exec.c

来自「大国补丁后的nessus2.2.8的源代码」· C语言 代码 · 共 1,881 行 · 第 1/3 页

    case EXPR_NOT:
      x = cell2bool(lexic, st->link[0]);
      return bool2cell(! x);

    case EXPR_INCR:
    case EXPR_DECR:
      x =  (st->type == EXPR_INCR) ? 1 : -1;
      if (st->link[0] == NULL)
	{
	  y = 1;		/* pre */
	  tc1 = st->link[1];
	}
      else
	{
	  y = 0;		/* post */
	  tc1 = st->link[0];
	}
      tc2 = nasl_exec(lexic, tc1);
      if (tc2 == NULL)
	return NULL;
      ret = nasl_incr_variable(lexic, tc2, y, x);
      deref_cell(tc2);
      return ret;

      if (st->link[0] == NULL)
	ret = nasl_incr_variable(lexic, st->link[1], 1, 1);
      else
	ret = nasl_incr_variable(lexic, st->link[1], 0, 1);
      break;

    case EXPR_PLUS:
      s1 = s2 = NULL;
      tc1 = cell2atom(lexic, st->link[0]);
#ifdef STOP_AT_FIRST_ERROR
      if (tc1 == NULL || tc1 == FAKE_CELL)
	return NULL;
#endif
      tc2 = cell2atom(lexic, st->link[1]);
      if (tc2 == NULL || tc2 == FAKE_CELL)
	{
#ifdef STOP_AT_FIRST_ERROR
	  deref_cell(tc1);
	  return NULL;
#else
	  return tc1;
#endif
	}

      if (tc1 == NULL || tc1 == FAKE_CELL)
	return tc2;

      /*
       * Anything added to a string is converted to a string
       * Otherwise anything added to an intger is converted into an integer
       */
      if (tc1->type == CONST_DATA || tc2->type == CONST_DATA)
	flag = CONST_DATA;
      else if (tc1->type == CONST_STR || tc2->type == CONST_STR)
	flag = CONST_STR;
      else if (tc1->type == CONST_INT || tc2->type == CONST_INT)
	flag = CONST_INT;
      else
	flag = NODE_EMPTY;
#if NASL_DEBUG > 0
      if ((flag == CONST_DATA || flag == CONST_STR) && 
	  (tc1->type == CONST_INT || tc2->type == CONST_INT))
	nasl_perror(lexic, "Horrible type conversion (int -> str) for operator + %s\n", get_line_nb(st));
#endif
      switch (flag)
	{
	case CONST_INT:
	  x = tc1->x.i_val;
	  y = cell2int(lexic, tc2);
	  ret = int2cell(x + y);
	  break;

	case CONST_STR:
	case CONST_DATA:
	  s1 = s2 = NULL;
	  if (tc1->type == CONST_STR || tc1->type == CONST_DATA)
	    len1 = tc1->size;
	  else
	    {
	      s1 = cell2str(lexic, tc1);
	      len1 = (s1 == NULL ? 0 : strlen(s1));
	    }

	  if (tc2->type == CONST_STR || tc2->type == CONST_DATA)
	    len2 = tc2->size;
	  else
	    {
	      s2 = cell2str(lexic, tc2);
	      len2 = (s2 == NULL ? 0 : strlen(s2));
	    }

	  sz = len1 + len2;
	  s3 = emalloc(sz);
	  if (len1 > 0)
	    memcpy(s3, s1 != NULL ? s1 : tc1->x.str_val, len1);
	  if (len2 > 0)
	    memcpy(s3 + len1, s2 != NULL ? s2 : tc2->x.str_val, len2);
	  efree(&s1); efree(&s2);
	  ret = alloc_tree_cell(0, s3);
	  ret->type = flag;
	  ret->size = sz;
	  break;

	default:
	  ret = NULL;
	  break;
	}
      deref_cell(tc1);
      deref_cell(tc2);
      return ret;

    case EXPR_MINUS:		/* Infamous duplicated code */
      s1 = s2 = NULL;
      tc1 = cell2atom(lexic, st->link[0]);
#ifdef STOP_AT_FIRST_ERROR
      if (tc1 == NULL || tc1 == FAKE_CELL)
	return NULL;
#endif
      tc2 = cell2atom(lexic, st->link[1]);
      if (tc2 == NULL || tc2 == FAKE_CELL)
	{
#ifdef STOP_AT_FIRST_ERROR
	  deref_cell(tc1);
	  return NULL;
#else
	  return tc1;
#endif
	}

      if (tc1 == NULL || tc1 == FAKE_CELL)
	{
	  if (tc2->type == CONST_INT)
	    {
	      y = cell2int(lexic, tc2);
	      ret = int2cell(- y);
	    }
	  else
	    ret = NULL;
	  deref_cell(tc2);
	  return ret;
	}

      /*
       * Anything substracted from a string is converted to a string
       * Otherwise anything substracted from integer is converted into an
       * integer
       */
      if (tc1->type == CONST_DATA || tc2->type == CONST_DATA)
	flag = CONST_DATA;
      else if (tc1->type == CONST_STR || tc2->type == CONST_STR)
	flag = CONST_STR;
      else if (tc1->type == CONST_INT || tc2->type == CONST_INT)
	flag = CONST_INT;
      else
	flag = NODE_EMPTY;
#if NASL_DEBUG > 0
      if ((flag == CONST_DATA || flag == CONST_STR) && 
	  (tc1->type == CONST_INT || tc2->type == CONST_INT))
	nasl_perror(lexic, "Horrible type conversion (int -> str) for operator - %s\n", get_line_nb(st));
#endif
      switch (flag)
	{
	case CONST_INT:
	  x = cell2int(lexic, tc1);
	  y = cell2int(lexic, tc2);
	  ret = int2cell(x - y);
	  break;

	case CONST_STR:
	case CONST_DATA:
	  if (tc1->type == CONST_STR || tc1->type == CONST_DATA)
	    {
	      p1 = tc1->x.str_val;
	      len1 = tc1->size;
	    }
	  else
	    {
	      p1 = s1 = cell2str(lexic, tc1);
	      len1 = (s1 == NULL ? 0 : strlen(s1));
	    }
	      
	  if (tc2->type == CONST_STR || tc2->type == CONST_DATA)
	    {
	      p2 = tc2->x.str_val;
	      len2 = tc2->size;
	    }
	  else
	    {
	      p2 = s2 = cell2str(lexic, tc2);
	      len2 = (s2 == NULL ? 0 : strlen(s2));
	    }

	  if (len2 == 0 || len1 < len2 || 
	      (p = (char*)nasl_memmem(p1, len1,  p2, len2)) == NULL)
	    {
	      s3 = emalloc(len1);
	      memcpy(s3, p1, len1);
	      ret = alloc_tree_cell(0, s3);
	      ret->type = flag;
	      ret->size = len1;
	    }
	  else
	    {
	      sz = len1 - len2;
	      if (sz <= 0)
		{
		  sz = 0;
		  s3 = estrdup("");
		}
	      else
		{
		  s3 = emalloc(sz);
		  if (p - p1 > 0)
		    memcpy(s3, p1, p - p1);
		  if (sz > p - p1)
		    memcpy(s3 + (p - p1), p + len2, sz - (p - p1));
		}
	      ret = alloc_tree_cell(0, s3);
	      ret->size = sz;
	      ret->type = flag;
	    }

	  efree(&s1); efree(&s2);
	 break;

	default:
	  ret = NULL;
	  break;
	}
      deref_cell(tc1);
      deref_cell(tc2);
      return ret;
    
    case EXPR_MULT:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      return int2cell(x * y);

    case EXPR_DIV:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      if( y != 0 )
       return int2cell(x / y);
      else
       return int2cell(0);
       
    case EXPR_EXPO:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      return int2cell(expo(x, y));

    case EXPR_MODULO:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      if( y != 0)
       return int2cell(x % y);
      else
       return int2cell(0);

    case EXPR_BIT_AND:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      return int2cell(x & y);

    case EXPR_BIT_OR:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      return int2cell(x | y);

    case EXPR_BIT_XOR:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      return int2cell(x ^ y);

    case EXPR_BIT_NOT:
      x = cell2intW(lexic, st->link[0]);
      return int2cell(~ x);

    case EXPR_U_MINUS:
      x = cell2intW(lexic, st->link[0]);
      return int2cell(- x);

      /* TBD: Handle shift for strings and arrays */
    case EXPR_L_SHIFT:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
      return int2cell(x << y);

    case EXPR_R_SHIFT:		/* arithmetic right shift */
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
#if NASL_DEBUG > 0
      if (y < 0)
	nasl_perror(lexic, "Warning: Negative count in right shift!\n");
#endif
      z = x >> y;
#ifndef __GNUC__
      if (x < 0 && z >= 0)	/* Fix it */
	{
#if NASL_DEBUG > 1
	  nasl_perror(lexic, "Warning: arithmetic right shift is buggy! Fixing...\n");
#endif
	  z |= (~0) << (sizeof(x) * 8 - y);
	}
#endif
      return int2cell(z);

    case EXPR_R_USHIFT:
      x = cell2intW(lexic, st->link[0]);
      y = cell2intW(lexic, st->link[1]);
#if NASL_DEBUG > 0
      if (y < 0)
	nasl_perror(lexic, "Warning: Negative count in right shift!\n");
#endif
      z = (unsigned)x >> (unsigned)y;
#ifndef __GNUC__
      if (x < 0 && z <= 0)	/* Fix it! */
	{
#if NASL_DEBUG > 1
	  nasl_perror(lexic, "Warning: Logical right shift is buggy! Fixing...\n");
#endif
	  z &= ~((~0) << (sizeof(x) * 8 - y));
	}
#endif
      return int2cell(z);

    case COMP_MATCH:
    case COMP_NOMATCH:
      tc1 = cell2atom(lexic, st->link[0]); 
      tc2 = cell2atom(lexic, st->link[1]); 
      s1 = s2 = NULL;

      if (tc1 == NULL || tc1 == FAKE_CELL)
	{
	  p1 = ""; 
	  len1 = 0;
	}
      else if (tc1->type == CONST_STR || tc1->type == CONST_DATA)
	{
	  p1 = tc1->x.str_val;
	  len1 = tc1->size;
	}
      else
	{
#if NASL_DEBUG > 0
	  nasl_perror(lexic, "Horrible type conversion (%s -> str) for operator >< or >!< %s\n", nasl_type_name(tc1->type), get_line_nb(st));
#endif
	  p1 = s1 = cell2str(lexic, tc1);
	  len1 = strlen(s1);
	}

      if (tc2 == NULL || tc2 == FAKE_CELL)
	{
	  p2 = "";
	  len2 = 0;
	}
      else if (tc2->type == CONST_STR || tc2->type == CONST_DATA)
	{
	  p2 = tc2->x.str_val;
	  len2 = tc2->size;
	}
      else
	{
#if NASL_DEBUG > 0
	  nasl_perror(lexic, "Horrible type conversion (%s -> str) for operator >< or >!< %s\n", nasl_type_name(tc2->type), get_line_nb(st));
#endif
	  p2 = s2 = cell2str(lexic, tc2);
	  len2 = strlen(s2);
	}

      if(len1 <= len2)		
      	flag = ((void*)nasl_memmem(p2, len2, p1, len1) != NULL);
      else
      	flag = 0;
	
      efree(&s1); efree(&s2);
      deref_cell(tc1);
      deref_cell(tc2);
      if (st->type == COMP_MATCH)
	return bool2cell(flag);
      else
	return bool2cell(! flag);

    case COMP_RE_MATCH:
    case COMP_RE_NOMATCH:
      if (st->x.ref_val == NULL)
	{
	  nasl_perror(lexic, "nasl_exec: bad regex at or near line %d\n",
		  st->line_nb);
	  return NULL;
	}
      s1 = cell2str(lexic, st->link[0]);
      if (s1 == NULL)
	return 0;
      flag = nasl_regexec(st->x.ref_val, s1, 0, NULL, 0);
      free(s1);
      if (st->type == COMP_RE_MATCH)
	return bool2cell(flag != REG_NOMATCH);
      else
	return bool2cell(flag == REG_NOMATCH);

    case COMP_LT:
      return bool2cell(cell_cmp(lexic, st->link[0], st->link[1]) < 0);

    case COMP_LE:
      return bool2cell(cell_cmp(lexic, st->link[0], st->link[1]) <= 0);

    case COMP_EQ:
      return bool2cell(cell_cmp(lexic, st->link[0], st->link[1]) == 0);

    case COMP_NE:
      return bool2cell(cell_cmp(lexic, st->link[0], st->link[1]) != 0);

    case COMP_GT:
      return bool2cell(cell_cmp(lexic, st->link[0], st->link[1]) > 0);

    case COMP_GE:
      return bool2cell(cell_cmp(lexic, st->link[0], st->link[1]) >= 0);

    case REF_ARRAY:
    case DYN_ARRAY:
    case CONST_INT:
    case CONST_STR:
    case CONST_DATA:
      ref_cell(st);	/* nasl_exec returns a cell that should be deref-ed */
      return st;

    case REF_VAR:
      ret = nasl_read_var_ref(lexic, st);
      return ret;

    default:
      nasl_perror(lexic, "nasl_exec: unhandled node type %d\n", st->type);
      abort();
      return NULL;
    }

  deref_cell(ret);
  deref_cell(ret2);
  return NULL;
}

/*
 * Note that "mode" is now a bit field, instead of a simple boolean
 *
 * bit #0 (1) is "description"
 * Bit #1 (2) is "parse only"
 */
extern tree_cell*	nasl_lint(lex_ctxt*, tree_cell*);

int
execute_nasl_script(struct arglist * script_infos, const char* name, const char * cache_dir, int mode)
{
  naslctxt	ctx;
  nasl_func	*pf;
  int		err = 0;
  tree_cell	*ret;
  lex_ctxt	*lexic;
  char 	 	old_dir[MAXPATHLEN+1];
  char		*newdir;
  char		*old;
  tree_cell	tc;
  struct arglist*	prefs = arg_get_value(script_infos, "preferences");
  char		*str;
  int		to;
  char * basename;

#ifdef ENABLE_PLUGIN_SERVER
  char * cached_script = NULL;
  unsigned int cached_script_len = 0;
#endif
  
  srand48(getpid() + getppid() + (long)time(NULL));

  old_dir[sizeof(old_dir) - 1] = '\0';
  getcwd(old_dir, sizeof(old_dir) - 1);
#if NASL_DEBUG > 2
  nasl_trace_fp = stderr;
#endif
 if((old = arg_get_value(script_infos, "script_name")) == NULL)
   arg_add_value(script_infos, "script_name", ARG_STRING, strlen(name), estrdup(name));
 else
   { 
   efree(&old);
   arg_set_value(script_infos, "script_name", strlen(name), estrdup(name));
  }
 
 newdir = strrchr(name, '/');
 if(newdir != NULL)
 {
	 char dir[MAXPATHLEN+1];
	 char *s;
	 dir[sizeof(dir) - 1] = '\0';
	 strncpy(dir, name, sizeof(dir) - 1);
	 s = strrchr(dir, '/');
	 s[0] = '\0';
	 chdir(dir);
	 basename = newdir + 1;
 }
 else basename = (char*)name;

 bzero(&ctx, sizeof(ctx));
 if ( mode & NASL_ALWAYS_SIGNED )
	ctx.always_authenticated = 1;

 
#ifdef ENABLE_PLUGIN_SERVER
 if (  nasl_index_fetch(basename, &cached_script, &cached_script_len) >= 0 )
 {
  if ( nasl_load_parsed_tree_buf(&ctx, cached_script, cached_script_len, basename) < 0 )  
  {
   printf("Could not load plugin\n");
   efree(&cached_script);
   chdir(old_dir);
   return -1;
  }
  efree(&cached_script);
 }
 else
#endif
 {
 if (nasl_load_or_parse(&ctx, name, basename, cache_dir) < 0 )
  {
    chdir(old_dir);
    return -1;
  }
 }


#if NASL_DEBUG > 4
 nasl_dump_tree(ctx.tree);
#endif
 lexic = init_empty_lex_ctxt();
 lexic->script_infos = script_infos;

 if ( mode & NASL_ALWAYS_SIGNED )
 	lexic->authenticated = 1;
 else
 	lexic->authenticated = ctx.authenticated;
 
 str = arg_get_value(prefs, "checks_read_timeout");
 if( str != NULL )
 	to = atoi(str);
 else
 	to = 5;
	
 if(to <= 0)to = 5;
 
 lexic->recv_timeout = to;

 init_nasl_library(lexic);

 if (mode & NASL_LINT)
   {
     if (nasl_lint(lexic, ctx.tree) == NULL)
       err --;
   }
 else
 if (! (mode & NASL_EXEC_PARSE_ONLY))
   {
     char	*p;

     bzero(&tc, sizeof(tc));
     tc.type = CONST_INT;
     tc.x.i_val = (mode & NASL_COMMAND_LINE) != 0;
     add_named_var_to_ctxt(lexic, "COMMAND_LINE", &tc);

     bzero(&tc, sizeof(tc));
     tc.type = CONST_INT;
     tc.x.i_val = (mode & NASL_EXEC_DESCR) != 0;
     add_named_var_to_ctxt(lexic, "description", &tc);

     tc.type = CONST_DATA;
     p = strrchr(name, '/');
     if (p == NULL) p = (char*)name; else p ++;
     tc.x.str_val = p;
     tc.size = strlen(p);
     add_named_var_to_ctxt(lexic, "SCRIPT_NAME", &tc);

     truc = (lex_ctxt*)ctx.tree;
     if ((ret = nasl_exec(lexic, ctx.tree)) == NULL)
       err = -1;
     else
       deref_cell(ret);

     if ((pf = get_func_ref_by_name(lexic, "on_exit")) != NULL)
       nasl_func_call(lexic, pf, NULL);
   }

#if NASL_DEBUG > 2
 {
   struct rusage	ru;

   if (getrusage(RUSAGE_SELF, &ru) < 0)
     perror("getrusage");
   else
     {
       nasl_perror(lexic, 
		   "rusage: utime=%d.%03d stime=%d.%03d minflt=%d majflt=%d nswap=%d\n",
		   ru.ru_utime.tv_sec, ru.ru_utime.tv_usec / 1000,
		   ru.ru_stime.tv_sec, ru.ru_stime.tv_usec / 1000,
		   ru.ru_minflt, ru.ru_majflt, ru.ru_nswap);
     }
 }
#endif

#if NASL_DEBUG > 3
 nasl_dump_tree(ctx.tree);
#endif

 chdir(old_dir);
 if ( mode & NASL_EXEC_DONT_CLEANUP ) return err;

 nasl_clean_ctx(&ctx);
 free_lex_ctxt(lexic);


 return err;
}