summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--execute.c9
-rw-r--r--ifilter.c4
-rw-r--r--php_suhosin.h4
-rw-r--r--suhosin.c4
4 files changed, 21 insertions, 0 deletions
diff --git a/execute.c b/execute.c
index 1ec38cd..a521c4a 100644
--- a/execute.c
+++ b/execute.c
@@ -364,6 +364,15 @@ static void suhosin_execute_ex(zend_op_array *op_array, int zo, long dummy TSRML
364 zend_uint orig_code_type; 364 zend_uint orig_code_type;
365 unsigned long *suhosin_flags = NULL; 365 unsigned long *suhosin_flags = NULL;
366 366
367 /* log variable dropping statistics */
368 if (SUHOSIN_G(att_request_variables)-SUHOSIN_G(cur_request_variables) > 0) {
369 suhosin_log(S_VARS, "dropped %u request variables - (%u in GET, %u in POST, %u in COOKIE)",
370 SUHOSIN_G(att_request_variables)-SUHOSIN_G(cur_request_variables),
371 SUHOSIN_G(att_get_vars)-SUHOSIN_G(cur_get_vars),
372 SUHOSIN_G(att_post_vars)-SUHOSIN_G(cur_post_vars),
373 SUHOSIN_G(att_cookie_vars)-SUHOSIN_G(cur_cookie_vars));
374 }
375
367 if (SUHOSIN_G(abort_request) && !SUHOSIN_G(simulation) && SUHOSIN_G(filter_action)) { 376 if (SUHOSIN_G(abort_request) && !SUHOSIN_G(simulation) && SUHOSIN_G(filter_action)) {
368 377
369 char *action = SUHOSIN_G(filter_action); 378 char *action = SUHOSIN_G(filter_action);
diff --git a/ifilter.c b/ifilter.c
index c23b304..85ad1ed 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -326,16 +326,19 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
326 /* Drop this variable if the limit was reached */ 326 /* Drop this variable if the limit was reached */
327 switch (arg) { 327 switch (arg) {
328 case PARSE_GET: 328 case PARSE_GET:
329 SUHOSIN_G(att_get_vars)++;
329 if (SUHOSIN_G(no_more_get_variables)) { 330 if (SUHOSIN_G(no_more_get_variables)) {
330 return 0; 331 return 0;
331 } 332 }
332 break; 333 break;
333 case PARSE_POST: 334 case PARSE_POST:
335 SUHOSIN_G(att_post_vars)++;
334 if (SUHOSIN_G(no_more_post_variables)) { 336 if (SUHOSIN_G(no_more_post_variables)) {
335 return 0; 337 return 0;
336 } 338 }
337 break; 339 break;
338 case PARSE_COOKIE: 340 case PARSE_COOKIE:
341 SUHOSIN_G(att_cookie_vars)++;
339 if (SUHOSIN_G(no_more_cookie_variables)) { 342 if (SUHOSIN_G(no_more_cookie_variables)) {
340 return 0; 343 return 0;
341 } 344 }
@@ -346,6 +349,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
346 } 349 }
347 return 1; 350 return 1;
348 } 351 }
352 SUHOSIN_G(att_request_variables)++;
349 353
350 /* Drop this variable if the limit is now reached */ 354 /* Drop this variable if the limit is now reached */
351 switch (arg) { 355 switch (arg) {
diff --git a/php_suhosin.h b/php_suhosin.h
index c3491d0..e689b9c 100644
--- a/php_suhosin.h
+++ b/php_suhosin.h
@@ -102,6 +102,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin)
102/* request variables */ 102/* request variables */
103 long max_request_variables; 103 long max_request_variables;
104 long cur_request_variables; 104 long cur_request_variables;
105 long att_request_variables;
105 long max_varname_length; 106 long max_varname_length;
106 long max_totalname_length; 107 long max_totalname_length;
107 long max_value_length; 108 long max_value_length;
@@ -112,6 +113,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin)
112/* cookie variables */ 113/* cookie variables */
113 long max_cookie_vars; 114 long max_cookie_vars;
114 long cur_cookie_vars; 115 long cur_cookie_vars;
116 long att_cookie_vars;
115 long max_cookie_name_length; 117 long max_cookie_name_length;
116 long max_cookie_totalname_length; 118 long max_cookie_totalname_length;
117 long max_cookie_value_length; 119 long max_cookie_value_length;
@@ -122,6 +124,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin)
122/* get variables */ 124/* get variables */
123 long max_get_vars; 125 long max_get_vars;
124 long cur_get_vars; 126 long cur_get_vars;
127 long att_get_vars;
125 long max_get_name_length; 128 long max_get_name_length;
126 long max_get_totalname_length; 129 long max_get_totalname_length;
127 long max_get_value_length; 130 long max_get_value_length;
@@ -132,6 +135,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin)
132/* post variables */ 135/* post variables */
133 long max_post_vars; 136 long max_post_vars;
134 long cur_post_vars; 137 long cur_post_vars;
138 long att_post_vars;
135 long max_post_name_length; 139 long max_post_name_length;
136 long max_post_totalname_length; 140 long max_post_totalname_length;
137 long max_post_value_length; 141 long max_post_value_length;
diff --git a/suhosin.c b/suhosin.c
index 01f987c..8570081 100644
--- a/suhosin.c
+++ b/suhosin.c
@@ -1156,6 +1156,10 @@ PHP_RSHUTDOWN_FUNCTION(suhosin)
1156 SUHOSIN_G(cur_cookie_vars) = 0; 1156 SUHOSIN_G(cur_cookie_vars) = 0;
1157 SUHOSIN_G(cur_get_vars) = 0; 1157 SUHOSIN_G(cur_get_vars) = 0;
1158 SUHOSIN_G(cur_post_vars) = 0; 1158 SUHOSIN_G(cur_post_vars) = 0;
1159 SUHOSIN_G(att_request_variables) = 0;
1160 SUHOSIN_G(att_cookie_vars) = 0;
1161 SUHOSIN_G(att_get_vars) = 0;
1162 SUHOSIN_G(att_post_vars) = 0;
1159 SUHOSIN_G(num_uploads) = 0; 1163 SUHOSIN_G(num_uploads) = 0;
1160 1164
1161 SUHOSIN_G(no_more_variables) = 0; 1165 SUHOSIN_G(no_more_variables) = 0;