summaryrefslogtreecommitdiff
path: root/ifilter.c
diff options
context:
space:
mode:
authorBen Fuhrmannek2016-09-23 17:35:03 +0200
committerBen Fuhrmannek2016-09-23 17:35:03 +0200
commit200e697807b4de3af042edb3dea4d3db8fba9f03 (patch)
treed62cbe31b3c8789b92fc19f72039a7a4e57750d8 /ifilter.c
parent5f2b52cbc278bcf587160a21790d5c6ebe181178 (diff)
whitespace / code indentation
Diffstat (limited to 'ifilter.c')
-rw-r--r--ifilter.c236
1 files changed, 117 insertions, 119 deletions
diff --git a/ifilter.c b/ifilter.c
index fc25a55..43df750 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -17,7 +17,7 @@
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19/* 19/*
20 $Id: ifilter.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ 20 $Id: ifilter.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
21*/ 21*/
22 22
23#ifdef HAVE_CONFIG_H 23#ifdef HAVE_CONFIG_H
@@ -67,12 +67,12 @@ size_t suhosin_strncspn(const char *input, size_t n, const char *reject)
67void normalize_varname(char *varname) 67void normalize_varname(char *varname)
68{ 68{
69 char *s=varname, *index=NULL, *indexend=NULL, *p; 69 char *s=varname, *index=NULL, *indexend=NULL, *p;
70 70
71 /* overjump leading space */ 71 /* overjump leading space */
72 while (*s == ' ') { 72 while (*s == ' ') {
73 s++; 73 s++;
74 } 74 }
75 75
76 /* and remove it */ 76 /* and remove it */
77 if (s != varname) { 77 if (s != varname) {
78 memmove(varname, s, strlen(s)+1); 78 memmove(varname, s, strlen(s)+1);
@@ -104,7 +104,7 @@ void normalize_varname(char *varname)
104 } 104 }
105 indexend = strchr(index, ']'); 105 indexend = strchr(index, ']');
106 indexend = indexend ? indexend + 1 : index + strlen(index); 106 indexend = indexend ? indexend + 1 : index + strlen(index);
107 107
108 if (s != index) { 108 if (s != index) {
109 memmove(s, index, strlen(index)+1); 109 memmove(s, index, strlen(index)+1);
110 s += indexend-index; 110 s += indexend-index;
@@ -117,7 +117,7 @@ void normalize_varname(char *varname)
117 index = s; 117 index = s;
118 } else { 118 } else {
119 index = NULL; 119 index = NULL;
120 } 120 }
121 } 121 }
122 *s++='\0'; 122 *s++='\0';
123} 123}
@@ -153,7 +153,7 @@ static void suhosin_server_strip(HashTable *arr, char *key, int klen)
153 153
154 if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS && 154 if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS &&
155 Z_TYPE_PP(tzval) == IS_STRING) { 155 Z_TYPE_PP(tzval) == IS_STRING) {
156 156
157 s = t = (unsigned char *)Z_STRVAL_PP(tzval); 157 s = t = (unsigned char *)Z_STRVAL_PP(tzval);
158 for (; *t; t++) { 158 for (; *t; t++) {
159 if (suhosin_is_dangerous_char[*t]) { 159 if (suhosin_is_dangerous_char[*t]) {
@@ -175,20 +175,20 @@ static void suhosin_server_encode(HashTable *arr, char *key, int klen)
175 175
176 if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS && 176 if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS &&
177 Z_TYPE_PP(tzval) == IS_STRING) { 177 Z_TYPE_PP(tzval) == IS_STRING) {
178 178
179 temp = (unsigned char *)Z_STRVAL_PP(tzval); 179 temp = (unsigned char *)Z_STRVAL_PP(tzval);
180 180
181 for (t = temp; *t; t++) { 181 for (t = temp; *t; t++) {
182 if (suhosin_is_dangerous_char[*t]) { 182 if (suhosin_is_dangerous_char[*t]) {
183 extra += 2; 183 extra += 2;
184 } 184 }
185 } 185 }
186 186
187 /* no extra bytes required */ 187 /* no extra bytes required */
188 if (extra == 0) { 188 if (extra == 0) {
189 return; 189 return;
190 } 190 }
191 191
192 n = newv = emalloc(t - temp + 1 + extra); 192 n = newv = emalloc(t - temp + 1 + extra);
193 t = temp; 193 t = temp;
194 for (t = temp; *t; t++, n++) { 194 for (t = temp; *t; t++, n++) {
@@ -201,7 +201,7 @@ static void suhosin_server_encode(HashTable *arr, char *key, int klen)
201 } 201 }
202 } 202 }
203 *n = 0; 203 *n = 0;
204 204
205 /* XXX: we leak memory here, but only for the duration of the request */ 205 /* XXX: we leak memory here, but only for the duration of the request */
206 Z_STRVAL_PP(tzval) = (char *)newv; 206 Z_STRVAL_PP(tzval) = (char *)newv;
207 Z_STRLEN_PP(tzval) = n-newv; 207 Z_STRLEN_PP(tzval) = n-newv;
@@ -251,7 +251,7 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
251 if (failure) { 251 if (failure) {
252 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header"); 252 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header");
253 } 253 }
254 254
255 if (SUHOSIN_G(raw_cookie)) { 255 if (SUHOSIN_G(raw_cookie)) {
256 zval *z; 256 zval *z;
257 MAKE_STD_ZVAL(z); 257 MAKE_STD_ZVAL(z);
@@ -265,7 +265,7 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
265 zend_hash_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE"), (void **)&z, sizeof(zval *), NULL); 265 zend_hash_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE"), (void **)&z, sizeof(zval *), NULL);
266 SUHOSIN_G(decrypted_cookie) = NULL; 266 SUHOSIN_G(decrypted_cookie) = NULL;
267 } 267 }
268 268
269 if (SUHOSIN_G(server_encode)) { 269 if (SUHOSIN_G(server_encode)) {
270 /* suhosin_server_encode(svars, "argv", sizeof("argv")); */ 270 /* suhosin_server_encode(svars, "argv", sizeof("argv")); */
271 suhosin_server_encode(svars, "REQUEST_URI", sizeof("REQUEST_URI")); 271 suhosin_server_encode(svars, "REQUEST_URI", sizeof("REQUEST_URI"));
@@ -290,14 +290,14 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsign
290{ 290{
291 zend_bool already_scanned = SUHOSIN_G(already_scanned); 291 zend_bool already_scanned = SUHOSIN_G(already_scanned);
292 SUHOSIN_G(already_scanned) = 0; 292 SUHOSIN_G(already_scanned) = 0;
293 293
294 if (SUHOSIN_G(do_not_scan)) { 294 if (SUHOSIN_G(do_not_scan)) {
295 if (new_val_len) { 295 if (new_val_len) {
296 *new_val_len = val_len; 296 *new_val_len = val_len;
297 } 297 }
298 return 1; 298 return 1;
299 } 299 }
300 300
301 if (!already_scanned) { 301 if (!already_scanned) {
302 if (suhosin_input_filter(arg, var, val, val_len, new_val_len TSRMLS_CC)==0) { 302 if (suhosin_input_filter(arg, var, val, val_len, new_val_len TSRMLS_CC)==0) {
303 SUHOSIN_G(abort_request)=1; 303 SUHOSIN_G(abort_request)=1;
@@ -329,66 +329,66 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
329 } 329 }
330 330
331 /* Drop this variable if the limit was reached */ 331 /* Drop this variable if the limit was reached */
332 switch (arg) {
333 case PARSE_GET:
334 SUHOSIN_G(att_get_vars)++;
335 SUHOSIN_G(att_request_variables)++;
336 if (SUHOSIN_G(no_more_get_variables)) {
337 return 0;
338 }
339 break;
340 case PARSE_POST:
341 SUHOSIN_G(att_post_vars)++;
342 SUHOSIN_G(att_request_variables)++;
343 if (SUHOSIN_G(no_more_post_variables)) {
344 return 0;
345 }
346 break;
347 case PARSE_COOKIE:
348 SUHOSIN_G(att_cookie_vars)++;
349 SUHOSIN_G(att_request_variables)++;
350 if (SUHOSIN_G(no_more_cookie_variables)) {
351 return 0;
352 }
353 break;
354 default: /* we do not want to protect parse_str() and friends */
355 if (new_val_len) {
356 *new_val_len = val_len;
357 }
358 return 1;
359 }
360
361 /* Drop this variable if the limit is now reached */
362 switch (arg) { 332 switch (arg) {
363 case PARSE_GET: 333 case PARSE_GET:
334 SUHOSIN_G(att_get_vars)++;
335 SUHOSIN_G(att_request_variables)++;
336 if (SUHOSIN_G(no_more_get_variables)) {
337 return 0;
338 }
339 break;
340 case PARSE_POST:
341 SUHOSIN_G(att_post_vars)++;
342 SUHOSIN_G(att_request_variables)++;
343 if (SUHOSIN_G(no_more_post_variables)) {
344 return 0;
345 }
346 break;
347 case PARSE_COOKIE:
348 SUHOSIN_G(att_cookie_vars)++;
349 SUHOSIN_G(att_request_variables)++;
350 if (SUHOSIN_G(no_more_cookie_variables)) {
351 return 0;
352 }
353 break;
354 default: /* we do not want to protect parse_str() and friends */
355 if (new_val_len) {
356 *new_val_len = val_len;
357 }
358 return 1;
359 }
360
361/* Drop this variable if the limit is now reached */
362 switch (arg) {
363 case PARSE_GET:
364 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) { 364 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) {
365 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var); 365 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var);
366 if (!SUHOSIN_G(simulation)) { 366 if (!SUHOSIN_G(simulation)) {
367 SUHOSIN_G(no_more_get_variables) = 1; 367 SUHOSIN_G(no_more_get_variables) = 1;
368 return 0; 368 return 0;
369 } 369 }
370 } 370 }
371 break; 371 break;
372 case PARSE_COOKIE: 372 case PARSE_COOKIE:
373 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) { 373 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) {
374 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var); 374 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var);
375 if (!SUHOSIN_G(simulation)) { 375 if (!SUHOSIN_G(simulation)) {
376 SUHOSIN_G(no_more_cookie_variables) = 1; 376 SUHOSIN_G(no_more_cookie_variables) = 1;
377 return 0; 377 return 0;
378 } 378 }
379 } 379 }
380 break; 380 break;
381 case PARSE_POST: 381 case PARSE_POST:
382 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) { 382 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) {
383 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var); 383 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var);
384 if (!SUHOSIN_G(simulation)) { 384 if (!SUHOSIN_G(simulation)) {
385 SUHOSIN_G(no_more_post_variables) = 1; 385 SUHOSIN_G(no_more_post_variables) = 1;
386 return 0; 386 return 0;
387 } 387 }
388 } 388 }
389 break; 389 break;
390 } 390 }
391 391
392 /* Drop this variable if it begins with whitespace which is disallowed */ 392 /* Drop this variable if it begins with whitespace which is disallowed */
393 if (isspace(*var)) { 393 if (isspace(*var)) {
394 if (SUHOSIN_G(disallow_ws)) { 394 if (SUHOSIN_G(disallow_ws)) {
@@ -398,33 +398,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
398 } 398 }
399 } 399 }
400 switch (arg) { 400 switch (arg) {
401 case PARSE_GET: 401 case PARSE_GET:
402 if (SUHOSIN_G(disallow_get_ws)) { 402 if (SUHOSIN_G(disallow_get_ws)) {
403 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var); 403 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var);
404 if (!SUHOSIN_G(simulation)) { 404 if (!SUHOSIN_G(simulation)) {
405 return 0; 405 return 0;
406 } 406 }
407 } 407 }
408 break; 408 break;
409 case PARSE_POST: 409 case PARSE_POST:
410 if (SUHOSIN_G(disallow_post_ws)) { 410 if (SUHOSIN_G(disallow_post_ws)) {
411 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var); 411 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var);
412 if (!SUHOSIN_G(simulation)) { 412 if (!SUHOSIN_G(simulation)) {
413 return 0; 413 return 0;
414 } 414 }
415 } 415 }
416 break; 416 break;
417 case PARSE_COOKIE: 417 case PARSE_COOKIE:
418 if (SUHOSIN_G(disallow_cookie_ws)) { 418 if (SUHOSIN_G(disallow_cookie_ws)) {
419 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var); 419 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var);
420 if (!SUHOSIN_G(simulation)) { 420 if (!SUHOSIN_G(simulation)) {
421 return 0; 421 return 0;
422 } 422 }
423 } 423 }
424 break; 424 break;
425 } 425 }
426 } 426 }
427 427
428 /* Drop this variable if it exceeds the value length limit */ 428 /* Drop this variable if it exceeds the value length limit */
429 if (SUHOSIN_G(max_value_length) && SUHOSIN_G(max_value_length) < val_len) { 429 if (SUHOSIN_G(max_value_length) && SUHOSIN_G(max_value_length) < val_len) {
430 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var); 430 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var);
@@ -433,7 +433,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
433 } 433 }
434 } 434 }
435 switch (arg) { 435 switch (arg) {
436 case PARSE_GET: 436 case PARSE_GET:
437 if (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) { 437 if (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) {
438 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var); 438 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var);
439 if (!SUHOSIN_G(simulation)) { 439 if (!SUHOSIN_G(simulation)) {
@@ -441,7 +441,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
441 } 441 }
442 } 442 }
443 break; 443 break;
444 case PARSE_COOKIE: 444 case PARSE_COOKIE:
445 if (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) { 445 if (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) {
446 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var); 446 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var);
447 if (!SUHOSIN_G(simulation)) { 447 if (!SUHOSIN_G(simulation)) {
@@ -449,7 +449,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
449 } 449 }
450 } 450 }
451 break; 451 break;
452 case PARSE_POST: 452 case PARSE_POST:
453 if (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) { 453 if (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) {
454 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var); 454 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var);
455 if (!SUHOSIN_G(simulation)) { 455 if (!SUHOSIN_G(simulation)) {
@@ -458,15 +458,15 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
458 } 458 }
459 break; 459 break;
460 } 460 }
461 461
462 /* Normalize the variable name */ 462 /* Normalize the variable name */
463 normalize_varname(var); 463 normalize_varname(var);
464 464
465 /* Find length of variable name */ 465 /* Find length of variable name */
466 index = strchr(var, '['); 466 index = strchr(var, '[');
467 total_len = strlen(var); 467 total_len = strlen(var);
468 var_len = index ? index-var : total_len; 468 var_len = index ? index-var : total_len;
469 469
470 /* Drop this variable if it exceeds the varname/total length limit */ 470 /* Drop this variable if it exceeds the varname/total length limit */
471 if (SUHOSIN_G(max_varname_length) && SUHOSIN_G(max_varname_length) < var_len) { 471 if (SUHOSIN_G(max_varname_length) && SUHOSIN_G(max_varname_length) < var_len) {
472 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var); 472 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var);
@@ -481,7 +481,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
481 } 481 }
482 } 482 }
483 switch (arg) { 483 switch (arg) {
484 case PARSE_GET: 484 case PARSE_GET:
485 if (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) { 485 if (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) {
486 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var); 486 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var);
487 if (!SUHOSIN_G(simulation)) { 487 if (!SUHOSIN_G(simulation)) {
@@ -495,7 +495,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
495 } 495 }
496 } 496 }
497 break; 497 break;
498 case PARSE_COOKIE: 498 case PARSE_COOKIE:
499 if (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) { 499 if (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) {
500 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var); 500 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var);
501 if (!SUHOSIN_G(simulation)) { 501 if (!SUHOSIN_G(simulation)) {
@@ -509,7 +509,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
509 } 509 }
510 } 510 }
511 break; 511 break;
512 case PARSE_POST: 512 case PARSE_POST:
513 if (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) { 513 if (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) {
514 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var); 514 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var);
515 if (!SUHOSIN_G(simulation)) { 515 if (!SUHOSIN_G(simulation)) {
@@ -524,59 +524,59 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
524 } 524 }
525 break; 525 break;
526 } 526 }
527 527
528 /* Find out array depth */ 528 /* Find out array depth */
529 while (index) { 529 while (index) {
530 char *index_end; 530 char *index_end;
531 unsigned int index_length; 531 unsigned int index_length;
532 532
533 /* overjump '[' */ 533 /* overjump '[' */
534 index++; 534 index++;
535 535
536 /* increase array depth */ 536 /* increase array depth */
537 depth++; 537 depth++;
538 538
539 index_end = strchr(index, ']'); 539 index_end = strchr(index, ']');
540 if (index_end == NULL) { 540 if (index_end == NULL) {
541 index_end = index+strlen(index); 541 index_end = index+strlen(index);
542 } 542 }
543 543
544 index_length = index_end - index; 544 index_length = index_end - index;
545 545
546 /* max. array index length */ 546 /* max. array index length */
547 if (SUHOSIN_G(max_array_index_length) && SUHOSIN_G(max_array_index_length) < index_length) { 547 if (SUHOSIN_G(max_array_index_length) && SUHOSIN_G(max_array_index_length) < index_length) {
548 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var); 548 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var);
549 if (!SUHOSIN_G(simulation)) { 549 if (!SUHOSIN_G(simulation)) {
550 return 0; 550 return 0;
551 } 551 }
552 } 552 }
553 switch (arg) { 553 switch (arg) {
554 case PARSE_GET: 554 case PARSE_GET:
555 if (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) { 555 if (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) {
556 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var); 556 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var);
557 if (!SUHOSIN_G(simulation)) { 557 if (!SUHOSIN_G(simulation)) {
558 return 0; 558 return 0;
559 } 559 }
560 } 560 }
561 break; 561 break;
562 case PARSE_COOKIE: 562 case PARSE_COOKIE:
563 if (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) { 563 if (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) {
564 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var); 564 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var);
565 if (!SUHOSIN_G(simulation)) { 565 if (!SUHOSIN_G(simulation)) {
566 return 0; 566 return 0;
567 } 567 }
568 } 568 }
569 break; 569 break;
570 case PARSE_POST: 570 case PARSE_POST:
571 if (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) { 571 if (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) {
572 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var); 572 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var);
573 if (!SUHOSIN_G(simulation)) { 573 if (!SUHOSIN_G(simulation)) {
574 return 0; 574 return 0;
575 } 575 }
576 } 576 }
577 break; 577 break;
578 } 578 }
579 579
580 /* index whitelist/blacklist */ 580 /* index whitelist/blacklist */
581 if (SUHOSIN_G(array_index_whitelist) && *(SUHOSIN_G(array_index_whitelist))) { 581 if (SUHOSIN_G(array_index_whitelist) && *(SUHOSIN_G(array_index_whitelist))) {
582 if (suhosin_strnspn(index, index_length, SUHOSIN_G(array_index_whitelist)) != index_length) { 582 if (suhosin_strnspn(index, index_length, SUHOSIN_G(array_index_whitelist)) != index_length) {
@@ -593,10 +593,10 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
593 } 593 }
594 } 594 }
595 } 595 }
596 596
597 index = strchr(index, '['); 597 index = strchr(index, '[');
598 } 598 }
599 599
600 /* Drop this variable if it exceeds the array depth limit */ 600 /* Drop this variable if it exceeds the array depth limit */
601 if (SUHOSIN_G(max_array_depth) && SUHOSIN_G(max_array_depth) < depth) { 601 if (SUHOSIN_G(max_array_depth) && SUHOSIN_G(max_array_depth) < depth) {
602 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var); 602 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var);
@@ -605,7 +605,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
605 } 605 }
606 } 606 }
607 switch (arg) { 607 switch (arg) {
608 case PARSE_GET: 608 case PARSE_GET:
609 if (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) { 609 if (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) {
610 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var); 610 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var);
611 if (!SUHOSIN_G(simulation)) { 611 if (!SUHOSIN_G(simulation)) {
@@ -613,7 +613,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
613 } 613 }
614 } 614 }
615 break; 615 break;
616 case PARSE_COOKIE: 616 case PARSE_COOKIE:
617 if (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) { 617 if (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) {
618 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var); 618 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var);
619 if (!SUHOSIN_G(simulation)) { 619 if (!SUHOSIN_G(simulation)) {
@@ -621,7 +621,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
621 } 621 }
622 } 622 }
623 break; 623 break;
624 case PARSE_POST: 624 case PARSE_POST:
625 if (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) { 625 if (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) {
626 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var); 626 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var);
627 if (!SUHOSIN_G(simulation)) { 627 if (!SUHOSIN_G(simulation)) {
@@ -632,9 +632,9 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
632 } 632 }
633 633
634 /* Check if variable value is truncated by a \0 */ 634 /* Check if variable value is truncated by a \0 */
635 635
636 if (val && *val && val_len != strnlen(*val, val_len)) { 636 if (val && *val && val_len != strnlen(*val, val_len)) {
637 637
638 if (SUHOSIN_G(disallow_nul)) { 638 if (SUHOSIN_G(disallow_nul)) {
639 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var); 639 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var);
640 if (!SUHOSIN_G(simulation)) { 640 if (!SUHOSIN_G(simulation)) {
@@ -642,7 +642,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
642 } 642 }
643 } 643 }
644 switch (arg) { 644 switch (arg) {
645 case PARSE_GET: 645 case PARSE_GET:
646 if (SUHOSIN_G(disallow_get_nul)) { 646 if (SUHOSIN_G(disallow_get_nul)) {
647 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var); 647 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var);
648 if (!SUHOSIN_G(simulation)) { 648 if (!SUHOSIN_G(simulation)) {
@@ -650,7 +650,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
650 } 650 }
651 } 651 }
652 break; 652 break;
653 case PARSE_COOKIE: 653 case PARSE_COOKIE:
654 if (SUHOSIN_G(disallow_cookie_nul)) { 654 if (SUHOSIN_G(disallow_cookie_nul)) {
655 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var); 655 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var);
656 if (!SUHOSIN_G(simulation)) { 656 if (!SUHOSIN_G(simulation)) {
@@ -658,7 +658,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
658 } 658 }
659 } 659 }
660 break; 660 break;
661 case PARSE_POST: 661 case PARSE_POST:
662 if (SUHOSIN_G(disallow_post_nul)) { 662 if (SUHOSIN_G(disallow_post_nul)) {
663 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var); 663 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var);
664 if (!SUHOSIN_G(simulation)) { 664 if (!SUHOSIN_G(simulation)) {
@@ -668,7 +668,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
668 break; 668 break;
669 } 669 }
670 } 670 }
671 671
672 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */ 672 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */
673 /* This is to protect several silly scripts that do globalizing themself */ 673 /* This is to protect several silly scripts that do globalizing themself */
674 if (suhosin_is_protected_varname(var, var_len)) { 674 if (suhosin_is_protected_varname(var, var_len)) {
@@ -681,17 +681,17 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
681 /* Okay let PHP register this variable */ 681 /* Okay let PHP register this variable */
682 SUHOSIN_G(cur_request_variables)++; 682 SUHOSIN_G(cur_request_variables)++;
683 switch (arg) { 683 switch (arg) {
684 case PARSE_GET: 684 case PARSE_GET:
685 SUHOSIN_G(cur_get_vars)++; 685 SUHOSIN_G(cur_get_vars)++;
686 break; 686 break;
687 case PARSE_COOKIE: 687 case PARSE_COOKIE:
688 SUHOSIN_G(cur_cookie_vars)++; 688 SUHOSIN_G(cur_cookie_vars)++;
689 break; 689 break;
690 case PARSE_POST: 690 case PARSE_POST:
691 SUHOSIN_G(cur_post_vars)++; 691 SUHOSIN_G(cur_post_vars)++;
692 break; 692 break;
693 } 693 }
694 694
695 if (new_val_len) { 695 if (new_val_len) {
696 *new_val_len = val_len; 696 *new_val_len = val_len;
697 } 697 }
@@ -722,5 +722,3 @@ void suhosin_hook_register_server_variables()
722 * vim600: noet sw=4 ts=4 fdm=marker 722 * vim600: noet sw=4 ts=4 fdm=marker
723 * vim<600: noet sw=4 ts=4 723 * vim<600: noet sw=4 ts=4
724 */ 724 */
725
726