summaryrefslogtreecommitdiff
path: root/php_suhosin.h
diff options
context:
space:
mode:
authorBen Fuhrmannek2014-07-17 13:40:39 +0200
committerBen Fuhrmannek2014-07-17 13:40:39 +0200
commit5193b37822269c19a58b86c8a6e1f8e90bd818e6 (patch)
tree6ea516daefa0b5128823eae043a64b37c51e4e80 /php_suhosin.h
parentace8fdae3788ca4381a17a14bc4d5acd0cd98709 (diff)
removed redundant implementations of protected varname check
Diffstat (limited to 'php_suhosin.h')
-rw-r--r--php_suhosin.h50
1 files changed, 50 insertions, 0 deletions
diff --git a/php_suhosin.h b/php_suhosin.h
index 22e6df1..e89d02b 100644
--- a/php_suhosin.h
+++ b/php_suhosin.h
@@ -39,6 +39,10 @@
39#endif 39#endif
40#endif 40#endif
41 41
42#ifndef PHP_VERSION_ID
43#define PHP_VERSION_ID (PHP_MAJOR_VERSION * 10000 + PHP_MINOR_VERSION * 100 + PHP_RELEASE_VERSION)
44#endif
45
42extern zend_module_entry suhosin_module_entry; 46extern zend_module_entry suhosin_module_entry;
43#define phpext_suhosin_ptr &suhosin_module_entry 47#define phpext_suhosin_ptr &suhosin_module_entry
44 48
@@ -66,6 +70,52 @@ PHP_MINFO_FUNCTION(suhosin);
66 70
67#include "ext/standard/basic_functions.h" 71#include "ext/standard/basic_functions.h"
68 72
73#if PHP_VERSION_ID < 50203
74static inline int php_varname_check(char *name, int name_len, zend_bool silent TSRMLS_DC) /* {{{ */
75{
76 if (name_len == sizeof("GLOBALS") && !memcmp(name, "GLOBALS", sizeof("GLOBALS"))) {
77 if (!silent) {
78 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted GLOBALS variable overwrite");
79 }
80 return FAILURE;
81 } else if (name[0] == '_' &&
82 (
83 (name_len == sizeof("_GET") && !memcmp(name, "_GET", sizeof("_GET"))) ||
84 (name_len == sizeof("_POST") && !memcmp(name, "_POST", sizeof("_POST"))) ||
85 (name_len == sizeof("_COOKIE") && !memcmp(name, "_COOKIE", sizeof("_COOKIE"))) ||
86 (name_len == sizeof("_ENV") && !memcmp(name, "_ENV", sizeof("_ENV"))) ||
87 (name_len == sizeof("_SERVER") && !memcmp(name, "_SERVER", sizeof("_SERVER"))) ||
88 (name_len == sizeof("_SESSION") && !memcmp(name, "_SESSION", sizeof("_SESSION"))) ||
89 (name_len == sizeof("_FILES") && !memcmp(name, "_FILES", sizeof("_FILES"))) ||
90 (name_len == sizeof("_REQUEST") && !memcmp(name, "_REQUEST", sizeof("_REQUEST")))
91 )
92 ) {
93 if (!silent) {
94 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted super-global (%s) variable overwrite", name);
95 }
96 return FAILURE;
97 } else if (name[0] == 'H' &&
98 (
99 (name_len == sizeof("HTTP_POST_VARS") && !memcmp(name, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"))) ||
100 (name_len == sizeof("HTTP_GET_VARS") && !memcmp(name, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"))) ||
101 (name_len == sizeof("HTTP_COOKIE_VARS") && !memcmp(name, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"))) ||
102 (name_len == sizeof("HTTP_ENV_VARS") && !memcmp(name, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"))) ||
103 (name_len == sizeof("HTTP_SERVER_VARS") && !memcmp(name, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"))) ||
104 (name_len == sizeof("HTTP_SESSION_VARS") && !memcmp(name, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS"))) ||
105 (name_len == sizeof("HTTP_RAW_POST_DATA") && !memcmp(name, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA"))) ||
106 (name_len == sizeof("HTTP_POST_FILES") && !memcmp(name, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES")))
107 )
108 ) {
109 if (!silent) {
110 php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attempted long input array (%s) overwrite", name);
111 }
112 return FAILURE;
113 }
114 return SUCCESS;
115}
116/* }}} */
117#endif
118
69ZEND_BEGIN_MODULE_GLOBALS(suhosin) 119ZEND_BEGIN_MODULE_GLOBALS(suhosin)
70 zend_uint in_code_type; 120 zend_uint in_code_type;
71 long execution_depth; 121 long execution_depth;