Commit Graph

11 Commits

Author SHA1 Message Date
Glenn Strauss af3df29ae8 [multiple] reduce redundant NULL buffer checks
This commit is a large set of code changes and results in removal of
hundreds, perhaps thousands, of CPU instructions, a portion of which
are on hot code paths.

Most (buffer *) used by lighttpd are not NULL, especially since buffers
were inlined into numerous larger structs such as request_st and chunk.

In the small number of instances where that is not the case, a NULL
check is often performed earlier in a function where that buffer is
later used with a buffer_* func.  In the handful of cases that remained,
a NULL check was added, e.g. with r->http_host and r->conf.server_tag.

- check for empty strings at config time and set value to NULL if blank
  string will be ignored at runtime; at runtime, simple pointer check
  for NULL can be used to check for a value that has been set and is not
  blank ("")
- use buffer_is_blank() instead of buffer_string_is_empty(),
  and use buffer_is_unset() instead of buffer_is_empty(),
  where buffer is known not to be NULL so that NULL check can be skipped
- use buffer_clen() instead of buffer_string_length() when buffer is
  known not to be NULL (to avoid NULL check at runtime)
- use buffer_truncate() instead of buffer_string_set_length() to
  truncate string, and use buffer_extend() to extend

Examples where buffer known not to be NULL:
  - cpv->v.b from config_plugin_values_init is not NULL if T_CONFIG_BOOL
    (though we might set it to NULL if buffer_is_blank(cpv->v.b))
  - address of buffer is arg (&foo)
    (compiler optimizer detects this in most, but not all, cases)
  - buffer is checked for NULL earlier in func
  - buffer is accessed in same scope without a NULL check (e.g. b->ptr)

internal behavior change:
  callers must not pass a NULL buffer to some funcs.
  - buffer_init_buffer() requires non-null args
  - buffer_copy_buffer() requires non-null args
  - buffer_append_string_buffer() requires non-null args
  - buffer_string_space() requires non-null arg
2021-08-27 02:16:53 -04:00
Glenn Strauss 980554bc70 [core] simplify buffer_path_simplify() 2021-05-08 14:34:05 -04:00
Glenn Strauss 160baff923 [core] copy string and len directly from tmp_buf
copy string and len directly from tmp_buf without buffer_commit(tb, ...)
if tmp_buf contents are not used after the copy
2021-03-26 07:33:42 -04:00
Glenn Strauss c58b95f297 [core] light_isupper(), light_islower()
more efficient char checks
(replace one comparision and one branch with one subtraction)
2020-10-11 12:19:26 -04:00
Glenn Strauss c18f442a63 [multiple] add summaries to top of some modules 2020-07-08 22:51:31 -04:00
Glenn Strauss 9cdfb48466 [core] preserve %2b and %2B in query string (fixes #2999)
normalize %2b or %2B in query string to %2B (uppercase hex),
and not to '+'

(thx int-e)

  "url-normalize-required expands %2B in query strings"
2020-01-26 00:41:05 -05:00
Glenn Strauss e757978497 [core] remove repeated slashes in http-parseopts
remove repeated slashes in server.http-parseopts
with url-path-dotseg-remove, including leading "//"

(prior to this patch, leading "//" was skipped)
2019-04-15 23:53:22 -04:00
Glenn Strauss 32120d5b8b [core] fix abort in http-parseopts (fixes #2945)
fix abort in server.http-parseopts with url-path-2f-decode enabled

(thx stze)

  "Security - SIGABRT during GET request handling with url-path-2f-decode enabled"
2019-04-10 11:36:28 -04:00
Glenn Strauss f832b71180 [mod_redirect,mod_rewrite] base64url encoding opt
Provide means to encode redirect and rewrite backreference substitutions

  %{encb64u:...} encode to base64url characters (no-padding)
  %{decb64u:...} decode from base64url characters
2018-08-12 14:43:22 -04:00
Glenn Strauss 255269d799 [mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)
Provide means to encode redirect and rewrite backreference substitutions
  In addition to $1 and %1, the following modifiers are now supported,
  followed by the number for the backreference, e.g. ${esc:1}

  ${noesc:...}  no escaping
  ${esc:...}    escape all non-alphanumeric - . _ ~ incl double-escape %
  ${escape:...} escape all non-alphanumeric - . _ ~ incl double-escape %
  ${escnde:...} escape all non-alphanumeric - . _ ~  but no double-esc %


Provide means to substitute URI parts without needing a regex match
  (and can be preceded by encoding modifier,
     e.g. ${tolower:url.authority})


  ${qsa}        appends query string, if not empty

  "[PATCH] mod_redirect: Add support for url-encoding backreferences, map %%n->%n, $$n->$n"
  "Need for URL encoding in mod_redirect and possibly mod_rewrite"
2018-08-12 14:43:22 -04:00
Glenn Strauss 3eb7902e10 [core] server.http-parseopts URL normalization opt (fixes #1720)
server.http-parseopts = ( ... ) URL normalization options

Note: *not applied* to CONNECT method

Note: In a future release, URL normalization likely enabled by default
  (normalize URL, reject control chars, remove . and .. path segments)
  To prepare for this change, lighttpd.conf configurations should
  explicitly select desired behavior by enabling or disabling:
    server.http-parseopts = ( "url-normalize" => "enable", ... )
    server.http-parseopts = ( "url-normalize" => "disable" )

  "lighttpd ... compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data."
  "Rewrite/redirect rules and URL encoding"
2018-08-12 14:43:22 -04:00