request: GET-params and cookies should not deal with non-printable values

sandbox: sandbox-linux: Adapt to newest exile.h
submodules: exile.h: Update
2025-11-04 21:30:32 +01:00 · 2025-11-04 21:29:17 +01:00 · 2025-11-04 21:28:00 +01:00 · 2025-11-03 23:33:20 +01:00 · 2025-11-03 20:46:12 +01:00 · 2025-11-03 20:08:48 +01:00
10 changed files with 106 additions and 24 deletions
--- a/2
+++ b/2
@@ -53,7 +53,7 @@ profile: qswiki
 exile.o: submodules/exile.h/exile.c
-	$(CC) -std=c99 -DHAVE_LANDLOCK=0 -c submodules/exile.h/exile.c -o exile.o
+	$(CC) -std=c99 -c submodules/exile.h/exile.c -o exile.o
 qswiki: $(WIKIOBJECTS) exile.o
 	$(CXX) $(shell shuf -e $(WIKIOBJECTS) exile.o ) ${LDFLAGS} ${INCLUDEFLAGS}  -o qswiki
--- a/gateway/httpgateway.cpp
+++ b/gateway/httpgateway.cpp
@@ -20,6 +20,7 @@ SOFTWARE.
 */
 #include "httpgateway.h"
 #include "../logger.h"
 #include <stdexcept>
 HttpGateway::HttpGateway(std::string listenaddr, int port, uint64_t maxPayloadLength)
 {
 	this->listenaddr = listenaddr;
@@ -34,6 +35,11 @@ bool HttpGateway::keepReading()
 Request HttpGateway::convertRequest(httplib::Request request)
 {
 	if(!utils::is_printable_ascii(request.target))
 	{
 		throw std::runtime_error("Invalid chars in URI: " + utils::catv(request.target));
 	}
 	Request result;
 	result.setRequestMethod(request.method);
 	result.setUrl(request.target);
@@ -55,6 +61,12 @@ Request HttpGateway::convertRequest(httplib::Request request)
 	if(request.has_header("COOKIE"))
 	{
 		std::string cookie = request.get_header_value("COOKIE");
 		if(!utils::is_printable_ascii(cookie))
 		{
 			/* We better bail */
 			throw std::runtime_error("Cookie with non printable chars sent");
 		}
 		result.initCookies(request.get_header_value("COOKIE"));
 	}
 	result.setIp("127.0.0.1");
@@ -82,6 +94,27 @@ httplib::Response HttpGateway::convertResponse(Response response)
 void HttpGateway::work(RequestWorker &worker)
 {
 	httplib::Server server;
 	server.set_exception_handler([](const httplib::Request& req, httplib::Response& res, std::exception_ptr ep) {
 		auto fmt = "<h1>Error 500</h1><p>%s</p>";
 		char buf[BUFSIZ];
 		try
 		{
 			std::rethrow_exception(ep);
 		}
 		catch (std::exception &e)
 		{
 			std::string exception = utils::html_xss(e.what());
 			snprintf(buf, sizeof(buf), fmt, exception.c_str());
 			Logger::error() << "Exception caught in Httpgateway::work():" << utils::html_xss(utils::catv(e.what()));
 		}
 		catch (...)
 		{
 			snprintf(buf, sizeof(buf), fmt, "Unknown Exception");
 			Logger::error() << "Unknown exception caught in Httpgateway::work()";
 		}
 		res.set_content(buf, "text/html");
 		res.status = 500;
 	});
 	server.set_payload_max_length(this->maxPayloadLength);
 	auto handler = [&](const httplib::Request &req, httplib::Response &res)
 	{
@@ -94,4 +127,5 @@ void HttpGateway::work(RequestWorker &worker)
 	server.Get("/(.*)", handler);
 	server.Post("/(.*)", handler);
 	server.listen(this->listenaddr.c_str(), this->listenport);
 }
--- a/logger.h
+++ b/logger.h
@@ -2,6 +2,7 @@
 #define LOGGER_H
 #include <iostream>
 #include <chrono>
 #include "utils.h"
 class Logger
 {
  private:
@@ -24,7 +25,15 @@ class Logger
 			{
 				(*out) << time(0) << " " << prefix;
 			}
 			if constexpr (std::is_convertible_v<T, std::string_view>)
 			{
 				(*out) << utils::catv(val);
 			}
 			else
 			{
 				(*out) << val;
 			}
 			headerSent = true;
 			return *this; // or maybe out itself? probably not.
 		}
--- a/qswiki.cpp
+++ b/qswiki.cpp
@@ -230,8 +230,8 @@ int main(int argc, char **argv)
 	}
 	catch(const std::exception &e)
 	{
-		Logger::error() << e.what();
+		Logger::error() << utils::catv(e.what());
-		std::cerr << e.what() << std::endl;
+		std::cerr << utils::catv(e.what()) << std::endl;
 	}
 	return 0;
 }
--- a/request.cpp
+++ b/request.cpp
@@ -86,7 +86,15 @@ void Request::initCookies(const std::string &cookiestr)
 std::string Request::get(const std::string &key) const
 {
-	return utils::getKeyOrEmpty(this->getVars, key);
+	std::string value = utils::getKeyOrEmpty(this->getVars, key);
 	/* In general all our expected GET values are printable and, for now, ascii.
 	 * If not, it's not a normal request. So just return an empty string then.
 	 * Exceptions are probably a bit too much */
 	if(!utils::is_printable_ascii(value))
 	{
 		return "";
 	}
 	return value;
 }
 std::string Request::post(const std::string &key) const
@@ -105,23 +113,18 @@ std::string Request::param(const std::string &key) const
 }
 std::string Request::cookie(const std::string &key) const
 {
 	std::string value;
 	for(const Cookie &c : cookies)
 	{
 		if(c.key == key)
 		{
-			return c.value;
+			value = c.value;
 			break;
 		}
 	}
-
+	if(utils::is_printable_ascii(value))
 	{
 		return value;
 	}
 	return "";
 }
 std::vector<std::string> Request::allGet(const std::string &key)
 {
 	return utils::getAll(this->getVars, key);
 }
 std::vector<std::string> Request::allPost(const std::string &key)
 {
 	return utils::getAll(this->postVars, key);
 }
--- a/request.h
+++ b/request.h
@@ -34,9 +34,6 @@ class Request
 	std::string post(const std::string &key) const;
 	std::string cookie(const std::string &key) const;
 	std::string param(const std::string &key) const;
 	std::vector<std::string> allGet(const std::string &key);
 	std::vector<std::string> allPost(const std::string &key);
 	const std::vector<Cookie> &getCookies() const
 	{
 		return this->cookies;
--- a/sandbox/sandbox-linux.cpp
+++ b/sandbox/sandbox-linux.cpp
@@ -44,7 +44,7 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
 	struct exile_policy *policy = exile_init_policy();
 	if(policy == NULL)
 	{
-		Logger::error() << "Failed to init sandboxing policy (worker) ";
+		Logger::error() << "Failed to init sandboxing policy";
 		return false;
 	}
 	for(unsigned int i = 0; i < fsPaths.size(); i++)
@@ -55,10 +55,8 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
 			exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, path.c_str());
 		}
 	}
 	policy->drop_caps = 1;
 	policy->not_dumpable = 1;
 	policy->no_new_privs = 1;
 	policy->mount_path_policies_to_chroot = 1;
 	policy->vow_promises = exile_vows_from_str("stdio wpath cpath rpath inet unix thread");
 	if(exile_enable_policy(policy) != 0)
 	{
--- a/submodules/exile.h
+++ b/submodules/exile.h
--- a/utils.cpp
+++ b/utils.cpp
@@ -214,3 +214,40 @@ std::string utils::trim(std::string_view view)
 	}
 	return std::string{view};
 }
 std::string utils::catv(std::string_view view)
 {
 	std::string result;
 	result.reserve(view.length());
 	for(auto c : view)
 	{
 		if (!isascii(c))
 		{
 			result += "M-";
 			result += toascii(c);
 		}
 		else if(iscntrl(c))
 		{
 			result += '^';
 			result += c == '\177' ? '?': c | 0100;
 		}
 		else
 		{
 			result += c;
 		}
 	}
 	return result;
 }
 bool utils::is_printable_ascii(std::string view)
 {
 	for(char c : view)
 	{
 		if( !(c >= ' ' && c <= '~'))
 		{
 			return false;
 		}
 	}
 	return true;
 }
--- a/utils.h
+++ b/utils.h
@@ -91,6 +91,10 @@ template <class T> inline std::string toString(const T &v)
 }
 std::string trim(std::string_view view);
 std::string catv(std::string_view view);
 bool is_printable_ascii(std::string view);
 } // namespace utils
 #endif
Author	SHA1	Message	Date
Albert S.	ae1d33a14e	request: GET-params and cookies should not deal with non-printable values	2025-11-04 21:30:32 +01:00
Albert S.	610da575ea	sandbox: sandbox-linux: Adapt to newest exile.h	2025-11-04 21:29:17 +01:00
Albert S.	9b129f0255	submodules: exile.h: Update	2025-11-04 21:28:00 +01:00
Albert S.	8e77116027	Makefile: Don't hard-disable landlock anymore	2025-11-03 23:33:20 +01:00
Albert S.	70f7289c8c	More checks for printable asciis	2025-11-03 20:46:12 +01:00
Albert S.	d0de7b8f3b	utils:catv() when printing exception	2025-11-03 20:08:48 +01:00
Albert S.	f0f5846a4a	gateway: httpgateway: Add exception handler Something at some point changed so this becomes necessar	2025-11-03 20:07:54 +01:00
Albert S.	e90b08dbde	logger.h: Use utils::catv() Who knows, clever people are everywhere	2025-11-03 20:00:34 +01:00
Albert S.	ffa59d4b36	utils: Introduce catv()	2025-11-03 19:59:26 +01:00