summaryrefslogtreecommitdiff
path: root/ufilter.c
diff options
context:
space:
mode:
authorBen Fuhrmannek2014-07-17 13:40:39 +0200
committerBen Fuhrmannek2014-07-17 13:40:39 +0200
commit5193b37822269c19a58b86c8a6e1f8e90bd818e6 (patch)
tree6ea516daefa0b5128823eae043a64b37c51e4e80 /ufilter.c
parentace8fdae3788ca4381a17a14bc4d5acd0cd98709 (diff)
removed redundant implementations of protected varname check
Diffstat (limited to 'ufilter.c')
-rw-r--r--ufilter.c52
1 files changed, 2 insertions, 50 deletions
diff --git a/ufilter.c b/ufilter.c
index 6d9669f..6775ec1 100644
--- a/ufilter.c
+++ b/ufilter.c
@@ -30,60 +30,13 @@
30#include "php_suhosin.h" 30#include "php_suhosin.h"
31#include "php_variables.h" 31#include "php_variables.h"
32#include "suhosin_rfc1867.h" 32#include "suhosin_rfc1867.h"
33#include "ext/standard/php_var.h"
33 34
34PHP_SUHOSIN_API int (*old_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; 35PHP_SUHOSIN_API int (*old_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL;
35#if !HAVE_RFC1867_CALLBACK 36#if !HAVE_RFC1867_CALLBACK
36PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; 37PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL;
37#endif 38#endif
38 39
39static int is_protected_varname(char *var, int var_len)
40{
41 switch (var_len) {
42 case 18:
43 if (memcmp(var, "HTTP_RAW_POST_DATA", 18)==0) goto protected_varname2;
44 break;
45 case 17:
46 if (memcmp(var, "HTTP_SESSION_VARS", 17)==0) goto protected_varname2;
47 break;
48 case 16:
49 if (memcmp(var, "HTTP_SERVER_VARS", 16)==0) goto protected_varname2;
50 if (memcmp(var, "HTTP_COOKIE_VARS", 16)==0) goto protected_varname2;
51 break;
52 case 15:
53 if (memcmp(var, "HTTP_POST_FILES", 15)==0) goto protected_varname2;
54 break;
55 case 14:
56 if (memcmp(var, "HTTP_POST_VARS", 14)==0) goto protected_varname2;
57 break;
58 case 13:
59 if (memcmp(var, "HTTP_GET_VARS", 13)==0) goto protected_varname2;
60 if (memcmp(var, "HTTP_ENV_VARS", 13)==0) goto protected_varname2;
61 break;
62 case 8:
63 if (memcmp(var, "_SESSION", 8)==0) goto protected_varname2;
64 if (memcmp(var, "_REQUEST", 8)==0) goto protected_varname2;
65 break;
66 case 7:
67 if (memcmp(var, "GLOBALS", 7)==0) goto protected_varname2;
68 if (memcmp(var, "_COOKIE", 7)==0) goto protected_varname2;
69 if (memcmp(var, "_SERVER", 7)==0) goto protected_varname2;
70 break;
71 case 6:
72 if (memcmp(var, "_FILES", 6)==0) goto protected_varname2;
73 break;
74 case 5:
75 if (memcmp(var, "_POST", 5)==0) goto protected_varname2;
76 break;
77 case 4:
78 if (memcmp(var, "_ENV", 4)==0) goto protected_varname2;
79 if (memcmp(var, "_GET", 4)==0) goto protected_varname2;
80 break;
81 }
82
83 return 0;
84protected_varname2:
85 return 1;
86}
87 40
88/* {{{ SAPI_UPLOAD_VARNAME_FILTER_FUNC 41/* {{{ SAPI_UPLOAD_VARNAME_FILTER_FUNC
89 */ 42 */
@@ -180,8 +133,7 @@ static int check_fileupload_varname(char *varname)
180 133
181 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */ 134 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */
182 /* This is to protect several silly scripts that do globalizing themself */ 135 /* This is to protect several silly scripts that do globalizing themself */
183 136 if (php_varname_check(var, var_len, 0 TSRMLS_CC) == FAILURE) {
184 if (is_protected_varname(var, var_len)) {
185 suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var); 137 suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var);
186 if (!SUHOSIN_G(simulation)) { 138 if (!SUHOSIN_G(simulation)) {
187 goto return_failure; 139 goto return_failure;