chatRedux/backend/node_modules/busboy/lib/types/multipart.js

'use strict';

const { Readable, Writable } = require('stream');

const StreamSearch = require('streamsearch');

const {
  basename,
  convertToUTF8,
  getDecoder,
  parseContentType,
  parseDisposition,
} = require('../utils.js');

const BUF_CRLF = Buffer.from('\r\n');
const BUF_CR = Buffer.from('\r');
const BUF_DASH = Buffer.from('-');

function noop() {}

const MAX_HEADER_PAIRS = 2000; // From node
const MAX_HEADER_SIZE = 16 * 1024; // From node (its default value)

const HPARSER_NAME = 0;
const HPARSER_PRE_OWS = 1;
const HPARSER_VALUE = 2;
class HeaderParser {
  constructor(cb) {
    this.header = Object.create(null);
    this.pairCount = 0;
    this.byteCount = 0;
    this.state = HPARSER_NAME;
    this.name = '';
    this.value = '';
    this.crlf = 0;
    this.cb = cb;
  }

  reset() {
    this.header = Object.create(null);
    this.pairCount = 0;
    this.byteCount = 0;
    this.state = HPARSER_NAME;
    this.name = '';
    this.value = '';
    this.crlf = 0;
  }

  push(chunk, pos, end) {
    let start = pos;
    while (pos < end) {
      switch (this.state) {
        case HPARSER_NAME: {
          let done = false;
          for (; pos < end; ++pos) {
            if (this.byteCount === MAX_HEADER_SIZE)
              return -1;
            ++this.byteCount;
            const code = chunk[pos];
            if (TOKEN[code] !== 1) {
              if (code !== 58/* ':' */)
                return -1;
              this.name += chunk.latin1Slice(start, pos);
              if (this.name.length === 0)
                return -1;
              ++pos;
              done = true;
              this.state = HPARSER_PRE_OWS;
              break;
            }
          }
          if (!done) {
            this.name += chunk.latin1Slice(start, pos);
            break;
          }
          // FALLTHROUGH
        }
        case HPARSER_PRE_OWS: {
          // Skip optional whitespace
          let done = false;
          for (; pos < end; ++pos) {
            if (this.byteCount === MAX_HEADER_SIZE)
              return -1;
            ++this.byteCount;
            const code = chunk[pos];
            if (code !== 32/* ' ' */ && code !== 9/* '\t' */) {
              start = pos;
              done = true;
              this.state = HPARSER_VALUE;
              break;
            }
          }
          if (!done)
            break;
          // FALLTHROUGH
        }
        case HPARSER_VALUE:
          switch (this.crlf) {
            case 0: // Nothing yet
              for (; pos < end; ++pos) {
                if (this.byteCount === MAX_HEADER_SIZE)
                  return -1;
                ++this.byteCount;
                const code = chunk[pos];
                if (FIELD_VCHAR[code] !== 1) {
                  if (code !== 13/* '\r' */)
                    return -1;
                  ++this.crlf;
                  break;
                }
              }
              this.value += chunk.latin1Slice(start, pos++);
              break;
            case 1: // Received CR
              if (this.byteCount === MAX_HEADER_SIZE)
                return -1;
              ++this.byteCount;
              if (chunk[pos++] !== 10/* '\n' */)
                return -1;
              ++this.crlf;
              break;
            case 2: { // Received CR LF
              if (this.byteCount === MAX_HEADER_SIZE)
                return -1;
              ++this.byteCount;
              const code = chunk[pos];
              if (code === 32/* ' ' */ || code === 9/* '\t' */) {
                // Folded value
                start = pos;
                this.crlf = 0;
              } else {
                if (++this.pairCount < MAX_HEADER_PAIRS) {
                  this.name = this.name.toLowerCase();
                  if (this.header[this.name] === undefined)
                    this.header[this.name] = [this.value];
                  else
                    this.header[this.name].push(this.value);
                }
                if (code === 13/* '\r' */) {
                  ++this.crlf;
                  ++pos;
                } else {
                  // Assume start of next header field name
                  start = pos;
                  this.crlf = 0;
                  this.state = HPARSER_NAME;
                  this.name = '';
                  this.value = '';
                }
              }
              break;
            }
            case 3: { // Received CR LF CR
              if (this.byteCount === MAX_HEADER_SIZE)
                return -1;
              ++this.byteCount;
              if (chunk[pos++] !== 10/* '\n' */)
                return -1;
              // End of header
              const header = this.header;
              this.reset();
              this.cb(header);
              return pos;
            }
          }
          break;
      }
    }

    return pos;
  }
}

class FileStream extends Readable {
  constructor(opts, owner) {
    super(opts);
    this.truncated = false;
    this._readcb = null;
    this.once('end', () => {
      // We need to make sure that we call any outstanding _writecb() that is
      // associated with this file so that processing of the rest of the form
      // can continue. This may not happen if the file stream ends right after
      // backpressure kicks in, so we force it here.
      this._read();
      if (--owner._fileEndsLeft === 0 && owner._finalcb) {
        const cb = owner._finalcb;
        owner._finalcb = null;
        // Make sure other 'end' event handlers get a chance to be executed
        // before busboy's 'finish' event is emitted
        process.nextTick(cb);
      }
    });
  }
  _read(n) {
    const cb = this._readcb;
    if (cb) {
      this._readcb = null;
      cb();
    }
  }
}

const ignoreData = {
  push: (chunk, pos) => {},
  destroy: () => {},
};

function callAndUnsetCb(self, err) {
  const cb = self._writecb;
  self._writecb = null;
  if (err)
    self.destroy(err);
  else if (cb)
    cb();
}

function nullDecoder(val, hint) {
  return val;
}

class Multipart extends Writable {
  constructor(cfg) {
    const streamOpts = {
      autoDestroy: true,
      emitClose: true,
      highWaterMark: (typeof cfg.highWaterMark === 'number'
                      ? cfg.highWaterMark
                      : undefined),
    };
    super(streamOpts);

    if (!cfg.conType.params || typeof cfg.conType.params.boundary !== 'string')
      throw new Error('Multipart: Boundary not found');

    const boundary = cfg.conType.params.boundary;
    const paramDecoder = (typeof cfg.defParamCharset === 'string'
                            && cfg.defParamCharset
                          ? getDecoder(cfg.defParamCharset)
                          : nullDecoder);
    const defCharset = (cfg.defCharset || 'utf8');
    const preservePath = cfg.preservePath;
    const fileOpts = {
      autoDestroy: true,
      emitClose: true,
      highWaterMark: (typeof cfg.fileHwm === 'number'
                      ? cfg.fileHwm
                      : undefined),
    };

    const limits = cfg.limits;
    const fieldSizeLimit = (limits && typeof limits.fieldSize === 'number'
                            ? limits.fieldSize
                            : 1 * 1024 * 1024);
    const fileSizeLimit = (limits && typeof limits.fileSize === 'number'
                           ? limits.fileSize
                           : Infinity);
    const filesLimit = (limits && typeof limits.files === 'number'
                        ? limits.files
                        : Infinity);
    const fieldsLimit = (limits && typeof limits.fields === 'number'
                         ? limits.fields
                         : Infinity);
    const partsLimit = (limits && typeof limits.parts === 'number'
                        ? limits.parts
                        : Infinity);

    let parts = -1; // Account for initial boundary
    let fields = 0;
    let files = 0;
    let skipPart = false;

    this._fileEndsLeft = 0;
    this._fileStream = undefined;
    this._complete = false;
    let fileSize = 0;

    let field;
    let fieldSize = 0;
    let partCharset;
    let partEncoding;
    let partType;
    let partName;
    let partTruncated = false;

    let hitFilesLimit = false;
    let hitFieldsLimit = false;

    this._hparser = null;
    const hparser = new HeaderParser((header) => {
      this._hparser = null;
      skipPart = false;

      partType = 'text/plain';
      partCharset = defCharset;
      partEncoding = '7bit';
      partName = undefined;
      partTruncated = false;

      let filename;
      if (!header['content-disposition']) {
        skipPart = true;
        return;
      }

      const disp = parseDisposition(header['content-disposition'][0],
                                    paramDecoder);
      if (!disp || disp.type !== 'form-data') {
        skipPart = true;
        return;
      }

      if (disp.params) {
        if (disp.params.name)
          partName = disp.params.name;

        if (disp.params['filename*'])
          filename = disp.params['filename*'];
        else if (disp.params.filename)
          filename = disp.params.filename;

        if (filename !== undefined && !preservePath)
          filename = basename(filename);
      }

      if (header['content-type']) {
        const conType = parseContentType(header['content-type'][0]);
        if (conType) {
          partType = `${conType.type}/${conType.subtype}`;
          if (conType.params && typeof conType.params.charset === 'string')
            partCharset = conType.params.charset.toLowerCase();
        }
      }

      if (header['content-transfer-encoding'])
        partEncoding = header['content-transfer-encoding'][0].toLowerCase();

      if (partType === 'application/octet-stream' || filename !== undefined) {
        // File

        if (files === filesLimit) {
          if (!hitFilesLimit) {
            hitFilesLimit = true;
            this.emit('filesLimit');
          }
          skipPart = true;
          return;
        }
        ++files;

        if (this.listenerCount('file') === 0) {
          skipPart = true;
          return;
        }

        fileSize = 0;
        this._fileStream = new FileStream(fileOpts, this);
        ++this._fileEndsLeft;
        this.emit(
          'file',
          partName,
          this._fileStream,
          { filename,
            encoding: partEncoding,
            mimeType: partType }
        );
      } else {
        // Non-file

        if (fields === fieldsLimit) {
          if (!hitFieldsLimit) {
            hitFieldsLimit = true;
            this.emit('fieldsLimit');
          }
          skipPart = true;
          return;
        }
        ++fields;

        if (this.listenerCount('field') === 0) {
          skipPart = true;
          return;
        }

        field = [];
        fieldSize = 0;
      }
    });

    let matchPostBoundary = 0;
    const ssCb = (isMatch, data, start, end, isDataSafe) => {
retrydata:
      while (data) {
        if (this._hparser !== null) {
          const ret = this._hparser.push(data, start, end);
          if (ret === -1) {
            this._hparser = null;
            hparser.reset();
            this.emit('error', new Error('Malformed part header'));
            break;
          }
          start = ret;
        }

        if (start === end)
          break;

        if (matchPostBoundary !== 0) {
          if (matchPostBoundary === 1) {
            switch (data[start]) {
              case 45: // '-'
                // Try matching '--' after boundary
                matchPostBoundary = 2;
                ++start;
                break;
              case 13: // '\r'
                // Try matching CR LF before header
                matchPostBoundary = 3;
                ++start;
                break;
              default:
                matchPostBoundary = 0;
            }
            if (start === end)
              return;
          }

          if (matchPostBoundary === 2) {
            matchPostBoundary = 0;
            if (data[start] === 45/* '-' */) {
              // End of multipart data
              this._complete = true;
              this._bparser = ignoreData;
              return;
            }
            // We saw something other than '-', so put the dash we consumed
            // "back"
            const writecb = this._writecb;
            this._writecb = noop;
            ssCb(false, BUF_DASH, 0, 1, false);
            this._writecb = writecb;
          } else if (matchPostBoundary === 3) {
            matchPostBoundary = 0;
            if (data[start] === 10/* '\n' */) {
              ++start;
              if (parts >= partsLimit)
                break;
              // Prepare the header parser
              this._hparser = hparser;
              if (start === end)
                break;
              // Process the remaining data as a header
              continue retrydata;
            } else {
              // We saw something other than LF, so put the CR we consumed
              // "back"
              const writecb = this._writecb;
              this._writecb = noop;
              ssCb(false, BUF_CR, 0, 1, false);
              this._writecb = writecb;
            }
          }
        }

        if (!skipPart) {
          if (this._fileStream) {
            let chunk;
            const actualLen = Math.min(end - start, fileSizeLimit - fileSize);
            if (!isDataSafe) {
              chunk = Buffer.allocUnsafe(actualLen);
              data.copy(chunk, 0, start, start + actualLen);
            } else {
              chunk = data.slice(start, start + actualLen);
            }

            fileSize += chunk.length;
            if (fileSize === fileSizeLimit) {
              if (chunk.length > 0)
                this._fileStream.push(chunk);
              this._fileStream.emit('limit');
              this._fileStream.truncated = true;
              skipPart = true;
            } else if (!this._fileStream.push(chunk)) {
              if (this._writecb)
                this._fileStream._readcb = this._writecb;
              this._writecb = null;
            }
          } else if (field !== undefined) {
            let chunk;
            const actualLen = Math.min(
              end - start,
              fieldSizeLimit - fieldSize
            );
            if (!isDataSafe) {
              chunk = Buffer.allocUnsafe(actualLen);
              data.copy(chunk, 0, start, start + actualLen);
            } else {
              chunk = data.slice(start, start + actualLen);
            }

            fieldSize += actualLen;
            field.push(chunk);
            if (fieldSize === fieldSizeLimit) {
              skipPart = true;
              partTruncated = true;
            }
          }
        }

        break;
      }

      if (isMatch) {
        matchPostBoundary = 1;

        if (this._fileStream) {
          // End the active file stream if the previous part was a file
          this._fileStream.push(null);
          this._fileStream = null;
        } else if (field !== undefined) {
          let data;
          switch (field.length) {
            case 0:
              data = '';
              break;
            case 1:
              data = convertToUTF8(field[0], partCharset, 0);
              break;
            default:
              data = convertToUTF8(
                Buffer.concat(field, fieldSize),
                partCharset,
                0
              );
          }
          field = undefined;
          fieldSize = 0;
          this.emit(
            'field',
            partName,
            data,
            { nameTruncated: false,
              valueTruncated: partTruncated,
              encoding: partEncoding,
              mimeType: partType }
          );
        }

        if (++parts === partsLimit)
          this.emit('partsLimit');
      }
    };
    this._bparser = new StreamSearch(`\r\n--${boundary}`, ssCb);

    this._writecb = null;
    this._finalcb = null;

    // Just in case there is no preamble
    this.write(BUF_CRLF);
  }

  static detect(conType) {
    return (conType.type === 'multipart' && conType.subtype === 'form-data');
  }

  _write(chunk, enc, cb) {
    this._writecb = cb;
    this._bparser.push(chunk, 0);
    if (this._writecb)
      callAndUnsetCb(this);
  }

  _destroy(err, cb) {
    this._hparser = null;
    this._bparser = ignoreData;
    if (!err)
      err = checkEndState(this);
    const fileStream = this._fileStream;
    if (fileStream) {
      this._fileStream = null;
      fileStream.destroy(err);
    }
    cb(err);
  }

  _final(cb) {
    this._bparser.destroy();
    if (!this._complete)
      return cb(new Error('Unexpected end of form'));
    if (this._fileEndsLeft)
      this._finalcb = finalcb.bind(null, this, cb);
    else
      finalcb(this, cb);
  }
}

function finalcb(self, cb, err) {
  if (err)
    return cb(err);
  err = checkEndState(self);
  cb(err);
}

function checkEndState(self) {
  if (self._hparser)
    return new Error('Malformed part header');
  const fileStream = self._fileStream;
  if (fileStream) {
    self._fileStream = null;
    fileStream.destroy(new Error('Unexpected end of file'));
  }
  if (!self._complete)
    return new Error('Unexpected end of form');
}

const TOKEN = [
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0,
  0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
];

const FIELD_VCHAR = [
  0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0,
  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
];

module.exports = Multipart;