From 931aae1463c95af3bb24a5cec367fe657a478856 Mon Sep 17 00:00:00 2001
From: Adam Chlipala <adamc@hcoop.net>
Date: Sat, 15 Dec 2007 16:42:49 +0000
Subject: [PATCH] Using PCRE to check regexps passed to Apache

---
 Makefile                  | 25 +++++++++++++++++++++++--
 pcre/mlton/FFI/.cvsignore |  2 ++
 pcre/mlton/libpcre-h.sml  | 13 +++++++++++++
 pcre/pcre_sml.c           | 15 +++++++++++++++
 pcre/pcre_sml.h           |  1 +
 pcre/smlnj/.cvsignore     |  1 +
 pcre/smlnj/FFI/.cvsignore |  3 +++
 pcre/smlnj/libpcre-h.sml  | 13 +++++++++++++
 src/client.sml            |  6 +++---
 src/compat.sig            |  3 ---
 src/compat_mlton.sml      |  3 ---
 src/compat_smlnj.sml      |  3 ---
 src/pcre.sig              | 25 +++++++++++++++++++++++++
 src/pcre.sml              | 31 +++++++++++++++++++++++++++++++
 src/plugins/apache.sml    |  4 ++++
 src/prefix.cm             |  1 +
 src/prefix.mlb            |  1 +
 src/sources               |  3 +++
 18 files changed, 139 insertions(+), 14 deletions(-)
 create mode 100644 pcre/mlton/FFI/.cvsignore
 create mode 100644 pcre/mlton/libpcre-h.sml
 create mode 100644 pcre/pcre_sml.c
 create mode 100644 pcre/pcre_sml.h
 create mode 100644 pcre/smlnj/.cvsignore
 create mode 100644 pcre/smlnj/FFI/.cvsignore
 create mode 100644 pcre/smlnj/libpcre-h.sml
 create mode 100644 src/pcre.sig
 create mode 100644 src/pcre.sml

diff --git a/Makefile b/Makefile
index 9396f38..c837af1 100644
--- a/Makefile
+++ b/Makefile
@@ -4,7 +4,7 @@ bin/vmailpasswd: src/mail/vmailpasswd.c
 	$(CC) -lcrypt -o $@ $<
 
 COMMON_DEPS := configDefault/config.sig configDefault/configDefault.sml \
-	openssl/openssl_sml.so config.sml
+	openssl/openssl_sml.so pcre/pcre_sml.so config.sml
 
 EMACS_DIR := /usr/local/share/emacs/site-lisp/domtool-mode
 
@@ -17,7 +17,8 @@ mlton: bin/domtool-server bin/domtool-client bin/domtool-slave \
 	bin/domtool-admin bin/domtool-doc bin/dbtool bin/vmail \
 	bin/smtplog bin/setsa bin/mysql-fixperms bin/webbw
 
-smlnj: $(COMMON_DEPS) openssl/smlnj/FFI/libssl.h.cm src/domtool.cm
+smlnj: $(COMMON_DEPS) openssl/smlnj/FFI/libssl.h.cm pcre/smlnj/FFI/libpcre.h.cm \
+	src/domtool.cm
 
 configDefault/config.sig: src/config.sig.header \
 		configDefault/*.csg configDefault/*.cfs \
@@ -43,6 +44,14 @@ openssl/openssl_sml.so: openssl/openssl_sml.o
 		-o openssl/openssl_sml.so \
 		openssl/openssl_sml.o -lssl
 
+pcre/pcre_sml.o: pcre/pcre_sml.c
+	gcc -fPIC -c pcre/pcre_sml.c -o pcre/pcre_sml.o
+
+pcre/pcre_sml.so: pcre/pcre_sml.o
+	gcc -shared -Wl,-soname,pcre_sml.so \
+		-o pcre/pcre_sml.so \
+		pcre/pcre_sml.o -lpcre
+
 src/domtool.cm: src/prefix.cm src/sources
 	cat src/prefix.cm src/sources >src/domtool.cm
 
@@ -100,6 +109,16 @@ openssl/mlton/FFI/libssl.h.mlb: openssl/openssl_sml.h
 	-mlbfile libssl.h.mlb -cppopt -D__builtin_va_list="void*" \
 	../openssl_sml.h
 
+pcre/smlnj/FFI/libpcre.h.cm: pcre/pcre_sml.h
+	cd pcre/smlnj ; ml-nlffigen -d FFI -lh LibpcreH.libh -include ../libpcre-h.sml \
+	-cm libpcre.h.cm -D__builtin_va_list="void*" \
+	../pcre_sml.h
+
+pcre/mlton/FFI/libpcre.h.mlb: pcre/pcre_sml.h
+	cd pcre/mlton ; mlnlffigen -dir FFI -libhandle LibpcreH.libh -include ../libpcre-h.sml \
+	-mlbfile libpcre.h.mlb -cppopt -D__builtin_va_list="void*" \
+	../pcre_sml.h
+
 %.lex.sml: %.lex
 	mllex $<
 
@@ -107,6 +126,7 @@ openssl/mlton/FFI/libssl.h.mlb: openssl/openssl_sml.h
 	mlyacc $<
 
 COMMON_MLTON_DEPS := openssl/mlton/FFI/libssl.h.mlb \
+	pcre/mlton/FFI/libpcre.h.mlb \
 	src/domtool.lex.sml \
 	src/domtool.grm.sig src/domtool.grm.sml \
 	$(COMMON_DEPS) src/*.sig src/*.sml \
@@ -170,6 +190,7 @@ install:
 	cp scripts/domtool-server /etc/init.d/
 	cp scripts/domtool-slave /etc/init.d/
 	cp openssl/openssl_sml.so /usr/local/lib/
+	cp pcre/pcre_sml.so /usr/local/lib/
 	-cp bin/domtool-server /usr/local/sbin/
 	-cp bin/domtool-slave /usr/local/sbin/
 	-cp bin/domtool-client /usr/local/bin/domtool
diff --git a/pcre/mlton/FFI/.cvsignore b/pcre/mlton/FFI/.cvsignore
new file mode 100644
index 0000000..73ea653
--- /dev/null
+++ b/pcre/mlton/FFI/.cvsignore
@@ -0,0 +1,2 @@
+*.sml
+*.mlb
diff --git a/pcre/mlton/libpcre-h.sml b/pcre/mlton/libpcre-h.sml
new file mode 100644
index 0000000..356df39
--- /dev/null
+++ b/pcre/mlton/libpcre-h.sml
@@ -0,0 +1,13 @@
+structure LibpcreH = struct
+    local
+        val lh = DynLinkage.open_lib
+             { name = "/usr/local/lib/pcre_sml.so", global = true, lazy = true }
+	    handle DynLinkage.DynLinkError s => raise Fail s
+    in
+        fun libh s = let
+            val sh = DynLinkage.lib_symbol (lh, s)
+        in
+            fn () => DynLinkage.addr sh
+        end
+    end
+end
diff --git a/pcre/pcre_sml.c b/pcre/pcre_sml.c
new file mode 100644
index 0000000..48998ba
--- /dev/null
+++ b/pcre/pcre_sml.c
@@ -0,0 +1,15 @@
+#include <pcre.h>
+
+int PCRE_SML_validRegexp(const char *s) {
+  pcre *re;
+  const char *error;
+  int erroffset;
+
+  re = pcre_compile(s, 0, &error, &erroffset, NULL);
+  
+  if (re) {
+    pcre_free(re);
+    return 1;
+  } else
+    return 0;
+}
diff --git a/pcre/pcre_sml.h b/pcre/pcre_sml.h
new file mode 100644
index 0000000..4d69ec1
--- /dev/null
+++ b/pcre/pcre_sml.h
@@ -0,0 +1 @@
+int PCRE_SML_validRegexp(const char *);
diff --git a/pcre/smlnj/.cvsignore b/pcre/smlnj/.cvsignore
new file mode 100644
index 0000000..6dc8e1a
--- /dev/null
+++ b/pcre/smlnj/.cvsignore
@@ -0,0 +1 @@
+.cm
diff --git a/pcre/smlnj/FFI/.cvsignore b/pcre/smlnj/FFI/.cvsignore
new file mode 100644
index 0000000..526588f
--- /dev/null
+++ b/pcre/smlnj/FFI/.cvsignore
@@ -0,0 +1,3 @@
+*.sml
+*.mlb
+*.cm
diff --git a/pcre/smlnj/libpcre-h.sml b/pcre/smlnj/libpcre-h.sml
new file mode 100644
index 0000000..356df39
--- /dev/null
+++ b/pcre/smlnj/libpcre-h.sml
@@ -0,0 +1,13 @@
+structure LibpcreH = struct
+    local
+        val lh = DynLinkage.open_lib
+             { name = "/usr/local/lib/pcre_sml.so", global = true, lazy = true }
+	    handle DynLinkage.DynLinkError s => raise Fail s
+    in
+        fun libh s = let
+            val sh = DynLinkage.lib_symbol (lh, s)
+        in
+            fn () => DynLinkage.addr sh
+        end
+    end
+end
diff --git a/src/client.sml b/src/client.sml
index 4d32f65..863c0c0 100644
--- a/src/client.sml
+++ b/src/client.sml
@@ -28,7 +28,7 @@ datatype passwd_result =
 fun getpass () =
     let
 	val tty = Posix.FileSys.stdin
-	val termios = Compat.getattr tty
+	val termios = Posix.TTY.TC.getattr tty
 	val fields = Posix.TTY.fieldsOf termios
 
 	val termios' = Posix.TTY.termios {iflag = #iflag fields,
@@ -41,11 +41,11 @@ fun getpass () =
 					  ispeed = #ispeed fields,
 					  ospeed = #ospeed fields}
 
-	fun reset () = Compat.setattr (tty, Posix.TTY.TC.sanow, termios)
+	fun reset () = Posix.TTY.TC.setattr (tty, Posix.TTY.TC.sanow, termios)
     in
 	print "        Password: ";
 	TextIO.flushOut TextIO.stdOut;
-	Compat.setattr (tty, Posix.TTY.TC.sanow, termios');
+	Posix.TTY.TC.setattr (tty, Posix.TTY.TC.sanow, termios');
 	case TextIO.inputLine TextIO.stdIn of
 	    NONE => (reset ();
 		     Aborted)
diff --git a/src/compat.sig b/src/compat.sig
index 220bfb0..b54bc27 100644
--- a/src/compat.sig
+++ b/src/compat.sig
@@ -18,7 +18,4 @@
 
 signature COMPAT = sig
     structure Char : WORD
-
-    val getattr : Posix.TTY.file_desc -> Posix.TTY.termios
-    val setattr : Posix.TTY.file_desc * Posix.TTY.TC.set_action * Posix.TTY.termios -> unit
 end
diff --git a/src/compat_mlton.sml b/src/compat_mlton.sml
index 9a6b60f..06aa3a3 100644
--- a/src/compat_mlton.sml
+++ b/src/compat_mlton.sml
@@ -18,9 +18,6 @@
 
 structure Compat : COMPAT = struct
     structure Char = MLRep.Char.Unsigned
-
-    val getattr = Posix.TTY.TC.getattr
-    val setattr = Posix.TTY.TC.setattr
 end
 
 val _ = let
diff --git a/src/compat_smlnj.sml b/src/compat_smlnj.sml
index 01cfa24..ff493be 100644
--- a/src/compat_smlnj.sml
+++ b/src/compat_smlnj.sml
@@ -18,7 +18,4 @@
 
 structure Compat : COMPAT = struct
     structure Char = Word32
-
-    val getattr = Posix.TTY.getattr
-    val setattr = Posix.TTY.setattr
 end
diff --git a/src/pcre.sig b/src/pcre.sig
new file mode 100644
index 0000000..695cd01
--- /dev/null
+++ b/src/pcre.sig
@@ -0,0 +1,25 @@
+(* HCoop Domtool (http://hcoop.sourceforge.net/)
+ * Copyright (c) 2006, Adam Chlipala
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ *)
+
+(* Perl Compatible Regular Expressions *)
+
+signature PCRE = sig
+
+    val validRegexp : string -> bool
+
+end
diff --git a/src/pcre.sml b/src/pcre.sml
new file mode 100644
index 0000000..279a5e4
--- /dev/null
+++ b/src/pcre.sml
@@ -0,0 +1,31 @@
+(* HCoop Domtool (http://hcoop.sourceforge.net/)
+ * Copyright (c) 2006, Adam Chlipala
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ *)
+
+(* Perl Compatible Regular Expressions *)
+
+structure Pcre :> PCRE = struct
+
+fun validRegexp s =
+    let
+	val buf = ZString.dupML' s
+    in
+	F_PCRE_SML_validRegexp.f' buf <> 0
+	before C.free' buf
+    end
+
+end
diff --git a/src/plugins/apache.sml b/src/plugins/apache.sml
index 617420a..fda708e 100644
--- a/src/plugins/apache.sml
+++ b/src/plugins/apache.sml
@@ -86,6 +86,10 @@ val _ = Env.type_one "suexec_flag"
 	Env.bool
 	(fn b => b orelse Domain.hasPriv "www")
 
+val _ = Env.type_one "regexp"
+	Env.string
+	Pcre.validRegexp
+
 fun validLocation s =
     size s > 0 andalso size s < 1000 andalso CharVector.all
 						 (fn ch => Char.isAlphaNum ch
diff --git a/src/prefix.cm b/src/prefix.cm
index 79ba23d..b75f99a 100644
--- a/src/prefix.cm
+++ b/src/prefix.cm
@@ -8,6 +8,7 @@ $/pp-lib.cm
 $c/internals/c-int.cm
 
 ../openssl/smlnj/FFI/libssl.h.cm
+../pcre/smlnj/FFI/libpcre.h.cm
 
 compat.sig
 compat_smlnj.sml
diff --git a/src/prefix.mlb b/src/prefix.mlb
index 026d357..71e1e43 100644
--- a/src/prefix.mlb
+++ b/src/prefix.mlb
@@ -8,6 +8,7 @@ $(SML_LIB)/smlnj-lib/PP/pp-lib.mlb
 $(SML_LIB)/mlnlffi-lib/internals/c-int.mlb
 
 ../openssl/mlton/FFI/libssl.h.mlb
+../pcre/mlton/FFI/libpcre.h.mlb
 
 compat.sig
 
diff --git a/src/sources b/src/sources
index 4e4a836..b01f76f 100644
--- a/src/sources
+++ b/src/sources
@@ -51,6 +51,9 @@ slave.sml
 defaults.sig
 defaults.sml
 
+pcre.sig
+pcre.sml
+
 openssl.sig
 openssl.sml
 
-- 
2.20.1