diff options
| author | Stefan Esser | 2014-02-11 18:59:02 +0100 |
|---|---|---|
| committer | Stefan Esser | 2014-02-11 18:59:02 +0100 |
| commit | beb007b7116527e4288671ee10c35a037338368c (patch) | |
| tree | 71b196155c918a90bcecd86d1d5833fe6d883b53 | |
| parent | 3a3b3298bcea471a0f5dd26adf348abc034f581a (diff) | |
Only replace POST handlers for older PHP versions. Current PHP versions >= 5.4.0 should have okayish post handlers.
| -rw-r--r-- | post_handler.c | 11 | ||||
| -rw-r--r-- | suhosin_rfc1867.h | 1 | ||||
| -rw-r--r-- | ufilter.c | 5 |
3 files changed, 13 insertions, 4 deletions
diff --git a/post_handler.c b/post_handler.c index 7c03892..fb1bb29 100644 --- a/post_handler.c +++ b/post_handler.c | |||
| @@ -83,7 +83,7 @@ last_value: | |||
| 83 | static void suhosin_post_handler_modification(sapi_post_entry *spe) | 83 | static void suhosin_post_handler_modification(sapi_post_entry *spe) |
| 84 | { | 84 | { |
| 85 | char *content_type = estrndup(spe->content_type, spe->content_type_len); | 85 | char *content_type = estrndup(spe->content_type, spe->content_type_len); |
| 86 | suhosin_log(S_VARS, "some extension replaces the POST handler for %s - Suhosin's protection will be incomplete", content_type); | 86 | suhosin_log(S_VARS, "some extension replaces the POST handler for %s - Suhosin's protection might be incomplete", content_type); |
| 87 | efree(content_type); | 87 | efree(content_type); |
| 88 | } | 88 | } |
| 89 | 89 | ||
| @@ -135,7 +135,13 @@ void suhosin_hook_post_handlers(TSRMLS_D) | |||
| 135 | { | 135 | { |
| 136 | HashTable tempht; | 136 | HashTable tempht; |
| 137 | zend_ini_entry *ini_entry; | 137 | zend_ini_entry *ini_entry; |
| 138 | 138 | ||
| 139 | old_rfc1867_callback = php_rfc1867_callback; | ||
| 140 | |||
| 141 | #if PHP_VERSION_ID >= 50400 | ||
| 142 | /* the RFC1867 code is now good enough in PHP to handle our filter just as a registered callback */ | ||
| 143 | php_rfc1867_callback = suhosin_rfc1867_filter; | ||
| 144 | #else | ||
| 139 | #if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION > 0) | 145 | #if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION > 0) |
| 140 | sapi_unregister_post_entry(&suhosin_post_entries[0] TSRMLS_CC); | 146 | sapi_unregister_post_entry(&suhosin_post_entries[0] TSRMLS_CC); |
| 141 | sapi_unregister_post_entry(&suhosin_post_entries[1] TSRMLS_CC); | 147 | sapi_unregister_post_entry(&suhosin_post_entries[1] TSRMLS_CC); |
| @@ -145,6 +151,7 @@ void suhosin_hook_post_handlers(TSRMLS_D) | |||
| 145 | sapi_unregister_post_entry(&suhosin_post_entries[1]); | 151 | sapi_unregister_post_entry(&suhosin_post_entries[1]); |
| 146 | sapi_register_post_entries(suhosin_post_entries); | 152 | sapi_register_post_entries(suhosin_post_entries); |
| 147 | #endif | 153 | #endif |
| 154 | #endif | ||
| 148 | /* we want to get notified if another extension deregisters the suhosin post handlers */ | 155 | /* we want to get notified if another extension deregisters the suhosin post handlers */ |
| 149 | 156 | ||
| 150 | /* we need to tell suhosin patch that there is a new valid destructor */ | 157 | /* we need to tell suhosin patch that there is a new valid destructor */ |
diff --git a/suhosin_rfc1867.h b/suhosin_rfc1867.h index 170b3f9..b4fdea0 100644 --- a/suhosin_rfc1867.h +++ b/suhosin_rfc1867.h | |||
| @@ -79,6 +79,7 @@ typedef struct _multipart_event_end { | |||
| 79 | SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler); | 79 | SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler); |
| 80 | 80 | ||
| 81 | void destroy_uploaded_files_hash(TSRMLS_D); | 81 | void destroy_uploaded_files_hash(TSRMLS_D); |
| 82 | extern PHP_SUHOSIN_API int (*old_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC); | ||
| 82 | #if !HAVE_RFC1867_CALLBACK | 83 | #if !HAVE_RFC1867_CALLBACK |
| 83 | extern PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC); | 84 | extern PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC); |
| 84 | #else | 85 | #else |
| @@ -31,6 +31,7 @@ | |||
| 31 | #include "php_variables.h" | 31 | #include "php_variables.h" |
| 32 | #include "suhosin_rfc1867.h" | 32 | #include "suhosin_rfc1867.h" |
| 33 | 33 | ||
| 34 | PHP_SUHOSIN_API int (*old_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; | ||
| 34 | #if !HAVE_RFC1867_CALLBACK | 35 | #if !HAVE_RFC1867_CALLBACK |
| 35 | PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; | 36 | PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; |
| 36 | #endif | 37 | #endif |
| @@ -345,8 +346,8 @@ int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TS | |||
| 345 | } | 346 | } |
| 346 | continue_with_next: | 347 | continue_with_next: |
| 347 | #if HAVE_RFC1867_CALLBACK | 348 | #if HAVE_RFC1867_CALLBACK |
| 348 | if (php_rfc1867_callback != NULL) { | 349 | if (old_rfc1867_callback != NULL) { |
| 349 | return php_rfc1867_callback(event, event_data, extra TSRMLS_CC); | 350 | return old_rfc1867_callback(event, event_data, extra TSRMLS_CC); |
| 350 | } | 351 | } |
| 351 | #endif | 352 | #endif |
| 352 | return SUCCESS; | 353 | return SUCCESS; |