summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Esser2012-05-20 15:57:51 +0200
committerStefan Esser2012-05-20 15:57:51 +0200
commita908dd4aa2fd307957227697e97872c654e03c85 (patch)
tree4ea3a6f1d8a66112aed4124d46a6fe38496d663c
parent716a292a57b8b199346d2f48130ffb385425d3e7 (diff)
Fixed variable counting.
Diffstat
-rw-r--r--ifilter.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/ifilter.c b/ifilter.c
index 85ad1ed..326e7cd 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -327,18 +327,21 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
327 switch (arg) { 327 switch (arg) {
328 case PARSE_GET: 328 case PARSE_GET:
329 SUHOSIN_G(att_get_vars)++; 329 SUHOSIN_G(att_get_vars)++;
330 SUHOSIN_G(att_request_variables)++;
330 if (SUHOSIN_G(no_more_get_variables)) { 331 if (SUHOSIN_G(no_more_get_variables)) {
331 return 0; 332 return 0;
332 } 333 }
333 break; 334 break;
334 case PARSE_POST: 335 case PARSE_POST:
335 SUHOSIN_G(att_post_vars)++; 336 SUHOSIN_G(att_post_vars)++;
337 SUHOSIN_G(att_request_variables)++;
336 if (SUHOSIN_G(no_more_post_variables)) { 338 if (SUHOSIN_G(no_more_post_variables)) {
337 return 0; 339 return 0;
338 } 340 }
339 break; 341 break;
340 case PARSE_COOKIE: 342 case PARSE_COOKIE:
341 SUHOSIN_G(att_cookie_vars)++; 343 SUHOSIN_G(att_cookie_vars)++;
344 SUHOSIN_G(att_request_variables)++;
342 if (SUHOSIN_G(no_more_cookie_variables)) { 345 if (SUHOSIN_G(no_more_cookie_variables)) {
343 return 0; 346 return 0;
344 } 347 }
@@ -349,13 +352,12 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
349 } 352 }
350 return 1; 353 return 1;
351 } 354 }
352 SUHOSIN_G(att_request_variables)++;
353 355
354 /* Drop this variable if the limit is now reached */ 356 /* Drop this variable if the limit is now reached */
355 switch (arg) { 357 switch (arg) {
356 case PARSE_GET: 358 case PARSE_GET:
357 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) { 359 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) {
358 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s'", var); 360 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var);
359 if (!SUHOSIN_G(simulation)) { 361 if (!SUHOSIN_G(simulation)) {
360 SUHOSIN_G(no_more_get_variables) = 1; 362 SUHOSIN_G(no_more_get_variables) = 1;
361 return 0; 363 return 0;
@@ -364,7 +366,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
364 break; 366 break;
365 case PARSE_COOKIE: 367 case PARSE_COOKIE:
366 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) { 368 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) {
367 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s'", var); 369 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var);
368 if (!SUHOSIN_G(simulation)) { 370 if (!SUHOSIN_G(simulation)) {
369 SUHOSIN_G(no_more_cookie_variables) = 1; 371 SUHOSIN_G(no_more_cookie_variables) = 1;
370 return 0; 372 return 0;
@@ -373,7 +375,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
373 break; 375 break;
374 case PARSE_POST: 376 case PARSE_POST:
375 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) { 377 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) {
376 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s'", var); 378 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var);
377 if (!SUHOSIN_G(simulation)) { 379 if (!SUHOSIN_G(simulation)) {
378 SUHOSIN_G(no_more_post_variables) = 1; 380 SUHOSIN_G(no_more_post_variables) = 1;
379 return 0; 381 return 0;