserved in rfc 3986, section 2.3,
 	 *   that is - [:alpha:][:digit:]._~-
 	 * - remove dot segments
 	 * - remove empty and default ports
 	 * - if there's no path component, add '/'
 	 */
 	 string rfc_3986_normalize_uri(const string& uri) {
 	     string rv;
 	     string::size_type ns = uri.find_first_not_of(data::_whitespace_chars);
 	     if(ns==string::npos)
 		 throw bad_input(OPKELE_CP_ "Can't normalize empty URI");
 	     string::size_type colon = uri.find(':',ns);
 	     if(colon==string::npos)
 		 throw bad_input(OPKELE_CP_ "No scheme specified in URI");
 	     transform(
 		     uri.begin()+ns, uri.begin()+colon+1,
 		     back_inserter(rv), ::tolower );
 	     bool s;
 	     string::size_type ul = uri.find_last_not_of(data::_whitespace_chars)+1;
 	     if(ul <= (colon+3))
 		 throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered");
 	     if(uri[colon+1]!='/' || uri[colon+2]!='/')
 		 throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component");
 	     if(rv=="http:")
 		 s = false;
 	     else if(rv=="https:")
 		 s = true;
 	     else{
 		 /* TODO: support more schemes.  e.g. xri. How do we normalize
 		  * xri?
 		  */
 		 rv.append(uri,colon+1,ul-colon-1);
 		 return rv;
 	     }
 	     rv += "//";
 	     string::size_type interesting = uri.find_first_of(":/#?",colon+3);
 	     if(interesting==string::npos) {
 		 transform(
 			 uri.begin()+colon+3,uri.begin()+ul,
 			 back_inserter(rv), ::tolower );
 		 rv += '/'; return rv;
 	     }
 	     transform(
 		     uri.begin()+colon+3,uri.begin()+interesting,
 		     back_inserter(rv), ::tolower );
 	     bool qf = false;
 	     char ic = uri[interesting];
 	     if(ic==':') {
 		 string::size_type ni = uri.find_first_of("/#?%",interesting+1);
 		 const char *nptr = uri.data()+interesting+1;
 		 char *eptr = 0;
 		 long port = strtol(nptr,&eptr,10);
 		 if( (port>0) && (port<65535) && port!=(s?443:80) ) {
 		     char tmp[8];
 		     snprintf(tmp,sizeof(tmp),":%ld",port);
 		     rv += tmp;
 		 }
 		 if(ni==string::npos) {
 		     rv += '/'; return rv;
 		 }
 		 interesting = ni;
 	     }else if(ic!='/') {
 		 rv += '/'; rv += ic;
 		 qf = true;
 		 ++interesting;
 	     }
 	     string::size_type n = interesting;
 	     char tmp[3] = { 0,0,0 };
 	     stack<string::size_type> psegs; psegs.push(rv.length());
 	     string pseg;
 	     for(;n<ul;) {
 		 string::size_type unsafe = uri.find_first_of(qf?"%":"%/?#",n);
 		 if(unsafe==string::npos) {
 		     pseg.append(uri,n,ul-n-1); n = ul-1;
 		 }else{