diff options
Diffstat (limited to 'ifilter.c')
| -rw-r--r-- | ifilter.c | 54 |
1 files changed, 6 insertions, 48 deletions
| @@ -29,6 +29,7 @@ | |||
| 29 | #include "ext/standard/info.h" | 29 | #include "ext/standard/info.h" |
| 30 | #include "php_suhosin.h" | 30 | #include "php_suhosin.h" |
| 31 | #include "php_variables.h" | 31 | #include "php_variables.h" |
| 32 | #include "ext/standard/php_var.h" | ||
| 32 | 33 | ||
| 33 | 34 | ||
| 34 | static void (*orig_register_server_variables)(zval *track_vars_array TSRMLS_DC) = NULL; | 35 | static void (*orig_register_server_variables)(zval *track_vars_array TSRMLS_DC) = NULL; |
| @@ -619,47 +620,11 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v | |||
| 619 | 620 | ||
| 620 | /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */ | 621 | /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */ |
| 621 | /* This is to protect several silly scripts that do globalizing themself */ | 622 | /* This is to protect several silly scripts that do globalizing themself */ |
| 622 | 623 | if (php_varname_check(var, var_len, 0 TSRMLS_CC) == FAILURE) { | |
| 623 | switch (var_len) { | 624 | suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE"); |
| 624 | case 18: | 625 | if (!SUHOSIN_G(simulation)) { |
| 625 | if (memcmp(var, "HTTP_RAW_POST_DATA", 18)==0) goto protected_varname; | 626 | return 0; |
| 626 | break; | 627 | } |
| 627 | case 17: | ||
| 628 | if (memcmp(var, "HTTP_SESSION_VARS", 17)==0) goto protected_varname; | ||
| 629 | break; | ||
| 630 | case 16: | ||
| 631 | if (memcmp(var, "HTTP_SERVER_VARS", 16)==0) goto protected_varname; | ||
| 632 | if (memcmp(var, "HTTP_COOKIE_VARS", 16)==0) goto protected_varname; | ||
| 633 | break; | ||
| 634 | case 15: | ||
| 635 | if (memcmp(var, "HTTP_POST_FILES", 15)==0) goto protected_varname; | ||
| 636 | break; | ||
| 637 | case 14: | ||
| 638 | if (memcmp(var, "HTTP_POST_VARS", 14)==0) goto protected_varname; | ||
| 639 | break; | ||
| 640 | case 13: | ||
| 641 | if (memcmp(var, "HTTP_GET_VARS", 13)==0) goto protected_varname; | ||
| 642 | if (memcmp(var, "HTTP_ENV_VARS", 13)==0) goto protected_varname; | ||
| 643 | break; | ||
| 644 | case 8: | ||
| 645 | if (memcmp(var, "_SESSION", 8)==0) goto protected_varname; | ||
| 646 | if (memcmp(var, "_REQUEST", 8)==0) goto protected_varname; | ||
| 647 | break; | ||
| 648 | case 7: | ||
| 649 | if (memcmp(var, "GLOBALS", 7)==0) goto protected_varname; | ||
| 650 | if (memcmp(var, "_COOKIE", 7)==0) goto protected_varname; | ||
| 651 | if (memcmp(var, "_SERVER", 7)==0) goto protected_varname; | ||
| 652 | break; | ||
| 653 | case 6: | ||
| 654 | if (memcmp(var, "_FILES", 6)==0) goto protected_varname; | ||
| 655 | break; | ||
| 656 | case 5: | ||
| 657 | if (memcmp(var, "_POST", 5)==0) goto protected_varname; | ||
| 658 | break; | ||
| 659 | case 4: | ||
| 660 | if (memcmp(var, "_ENV", 4)==0) goto protected_varname; | ||
| 661 | if (memcmp(var, "_GET", 4)==0) goto protected_varname; | ||
| 662 | break; | ||
| 663 | } | 628 | } |
| 664 | 629 | ||
| 665 | /* Okay let PHP register this variable */ | 630 | /* Okay let PHP register this variable */ |
| @@ -681,13 +646,6 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v | |||
| 681 | } | 646 | } |
| 682 | 647 | ||
| 683 | return 1; | 648 | return 1; |
| 684 | protected_varname: | ||
| 685 | suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE"); | ||
| 686 | if (!SUHOSIN_G(simulation)) { | ||
| 687 | return 0; | ||
| 688 | } else { | ||
| 689 | return 1; | ||
| 690 | } | ||
| 691 | } | 649 | } |
| 692 | /* }}} */ | 650 | /* }}} */ |
| 693 | 651 | ||