diff options
| author | Stefan Esser | 2014-02-12 13:26:37 +0100 |
|---|---|---|
| committer | Stefan Esser | 2014-02-12 13:26:37 +0100 |
| commit | 73f880f8516e98c10acf0c1a848e82ad17605c2f (patch) | |
| tree | 5a62ada1116784227bab3fefcf586e33159c006a /post_handler.c | |
| parent | e6bf2fac03e77137a6e22b60f46579a2f79ddeb6 (diff) | |
Have to override the std post handler otherwise the filter does not work
Diffstat (limited to '')
| -rw-r--r-- | post_handler.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/post_handler.c b/post_handler.c index e0fb672..267dfcb 100644 --- a/post_handler.c +++ b/post_handler.c | |||
| @@ -67,8 +67,12 @@ last_value: | |||
| 67 | val++; | 67 | val++; |
| 68 | val_len = php_url_decode(val, (p - val)); | 68 | val_len = php_url_decode(val, (p - val)); |
| 69 | val = estrndup(val, val_len); | 69 | val = estrndup(val, val_len); |
| 70 | if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) { | 70 | if (suhosin_input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) { |
| 71 | php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC); | 71 | if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) { |
| 72 | php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC); | ||
| 73 | } | ||
| 74 | } else { | ||
| 75 | SUHOSIN_G(abort_request)=1; | ||
| 72 | } | 76 | } |
| 73 | efree(val); | 77 | efree(val); |
| 74 | } | 78 | } |
| @@ -126,7 +130,9 @@ static PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation) | |||
| 126 | */ | 130 | */ |
| 127 | static sapi_post_entry suhosin_post_entries[] = { | 131 | static sapi_post_entry suhosin_post_entries[] = { |
| 128 | { DEFAULT_POST_CONTENT_TYPE, sizeof(DEFAULT_POST_CONTENT_TYPE)-1, sapi_read_standard_form_data, suhosin_std_post_handler }, | 132 | { DEFAULT_POST_CONTENT_TYPE, sizeof(DEFAULT_POST_CONTENT_TYPE)-1, sapi_read_standard_form_data, suhosin_std_post_handler }, |
| 133 | #if PHP_VERSION_ID < 50400 | ||
| 129 | { MULTIPART_CONTENT_TYPE, sizeof(MULTIPART_CONTENT_TYPE)-1, NULL, suhosin_rfc1867_post_handler }, | 134 | { MULTIPART_CONTENT_TYPE, sizeof(MULTIPART_CONTENT_TYPE)-1, NULL, suhosin_rfc1867_post_handler }, |
| 135 | #endif | ||
| 130 | { NULL, 0, NULL, NULL } | 136 | { NULL, 0, NULL, NULL } |
| 131 | }; | 137 | }; |
| 132 | /* }}} */ | 138 | /* }}} */ |
| @@ -141,6 +147,8 @@ void suhosin_hook_post_handlers(TSRMLS_D) | |||
| 141 | #if PHP_VERSION_ID >= 50400 | 147 | #if PHP_VERSION_ID >= 50400 |
| 142 | /* the RFC1867 code is now good enough in PHP to handle our filter just as a registered callback */ | 148 | /* the RFC1867 code is now good enough in PHP to handle our filter just as a registered callback */ |
| 143 | php_rfc1867_callback = suhosin_rfc1867_filter; | 149 | php_rfc1867_callback = suhosin_rfc1867_filter; |
| 150 | sapi_unregister_post_entry(&suhosin_post_entries[0] TSRMLS_CC); | ||
| 151 | sapi_register_post_entries(suhosin_post_entries TSRMLS_CC); | ||
| 144 | #else | 152 | #else |
| 145 | #if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION > 0) | 153 | #if PHP_MAJOR_VERSION > 5 || (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION > 0) |
| 146 | sapi_unregister_post_entry(&suhosin_post_entries[0] TSRMLS_CC); | 154 | sapi_unregister_post_entry(&suhosin_post_entries[0] TSRMLS_CC); |