1 #pragma once
2 
3 #include "http_request.hpp"
4 
5 #include <boost/beast/http/fields.hpp>
6 
7 #include <string>
8 #include <string_view>
9 
10 enum class ParserError
11 {
12     PARSER_SUCCESS,
13     ERROR_BOUNDARY_FORMAT,
14     ERROR_BOUNDARY_CR,
15     ERROR_BOUNDARY_LF,
16     ERROR_BOUNDARY_DATA,
17     ERROR_EMPTY_HEADER,
18     ERROR_HEADER_NAME,
19     ERROR_HEADER_VALUE,
20     ERROR_HEADER_ENDING,
21     ERROR_UNEXPECTED_END_OF_HEADER,
22     ERROR_UNEXPECTED_END_OF_INPUT,
23     ERROR_OUT_OF_RANGE
24 };
25 
26 enum class State
27 {
28     START,
29     START_BOUNDARY,
30     HEADER_FIELD_START,
31     HEADER_FIELD,
32     HEADER_VALUE_START,
33     HEADER_VALUE,
34     HEADER_VALUE_ALMOST_DONE,
35     HEADERS_ALMOST_DONE,
36     PART_DATA_START,
37     PART_DATA,
38     END
39 };
40 
41 enum class Boundary
42 {
43     NON_BOUNDARY,
44     PART_BOUNDARY,
45     END_BOUNDARY,
46 };
47 
48 struct FormPart
49 {
50     boost::beast::http::fields fields;
51     std::string content;
52 };
53 
54 class MultipartParser
55 {
56   public:
57     MultipartParser() = default;
58 
59     [[nodiscard]] ParserError parse(const crow::Request& req)
60     {
61         std::string_view contentType = req.getHeaderValue("content-type");
62 
63         const std::string boundaryFormat = "multipart/form-data; boundary=";
64         if (!contentType.starts_with(boundaryFormat))
65         {
66             return ParserError::ERROR_BOUNDARY_FORMAT;
67         }
68 
69         std::string_view ctBoundary = contentType.substr(boundaryFormat.size());
70 
71         boundary = "\r\n--";
72         boundary += ctBoundary;
73         indexBoundary();
74         lookbehind.resize(boundary.size() + 8);
75         state = State::START;
76 
77         const char* buffer = req.body().data();
78         size_t len = req.body().size();
79         char cl = 0;
80 
81         for (size_t i = 0; i < len; i++)
82         {
83             // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
84             char c = buffer[i];
85             switch (state)
86             {
87                 case State::START:
88                     index = 0;
89                     state = State::START_BOUNDARY;
90                     [[fallthrough]];
91                 case State::START_BOUNDARY:
92                     if (index == boundary.size() - 2)
93                     {
94                         if (c != cr)
95                         {
96                             return ParserError::ERROR_BOUNDARY_CR;
97                         }
98                         index++;
99                         break;
100                     }
101                     else if (index - 1 == boundary.size() - 2)
102                     {
103                         if (c != lf)
104                         {
105                             return ParserError::ERROR_BOUNDARY_LF;
106                         }
107                         index = 0;
108                         mime_fields.push_back({});
109                         state = State::HEADER_FIELD_START;
110                         break;
111                     }
112                     if (c != boundary[index + 2])
113                     {
114                         return ParserError::ERROR_BOUNDARY_DATA;
115                     }
116                     index++;
117                     break;
118                 case State::HEADER_FIELD_START:
119                     currentHeaderName.resize(0);
120                     state = State::HEADER_FIELD;
121                     headerFieldMark = i;
122                     index = 0;
123                     [[fallthrough]];
124                 case State::HEADER_FIELD:
125                     if (c == cr)
126                     {
127                         headerFieldMark = 0;
128                         state = State::HEADERS_ALMOST_DONE;
129                         break;
130                     }
131 
132                     index++;
133                     if (c == hyphen)
134                     {
135                         break;
136                     }
137 
138                     if (c == colon)
139                     {
140                         if (index == 1)
141                         {
142                             return ParserError::ERROR_EMPTY_HEADER;
143                         }
144 
145                         // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
146                         currentHeaderName.append(buffer + headerFieldMark,
147                                                  i - headerFieldMark);
148                         state = State::HEADER_VALUE_START;
149                         break;
150                     }
151                     cl = lower(c);
152                     if (cl < 'a' || cl > 'z')
153                     {
154                         return ParserError::ERROR_HEADER_NAME;
155                     }
156                     break;
157                 case State::HEADER_VALUE_START:
158                     if (c == space)
159                     {
160                         break;
161                     }
162                     headerValueMark = i;
163                     state = State::HEADER_VALUE;
164                     [[fallthrough]];
165                 case State::HEADER_VALUE:
166                     if (c == cr)
167                     {
168                         // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
169                         std::string_view value(buffer + headerValueMark,
170                                                i - headerValueMark);
171                         mime_fields.rbegin()->fields.set(currentHeaderName,
172                                                          value);
173                         state = State::HEADER_VALUE_ALMOST_DONE;
174                     }
175                     break;
176                 case State::HEADER_VALUE_ALMOST_DONE:
177                     if (c != lf)
178                     {
179                         return ParserError::ERROR_HEADER_VALUE;
180                     }
181                     state = State::HEADER_FIELD_START;
182                     break;
183                 case State::HEADERS_ALMOST_DONE:
184                     if (c != lf)
185                     {
186                         return ParserError::ERROR_HEADER_ENDING;
187                     }
188                     if (index > 0)
189                     {
190                         return ParserError::ERROR_UNEXPECTED_END_OF_HEADER;
191                     }
192                     state = State::PART_DATA_START;
193                     break;
194                 case State::PART_DATA_START:
195                     state = State::PART_DATA;
196                     partDataMark = i;
197                     [[fallthrough]];
198                 case State::PART_DATA:
199                 {
200                     if (index == 0)
201                     {
202                         skipNonBoundary(buffer, len, boundary.size() - 1, i);
203 
204                         // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
205                         c = buffer[i];
206                     }
207                     const ParserError ec = processPartData(buffer, i, c);
208                     if (ec != ParserError::PARSER_SUCCESS)
209                     {
210                         return ec;
211                     }
212                     break;
213                 }
214                 case State::END:
215                     break;
216             }
217         }
218 
219         if (state != State::END)
220         {
221             return ParserError::ERROR_UNEXPECTED_END_OF_INPUT;
222         }
223 
224         return ParserError::PARSER_SUCCESS;
225     }
226     std::vector<FormPart> mime_fields;
227     std::string boundary;
228 
229   private:
230     void indexBoundary()
231     {
232         std::fill(boundaryIndex.begin(), boundaryIndex.end(), 0);
233         for (const char current : boundary)
234         {
235             boundaryIndex[static_cast<unsigned char>(current)] = true;
236         }
237     }
238 
239     static char lower(char c)
240     {
241         return static_cast<char>(c | 0x20);
242     }
243 
244     inline bool isBoundaryChar(char c) const
245     {
246         return boundaryIndex[static_cast<unsigned char>(c)];
247     }
248 
249     void skipNonBoundary(const char* buffer, size_t len, size_t boundaryEnd,
250                          size_t& i)
251     {
252         // boyer-moore derived algorithm to safely skip non-boundary data
253         while (i + boundary.size() <= len)
254         {
255             // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
256             if (isBoundaryChar(buffer[i + boundaryEnd]))
257             {
258                 break;
259             }
260             i += boundary.size();
261         }
262     }
263 
264     ParserError processPartData(const char* buffer, size_t& i, char c)
265     {
266         size_t prevIndex = index;
267 
268         if (index < boundary.size())
269         {
270             if (boundary[index] == c)
271             {
272                 if (index == 0)
273                 {
274                     // NOLINTNEXTLINE(cppcoreguidelines-pro-bounds-pointer-arithmetic)
275                     const char* start = buffer + partDataMark;
276                     size_t size = i - partDataMark;
277                     mime_fields.rbegin()->content +=
278                         std::string_view(start, size);
279                 }
280                 index++;
281             }
282             else
283             {
284                 index = 0;
285             }
286         }
287         else if (index == boundary.size())
288         {
289             index++;
290             if (c == cr)
291             {
292                 // cr = part boundary
293                 flags = Boundary::PART_BOUNDARY;
294             }
295             else if (c == hyphen)
296             {
297                 // hyphen = end boundary
298                 flags = Boundary::END_BOUNDARY;
299             }
300             else
301             {
302                 index = 0;
303             }
304         }
305         else
306         {
307             if (flags == Boundary::PART_BOUNDARY)
308             {
309                 index = 0;
310                 if (c == lf)
311                 {
312                     // unset the PART_BOUNDARY flag
313                     flags = Boundary::NON_BOUNDARY;
314                     mime_fields.push_back({});
315                     state = State::HEADER_FIELD_START;
316                     return ParserError::PARSER_SUCCESS;
317                 }
318             }
319             if (flags == Boundary::END_BOUNDARY)
320             {
321                 if (c == hyphen)
322                 {
323                     state = State::END;
324                 }
325                 else
326                 {
327                     flags = Boundary::NON_BOUNDARY;
328                     index = 0;
329                 }
330             }
331         }
332 
333         if (index > 0)
334         {
335             if ((index - 1) >= lookbehind.size())
336             {
337                 // Should never happen, but when it does it won't cause crash
338                 return ParserError::ERROR_OUT_OF_RANGE;
339             }
340             lookbehind[index - 1] = c;
341         }
342         else if (prevIndex > 0)
343         {
344             // if our boundary turned out to be rubbish, the captured
345             // lookbehind belongs to partData
346 
347             mime_fields.rbegin()->content += lookbehind.substr(0, prevIndex);
348             partDataMark = i;
349 
350             // reconsider the current character even so it interrupted
351             // the sequence it could be the beginning of a new sequence
352             i--;
353         }
354         return ParserError::PARSER_SUCCESS;
355     }
356 
357     std::string currentHeaderName;
358     std::string currentHeaderValue;
359 
360     static constexpr char cr = '\r';
361     static constexpr char lf = '\n';
362     static constexpr char space = ' ';
363     static constexpr char hyphen = '-';
364     static constexpr char colon = ':';
365 
366     std::array<bool, 256> boundaryIndex{};
367     std::string lookbehind;
368     State state{State::START};
369     Boundary flags{Boundary::NON_BOUNDARY};
370     size_t index = 0;
371     size_t partDataMark = 0;
372     size_t headerFieldMark = 0;
373     size_t headerValueMark = 0;
374 };
375