summaryrefslogtreecommitdiff
path: root/ex_imp.c
diff options
context:
space:
mode:
Diffstat (limited to 'ex_imp.c')
-rw-r--r--ex_imp.c102
1 files changed, 19 insertions, 83 deletions
diff --git a/ex_imp.c b/ex_imp.c
index 3325e43..6256f35 100644
--- a/ex_imp.c
+++ b/ex_imp.c
@@ -74,29 +74,7 @@ static int php_valid_var_name(char *var_name, int len) /* {{{ */
74 } 74 }
75 } 75 }
76 76
77 if (var_name[0] == 'H') { 77 if (suhosin_is_protected_varname(var_name, len)) {
78 if ((strcmp(var_name, "HTTP_GET_VARS")==0)||
79 (strcmp(var_name, "HTTP_POST_VARS")==0)||
80 (strcmp(var_name, "HTTP_POST_FILES")==0)||
81 (strcmp(var_name, "HTTP_ENV_VARS")==0)||
82 (strcmp(var_name, "HTTP_SERVER_VARS")==0)||
83 (strcmp(var_name, "HTTP_SESSION_VARS")==0)||
84 (strcmp(var_name, "HTTP_COOKIE_VARS")==0)||
85 (strcmp(var_name, "HTTP_RAW_POST_DATA")==0)) {
86 return 0;
87 }
88 } else if (var_name[0] == '_') {
89 if ((strcmp(var_name, "_COOKIE")==0)||
90 (strcmp(var_name, "_ENV")==0)||
91 (strcmp(var_name, "_FILES")==0)||
92 (strcmp(var_name, "_GET")==0)||
93 (strcmp(var_name, "_POST")==0)||
94 (strcmp(var_name, "_REQUEST")==0)||
95 (strcmp(var_name, "_SESSION")==0)||
96 (strcmp(var_name, "_SERVER")==0)) {
97 return 0;
98 }
99 } else if (strcmp(var_name, "GLOBALS")==0) {
100 return 0; 78 return 0;
101 } 79 }
102 80
@@ -443,6 +421,14 @@ PHP_FUNCTION(suhosin_extract)
443/* }}} */ 421/* }}} */
444 422
445 423
424
425#if PHP_VERSION_ID < 50400
426/* import_request_variables() has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0. */
427#define SUHOSIN_HAVE_IRV 1
428#endif
429
430#ifdef SUHOSIN_HAVE_IRV
431
446#if PHP_VERSION_ID >= 50300 432#if PHP_VERSION_ID >= 50300
447static int copy_request_variable(void *pDest TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key) 433static int copy_request_variable(void *pDest TSRMLS_DC, int num_args, va_list args, zend_hash_key *hash_key)
448{ 434{
@@ -473,36 +459,7 @@ static int copy_request_variable(void *pDest TSRMLS_DC, int num_args, va_list ar
473 zval_dtor(&num); 459 zval_dtor(&num);
474 } 460 }
475 461
476 if (php_varname_check(Z_STRVAL(new_key), Z_STRLEN(new_key), 0 TSRMLS_CC) == FAILURE) { 462 if (php_varname_check(Z_STRVAL(new_key), Z_STRLEN(new_key), 1 TSRMLS_CC) == FAILURE || suhosin_is_protected_varname(Z_STRVAL(new_key), Z_STRLEN(new_key))) {
477 zval_dtor(&new_key);
478 return 0;
479 }
480
481 if (Z_STRVAL(new_key)[0] == 'H') {
482 if ((strcmp(Z_STRVAL(new_key), "HTTP_GET_VARS")==0)||
483 (strcmp(Z_STRVAL(new_key), "HTTP_POST_VARS")==0)||
484 (strcmp(Z_STRVAL(new_key), "HTTP_POST_FILES")==0)||
485 (strcmp(Z_STRVAL(new_key), "HTTP_ENV_VARS")==0)||
486 (strcmp(Z_STRVAL(new_key), "HTTP_SERVER_VARS")==0)||
487 (strcmp(Z_STRVAL(new_key), "HTTP_SESSION_VARS")==0)||
488 (strcmp(Z_STRVAL(new_key), "HTTP_COOKIE_VARS")==0)||
489 (strcmp(Z_STRVAL(new_key), "HTTP_RAW_POST_DATA")==0)) {
490 zval_dtor(&new_key);
491 return 0;
492 }
493 } else if (Z_STRVAL(new_key)[0] == '_') {
494 if ((strcmp(Z_STRVAL(new_key), "_COOKIE")==0)||
495 (strcmp(Z_STRVAL(new_key), "_ENV")==0)||
496 (strcmp(Z_STRVAL(new_key), "_FILES")==0)||
497 (strcmp(Z_STRVAL(new_key), "_GET")==0)||
498 (strcmp(Z_STRVAL(new_key), "_POST")==0)||
499 (strcmp(Z_STRVAL(new_key), "_REQUEST")==0)||
500 (strcmp(Z_STRVAL(new_key), "_SESSION")==0)||
501 (strcmp(Z_STRVAL(new_key), "_SERVER")==0)) {
502 zval_dtor(&new_key);
503 return 0;
504 }
505 } else if (strcmp(Z_STRVAL(new_key), "GLOBALS")==0) {
506 zval_dtor(&new_key); 463 zval_dtor(&new_key);
507 return 0; 464 return 0;
508 } 465 }
@@ -549,36 +506,7 @@ static int copy_request_variable(void *pDest, int num_args, va_list args, zend_h
549 new_key_len++; 506 new_key_len++;
550 } 507 }
551 508
552 if (php_varname_check(new_key, new_key_len-1, 0 TSRMLS_CC) == FAILURE) { 509 if (php_varname_check(new_key, new_key_len-1, 1 TSRMLS_CC) == FAILURE || suhosin_is_protected_varname(new_key, new_key_len-1)) {
553 zval_dtor(&new_key);
554 return 0;
555 }
556
557 if (new_key[0] == 'H') {
558 if ((strcmp(new_key, "HTTP_GET_VARS")==0)||
559 (strcmp(new_key, "HTTP_POST_VARS")==0)||
560 (strcmp(new_key, "HTTP_POST_FILES")==0)||
561 (strcmp(new_key, "HTTP_ENV_VARS")==0)||
562 (strcmp(new_key, "HTTP_SERVER_VARS")==0)||
563 (strcmp(new_key, "HTTP_SESSION_VARS")==0)||
564 (strcmp(new_key, "HTTP_COOKIE_VARS")==0)||
565 (strcmp(new_key, "HTTP_RAW_POST_DATA")==0)) {
566 efree(new_key);
567 return 0;
568 }
569 } else if (new_key[0] == '_') {
570 if ((strcmp(new_key, "_COOKIE")==0)||
571 (strcmp(new_key, "_ENV")==0)||
572 (strcmp(new_key, "_FILES")==0)||
573 (strcmp(new_key, "_GET")==0)||
574 (strcmp(new_key, "_POST")==0)||
575 (strcmp(new_key, "_REQUEST")==0)||
576 (strcmp(new_key, "_SESSION")==0)||
577 (strcmp(new_key, "_SERVER")==0)) {
578 efree(new_key);
579 return 0;
580 }
581 } else if (strcmp(new_key, "GLOBALS")==0) {
582 efree(new_key); 510 efree(new_key);
583 return 0; 511 return 0;
584 } 512 }
@@ -714,22 +642,28 @@ PHP_FUNCTION(suhosin_import_request_variables)
714} 642}
715/* }}} */ 643/* }}} */
716 644
645#endif /* SUHOSIN_HAVE_IRV */
646
717ZEND_BEGIN_ARG_INFO_EX(suhosin_arginfo_extract, 0, 0, 1) 647ZEND_BEGIN_ARG_INFO_EX(suhosin_arginfo_extract, 0, 0, 1)
718 ZEND_ARG_INFO(ZEND_SEND_PREFER_REF, arg) /* ARRAY_INFO(0, arg, 0) */ 648 ZEND_ARG_INFO(ZEND_SEND_PREFER_REF, arg) /* ARRAY_INFO(0, arg, 0) */
719 ZEND_ARG_INFO(0, extract_type) 649 ZEND_ARG_INFO(0, extract_type)
720 ZEND_ARG_INFO(0, prefix) 650 ZEND_ARG_INFO(0, prefix)
721ZEND_END_ARG_INFO() 651ZEND_END_ARG_INFO()
722 652
653#ifdef SUHOSIN_HAVE_IRV
723ZEND_BEGIN_ARG_INFO_EX(suhosin_arginfo_import_request_variables, 0, 0, 1) 654ZEND_BEGIN_ARG_INFO_EX(suhosin_arginfo_import_request_variables, 0, 0, 1)
724 ZEND_ARG_INFO(0, types) 655 ZEND_ARG_INFO(0, types)
725 ZEND_ARG_INFO(0, prefix) 656 ZEND_ARG_INFO(0, prefix)
726ZEND_END_ARG_INFO() 657ZEND_END_ARG_INFO()
658#endif
727 659
728/* {{{ suhosin_ex_imp_functions[] 660/* {{{ suhosin_ex_imp_functions[]
729 */ 661 */
730zend_function_entry suhosin_ex_imp_functions[] = { 662zend_function_entry suhosin_ex_imp_functions[] = {
731 PHP_NAMED_FE(extract, PHP_FN(suhosin_extract), suhosin_arginfo_extract) 663 PHP_NAMED_FE(extract, PHP_FN(suhosin_extract), suhosin_arginfo_extract)
664#ifdef SUHOSIN_HAVE_IRV
732 PHP_NAMED_FE(import_request_variables, PHP_FN(suhosin_import_request_variables), suhosin_arginfo_import_request_variables) 665 PHP_NAMED_FE(import_request_variables, PHP_FN(suhosin_import_request_variables), suhosin_arginfo_import_request_variables)
666#endif
733 {NULL, NULL, NULL} 667 {NULL, NULL, NULL}
734}; 668};
735/* }}} */ 669/* }}} */
@@ -740,7 +674,9 @@ void suhosin_hook_ex_imp()
740 674
741 /* replace the extract and import_request_variables functions */ 675 /* replace the extract and import_request_variables functions */
742 zend_hash_del(CG(function_table), "extract", sizeof("extract")); 676 zend_hash_del(CG(function_table), "extract", sizeof("extract"));
677#ifdef SUHOSIN_HAVE_IRV
743 zend_hash_del(CG(function_table), "import_request_variables", sizeof("import_request_variables")); 678 zend_hash_del(CG(function_table), "import_request_variables", sizeof("import_request_variables"));
679#endif
744#ifndef ZEND_ENGINE_2 680#ifndef ZEND_ENGINE_2
745 zend_register_functions(suhosin_ex_imp_functions, NULL, MODULE_PERSISTENT TSRMLS_CC); 681 zend_register_functions(suhosin_ex_imp_functions, NULL, MODULE_PERSISTENT TSRMLS_CC);
746#else 682#else