summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--execute.c117
-rw-r--r--log.c19
-rw-r--r--php_suhosin.h1
3 files changed, 112 insertions, 25 deletions
diff --git a/execute.c b/execute.c
index 23da839..5371d00 100644
--- a/execute.c
+++ b/execute.c
@@ -38,6 +38,10 @@
38 38
39#include "sha256.h" 39#include "sha256.h"
40 40
41#if PHP_VERSION_ID >= 50500
42static void (*old_execute_ex)(zend_execute_data *execute_data TSRMLS_DC);
43static void suhosin_execute_ex(zend_execute_data *execute_data TSRMLS_DC);
44#endif
41 45
42static void (*old_execute)(zend_op_array *op_array TSRMLS_DC); 46static void (*old_execute)(zend_op_array *op_array TSRMLS_DC);
43static void suhosin_execute(zend_op_array *op_array TSRMLS_DC); 47static void suhosin_execute(zend_op_array *op_array TSRMLS_DC);
@@ -48,8 +52,13 @@ static void *(*zo_set_oe_ex)(void *ptr) = NULL;
48/*STATIC zend_op_array* (*old_compile_file)(zend_file_handle* file_handle, int type TSRMLS_DC); 52/*STATIC zend_op_array* (*old_compile_file)(zend_file_handle* file_handle, int type TSRMLS_DC);
49 STATIC zend_op_array* suhosin_compile_file(zend_file_handle*, int TSRMLS_DC);*/ 53 STATIC zend_op_array* suhosin_compile_file(zend_file_handle*, int TSRMLS_DC);*/
50 54
55#if PHP_VERSION_ID >= 50500
56static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC);
57static void (*old_execute_internal)(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC);
58#else
51static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC); 59static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC);
52static void (*old_execute_internal)(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC); 60static void (*old_execute_internal)(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC);
61#endif
53 62
54extern zend_extension suhosin_zend_extension_entry; 63extern zend_extension suhosin_zend_extension_entry;
55 64
@@ -355,8 +364,14 @@ static int suhosin_detect_codetype(zend_op_array *op_array TSRMLS_DC)
355 364
356/* {{{ void suhosin_execute_ex(zend_op_array *op_array TSRMLS_DC) 365/* {{{ void suhosin_execute_ex(zend_op_array *op_array TSRMLS_DC)
357 * This function provides a hook for execution */ 366 * This function provides a hook for execution */
367#if PHP_VERSION_ID > 50500
368static void suhosin_execute_ex(zend_execute_data *execute_data TSRMLS_DC)
369{
370 zend_op_array *op_array = execute_data->op_array;
371#else
358static void suhosin_execute_ex(zend_op_array *op_array, int zo, long dummy TSRMLS_DC) 372static void suhosin_execute_ex(zend_op_array *op_array, int zo, long dummy TSRMLS_DC)
359{ 373{
374#endif
360 zend_op_array *new_op_array; 375 zend_op_array *new_op_array;
361 int op_array_type, len; 376 int op_array_type, len;
362 char *fn; 377 char *fn;
@@ -462,7 +477,7 @@ static void suhosin_execute_ex(zend_op_array *op_array, int zo, long dummy TSRML
462 SUHOSIN_G(execution_depth)++; 477 SUHOSIN_G(execution_depth)++;
463 478
464 if (SUHOSIN_G(max_execution_depth) && SUHOSIN_G(execution_depth) > SUHOSIN_G(max_execution_depth)) { 479 if (SUHOSIN_G(max_execution_depth) && SUHOSIN_G(execution_depth) > SUHOSIN_G(max_execution_depth)) {
465 suhosin_log(S_EXECUTOR, "maximum execution depth reached - script terminated"); 480 suhosin_log(S_EXECUTOR|S_GETCALLER, "maximum execution depth reached - script terminated");
466 suhosin_bailout(TSRMLS_C); 481 suhosin_bailout(TSRMLS_C);
467 } 482 }
468 483
@@ -509,7 +524,7 @@ not_evaled_code:
509 switch (op_array_type) { 524 switch (op_array_type) {
510 case SUHOSIN_CODE_TYPE_EVAL: 525 case SUHOSIN_CODE_TYPE_EVAL:
511 if (SUHOSIN_G(executor_disable_eval)) { 526 if (SUHOSIN_G(executor_disable_eval)) {
512 suhosin_log(S_EXECUTOR, "use of eval is forbidden by configuration"); 527 suhosin_log(S_EXECUTOR|S_GETCALLER, "use of eval is forbidden by configuration");
513 if (!SUHOSIN_G(simulation)) { 528 if (!SUHOSIN_G(simulation)) {
514 zend_error(E_ERROR, "SUHOSIN - Use of eval is forbidden by configuration"); 529 zend_error(E_ERROR, "SUHOSIN - Use of eval is forbidden by configuration");
515 } 530 }
@@ -518,7 +533,7 @@ not_evaled_code:
518 533
519 case SUHOSIN_CODE_TYPE_REGEXP: 534 case SUHOSIN_CODE_TYPE_REGEXP:
520 if (SUHOSIN_G(executor_disable_emod)) { 535 if (SUHOSIN_G(executor_disable_emod)) {
521 suhosin_log(S_EXECUTOR, "use of preg_replace() with /e modifier is forbidden by configuration"); 536 suhosin_log(S_EXECUTOR|S_GETCALLER, "use of preg_replace() with /e modifier is forbidden by configuration");
522 if (!SUHOSIN_G(simulation)) { 537 if (!SUHOSIN_G(simulation)) {
523 zend_error(E_ERROR, "SUHOSIN - Use of preg_replace() with /e modifier is forbidden by configuration"); 538 zend_error(E_ERROR, "SUHOSIN - Use of preg_replace() with /e modifier is forbidden by configuration");
524 } 539 }
@@ -532,37 +547,37 @@ not_evaled_code:
532 break; 547 break;
533 548
534 case SUHOSIN_CODE_TYPE_LONGNAME: 549 case SUHOSIN_CODE_TYPE_LONGNAME:
535 suhosin_log(S_INCLUDE, "Include filename ('%s') is too long", op_array->filename); 550 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename ('%s') is too long", op_array->filename);
536 suhosin_bailout(TSRMLS_C); 551 suhosin_bailout(TSRMLS_C);
537 break; 552 break;
538 553
539 case SUHOSIN_CODE_TYPE_MANYDOTS: 554 case SUHOSIN_CODE_TYPE_MANYDOTS:
540 suhosin_log(S_INCLUDE, "Include filename ('%s') contains too many '../'", op_array->filename); 555 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename ('%s') contains too many '../'", op_array->filename);
541 suhosin_bailout(TSRMLS_C); 556 suhosin_bailout(TSRMLS_C);
542 break; 557 break;
543 558
544 case SUHOSIN_CODE_TYPE_UPLOADED: 559 case SUHOSIN_CODE_TYPE_UPLOADED:
545 suhosin_log(S_INCLUDE, "Include filename is an uploaded file"); 560 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is an uploaded file");
546 suhosin_bailout(TSRMLS_C); 561 suhosin_bailout(TSRMLS_C);
547 break; 562 break;
548 563
549 case SUHOSIN_CODE_TYPE_0FILE: 564 case SUHOSIN_CODE_TYPE_0FILE:
550 suhosin_log(S_INCLUDE, "Include filename contains an ASCIIZ character"); 565 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename contains an ASCIIZ character");
551 suhosin_bailout(TSRMLS_C); 566 suhosin_bailout(TSRMLS_C);
552 break; 567 break;
553 568
554 case SUHOSIN_CODE_TYPE_WRITABLE: 569 case SUHOSIN_CODE_TYPE_WRITABLE:
555 suhosin_log(S_INCLUDE, "Include filename ('%s') is writable by PHP process", op_array->filename); 570 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename ('%s') is writable by PHP process", op_array->filename);
556 suhosin_bailout(TSRMLS_C); 571 suhosin_bailout(TSRMLS_C);
557 break; 572 break;
558 573
559 case SUHOSIN_CODE_TYPE_BLACKURL: 574 case SUHOSIN_CODE_TYPE_BLACKURL:
560 suhosin_log(S_INCLUDE, "Include filename ('%s') is an URL that is forbidden by the blacklist", op_array->filename); 575 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename ('%s') is an URL that is forbidden by the blacklist", op_array->filename);
561 suhosin_bailout(TSRMLS_C); 576 suhosin_bailout(TSRMLS_C);
562 break; 577 break;
563 578
564 case SUHOSIN_CODE_TYPE_BADURL: 579 case SUHOSIN_CODE_TYPE_BADURL:
565 suhosin_log(S_INCLUDE, "Include filename ('%s') is an URL that is not allowed", op_array->filename); 580 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename ('%s') is an URL that is not allowed", op_array->filename);
566 suhosin_bailout(TSRMLS_C); 581 suhosin_bailout(TSRMLS_C);
567 break; 582 break;
568 583
@@ -588,17 +603,22 @@ not_evaled_code:
588 } 603 }
589 604
590continue_execution: 605continue_execution:
606#if PHP_VERSION_ID >= 50500
607 old_execute_ex (execute_data TSRMLS_CC);
608#else
591 if (zo) { 609 if (zo) {
592 old_execute_ZO (op_array, dummy TSRMLS_CC); 610 old_execute_ZO (op_array, dummy TSRMLS_CC);
593 } else { 611 } else {
594 old_execute (op_array TSRMLS_CC); 612 old_execute (op_array TSRMLS_CC);
595 } 613 }
614#endif
596 /* nothing to do */ 615 /* nothing to do */
597 SUHOSIN_G(in_code_type) = orig_code_type; 616 SUHOSIN_G(in_code_type) = orig_code_type;
598 SUHOSIN_G(execution_depth)--; 617 SUHOSIN_G(execution_depth)--;
599} 618}
600/* }}} */ 619/* }}} */
601 620
621#if PHP_VERSION_ID < 50500
602/* {{{ void suhosin_execute(zend_op_array *op_array TSRMLS_DC) 622/* {{{ void suhosin_execute(zend_op_array *op_array TSRMLS_DC)
603 * This function provides a hook for execution */ 623 * This function provides a hook for execution */
604static void suhosin_execute(zend_op_array *op_array TSRMLS_DC) 624static void suhosin_execute(zend_op_array *op_array TSRMLS_DC)
@@ -613,11 +633,17 @@ static void suhosin_execute_ZO(zend_op_array *op_array, long dummy TSRMLS_DC)
613 suhosin_execute_ex(op_array, 1, dummy TSRMLS_CC); 633 suhosin_execute_ex(op_array, 1, dummy TSRMLS_CC);
614} 634}
615/* }}} */ 635/* }}} */
636#endif
616 637
617 638#if PHP_VERSION_ID >= 50500
639#define IH_HANDLER_PARAMS_REST int ht, zval *return_value, zval **return_value_ptr, zval *this_ptr, int return_value_used TSRMLS_DC
640#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST
641#define IH_HANDLER_PARAM_PASSTHRU ih, ht, return_value, return_value_ptr, this_ptr, return_value_used TSRMLS_CC
642#else
618#define IH_HANDLER_PARAMS_REST zend_execute_data *execute_data_ptr, int return_value_used, int ht, zval *return_value TSRMLS_DC 643#define IH_HANDLER_PARAMS_REST zend_execute_data *execute_data_ptr, int return_value_used, int ht, zval *return_value TSRMLS_DC
619#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST 644#define IH_HANDLER_PARAMS internal_function_handler *ih, IH_HANDLER_PARAMS_REST
620#define IH_HANDLER_PARAM_PASSTHRU ih, execute_data_ptr, return_value_used, ht, return_value TSRMLS_CC 645#define IH_HANDLER_PARAM_PASSTHRU ih, execute_data_ptr, return_value_used, ht, return_value TSRMLS_CC
646#endif
621 647
622HashTable ihandler_table; 648HashTable ihandler_table;
623 649
@@ -1541,13 +1567,38 @@ internal_function_handler ihandlers[] = {
1541 1567
1542/* {{{ void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC) 1568/* {{{ void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC)
1543 * This function provides a hook for internal execution */ 1569 * This function provides a hook for internal execution */
1570#if PHP_VERSION_ID >= 50500
1571#define EX_T(offset) (*EX_TMP_VAR(execute_data_ptr, offset))
1572
1573static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, zend_fcall_info *fci, int return_value_used TSRMLS_DC)
1574{
1575 zval *return_value;
1576 zval **return_value_ptr;
1577 zval *this_ptr;
1578 int ht;
1579
1580 if (fci) {
1581 return_value = *fci->retval_ptr_ptr;
1582 return_value_ptr = fci->retval_ptr_ptr;
1583 this_ptr = fci->object_ptr;
1584 ht = fci->param_count;
1585 } else {
1586 temp_variable *ret = &EX_T(execute_data_ptr->opline->result.var);
1587 zend_function *fbc = execute_data_ptr->function_state.function;
1588 return_value = ret->var.ptr;
1589 return_value_ptr = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) ? &ret->var.ptr : NULL;
1590 this_ptr = execute_data_ptr->object;
1591 ht = execute_data_ptr->opline->extended_value;
1592 }
1593#else
1544static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC) 1594static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int return_value_used TSRMLS_DC)
1545{ 1595{
1596 zval *return_value;
1597 int ht = execute_data_ptr->opline->extended_value;
1598#endif
1546 char *lcname; 1599 char *lcname;
1547 int function_name_strlen, free_lcname = 0; 1600 int function_name_strlen, free_lcname = 0;
1548 zval *return_value;
1549 zend_class_entry *ce = NULL; 1601 zend_class_entry *ce = NULL;
1550 int ht;
1551 internal_function_handler *ih; 1602 internal_function_handler *ih;
1552 1603
1553#ifdef ZEND_ENGINE_2 1604#ifdef ZEND_ENGINE_2
@@ -1568,7 +1619,8 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1568 lcname[function_name_strlen] = 0; 1619 lcname[function_name_strlen] = 0;
1569 zend_str_tolower(lcname, function_name_strlen); 1620 zend_str_tolower(lcname, function_name_strlen);
1570 } 1621 }
1571 1622
1623#if PHP_VERSION_ID < 50500
1572#ifdef ZEND_ENGINE_2 1624#ifdef ZEND_ENGINE_2
1573# if PHP_VERSION_ID < 50400 1625# if PHP_VERSION_ID < 50400
1574 return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.u.var)).var.ptr; 1626 return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.u.var)).var.ptr;
@@ -1578,7 +1630,7 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1578#else 1630#else
1579 return_value = execute_data_ptr->Ts[execute_data_ptr->opline->result.u.var].var.ptr; 1631 return_value = execute_data_ptr->Ts[execute_data_ptr->opline->result.u.var].var.ptr;
1580#endif 1632#endif
1581 ht = execute_data_ptr->opline->extended_value; 1633#endif
1582 1634
1583 SDEBUG("function: %s", lcname); 1635 SDEBUG("function: %s", lcname);
1584 1636
@@ -1586,7 +1638,7 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1586 1638
1587 if (SUHOSIN_G(eval_whitelist) != NULL) { 1639 if (SUHOSIN_G(eval_whitelist) != NULL) {
1588 if (!zend_hash_exists(SUHOSIN_G(eval_whitelist), lcname, function_name_strlen+1)) { 1640 if (!zend_hash_exists(SUHOSIN_G(eval_whitelist), lcname, function_name_strlen+1)) {
1589 suhosin_log(S_EXECUTOR, "function outside of eval whitelist called: %s()", lcname); 1641 suhosin_log(S_EXECUTOR|S_GETCALLER, "function outside of eval whitelist called: %s()", lcname);
1590 if (!SUHOSIN_G(simulation)) { 1642 if (!SUHOSIN_G(simulation)) {
1591 goto execute_internal_bailout; 1643 goto execute_internal_bailout;
1592 } else { 1644 } else {
@@ -1595,7 +1647,7 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1595 } 1647 }
1596 } else if (SUHOSIN_G(eval_blacklist) != NULL) { 1648 } else if (SUHOSIN_G(eval_blacklist) != NULL) {
1597 if (zend_hash_exists(SUHOSIN_G(eval_blacklist), lcname, function_name_strlen+1)) { 1649 if (zend_hash_exists(SUHOSIN_G(eval_blacklist), lcname, function_name_strlen+1)) {
1598 suhosin_log(S_EXECUTOR, "function within eval blacklist called: %s()", lcname); 1650 suhosin_log(S_EXECUTOR|S_GETCALLER, "function within eval blacklist called: %s()", lcname);
1599 if (!SUHOSIN_G(simulation)) { 1651 if (!SUHOSIN_G(simulation)) {
1600 goto execute_internal_bailout; 1652 goto execute_internal_bailout;
1601 } else { 1653 } else {
@@ -1607,7 +1659,7 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1607 1659
1608 if (SUHOSIN_G(func_whitelist) != NULL) { 1660 if (SUHOSIN_G(func_whitelist) != NULL) {
1609 if (!zend_hash_exists(SUHOSIN_G(func_whitelist), lcname, function_name_strlen+1)) { 1661 if (!zend_hash_exists(SUHOSIN_G(func_whitelist), lcname, function_name_strlen+1)) {
1610 suhosin_log(S_EXECUTOR, "function outside of whitelist called: %s()", lcname); 1662 suhosin_log(S_EXECUTOR|S_GETCALLER, "function outside of whitelist called: %s()", lcname);
1611 if (!SUHOSIN_G(simulation)) { 1663 if (!SUHOSIN_G(simulation)) {
1612 goto execute_internal_bailout; 1664 goto execute_internal_bailout;
1613 } else { 1665 } else {
@@ -1616,7 +1668,7 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1616 } 1668 }
1617 } else if (SUHOSIN_G(func_blacklist) != NULL) { 1669 } else if (SUHOSIN_G(func_blacklist) != NULL) {
1618 if (zend_hash_exists(SUHOSIN_G(func_blacklist), lcname, function_name_strlen+1)) { 1670 if (zend_hash_exists(SUHOSIN_G(func_blacklist), lcname, function_name_strlen+1)) {
1619 suhosin_log(S_EXECUTOR, "function within blacklist called: %s()", lcname); 1671 suhosin_log(S_EXECUTOR|S_GETCALLER, "function within blacklist called: %s()", lcname);
1620 if (!SUHOSIN_G(simulation)) { 1672 if (!SUHOSIN_G(simulation)) {
1621 goto execute_internal_bailout; 1673 goto execute_internal_bailout;
1622 } else { 1674 } else {
@@ -1635,10 +1687,18 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
1635 } 1687 }
1636 1688
1637 if (retval == 0) { 1689 if (retval == 0) {
1690#if PHP_VERSION_ID >= 50500
1691 old_execute_internal(execute_data_ptr, fci, return_value_used TSRMLS_CC);
1692#else
1638 old_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC); 1693 old_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC);
1694#endif
1639 } 1695 }
1640 } else { 1696 } else {
1697#if PHP_VERSION_ID >= 50500
1698 old_execute_internal(execute_data_ptr, fci, return_value_used TSRMLS_CC);
1699#else
1641 old_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC); 1700 old_execute_internal(execute_data_ptr, return_value_used TSRMLS_CC);
1701#endif
1642 } 1702 }
1643 if (free_lcname == 1) { 1703 if (free_lcname == 1) {
1644 efree(lcname); 1704 efree(lcname);
@@ -1678,13 +1738,19 @@ static int function_lookup(zend_extension *extension)
1678void suhosin_hook_execute(TSRMLS_D) 1738void suhosin_hook_execute(TSRMLS_D)
1679{ 1739{
1680 internal_function_handler *ih; 1740 internal_function_handler *ih;
1681 1741
1742#if PHP_VERSION_ID >= 50500
1743 old_execute_ex = zend_execute_ex;
1744 zend_execute_ex = suhosin_execute_ex;
1745#else
1682 old_execute = zend_execute; 1746 old_execute = zend_execute;
1683 zend_execute = suhosin_execute; 1747 zend_execute = suhosin_execute;
1748#endif
1684 1749
1685/* old_compile_file = zend_compile_file; 1750/* old_compile_file = zend_compile_file;
1686 zend_compile_file = suhosin_compile_file; */ 1751 zend_compile_file = suhosin_compile_file; */
1687 1752
1753#if ZO_COMPATIBILITY_HACK_TEMPORARY_DISABLED
1688 if (zo_set_oe_ex == NULL) { 1754 if (zo_set_oe_ex == NULL) {
1689 zo_set_oe_ex = (void *)DL_FETCH_SYMBOL(NULL, "zend_optimizer_set_oe_ex"); 1755 zo_set_oe_ex = (void *)DL_FETCH_SYMBOL(NULL, "zend_optimizer_set_oe_ex");
1690 } 1756 }
@@ -1695,6 +1761,7 @@ void suhosin_hook_execute(TSRMLS_D)
1695 if (zo_set_oe_ex != NULL) { 1761 if (zo_set_oe_ex != NULL) {
1696 old_execute_ZO = zo_set_oe_ex(suhosin_execute_ZO); 1762 old_execute_ZO = zo_set_oe_ex(suhosin_execute_ZO);
1697 } 1763 }
1764#endif
1698 1765
1699 old_execute_internal = zend_execute_internal; 1766 old_execute_internal = zend_execute_internal;
1700 if (old_execute_internal == NULL) { 1767 if (old_execute_internal == NULL) {
@@ -1729,12 +1796,18 @@ void suhosin_hook_execute(TSRMLS_D)
1729 */ 1796 */
1730void suhosin_unhook_execute() 1797void suhosin_unhook_execute()
1731{ 1798{
1799#if ZO_COMPATIBILITY_HACK_TEMPORARY_DISABLED
1732 if (zo_set_oe_ex) { 1800 if (zo_set_oe_ex) {
1733 zo_set_oe_ex(old_execute_ZO); 1801 zo_set_oe_ex(old_execute_ZO);
1734 } 1802 }
1735 1803#endif
1804
1805#if PHP_VERSION_ID >= 50500
1806 zend_execute_ex = old_execute_ex;
1807#else
1736 zend_execute = old_execute; 1808 zend_execute = old_execute;
1737 1809#endif
1810
1738/* zend_compile_file = old_compile_file; */ 1811/* zend_compile_file = old_compile_file; */
1739 1812
1740 if (old_execute_internal == execute_internal) { 1813 if (old_execute_internal == execute_internal) {
diff --git a/log.c b/log.c
index 4df9a6a..ea81cae 100644
--- a/log.c
+++ b/log.c
@@ -94,6 +94,7 @@ PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...)
94{ 94{
95 int s, r, i=0, fd; 95 int s, r, i=0, fd;
96 long written, towrite; 96 long written, towrite;
97 int getcaller=0;
97 char *wbuf; 98 char *wbuf;
98 struct timeval tv; 99 struct timeval tv;
99 time_t now; 100 time_t now;
@@ -115,6 +116,12 @@ PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...)
115 va_list ap; 116 va_list ap;
116 TSRMLS_FETCH(); 117 TSRMLS_FETCH();
117 118
119#if PHP_VERSION_ID >= 50500
120 getcaller = (loglevel & S_GETCALLER) == S_GETCALLER;
121#endif
122 /* remove the S_GETCALLER flag */
123 loglevel = loglevel & ~S_GETCALLER;
124
118 SDEBUG("(suhosin_log) loglevel: %d log_syslog: %u - log_sapi: %u - log_script: %u", loglevel, SUHOSIN_G(log_syslog), SUHOSIN_G(log_sapi), SUHOSIN_G(log_script)); 125 SDEBUG("(suhosin_log) loglevel: %d log_syslog: %u - log_sapi: %u - log_script: %u", loglevel, SUHOSIN_G(log_syslog), SUHOSIN_G(log_sapi), SUHOSIN_G(log_script));
119 126
120 /* dump core if wanted */ 127 /* dump core if wanted */
@@ -151,9 +158,15 @@ PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...)
151 } 158 }
152 159
153 if (zend_is_executing(TSRMLS_C)) { 160 if (zend_is_executing(TSRMLS_C)) {
154 if (EG(current_execute_data)) { 161 zend_execute_data *exdata = EG(current_execute_data);
155 lineno = EG(current_execute_data)->opline->lineno; 162 if (exdata) {
156 fname = EG(current_execute_data)->op_array->filename; 163 if (getcaller && exdata->prev_execute_data) {
164 lineno = exdata->prev_execute_data->opline->lineno;
165 fname = exdata->prev_execute_data->op_array->filename;
166 } else {
167 lineno = exdata->opline->lineno;
168 fname = exdata->op_array->filename;
169 }
157 } else { 170 } else {
158 lineno = zend_get_executed_lineno(TSRMLS_C); 171 lineno = zend_get_executed_lineno(TSRMLS_C);
159 fname = zend_get_executed_filename(TSRMLS_C); 172 fname = zend_get_executed_filename(TSRMLS_C);
diff --git a/php_suhosin.h b/php_suhosin.h
index 7f3349c..90c588a 100644
--- a/php_suhosin.h
+++ b/php_suhosin.h
@@ -285,6 +285,7 @@ ZEND_END_MODULE_GLOBALS(suhosin)
285#define S_MAIL (1<<7L) 285#define S_MAIL (1<<7L)
286#define S_SESSION (1<<8L) 286#define S_SESSION (1<<8L)
287#define S_INTERNAL (1<<29L) 287#define S_INTERNAL (1<<29L)
288#define S_GETCALLER (1<<30L)
288#define S_ALL (S_MEMORY | S_VARS | S_INCLUDE | S_FILES | S_MAIL | S_SESSION | S_MISC | S_SQL | S_EXECUTOR) 289#define S_ALL (S_MEMORY | S_VARS | S_INCLUDE | S_FILES | S_MAIL | S_SESSION | S_MISC | S_SQL | S_EXECUTOR)
289#endif 290#endif
290 291