Add some PHP 5.6.0aplha2 compatibility

author: Stefan Esser 2014-02-17 21:34:51 +0100
committer: Stefan Esser 2014-02-17 21:34:51 +0100
commit: 08caa5ac0051445077989810786fc3a41f7e390e (patch)
tree: 87ee8f730ec5fde700c62216d998a840d46401cb /post_handler.c
parent: 8d6af664df1e6a05c3e8840f3366c24af44ea424 (diff)
1 files changed, 121 insertions, 1 deletions
diff --git a/post_handler.c b/post_handler.c
index 7c678f4..4794a6b 100644
--- a/post_handler.c
+++ b/post_handler.c
@@ -32,10 +32,13 @@
 #include "php_content_types.h"
 #include "suhosin_rfc1867.h"
 #include "ext/standard/url.h"
+#include "ext/standard/php_smart_str.h"
 SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler);
+#if PHP_VERSION_ID < 50600
 SAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)
 {
        char *var, *val, *e, *s, *p;
@@ -68,7 +71,7 @@ last_value:
                        val_len = php_url_decode(val, (p - val));
                        val = estrndup(val, val_len);
                        if (suhosin_input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
-                                if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+                                if (sapi_module.input_filter(PARSE_POST, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {
                                        php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
                                }
                        } else {
@@ -83,6 +86,123 @@ last_value:
                goto last_value;
        }
 }
+#else
+typedef struct post_var_data {
+        smart_str str;
+        char *ptr;
+        char *end;
+        uint64_t cnt;
+} post_var_data_t;
+static zend_bool add_post_var(zval *arr, post_var_data_t *var, zend_bool eof TSRMLS_DC)
+{
+        char *ksep, *vsep;
+        size_t klen, vlen;
+        /* FIXME: string-size_t */
+        unsigned int new_vlen;
+        if (var->ptr >= var->end) {
+                return 0;
+        }
+        vsep = memchr(var->ptr, '&', var->end - var->ptr);
+        if (!vsep) {
+                if (!eof) {
+                        return 0;
+                } else {
+                        vsep = var->end;
+                }
+        }
+        ksep = memchr(var->ptr, '=', vsep - var->ptr);
+        if (ksep) {
+                *ksep = '\0';
+                /* "foo=bar&" or "foo=&" */
+                klen = ksep - var->ptr;
+                vlen = vsep - ++ksep;
+        } else {
+                ksep = "";
+                /* "foo&" */
+                klen = vsep - var->ptr;
+                vlen = 0;
+        }
+        php_url_decode(var->ptr, klen);
+        if (vlen) {
+                vlen = php_url_decode(ksep, vlen);
+        }
+        if (suhosin_input_filter(PARSE_POST, var->ptr, &ksep, vlen, &new_vlen TSRMLS_CC)) {
+                if (sapi_module.input_filter(PARSE_POST, var->ptr, &ksep, new_vlen, &new_vlen TSRMLS_CC)) {
+                        php_register_variable_safe(var->ptr, ksep, new_vlen, arr TSRMLS_CC);
+                }
+        } else {
+                SUHOSIN_G(abort_request)=1;
+        }
+        var->ptr = vsep + (vsep != var->end);
+        return 1;
+}
+static inline int add_post_vars(zval *arr, post_var_data_t *vars, zend_bool eof TSRMLS_DC)
+{
+        uint64_t max_vars = PG(max_input_vars);
+        vars->ptr = vars->str.c;
+        vars->end = vars->str.c + vars->str.len;
+        while (add_post_var(arr, vars, eof TSRMLS_CC)) {
+                if (++vars->cnt > max_vars) {
+                        php_error_docref(NULL TSRMLS_CC, E_WARNING,
+                                        "Input variables exceeded %" PRIu64 ". "
+                                        "To increase the limit change max_input_vars in php.ini.",
+                                        max_vars);
+                        return FAILURE;
+                }
+        }
+        if (!eof) {
+                memmove(vars->str.c, vars->ptr, vars->str.len = vars->end - vars->ptr);
+        }
+        return SUCCESS;
+}
+SAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)
+{
+        zval *arr = (zval *) arg;
+        php_stream *s = SG(request_info).request_body;
+        post_var_data_t post_data;
+        if (s && SUCCESS == php_stream_rewind(s)) {
+                memset(&post_data, 0, sizeof(post_data));
+                while (!php_stream_eof(s)) {
+                        char buf[BUFSIZ] = {0};
+                        size_t len = php_stream_read(s, buf, BUFSIZ);
+                        if (len && len != (size_t) -1) {
+                                smart_str_appendl(&post_data.str, buf, len);
+                                if (SUCCESS != add_post_vars(arr, &post_data, 0 TSRMLS_CC)) {
+                                        if (post_data.str.c) {
+                                                efree(post_data.str.c);
+                                        }
+                                        return;
+                                }
+                        }
+                        if (len != BUFSIZ){
+                                break;
+                        }
+                }
+                add_post_vars(arr, &post_data, 1 TSRMLS_CC);
+                if (post_data.str.c) {
+                        efree(post_data.str.c);
+                }
+        }
+}
+#endif
 static void suhosin_post_handler_modification(sapi_post_entry *spe)
 {
author	Stefan Esser	2014-02-17 21:34:51 +0100
committer	Stefan Esser	2014-02-17 21:34:51 +0100
commit	08caa5ac0051445077989810786fc3a41f7e390e (patch)
tree	87ee8f730ec5fde700c62216d998a840d46401cb /post_handler.c
parent	8d6af664df1e6a05c3e8840f3366c24af44ea424 (diff)

diff --git a/post_handler.c b/post_handler.c index 7c678f4..4794a6b 100644 --- a/post_handler.c +++ b/post_handler.c
@@ -32,10 +32,13 @@
32	#include "php_content_types.h"	32	#include "php_content_types.h"
33	#include "suhosin_rfc1867.h"	33	#include "suhosin_rfc1867.h"
34	#include "ext/standard/url.h"	34	#include "ext/standard/url.h"
		35	#include "ext/standard/php_smart_str.h"
		36
35		37
36	SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler);	38	SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler);
37		39
38		40
		41	#if PHP_VERSION_ID < 50600
39	SAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)	42	SAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)
40	{	43	{
41	char var, val, e, s, *p;	44	char var, val, e, s, *p;
@@ -68,7 +71,7 @@ last_value:
68	val_len = php_url_decode(val, (p - val));	71	val_len = php_url_decode(val, (p - val));
69	val = estrndup(val, val_len);	72	val = estrndup(val, val_len);
70	if (suhosin_input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {	73	if (suhosin_input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {
71	if (sapi_module.input_filter(PARSE_POST, var, &val, val_len, &new_val_len TSRMLS_CC)) {	74	if (sapi_module.input_filter(PARSE_POST, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {
72	php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);	75	php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
73	}	76	}
74	} else {	77	} else {
@@ -83,6 +86,123 @@ last_value:
83	goto last_value;	86	goto last_value;
84	}	87	}
85	}	88	}
		89	#else
		90	typedef struct post_var_data {
		91	smart_str str;
		92	char *ptr;
		93	char *end;
		94	uint64_t cnt;
		95	} post_var_data_t;
		96
		97	static zend_bool add_post_var(zval arr, post_var_data_t var, zend_bool eof TSRMLS_DC)
		98	{
		99	char ksep, vsep;
		100	size_t klen, vlen;
		101	/* FIXME: string-size_t */
		102	unsigned int new_vlen;
		103
		104	if (var->ptr >= var->end) {
		105	return 0;
		106	}
		107
		108	vsep = memchr(var->ptr, '&', var->end - var->ptr);
		109	if (!vsep) {
		110	if (!eof) {
		111	return 0;
		112	} else {
		113	vsep = var->end;
		114	}
		115	}
		116
		117	ksep = memchr(var->ptr, '=', vsep - var->ptr);
		118	if (ksep) {
		119	*ksep = '\0';
		120	/* "foo=bar&" or "foo=&" */
		121	klen = ksep - var->ptr;
		122	vlen = vsep - ++ksep;
		123	} else {
		124	ksep = "";
		125	/* "foo&" */
		126	klen = vsep - var->ptr;
		127	vlen = 0;
		128	}
		129
		130
		131	php_url_decode(var->ptr, klen);
		132	if (vlen) {
		133	vlen = php_url_decode(ksep, vlen);
		134	}
		135
		136	if (suhosin_input_filter(PARSE_POST, var->ptr, &ksep, vlen, &new_vlen TSRMLS_CC)) {
		137	if (sapi_module.input_filter(PARSE_POST, var->ptr, &ksep, new_vlen, &new_vlen TSRMLS_CC)) {
		138	php_register_variable_safe(var->ptr, ksep, new_vlen, arr TSRMLS_CC);
		139	}
		140	} else {
		141	SUHOSIN_G(abort_request)=1;
		142	}
		143
		144	var->ptr = vsep + (vsep != var->end);
		145	return 1;
		146	}
		147
		148	static inline int add_post_vars(zval arr, post_var_data_t vars, zend_bool eof TSRMLS_DC)
		149	{
		150	uint64_t max_vars = PG(max_input_vars);
		151
		152	vars->ptr = vars->str.c;
		153	vars->end = vars->str.c + vars->str.len;
		154	while (add_post_var(arr, vars, eof TSRMLS_CC)) {
		155	if (++vars->cnt > max_vars) {
		156	php_error_docref(NULL TSRMLS_CC, E_WARNING,
		157	"Input variables exceeded %" PRIu64 ". "
		158	"To increase the limit change max_input_vars in php.ini.",
		159	max_vars);
		160	return FAILURE;
		161	}
		162	}
		163
		164	if (!eof) {
		165	memmove(vars->str.c, vars->ptr, vars->str.len = vars->end - vars->ptr);
		166	}
		167	return SUCCESS;
		168	}
		169
		170	SAPI_POST_HANDLER_FUNC(suhosin_std_post_handler)
		171	{
		172	zval arr = (zval ) arg;
		173	php_stream *s = SG(request_info).request_body;
		174	post_var_data_t post_data;
		175
		176	if (s && SUCCESS == php_stream_rewind(s)) {
		177	memset(&post_data, 0, sizeof(post_data));
		178
		179	while (!php_stream_eof(s)) {
		180	char buf[BUFSIZ] = {0};
		181	size_t len = php_stream_read(s, buf, BUFSIZ);
		182
		183	if (len && len != (size_t) -1) {
		184	smart_str_appendl(&post_data.str, buf, len);
		185
		186	if (SUCCESS != add_post_vars(arr, &post_data, 0 TSRMLS_CC)) {
		187	if (post_data.str.c) {
		188	efree(post_data.str.c);
		189	}
		190	return;
		191	}
		192	}
		193
		194	if (len != BUFSIZ){
		195	break;
		196	}
		197	}
		198
		199	add_post_vars(arr, &post_data, 1 TSRMLS_CC);
		200	if (post_data.str.c) {
		201	efree(post_data.str.c);
		202	}
		203	}
		204	}
		205	#endif
86		206
87	static void suhosin_post_handler_modification(sapi_post_entry *spe)	207	static void suhosin_post_handler_modification(sapi_post_entry *spe)
88	{	208	{