exec.c

来自「大国补丁后的nessus2.2.8的源代码」· C语言 代码 · 共 1,881 行 · 第 1/3 页

/* Nessus Attack Scripting Language 
 *
 * Copyright (C) 2002 - 2004 Tenable Network Security
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2,
 * as published by the Free Software Foundation
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 *
 */
#include <includes.h>
#include "nasl_regex.h"

#include "nasl.h"
#include "nasl_tree.h"
#include "nasl_global_ctxt.h"
#include "nasl_func.h"
#include "nasl_var.h"
#include "nasl_lex_ctxt.h"
#include "exec.h"
#include "preparse.h"
#include "nasl_server.h"

#include "nasl_debug.h"
#include "strutils.h"
#include "nasl_init.h"

#ifndef NASL_DEBUG
#define NASL_DEBUG 0
#endif

extern int naslparse( naslctxt * );


int
check_authenticated( lex_ctxt * lexic )
{
 if ( lexic->authenticated == 1 ) return 0;
 else {
	nasl_perror(lexic, "A non-authenticated script attempted to use an authenticated function - returning NULL\n");
	return -1;
      }
}


static int
cell2bool(lex_ctxt* lexic, tree_cell* c)
{
  tree_cell	*c2;
  int		flag;


  if (c == NULL || c == FAKE_CELL)
    return 0;
  
  switch (c->type)
    {
    case CONST_INT:
      return c->x.i_val != 0;
    case CONST_STR:
    case CONST_DATA:
      if (c->size == 0)
	return 0;
      if(c->x.str_val[0] == '0' && c->size == 1)
	{
	  /* 
	   * This gives the same semantics as Perl ("0" is false), 
	   * but I do not agree with it. 
	   * This piece of code is here from the begining of NASL2; it 
	   * probably fixed some compatibility issue with old 
	   * quick & dirty scripts. 
	   * I added this warning to check if we can switch to a
	   * simpler behaviour (empty string = false, not empty = true)
	   */
	  nasl_perror(lexic, "cell2boll: string '0' is FALSE\n");
	  return 0;
	}
     return 1;

    case REF_ARRAY:
    case DYN_ARRAY:
      nasl_perror(lexic, "cell2bool: converting array to boolean does not make sense!\n");
      return 1;

    default:
      c2 = nasl_exec(lexic, c);
      flag = cell2bool(lexic, c2);
      deref_cell(c2);
      return flag;
    }
}

static int
cvt_bool(lex_ctxt* lexic, tree_cell* c)
{
  int	flag;

#if 0
  nasl_dump_tree(c);
#endif
  flag = cell2bool(lexic, c);
  /* free(c); free_tree(c); */
  return flag;
}


static int
cell2int3(lex_ctxt* lexic, tree_cell* c, int warn)
{
  tree_cell	*c2 = NULL;
  int		x;
  char		*p = NULL;

  if (c == NULL || c == FAKE_CELL) /*  Do not SEGV on undefined variables */
    return 0;

  switch(c->type)
    {
    case CONST_INT:
      return c->x.i_val;

    case CONST_STR:
    case CONST_DATA:
      x = strtol(c->x.str_val, &p, 0);
      if (*p != '\0' && warn)
      if (warn)
	nasl_perror(lexic, "Converting a non numeric string to integer does not make sense in this context");
      return x;

    default:
      c2 = nasl_exec(lexic, c);
      x = cell2int3(lexic, c2, warn);
      deref_cell(c2);
      return x;
    }
}

static int
cell2int(lex_ctxt* lexic, tree_cell* c)
{
  return cell2int3(lexic, c, 0);
}

static int
cell2intW(lex_ctxt* lexic, tree_cell* c)
{
  return cell2int3(lexic, c, 1);
}

static tree_cell*
int2cell(int x)
{
  tree_cell	*c = alloc_expr_cell(0, CONST_INT, NULL, NULL);
  c->x.i_val = x;
  return c;
}

static tree_cell*
bool2cell(int x)
{
  return int2cell(x != 0);
}

static char*
cell2str(lex_ctxt* lexic, tree_cell* c)
{
  char	* p;
  tree_cell	*c2;
  nasl_array	*a;

  if (c == NULL || c == FAKE_CELL)
    {
#if NASL_DEBUG > 0
      nasl_perror(lexic, "Cannot convert NULL or FAKE cell to string\n");
#endif
      return NULL;
    }
      
  switch(c->type)
    {
    case CONST_INT:
      p = malloc(16);
      if (p != NULL)
	snprintf(p, 16, "%d", c->x.i_val);
      return p;
      
    case CONST_STR:
    case CONST_DATA:
      if ( c->x.str_val == NULL)
	p = estrdup("");
      else
	p = nasl_strndup(c->x.str_val, c->size);
      return p;

    case REF_ARRAY:
    case DYN_ARRAY:
      a = c->x.ref_val;
      p = (char*)array2str(a);
      return estrdup(p);

    default:
      c2 = nasl_exec(lexic, c);
      p = cell2str(lexic, c2);
      deref_cell(c2);
      if (p == NULL)
	p = estrdup("");
      return p;
    }
}


#ifdef DEPRECAT_CODE
char*
cell2str_and_size(lex_ctxt* lexic, tree_cell* c, int * sz)
{
  char	* p;
  tree_cell	*c2;

  if (c == NULL || c == FAKE_CELL)
    {
#if NASL_DEBUG > 0
      nasl_perror(lexic, "Cannot convert NULL or FAKE cell to string\n");
#endif
      return NULL;
    }
      
  switch(c->type)
    {
    case CONST_INT:
      p = malloc(16);
      if ( p == NULL ) 
        return NULL;
      snprintf(p, 16, "%d", c->x.i_val);
      if(sz != NULL)*sz = strlen(p);
      return p;
      
    case CONST_STR:
    case CONST_DATA:
      if ( c->x.str_val == NULL)
	p = estrdup("");
      else
	p = nasl_strndup(c->x.str_val, c->size);
      if(sz != NULL)*sz = c->size;
      return p;
      
    default:
      c2 = nasl_exec(lexic, c);
      p = cell2str_and_size(lexic, c2, sz);
      deref_cell(c2);
      if (p == NULL)
      	{
	p = estrdup("");
      	if(sz != NULL)*sz = 0;
	}
      return p;
    }
}
#endif

/* cell2atom returns a 'referenced' cell */	
tree_cell*
cell2atom(lex_ctxt* lexic, tree_cell* c1)
{
  tree_cell	*c2 = NULL, *ret = NULL;
  if (c1 == NULL || c1 == FAKE_CELL)
    return c1;

  switch(c1->type)
    {
    case CONST_INT:
    case CONST_STR:
    case CONST_DATA:
    case REF_ARRAY:
    case DYN_ARRAY:
      ref_cell(c1);
      return c1;
    default:
      c2 = nasl_exec(lexic, c1);
      ret = cell2atom(lexic, c2);
      deref_cell(c2);
      return ret;
    }
}

int
cell_cmp(lex_ctxt* lexic, tree_cell* c1, tree_cell* c2)
{
  int		flag, x1, x2, typ, typ1, typ2;
  char		*s1, *s2;
  int		len_s1, len_s2, len_min;


#if NASL_DEBUG >= 0
  if (c1 == NULL || c1 == FAKE_CELL)
    nasl_perror(lexic, "cell_cmp: c1 == NULL !\n");
  if (c2 == NULL || c2 == FAKE_CELL)
    nasl_perror(lexic, "cell_cmp: c2 == NULL !\n");
#endif

  /* We first convert the cell to atomic types */
  c1 = cell2atom(lexic, c1);
  c2 = cell2atom(lexic, c2);

  /*
   * Comparing anything to something else which is entirely different 
   * may lead to unpredictable results.
   * Here are the rules:
   * 1. No problem with same types, although we do not compare arrays yet
   * 2. No problem with CONST_DATA / CONST_STR
   * 3. When an integer is compared to a string, the integer is converted
   * 4. When NULL is compared to an integer, it is converted to 0
   * 5. When NULL is compared to a string, it is converted to ""
   * 6. NULL is "smaller" than anything else (i.e. an array)
   * Anything else is an error
   */
  typ1 = cell_type(c1);
  typ2 = cell_type(c2);

  if (typ1 == 0 && typ2 == 0)	/* Two NULL */
    {
      deref_cell(c1); deref_cell(c2); 
      return 0;
    }

  if (typ1 == typ2)		/* Same type, no problem */
    typ = typ1;
  else if ((typ1 == CONST_DATA || typ1 == CONST_STR) &&
	   (typ2 == CONST_DATA || typ2 == CONST_STR))
    typ = CONST_DATA;		/* Same type in fact (string) */
  /* We convert an integer into a string before compare */
  else if ((typ1 == CONST_INT && (typ2 == CONST_DATA || typ2 == CONST_STR)) ||
	   (typ2 == CONST_INT && (typ1 == CONST_DATA || typ1 == CONST_STR)) )
    {
#if NASL_DEBUG > 0
      nasl_perror(lexic, "cell_cmp: converting integer to string\n");
#endif
      typ = CONST_DATA;
    }
  else if (typ1 == 0)		/* 1st argument is null */
    if (typ2 == CONST_INT || typ2 == CONST_DATA || typ2 == CONST_STR)
      typ = typ2;		/* We convert it to 0 or "" */
    else
      {
	deref_cell(c1); deref_cell(c2); 
	return -1;		/* NULL is smaller than anything else */
      }
  else if (typ2 == 0)		/* 2nd argument is null */
    if (typ1 == CONST_INT || typ1 == CONST_DATA || typ1 == CONST_STR)
      typ = typ1;		/* We convert it to 0 or "" */
    else
      {
	deref_cell(c1); deref_cell(c2); 
	return 1;		/* Anything else is greater than NULL  */
      }
  else
    {
      nasl_perror(lexic, "cell_cmp: comparing %s and %s does not make sense\n", nasl_type_name(typ1), nasl_type_name(typ2));
      deref_cell(c1); deref_cell(c2); 
      return 0;
    } 

  switch (typ)
    {
    case CONST_INT:
      x1 = cell2int(lexic, c1);
      x2 = cell2int(lexic, c2);
      deref_cell(c1); deref_cell(c2); 
      return x1 - x2;

    case CONST_STR:
    case CONST_DATA:
      s1 = cell2str(lexic, c1);
      if (typ1 == CONST_STR || typ1 == CONST_DATA)
	len_s1 = c1->size;
      else if (s1 == NULL)
	len_s1 = 0;
      else
	len_s1 = strlen(s1);

      s2 = cell2str(lexic, c2);
      if (typ2 == CONST_STR || typ2 == CONST_DATA)
	len_s2 = c2->size;
      else if (s2 == NULL)
	len_s2 = 0;
      else
	len_s2 = strlen(s2);
       		  
      len_min = len_s1 < len_s2 ? len_s1 : len_s2;
      flag = 0;

      if (len_min > 0)
	flag = memcmp(s1, s2, len_min);
      if (flag == 0)
	flag = len_s1 - len_s2;
       	
      efree(&s1); efree(&s2); 
      deref_cell(c1); deref_cell(c2); 
      return flag;

    case REF_ARRAY:
    case DYN_ARRAY:
      fprintf(stderr, "cell_cmp: cannot compare arrays yet\n");
      deref_cell(c1); deref_cell(c2); 
      return 0;

    default:
      fprintf(stderr, "cell_cmp: don't known how to compare %s and %s\n",
	      nasl_type_name(typ1), nasl_type_name(typ2));
      deref_cell(c1); deref_cell(c2); 
      return 0;
    }
}

FILE*	nasl_trace_fp = NULL;

lex_ctxt* truc = NULL;

static void
nasl_dump_expr(FILE* fp, const tree_cell* c)
{
  if (c == NULL)
    fprintf(fp, "NULL");
  else if  (c == FAKE_CELL)
    fprintf(fp, "FAKE");
  else
    switch(c->type)
      {
      case NODE_VAR:
	fprintf(fp, "%s", c->x.str_val);
	break;
      case EXPR_AND:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") && (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_OR:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") || (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_NOT:
	fprintf(fp, "! (");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ")");
	break;
      case EXPR_PLUS:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") + (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_MINUS:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") - (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;

      case EXPR_INCR:
	if (c->link[0] == NULL)
	  {
	    fprintf(fp, " ++");
	    nasl_dump_expr(fp, c->link[1]);
	  }
	else
	  {
	    nasl_dump_expr(fp, c->link[0]);
	    fprintf(fp, "++ ");
	  }
	break;
      case EXPR_DECR:
	if (c->link[0] == NULL)
	  {
	    fprintf(fp, " --");
	    nasl_dump_expr(fp, c->link[1]);
	  }
	else
	  {
	    nasl_dump_expr(fp, c->link[0]);
	    fprintf(fp, "-- ");
	  }
	break;
	    
      case EXPR_EXPO:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") ** (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;

      case EXPR_U_MINUS:
	fprintf(fp, " - (");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ")");
	break;

      case EXPR_MULT:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") * (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_DIV:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") / (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_MODULO:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") %% (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_BIT_AND:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") & (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_BIT_OR:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") | (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_BIT_XOR:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") ^ (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_BIT_NOT:
	fprintf(fp, "~ (");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ")");
	break;
      case EXPR_L_SHIFT:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") << (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_R_SHIFT:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") >> (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case EXPR_R_USHIFT:
	fprintf(fp, "(");
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, ") >>> (");
	nasl_dump_expr(fp, c->link[1]);
	fprintf(fp, ")");
	break;
      case COMP_MATCH:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " >< ");
	nasl_dump_expr(fp, c->link[1]);
	break;
      case COMP_NOMATCH:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " >!< ");
	nasl_dump_expr(fp, c->link[1]);
	break;

      case COMP_RE_MATCH:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " =~ ");
	nasl_dump_expr(fp, c->link[1]);
	break;

      case COMP_RE_NOMATCH:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " !~ ");
	nasl_dump_expr(fp, c->link[1]);
	break;

      case COMP_LT:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " < ");
	nasl_dump_expr(fp, c->link[1]);
	break;
      case COMP_LE:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " <= ");
	nasl_dump_expr(fp, c->link[1]);
	break;
      case COMP_GT:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " > ");
	nasl_dump_expr(fp, c->link[1]);
	break;
      case COMP_GE:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " >= ");
	nasl_dump_expr(fp, c->link[1]);
	break;
      case COMP_EQ:
	nasl_dump_expr(fp, c->link[0]);
	fprintf(fp, " == ");
	nasl_dump_expr(fp, c->link[1]);
	break;