UnknownSec Bypass
403
:
/
var
/
www
/
zenithentcare
/
testappnew
/
vendor
/
mtdowling
/
jmespath.php
/
src
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
Lexer.php
<?php namespace JmesPath; /** * Tokenizes JMESPath expressions */ class Lexer { const T_DOT = 'dot'; const T_STAR = 'star'; const T_COMMA = 'comma'; const T_COLON = 'colon'; const T_CURRENT = 'current'; const T_EXPREF = 'expref'; const T_LPAREN = 'lparen'; const T_RPAREN = 'rparen'; const T_LBRACE = 'lbrace'; const T_RBRACE = 'rbrace'; const T_LBRACKET = 'lbracket'; const T_RBRACKET = 'rbracket'; const T_FLATTEN = 'flatten'; const T_IDENTIFIER = 'identifier'; const T_NUMBER = 'number'; const T_QUOTED_IDENTIFIER = 'quoted_identifier'; const T_UNKNOWN = 'unknown'; const T_PIPE = 'pipe'; const T_OR = 'or'; const T_AND = 'and'; const T_NOT = 'not'; const T_FILTER = 'filter'; const T_LITERAL = 'literal'; const T_EOF = 'eof'; const T_COMPARATOR = 'comparator'; const STATE_IDENTIFIER = 0; const STATE_NUMBER = 1; const STATE_SINGLE_CHAR = 2; const STATE_WHITESPACE = 3; const STATE_STRING_LITERAL = 4; const STATE_QUOTED_STRING = 5; const STATE_JSON_LITERAL = 6; const STATE_LBRACKET = 7; const STATE_PIPE = 8; const STATE_LT = 9; const STATE_GT = 10; const STATE_EQ = 11; const STATE_NOT = 12; const STATE_AND = 13; /** @var array We know what token we are consuming based on each char */ private static $transitionTable = [ '<' => self::STATE_LT, '>' => self::STATE_GT, '=' => self::STATE_EQ, '!' => self::STATE_NOT, '[' => self::STATE_LBRACKET, '|' => self::STATE_PIPE, '&' => self::STATE_AND, '`' => self::STATE_JSON_LITERAL, '"' => self::STATE_QUOTED_STRING, "'" => self::STATE_STRING_LITERAL, '-' => self::STATE_NUMBER, '0' => self::STATE_NUMBER, '1' => self::STATE_NUMBER, '2' => self::STATE_NUMBER, '3' => self::STATE_NUMBER, '4' => self::STATE_NUMBER, '5' => self::STATE_NUMBER, '6' => self::STATE_NUMBER, '7' => self::STATE_NUMBER, '8' => self::STATE_NUMBER, '9' => self::STATE_NUMBER, ' ' => self::STATE_WHITESPACE, "\t" => self::STATE_WHITESPACE, "\n" => self::STATE_WHITESPACE, "\r" => self::STATE_WHITESPACE, '.' => self::STATE_SINGLE_CHAR, '*' => self::STATE_SINGLE_CHAR, ']' => self::STATE_SINGLE_CHAR, ',' => self::STATE_SINGLE_CHAR, ':' => self::STATE_SINGLE_CHAR, '@' => self::STATE_SINGLE_CHAR, '(' => self::STATE_SINGLE_CHAR, ')' => self::STATE_SINGLE_CHAR, '{' => self::STATE_SINGLE_CHAR, '}' => self::STATE_SINGLE_CHAR, '_' => self::STATE_IDENTIFIER, 'A' => self::STATE_IDENTIFIER, 'B' => self::STATE_IDENTIFIER, 'C' => self::STATE_IDENTIFIER, 'D' => self::STATE_IDENTIFIER, 'E' => self::STATE_IDENTIFIER, 'F' => self::STATE_IDENTIFIER, 'G' => self::STATE_IDENTIFIER, 'H' => self::STATE_IDENTIFIER, 'I' => self::STATE_IDENTIFIER, 'J' => self::STATE_IDENTIFIER, 'K' => self::STATE_IDENTIFIER, 'L' => self::STATE_IDENTIFIER, 'M' => self::STATE_IDENTIFIER, 'N' => self::STATE_IDENTIFIER, 'O' => self::STATE_IDENTIFIER, 'P' => self::STATE_IDENTIFIER, 'Q' => self::STATE_IDENTIFIER, 'R' => self::STATE_IDENTIFIER, 'S' => self::STATE_IDENTIFIER, 'T' => self::STATE_IDENTIFIER, 'U' => self::STATE_IDENTIFIER, 'V' => self::STATE_IDENTIFIER, 'W' => self::STATE_IDENTIFIER, 'X' => self::STATE_IDENTIFIER, 'Y' => self::STATE_IDENTIFIER, 'Z' => self::STATE_IDENTIFIER, 'a' => self::STATE_IDENTIFIER, 'b' => self::STATE_IDENTIFIER, 'c' => self::STATE_IDENTIFIER, 'd' => self::STATE_IDENTIFIER, 'e' => self::STATE_IDENTIFIER, 'f' => self::STATE_IDENTIFIER, 'g' => self::STATE_IDENTIFIER, 'h' => self::STATE_IDENTIFIER, 'i' => self::STATE_IDENTIFIER, 'j' => self::STATE_IDENTIFIER, 'k' => self::STATE_IDENTIFIER, 'l' => self::STATE_IDENTIFIER, 'm' => self::STATE_IDENTIFIER, 'n' => self::STATE_IDENTIFIER, 'o' => self::STATE_IDENTIFIER, 'p' => self::STATE_IDENTIFIER, 'q' => self::STATE_IDENTIFIER, 'r' => self::STATE_IDENTIFIER, 's' => self::STATE_IDENTIFIER, 't' => self::STATE_IDENTIFIER, 'u' => self::STATE_IDENTIFIER, 'v' => self::STATE_IDENTIFIER, 'w' => self::STATE_IDENTIFIER, 'x' => self::STATE_IDENTIFIER, 'y' => self::STATE_IDENTIFIER, 'z' => self::STATE_IDENTIFIER, ]; /** @var array Valid identifier characters after first character */ private $validIdentifier = [ 'A' => true, 'B' => true, 'C' => true, 'D' => true, 'E' => true, 'F' => true, 'G' => true, 'H' => true, 'I' => true, 'J' => true, 'K' => true, 'L' => true, 'M' => true, 'N' => true, 'O' => true, 'P' => true, 'Q' => true, 'R' => true, 'S' => true, 'T' => true, 'U' => true, 'V' => true, 'W' => true, 'X' => true, 'Y' => true, 'Z' => true, 'a' => true, 'b' => true, 'c' => true, 'd' => true, 'e' => true, 'f' => true, 'g' => true, 'h' => true, 'i' => true, 'j' => true, 'k' => true, 'l' => true, 'm' => true, 'n' => true, 'o' => true, 'p' => true, 'q' => true, 'r' => true, 's' => true, 't' => true, 'u' => true, 'v' => true, 'w' => true, 'x' => true, 'y' => true, 'z' => true, '_' => true, '0' => true, '1' => true, '2' => true, '3' => true, '4' => true, '5' => true, '6' => true, '7' => true, '8' => true, '9' => true, ]; /** @var array Valid number characters after the first character */ private $numbers = [ '0' => true, '1' => true, '2' => true, '3' => true, '4' => true, '5' => true, '6' => true, '7' => true, '8' => true, '9' => true ]; /** @var array Map of simple single character tokens */ private $simpleTokens = [ '.' => self::T_DOT, '*' => self::T_STAR, ']' => self::T_RBRACKET, ',' => self::T_COMMA, ':' => self::T_COLON, '@' => self::T_CURRENT, '(' => self::T_LPAREN, ')' => self::T_RPAREN, '{' => self::T_LBRACE, '}' => self::T_RBRACE, ]; /** * Tokenize the JMESPath expression into an array of tokens hashes that * contain a 'type', 'value', and 'key'. * * @param string $input JMESPath input * * @return array * @throws SyntaxErrorException */ public function tokenize($input) { $tokens = []; if ($input === '') { goto eof; } $chars = str_split($input); while (false !== ($current = current($chars))) { // Every character must be in the transition character table. if (!isset(self::$transitionTable[$current])) { $tokens[] = [ 'type' => self::T_UNKNOWN, 'pos' => key($chars), 'value' => $current ]; next($chars); continue; } $state = self::$transitionTable[$current]; if ($state === self::STATE_SINGLE_CHAR) { // Consume simple tokens like ".", ",", "@", etc. $tokens[] = [ 'type' => $this->simpleTokens[$current], 'pos' => key($chars), 'value' => $current ]; next($chars); } elseif ($state === self::STATE_IDENTIFIER) { // Consume identifiers $start = key($chars); $buffer = ''; do { $buffer .= $current; $current = next($chars); } while ($current !== false && isset($this->validIdentifier[$current])); $tokens[] = [ 'type' => self::T_IDENTIFIER, 'value' => $buffer, 'pos' => $start ]; } elseif ($state === self::STATE_WHITESPACE) { // Skip whitespace next($chars); } elseif ($state === self::STATE_LBRACKET) { // Consume "[", "[?", and "[]" $position = key($chars); $actual = next($chars); if ($actual === ']') { next($chars); $tokens[] = [ 'type' => self::T_FLATTEN, 'pos' => $position, 'value' => '[]' ]; } elseif ($actual === '?') { next($chars); $tokens[] = [ 'type' => self::T_FILTER, 'pos' => $position, 'value' => '[?' ]; } else { $tokens[] = [ 'type' => self::T_LBRACKET, 'pos' => $position, 'value' => '[' ]; } } elseif ($state === self::STATE_STRING_LITERAL) { // Consume raw string literals $t = $this->inside($chars, "'", self::T_LITERAL); $t['value'] = str_replace("\\'", "'", $t['value']); $tokens[] = $t; } elseif ($state === self::STATE_PIPE) { // Consume pipe and OR $tokens[] = $this->matchOr($chars, '|', '|', self::T_OR, self::T_PIPE); } elseif ($state == self::STATE_JSON_LITERAL) { // Consume JSON literals $token = $this->inside($chars, '`', self::T_LITERAL); if ($token['type'] === self::T_LITERAL) { $token['value'] = str_replace('\\`', '`', $token['value']); $token = $this->parseJson($token); } $tokens[] = $token; } elseif ($state == self::STATE_NUMBER) { // Consume numbers $start = key($chars); $buffer = ''; do { $buffer .= $current; $current = next($chars); } while ($current !== false && isset($this->numbers[$current])); $tokens[] = [ 'type' => self::T_NUMBER, 'value' => (int)$buffer, 'pos' => $start ]; } elseif ($state === self::STATE_QUOTED_STRING) { // Consume quoted identifiers $token = $this->inside($chars, '"', self::T_QUOTED_IDENTIFIER); if ($token['type'] === self::T_QUOTED_IDENTIFIER) { $token['value'] = '"' . $token['value'] . '"'; $token = $this->parseJson($token); } $tokens[] = $token; } elseif ($state === self::STATE_EQ) { // Consume equals $tokens[] = $this->matchOr($chars, '=', '=', self::T_COMPARATOR, self::T_UNKNOWN); } elseif ($state == self::STATE_AND) { $tokens[] = $this->matchOr($chars, '&', '&', self::T_AND, self::T_EXPREF); } elseif ($state === self::STATE_NOT) { // Consume not equal $tokens[] = $this->matchOr($chars, '!', '=', self::T_COMPARATOR, self::T_NOT); } else { // either '<' or '>' // Consume less than and greater than $tokens[] = $this->matchOr($chars, $current, '=', self::T_COMPARATOR, self::T_COMPARATOR); } } eof: $tokens[] = [ 'type' => self::T_EOF, 'pos' => mb_strlen($input, 'UTF-8'), 'value' => null ]; return $tokens; } /** * Returns a token based on whether or not the next token matches the * expected value. If it does, a token of "$type" is returned. Otherwise, * a token of "$orElse" type is returned. * * @param array $chars Array of characters by reference. * @param string $current The current character. * @param string $expected Expected character. * @param string $type Expected result type. * @param string $orElse Otherwise return a token of this type. * * @return array Returns a conditional token. */ private function matchOr(array &$chars, $current, $expected, $type, $orElse) { if (next($chars) === $expected) { next($chars); return [ 'type' => $type, 'pos' => key($chars) - 1, 'value' => $current . $expected ]; } return [ 'type' => $orElse, 'pos' => key($chars) - 1, 'value' => $current ]; } /** * Returns a token the is the result of consuming inside of delimiter * characters. Escaped delimiters will be adjusted before returning a * value. If the token is not closed, "unknown" is returned. * * @param array $chars Array of characters by reference. * @param string $delim The delimiter character. * @param string $type Token type. * * @return array Returns the consumed token. */ private function inside(array &$chars, $delim, $type) { $position = key($chars); $current = next($chars); $buffer = ''; while ($current !== $delim) { if ($current === '\\') { $buffer .= '\\'; $current = next($chars); } if ($current === false) { // Unclosed delimiter return [ 'type' => self::T_UNKNOWN, 'value' => $buffer, 'pos' => $position ]; } $buffer .= $current; $current = next($chars); } next($chars); return ['type' => $type, 'value' => $buffer, 'pos' => $position]; } /** * Parses a JSON token or sets the token type to "unknown" on error. * * @param array $token Token that needs parsing. * * @return array Returns a token with a parsed value. */ private function parseJson(array $token) { $value = json_decode($token['value'], true); if ($error = json_last_error()) { // Legacy support for elided quotes. Try to parse again by adding // quotes around the bad input value. $value = json_decode('"' . $token['value'] . '"', true); if ($error = json_last_error()) { $token['type'] = self::T_UNKNOWN; return $token; } } $token['value'] = $value; return $token; } }
Copyright © 2025 - UnknownSec