*/
#include "serialize.h"
-#include "pointer.h"
#include "porting.h"
#include "util/string.h"
-#include "../exceptions.h"
-#include "../irrlichttypes.h"
+#include "util/hex.h"
+#include "exceptions.h"
+#include "irrlichttypes.h"
-#include <sstream>
-#include <iomanip>
-#include <vector>
+#include <iostream>
+#include <cassert>
-// Creates a string with the length as the first two bytes
-std::string serializeString(const std::string &plain)
+FloatType g_serialize_f32_type = FLOATTYPE_UNKNOWN;
+
+
+////
+//// String
+////
+
+std::string serializeString16(const std::string &plain)
{
- //assert(plain.size() <= 65535);
- if(plain.size() > 65535)
- throw SerializationError("String too long for serializeString");
- char buf[2];
- writeU16((u8*)&buf[0], plain.size());
std::string s;
+ char buf[2];
+
+ if (plain.size() > STRING_MAX_LEN)
+ throw SerializationError("String too long for serializeString16");
+ s.reserve(2 + plain.size());
+
+ writeU16((u8 *)&buf[0], plain.size());
s.append(buf, 2);
+
s.append(plain);
return s;
}
-// Creates a string with the length as the first two bytes from wide string
-std::string serializeWideString(const std::wstring &plain)
+std::string deSerializeString16(std::istream &is)
{
- //assert(plain.size() <= 65535);
- if(plain.size() > 65535)
- throw SerializationError("String too long for serializeString");
- char buf[2];
- writeU16((u8*)buf, plain.size());
std::string s;
- s.append(buf, 2);
- for(u32 i=0; i<plain.size(); i++)
- {
- writeU16((u8*)buf, plain[i]);
- s.append(buf, 2);
- }
- return s;
-}
-
-// Reads a string with the length as the first two bytes
-std::string deSerializeString(std::istream &is)
-{
char buf[2];
- is.read(buf, 2);
- if(is.gcount() != 2)
- throw SerializationError("deSerializeString: size not read");
- u16 s_size = readU16((u8*)buf);
- if(s_size == 0)
- return "";
- Buffer<char> buf2(s_size);
- is.read(&buf2[0], s_size);
- std::string s;
- s.reserve(s_size);
- s.append(&buf2[0], s_size);
- return s;
-}
-// Reads a wide string with the length as the first two bytes
-std::wstring deSerializeWideString(std::istream &is)
-{
- char buf[2];
is.read(buf, 2);
- if(is.gcount() != 2)
- throw SerializationError("deSerializeString: size not read");
- u16 s_size = readU16((u8*)buf);
- if(s_size == 0)
- return L"";
- std::wstring s;
- s.reserve(s_size);
- for(u32 i=0; i<s_size; i++)
- {
- is.read(&buf[0], 2);
- wchar_t c16 = readU16((u8*)buf);
- s.append(&c16, 1);
- }
+ if (is.gcount() != 2)
+ throw SerializationError("deSerializeString16: size not read");
+
+ u16 s_size = readU16((u8 *)buf);
+ if (s_size == 0)
+ return s;
+
+ s.resize(s_size);
+ is.read(&s[0], s_size);
+ if (is.gcount() != s_size)
+ throw SerializationError("deSerializeString16: couldn't read all chars");
+
return s;
}
-// Creates a string with the length as the first four bytes
-std::string serializeLongString(const std::string &plain)
+
+////
+//// Long String
+////
+
+std::string serializeString32(const std::string &plain)
{
+ std::string s;
char buf[4];
+
+ if (plain.size() > LONG_STRING_MAX_LEN)
+ throw SerializationError("String too long for serializeLongString");
+ s.reserve(4 + plain.size());
+
writeU32((u8*)&buf[0], plain.size());
- std::string s;
s.append(buf, 4);
s.append(plain);
return s;
}
-// Reads a string with the length as the first four bytes
-std::string deSerializeLongString(std::istream &is)
+std::string deSerializeString32(std::istream &is)
{
+ std::string s;
char buf[4];
+
is.read(buf, 4);
- if(is.gcount() != 4)
+ if (is.gcount() != 4)
throw SerializationError("deSerializeLongString: size not read");
- u32 s_size = readU32((u8*)buf);
- if(s_size == 0)
- return "";
- Buffer<char> buf2(s_size);
- is.read(&buf2[0], s_size);
- std::string s;
- s.reserve(s_size);
- s.append(&buf2[0], s_size);
+
+ u32 s_size = readU32((u8 *)buf);
+ if (s_size == 0)
+ return s;
+
+ // We don't really want a remote attacker to force us to allocate 4GB...
+ if (s_size > LONG_STRING_MAX_LEN) {
+ throw SerializationError("deSerializeLongString: "
+ "string too long: " + itos(s_size) + " bytes");
+ }
+
+ s.resize(s_size);
+ is.read(&s[0], s_size);
+ if ((u32)is.gcount() != s_size)
+ throw SerializationError("deSerializeLongString: couldn't read all chars");
+
return s;
}
-// Creates a string encoded in JSON format (almost equivalent to a C string literal)
+////
+//// JSON-like strings
+////
+
std::string serializeJsonString(const std::string &plain)
{
- std::ostringstream os(std::ios::binary);
- os<<"\"";
- for(size_t i = 0; i < plain.size(); i++)
- {
- char c = plain[i];
- switch(c)
- {
- case '"': os<<"\\\""; break;
- case '\\': os<<"\\\\"; break;
- case '/': os<<"\\/"; break;
- case '\b': os<<"\\b"; break;
- case '\f': os<<"\\f"; break;
- case '\n': os<<"\\n"; break;
- case '\r': os<<"\\r"; break;
- case '\t': os<<"\\t"; break;
- default:
- {
- if(c >= 32 && c <= 126)
- {
- os<<c;
- }
- else
- {
- u32 cnum = (u32) (u8) c;
- os<<"\\u"<<std::hex<<std::setw(4)<<std::setfill('0')<<cnum;
+ std::string tmp;
+
+ tmp.reserve(plain.size() + 2);
+ tmp.push_back('"');
+
+ for (char c : plain) {
+ switch (c) {
+ case '"':
+ tmp.append("\\\"");
+ break;
+ case '\\':
+ tmp.append("\\\\");
+ break;
+ case '\b':
+ tmp.append("\\b");
+ break;
+ case '\f':
+ tmp.append("\\f");
+ break;
+ case '\n':
+ tmp.append("\\n");
+ break;
+ case '\r':
+ tmp.append("\\r");
+ break;
+ case '\t':
+ tmp.append("\\t");
+ break;
+ default: {
+ if (c >= 32 && c <= 126) {
+ tmp.push_back(c);
+ } else {
+ // We pretend that Unicode codepoints map to bytes (they don't)
+ u8 cnum = static_cast<u8>(c);
+ tmp.append("\\u00");
+ tmp.push_back(hex_chars[cnum >> 4]);
+ tmp.push_back(hex_chars[cnum & 0xf]);
}
break;
}
}
}
- os<<"\"";
- return os.str();
+
+ tmp.push_back('"');
+ return tmp;
}
-// Reads a string encoded in JSON format
-std::string deSerializeJsonString(std::istream &is)
+static void deSerializeJsonString(std::string &s)
{
- std::ostringstream os(std::ios::binary);
- char c, c2;
+ assert(s.size() >= 2);
+ assert(s.front() == '"' && s.back() == '"');
- // Parse initial doublequote
- is >> c;
- if(c != '"')
- throw SerializationError("JSON string must start with doublequote");
+ size_t w = 0; // write index
+ size_t i = 1; // read index
+ const size_t len = s.size() - 1; // string length with trailing quote removed
- // Parse characters
- for(;;)
- {
- c = is.get();
- if(is.eof())
- throw SerializationError("JSON string ended prematurely");
- if(c == '"')
- {
- return os.str();
- }
- else if(c == '\\')
- {
- c2 = is.get();
- if(is.eof())
- throw SerializationError("JSON string ended prematurely");
- switch(c2)
- {
- default: os<<c2; break;
- case 'b': os<<'\b'; break;
- case 'f': os<<'\f'; break;
- case 'n': os<<'\n'; break;
- case 'r': os<<'\r'; break;
- case 't': os<<'\t'; break;
- case 'u':
- {
- char hexdigits[4+1];
- is.read(hexdigits, 4);
- if(is.eof())
- throw SerializationError("JSON string ended prematurely");
- hexdigits[4] = 0;
- std::istringstream tmp_is(hexdigits, std::ios::binary);
- int hexnumber;
- tmp_is >> std::hex >> hexnumber;
- os<<((char)hexnumber);
- break;
- }
- }
- }
- else
- {
- os<<c;
- }
- }
- return os.str();
-}
+ while (i < len) {
+ char c = s[i++];
+ assert(c != '"');
+ if (c != '\\') {
+ s[w++] = c;
+ continue;
+ }
-bool deSerializeStringToStruct(std::string valstr,
- std::string format, void *out, size_t olen)
-{
- size_t len = olen;
- std::vector<std::string *> strs_alloced;
- std::string *str;
- char *f, *snext;
- size_t pos;
-
- char *s = &valstr[0];
- char *buf = new char[len];
- char *bufpos = buf;
-
- char *fmtpos, *fmt = &format[0];
- while ((f = strtok_r(fmt, ",", &fmtpos)) && s) {
- fmt = NULL;
-
- bool is_unsigned = false;
- int width = 0;
- char valtype = *f;
-
- width = (int)strtol(f + 1, &f, 10);
- if (width && valtype == 's')
- valtype = 'i';
-
- switch (valtype) {
- case 'u':
- is_unsigned = true;
- /* FALLTHROUGH */
- case 'i':
- if (width == 16) {
- bufpos += PADDING(bufpos, u16);
- if ((bufpos - buf) + sizeof(u16) <= len) {
- if (is_unsigned)
- *(u16 *)bufpos = (u16)strtoul(s, &s, 10);
- else
- *(s16 *)bufpos = (s16)strtol(s, &s, 10);
- }
- bufpos += sizeof(u16);
- } else if (width == 32) {
- bufpos += PADDING(bufpos, u32);
- if ((bufpos - buf) + sizeof(u32) <= len) {
- if (is_unsigned)
- *(u32 *)bufpos = (u32)strtoul(s, &s, 10);
- else
- *(s32 *)bufpos = (s32)strtol(s, &s, 10);
- }
- bufpos += sizeof(u32);
- } else if (width == 64) {
- bufpos += PADDING(bufpos, u64);
- if ((bufpos - buf) + sizeof(u64) <= len) {
- if (is_unsigned)
- *(u64 *)bufpos = (u64)strtoull(s, &s, 10);
- else
- *(s64 *)bufpos = (s64)strtoll(s, &s, 10);
- }
- bufpos += sizeof(u64);
- }
- s = strchr(s, ',');
- break;
+ if (i >= len)
+ throw SerializationError("JSON string ended prematurely");
+ char c2 = s[i++];
+ switch (c2) {
case 'b':
- snext = strchr(s, ',');
- if (snext)
- *snext++ = 0;
-
- bufpos += PADDING(bufpos, bool);
- if ((bufpos - buf) + sizeof(bool) <= len)
- *(bool *)bufpos = is_yes(std::string(s));
- bufpos += sizeof(bool);
-
- s = snext;
+ s[w++] = '\b';
break;
case 'f':
- bufpos += PADDING(bufpos, float);
- if ((bufpos - buf) + sizeof(float) <= len)
- *(float *)bufpos = strtof(s, &s);
- bufpos += sizeof(float);
-
- s = strchr(s, ',');
+ s[w++] = '\f';
break;
- case 's':
- while (*s == ' ' || *s == '\t')
- s++;
- if (*s++ != '"') //error, expected string
- goto fail;
- snext = s;
-
- while (snext[0] && !(snext[-1] != '\\' && snext[0] == '"'))
- snext++;
- *snext++ = 0;
-
- bufpos += PADDING(bufpos, std::string *);
-
- str = new std::string(s);
- pos = 0;
- while ((pos = str->find("\\\"", pos)) != std::string::npos)
- str->erase(pos, 1);
-
- if ((bufpos - buf) + sizeof(std::string *) <= len)
- *(std::string **)bufpos = str;
- bufpos += sizeof(std::string *);
- strs_alloced.push_back(str);
-
- s = *snext ? snext + 1 : NULL;
+ case 'n':
+ s[w++] = '\n';
break;
- case 'v':
- while (*s == ' ' || *s == '\t')
- s++;
- if (*s++ != '(') //error, expected vector
- goto fail;
-
- if (width == 2) {
- bufpos += PADDING(bufpos, v2f);
-
- if ((bufpos - buf) + sizeof(v2f) <= len) {
- v2f *v = (v2f *)bufpos;
- v->X = strtof(s, &s);
- s++;
- v->Y = strtof(s, &s);
- }
-
- bufpos += sizeof(v2f);
- } else if (width == 3) {
- bufpos += PADDING(bufpos, v3f);
- if ((bufpos - buf) + sizeof(v3f) <= len) {
- v3f *v = (v3f *)bufpos;
- v->X = strtof(s, &s);
- s++;
- v->Y = strtof(s, &s);
- s++;
- v->Z = strtof(s, &s);
- }
-
- bufpos += sizeof(v3f);
- }
- s = strchr(s, ',');
+ case 'r':
+ s[w++] = '\r';
+ break;
+ case 't':
+ s[w++] = '\t';
+ break;
+ case 'u': {
+ if (i + 3 >= len)
+ throw SerializationError("JSON string ended prematurely");
+ unsigned char v[4] = {};
+ for (int j = 0; j < 4; j++)
+ hex_digit_decode(s[i+j], v[j]);
+ i += 4;
+ u32 hexnumber = (v[0] << 12) | (v[1] << 8) | (v[2] << 4) | v[3];
+ // Note that this does not work for anything other than ASCII
+ // but these functions do not actually interact with real JSON input.
+ s[w++] = (int) hexnumber;
+ break;
+ }
+ default:
+ s[w++] = c2;
break;
- default: //error, invalid format specifier
- goto fail;
}
+ }
- if (s && *s == ',')
- s++;
+ assert(w <= i && i <= len);
+ // Truncate string to current write index
+ s.resize(w);
+}
- if ((size_t)(bufpos - buf) > len) //error, buffer too small
- goto fail;
- }
+std::string deSerializeJsonString(std::istream &is)
+{
+ std::string tmp;
+ char c;
+ bool was_backslash = false;
- if (f && *f) { //error, mismatched number of fields and values
-fail:
- for (size_t i = 0; i != strs_alloced.size(); i++)
- delete strs_alloced[i];
- delete[] buf;
- return false;
- }
+ // Parse initial doublequote
+ c = is.get();
+ if (c != '"')
+ throw SerializationError("JSON string must start with doublequote");
+ tmp.push_back(c);
- memcpy(out, buf, olen);
- delete[] buf;
- return true;
-}
+ // Grab the entire json string
+ for (;;) {
+ c = is.get();
+ if (is.eof())
+ throw SerializationError("JSON string ended prematurely");
+ tmp.push_back(c);
+ if (was_backslash)
+ was_backslash = false;
+ else if (c == '\\')
+ was_backslash = true;
+ else if (c == '"')
+ break; // found end of string
+ }
-// Casts *buf to a signed or unsigned fixed-width integer of 'w' width
-#define SIGN_CAST(w, buf) (is_unsigned ? *((u##w *) buf) : *((s##w *) buf))
+ deSerializeJsonString(tmp);
+ return tmp;
+}
-bool serializeStructToString(std::string *out,
- std::string format, void *value)
+std::string serializeJsonStringIfNeeded(const std::string &s)
{
- std::ostringstream os;
- std::string str;
- char *f;
- size_t strpos;
-
- char *bufpos = (char *) value;
- char *fmtpos, *fmt = &format[0];
- while ((f = strtok_r(fmt, ",", &fmtpos))) {
- fmt = NULL;
- bool is_unsigned = false;
- int width = 0;
- char valtype = *f;
-
- width = (int)strtol(f + 1, &f, 10);
- if (width && valtype == 's')
- valtype = 'i';
-
- switch (valtype) {
- case 'u':
- is_unsigned = true;
- /* FALLTHROUGH */
- case 'i':
- if (width == 16) {
- bufpos += PADDING(bufpos, u16);
- os << SIGN_CAST(16, bufpos);
- bufpos += sizeof(u16);
- } else if (width == 32) {
- bufpos += PADDING(bufpos, u32);
- os << SIGN_CAST(32, bufpos);
- bufpos += sizeof(u32);
- } else if (width == 64) {
- bufpos += PADDING(bufpos, u64);
- os << SIGN_CAST(64, bufpos);
- bufpos += sizeof(u64);
- }
- break;
- case 'b':
- bufpos += PADDING(bufpos, bool);
- os << std::boolalpha << *((bool *) bufpos);
- bufpos += sizeof(bool);
- break;
- case 'f':
- bufpos += PADDING(bufpos, float);
- os << *((float *) bufpos);
- bufpos += sizeof(float);
- break;
- case 's':
- bufpos += PADDING(bufpos, std::string *);
- str = **((std::string **) bufpos);
-
- strpos = 0;
- while ((strpos = str.find('"', strpos)) != std::string::npos) {
- str.insert(strpos, 1, '\\');
- strpos += 2;
- }
-
- os << str;
- bufpos += sizeof(std::string *);
- break;
- case 'v':
- if (width == 2) {
- bufpos += PADDING(bufpos, v2f);
- v2f *v = (v2f *) bufpos;
- os << '(' << v->X << ", " << v->Y << ')';
- bufpos += sizeof(v2f);
- } else {
- bufpos += PADDING(bufpos, v3f);
- v3f *v = (v3f *) bufpos;
- os << '(' << v->X << ", " << v->Y << ", " << v->Z << ')';
- bufpos += sizeof(v3f);
- }
- break;
- default:
- return false;
- }
- os << ", ";
+ for (size_t i = 0; i < s.size(); ++i) {
+ if (s[i] <= 0x1f || s[i] >= 0x7f || s[i] == ' ' || s[i] == '\"')
+ return serializeJsonString(s);
}
- *out = os.str();
+ return s;
+}
+
+std::string deSerializeJsonStringIfNeeded(std::istream &is)
+{
+ // Check for initial quote
+ char c = is.peek();
+ if (is.eof())
+ return "";
- // Trim off the trailing comma and space
- if (out->size() >= 2) {
- out->resize(out->size() - 2);
+ if (c == '"') {
+ // json string: defer to the right implementation
+ return deSerializeJsonString(is);
}
- return true;
+ // not a json string:
+ std::string tmp;
+ std::getline(is, tmp, ' ');
+ if (!is.eof())
+ is.unget(); // we hit a space, put it back
+ return tmp;
}
-#undef SIGN_CAST