summaryrefslogtreecommitdiff
path: root/ufilter.c
diff options
context:
space:
mode:
authorBen Fuhrmannek2014-08-19 16:53:08 +0200
committerBen Fuhrmannek2014-08-19 16:53:08 +0200
commit9d00bb4b438d5cb21ea8fc038892ddf8563a9c26 (patch)
tree4f82de0452b3fd3f15430dd613cf18a407cb7968 /ufilter.c
parent4dfbd136ed93c916909ad9c701a8be9226298d9e (diff)
parentb074d630123a28cbca3babc756cbec6dede996f7 (diff)
Merge branch 'cleanup'
Diffstat (limited to 'ufilter.c')
-rw-r--r--ufilter.c52
1 files changed, 2 insertions, 50 deletions
diff --git a/ufilter.c b/ufilter.c
index 5b5aed7..1669e88 100644
--- a/ufilter.c
+++ b/ufilter.c
@@ -30,60 +30,13 @@
30#include "php_suhosin.h" 30#include "php_suhosin.h"
31#include "php_variables.h" 31#include "php_variables.h"
32#include "suhosin_rfc1867.h" 32#include "suhosin_rfc1867.h"
33#include "ext/standard/php_var.h"
33 34
34PHP_SUHOSIN_API int (*old_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; 35PHP_SUHOSIN_API int (*old_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL;
35#if !HAVE_RFC1867_CALLBACK 36#if !HAVE_RFC1867_CALLBACK
36PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL; 37PHP_SUHOSIN_API int (*php_rfc1867_callback)(unsigned int event, void *event_data, void **extra TSRMLS_DC) = NULL;
37#endif 38#endif
38 39
39static int is_protected_varname(char *var, int var_len)
40{
41 switch (var_len) {
42 case 18:
43 if (memcmp(var, "HTTP_RAW_POST_DATA", 18)==0) goto protected_varname2;
44 break;
45 case 17:
46 if (memcmp(var, "HTTP_SESSION_VARS", 17)==0) goto protected_varname2;
47 break;
48 case 16:
49 if (memcmp(var, "HTTP_SERVER_VARS", 16)==0) goto protected_varname2;
50 if (memcmp(var, "HTTP_COOKIE_VARS", 16)==0) goto protected_varname2;
51 break;
52 case 15:
53 if (memcmp(var, "HTTP_POST_FILES", 15)==0) goto protected_varname2;
54 break;
55 case 14:
56 if (memcmp(var, "HTTP_POST_VARS", 14)==0) goto protected_varname2;
57 break;
58 case 13:
59 if (memcmp(var, "HTTP_GET_VARS", 13)==0) goto protected_varname2;
60 if (memcmp(var, "HTTP_ENV_VARS", 13)==0) goto protected_varname2;
61 break;
62 case 8:
63 if (memcmp(var, "_SESSION", 8)==0) goto protected_varname2;
64 if (memcmp(var, "_REQUEST", 8)==0) goto protected_varname2;
65 break;
66 case 7:
67 if (memcmp(var, "GLOBALS", 7)==0) goto protected_varname2;
68 if (memcmp(var, "_COOKIE", 7)==0) goto protected_varname2;
69 if (memcmp(var, "_SERVER", 7)==0) goto protected_varname2;
70 break;
71 case 6:
72 if (memcmp(var, "_FILES", 6)==0) goto protected_varname2;
73 break;
74 case 5:
75 if (memcmp(var, "_POST", 5)==0) goto protected_varname2;
76 break;
77 case 4:
78 if (memcmp(var, "_ENV", 4)==0) goto protected_varname2;
79 if (memcmp(var, "_GET", 4)==0) goto protected_varname2;
80 break;
81 }
82
83 return 0;
84protected_varname2:
85 return 1;
86}
87 40
88/* {{{ SAPI_UPLOAD_VARNAME_FILTER_FUNC 41/* {{{ SAPI_UPLOAD_VARNAME_FILTER_FUNC
89 */ 42 */
@@ -180,8 +133,7 @@ static int check_fileupload_varname(char *varname)
180 133
181 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */ 134 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */
182 /* This is to protect several silly scripts that do globalizing themself */ 135 /* This is to protect several silly scripts that do globalizing themself */
183 136 if (php_varname_check(var, var_len, 1 TSRMLS_CC) == FAILURE || suhosin_is_protected_varname(var, var_len)) {
184 if (is_protected_varname(var, var_len)) {
185 suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var); 137 suhosin_log(S_FILES, "tried to register forbidden variable '%s' through FILE variables", var);
186 if (!SUHOSIN_G(simulation)) { 138 if (!SUHOSIN_G(simulation)) {
187 goto return_failure; 139 goto return_failure;