From e4a244a6cb1837d1748381e4552b5199a5782150 Mon Sep 17 00:00:00 2001 From: andreykproductengine Date: Thu, 11 Apr 2019 20:29:50 +0300 Subject: SL-10924 Fix data escaping to accomodate CEF update --- indra/llcommon/lluri.cpp | 97 ++++++++++++++++++++++++++++++++++++++++++++++++ indra/llcommon/lluri.h | 8 ++++ 2 files changed, 105 insertions(+) (limited to 'indra/llcommon') diff --git a/indra/llcommon/lluri.cpp b/indra/llcommon/lluri.cpp index 758b98e143..e2285d0a9c 100644 --- a/indra/llcommon/lluri.cpp +++ b/indra/llcommon/lluri.cpp @@ -173,6 +173,19 @@ namespace "-._~"; return s; } + const std::string path() + { + static const std::string s = + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz" + "0123456789" + "$-_.+" + "!*'()," + "{}|\\^~[]`" + "<>#%" + ";/?:@&="; + return s; + } const std::string sub_delims() { static const std::string s = "!$&'()*+,;="; @@ -187,6 +200,12 @@ namespace { return LLURI::escape(s, unreserved() + ":@!$'()*+,"); } // sub_delims - "&;=" + ":@" std::string escapeQueryValue(const std::string& s) { return LLURI::escape(s, unreserved() + ":@!$'()*+,="); } // sub_delims - "&;" + ":@" + std::string escapeUriQuery(const std::string& s) + { return LLURI::escape(s, unreserved() + ":@?&$;*+=%/"); } + std::string escapeUriData(const std::string& s) + { return LLURI::escape(s, unreserved()); } + std::string escapeUriPath(const std::string& s) + { return LLURI::escape(s, path()); } } //static @@ -202,6 +221,84 @@ std::string LLURI::escape(const std::string& str) return escape(str, default_allowed, true); } +//static +std::string LLURI::escapePathAndData(const std::string &str) +{ + std::string result; + + const std::string data_marker = "data:"; + if (str.compare(0, data_marker.length(), data_marker) == 0) + { + // This is not url, but data, data part needs to be properly escaped + // data part is separated by ',' from header. Minimal data uri is "data:," + // See "data URI scheme" + size_t separator = str.find(','); + if (separator != std::string::npos) + { + size_t header_size = separator + 1; + std::string header = str.substr(0, header_size); + // base64 is url-safe + if (header.find("base64") != std::string::npos) + { + // assume url-safe data + result = str; + } + else + { + std::string data = str.substr(header_size, str.length() - header_size); + + // Notes: File can be partially pre-escaped, that's why escaping ignores '%' + // It somewhat limits user from displaying strings like "%20" in text + // but that's how viewer worked for a while and user can double-encode it + + // Header doesn't need escaping + result = header + escapeUriData(data); + } + } + } + else + { + // try processing it as path with query separator + // The query component is indicated by the first question + // mark("?") character and terminated by a number sign("#") + size_t delim_pos = str.find('?'); + if (delim_pos == std::string::npos) + { + // alternate separator + delim_pos = str.find(';'); + } + + if (delim_pos != std::string::npos) + { + size_t path_size = delim_pos + 1; + std::string query; + std::string fragment; + + size_t fragment_pos = str.find('#'); + if (fragment_pos != std::string::npos) + { + query = str.substr(path_size, fragment_pos - path_size); + fragment = str.substr(fragment_pos); + } + else + { + query = str.substr(path_size); + } + + std::string path = str.substr(0, path_size); + + result = escapeUriPath(path) + escapeUriQuery(query) + escapeUriPath(fragment); + } + } + + if (result.empty()) + { + // Not a known scheme or no data part, try just escaping as Uri path + result = escapeUriPath(str); + } + return result; +} + LLURI::LLURI() { } diff --git a/indra/llcommon/lluri.h b/indra/llcommon/lluri.h index 9e44cc7da2..b8fca0ca51 100644 --- a/indra/llcommon/lluri.h +++ b/indra/llcommon/lluri.h @@ -157,6 +157,14 @@ public: const std::string& allowed, bool is_allowed_sorted = false); + /** + * @brief Break string into data part and path or sheme + * and escape path (if present) and data. + * Data part is not allowed to have path related symbols + * @param str The raw URI to escape. + */ + static std::string escapePathAndData(const std::string &str); + /** * @brief unescape an escaped URI string. * -- cgit v1.2.3 From ffe93b3c93b628b73c0a809f48c3370f656603bb Mon Sep 17 00:00:00 2001 From: andreykproductengine Date: Sat, 13 Apr 2019 14:42:38 +0300 Subject: SL-10924 Missed symbol --- indra/llcommon/lluri.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'indra/llcommon') diff --git a/indra/llcommon/lluri.cpp b/indra/llcommon/lluri.cpp index e2285d0a9c..9942bc0cf8 100644 --- a/indra/llcommon/lluri.cpp +++ b/indra/llcommon/lluri.cpp @@ -203,7 +203,7 @@ namespace std::string escapeUriQuery(const std::string& s) { return LLURI::escape(s, unreserved() + ":@?&$;*+=%/"); } std::string escapeUriData(const std::string& s) - { return LLURI::escape(s, unreserved()); } + { return LLURI::escape(s, unreserved() + "%"); } std::string escapeUriPath(const std::string& s) { return LLURI::escape(s, path()); } } @@ -249,7 +249,8 @@ std::string LLURI::escapePathAndData(const std::string &str) // Notes: File can be partially pre-escaped, that's why escaping ignores '%' // It somewhat limits user from displaying strings like "%20" in text - // but that's how viewer worked for a while and user can double-encode it + // but that's how viewer worked for a while and user can double-escape it + // Header doesn't need escaping result = header + escapeUriData(data); -- cgit v1.2.3 From 29f0a7808ff470bd20c76b089881c98b3b59e6fc Mon Sep 17 00:00:00 2001 From: andreykproductengine Date: Tue, 16 Apr 2019 21:58:22 +0300 Subject: SL-10930 LLStringUtil pointlessly scan the string --- indra/llcommon/llstring.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'indra/llcommon') diff --git a/indra/llcommon/llstring.h b/indra/llcommon/llstring.h index 30bec3a6f8..b619a9e48c 100644 --- a/indra/llcommon/llstring.h +++ b/indra/llcommon/llstring.h @@ -1735,7 +1735,8 @@ bool LLStringUtilBase::startsWith( const string_type& substr) { if(string.empty() || (substr.empty())) return false; - if(0 == string.find(substr)) return true; + if (substr.length() > string.length()) return false; + if (0 == string.compare(0, substr.length(), substr)) return true; return false; } @@ -1746,9 +1747,11 @@ bool LLStringUtilBase::endsWith( const string_type& substr) { if(string.empty() || (substr.empty())) return false; - std::string::size_type idx = string.rfind(substr); - if(std::string::npos == idx) return false; - return (idx == (string.size() - substr.size())); + size_t sub_len = substr.length(); + size_t str_len = string.length(); + if (sub_len > str_len) return false; + if (0 == string.compare(str_len - sub_len, sub_len, substr)) return true; + return false; } // static -- cgit v1.2.3 From 562fe5bf6345fe79f91c657f4d1a30bfc07fbb34 Mon Sep 17 00:00:00 2001 From: andreykproductengine Date: Mon, 27 May 2019 17:32:53 +0300 Subject: SL-10908 Output class names we are clearing on startup --- indra/llcommon/llmortician.cpp | 36 ++++++++++++++++++++++++++++++++++++ indra/llcommon/llmortician.h | 2 ++ 2 files changed, 38 insertions(+) (limited to 'indra/llcommon') diff --git a/indra/llcommon/llmortician.cpp b/indra/llcommon/llmortician.cpp index 287f096eae..93c7d520f2 100644 --- a/indra/llcommon/llmortician.cpp +++ b/indra/llcommon/llmortician.cpp @@ -37,6 +37,42 @@ LLMortician::~LLMortician() sGraveyard.remove(this); } +U32 LLMortician::logClass(std::stringstream &str) +{ + U32 size = sGraveyard.size(); + str << "Mortician graveyard count: " << size; + str << " Zealous: " << (sDestroyImmediate ? "True" : "False"); + if (size == 0) + { + return size; + } + str << " Output:\n"; + std::list::iterator iter = sGraveyard.begin(); + std::list::iterator end = sGraveyard.end(); + while (iter!=end) + { + LLMortician* dead = *iter; + iter++; + // Be as detailed and safe as possible to figure out issues + str << "Pointer: " << dead; + if (dead) + { + try + { + str << " Is dead: " << (dead->isDead() ? "True" : "False"); + str << " Name: " << typeid(*dead).name(); + } + catch (...) + { + + } + } + str << "\n"; + } + str << "--------------------------------------------"; + return size; +} + void LLMortician::updateClass() { while (!sGraveyard.empty()) diff --git a/indra/llcommon/llmortician.h b/indra/llcommon/llmortician.h index 9517e2db5e..41cb49fab1 100644 --- a/indra/llcommon/llmortician.h +++ b/indra/llcommon/llmortician.h @@ -34,6 +34,8 @@ class LL_COMMON_API LLMortician { public: LLMortician() { mIsDead = FALSE; } + static U32 graveyardCount() { return sGraveyard.size(); }; + static U32 logClass(std::stringstream &str); static void updateClass(); virtual ~LLMortician(); void die(); -- cgit v1.2.3 From 902bfccd0239b33e28c8c1c45e14d4463bd56701 Mon Sep 17 00:00:00 2001 From: andreykproductengine Date: Tue, 28 May 2019 19:16:34 +0300 Subject: SL-11231 Unused code and wrong macro --- indra/llcommon/llfasttimer.h | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'indra/llcommon') diff --git a/indra/llcommon/llfasttimer.h b/indra/llcommon/llfasttimer.h index 2024d707da..d463fc9d65 100644 --- a/indra/llcommon/llfasttimer.h +++ b/indra/llcommon/llfasttimer.h @@ -199,14 +199,10 @@ private: friend BlockTimer timeThisBlock(BlockTimerStatHandle&); BlockTimer(BlockTimerStatHandle& timer); -#if !defined(MSC_VER) || MSC_VER < 1700 - // Visual Studio 2010 has a bug where capturing an object returned by value - // into a local reference requires access to the copy constructor at the call site. - // This appears to be fixed in 2012. -public: -#endif + // no-copy - BlockTimer(const BlockTimer& other) {}; + BlockTimer(const BlockTimer& other); + BlockTimer& operator=(const BlockTimer& other); private: U64 mStartTime; -- cgit v1.2.3