diff options
Diffstat (limited to 'thirdparty/libwebsockets/include/libwebsockets/lws-purify.h')
-rw-r--r-- | thirdparty/libwebsockets/include/libwebsockets/lws-purify.h | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h b/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h new file mode 100644 index 0000000000..0ae35ce33c --- /dev/null +++ b/thirdparty/libwebsockets/include/libwebsockets/lws-purify.h @@ -0,0 +1,81 @@ +/* + * libwebsockets - small server side websockets and web server implementation + * + * Copyright (C) 2010-2018 Andy Green <andy@warmcat.com> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation: + * version 2.1 of the License. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + * + * included from libwebsockets.h + */ + + +/*! \defgroup pur Sanitize / purify SQL and JSON helpers + * + * ##Sanitize / purify SQL and JSON helpers + * + * APIs for escaping untrusted JSON and SQL safely before use + */ +//@{ + +/** + * lws_sql_purify() - like strncpy but with escaping for sql quotes + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because escaping expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_sql_purify(char *escaped, const char *string, int len); + +/** + * lws_json_purify() - like strncpy but with escaping for json chars + * + * \param escaped: output buffer + * \param string: input buffer ('/0' terminated) + * \param len: output buffer max length + * + * Because escaping expands the output string, it's not + * possible to do it in-place, ie, with escaped == string + */ +LWS_VISIBLE LWS_EXTERN const char * +lws_json_purify(char *escaped, const char *string, int len); + +/** + * lws_filename_purify_inplace() - replace scary filename chars with underscore + * + * \param filename: filename to be purified + * + * Replace scary characters in the filename (it should not be a path) + * with underscore, so it's safe to use. + */ +LWS_VISIBLE LWS_EXTERN void +lws_filename_purify_inplace(char *filename); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, + int len); +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_read_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_recommended_rsa_bits(void); +///@} |