summaryrefslogtreecommitdiff
path: root/execute.c
diff options
context:
space:
mode:
authorStefan Esser2014-02-12 14:35:42 +0100
committerStefan Esser2014-02-12 14:35:42 +0100
commitc20f47262ba9d180ae6ab7f7b608cd51a22c265d (patch)
tree7abd168d1c9d834a52492900b47bb03421f9ffa3 /execute.c
parent5e766313ae0de12af8828b3ac80d017844a20ca7 (diff)
Detect some more code types
Diffstat (limited to 'execute.c')
-rw-r--r--execute.c21
1 files changed, 21 insertions, 0 deletions
diff --git a/execute.c b/execute.c
index 5371d00..f6381e3 100644
--- a/execute.c
+++ b/execute.c
@@ -99,6 +99,7 @@ conts:
99#define SUHOSIN_CODE_TYPE_LONGNAME 13 99#define SUHOSIN_CODE_TYPE_LONGNAME 13
100#define SUHOSIN_CODE_TYPE_MANYDOTS 14 100#define SUHOSIN_CODE_TYPE_MANYDOTS 14
101#define SUHOSIN_CODE_TYPE_WRITABLE 15 101#define SUHOSIN_CODE_TYPE_WRITABLE 15
102#define SUHOSIN_CODE_TYPE_MBREGEXP 16
102 103
103static int suhosin_check_filename(char *s, int len TSRMLS_DC) 104static int suhosin_check_filename(char *s, int len TSRMLS_DC)
104{ 105{
@@ -332,6 +333,10 @@ static int suhosin_detect_codetype(zend_op_array *op_array TSRMLS_DC)
332 return SUHOSIN_CODE_TYPE_REGEXP; 333 return SUHOSIN_CODE_TYPE_REGEXP;
333 } 334 }
334 335
336 if (strstr(s, "mbregex replace") != NULL) {
337 return SUHOSIN_CODE_TYPE_MBREGEXP;
338 }
339
335 if (strstr(s, "assert code") != NULL) { 340 if (strstr(s, "assert code") != NULL) {
336 return SUHOSIN_CODE_TYPE_ASSERT; 341 return SUHOSIN_CODE_TYPE_ASSERT;
337 } 342 }
@@ -343,6 +348,18 @@ static int suhosin_detect_codetype(zend_op_array *op_array TSRMLS_DC)
343 if (strstr(s, "Command line code") != NULL) { 348 if (strstr(s, "Command line code") != NULL) {
344 return SUHOSIN_CODE_TYPE_COMMANDLINE; 349 return SUHOSIN_CODE_TYPE_COMMANDLINE;
345 } 350 }
351
352 if (strstr(s, "Command line begin code") != NULL) {
353 return SUHOSIN_CODE_TYPE_COMMANDLINE;
354 }
355
356 if (strstr(s, "Command line run code") != NULL) {
357 return SUHOSIN_CODE_TYPE_COMMANDLINE;
358 }
359
360 if (strstr(s, "Command line end code") != NULL) {
361 return SUHOSIN_CODE_TYPE_COMMANDLINE;
362 }
346 363
347 if (strstr(s, "suhosin internal code") != NULL) { 364 if (strstr(s, "suhosin internal code") != NULL) {
348 return SUHOSIN_CODE_TYPE_SUHOSIN; 365 return SUHOSIN_CODE_TYPE_SUHOSIN;
@@ -540,6 +557,10 @@ not_evaled_code:
540 } 557 }
541 break; 558 break;
542 559
560 case SUHOSIN_CODE_TYPE_MBREGEXP:
561 /* XXX TODO: Do we want to disallow this, too? */
562 break;
563
543 case SUHOSIN_CODE_TYPE_ASSERT: 564 case SUHOSIN_CODE_TYPE_ASSERT:
544 break; 565 break;
545 566