1 files changed, 216 insertions, 0 deletions
diff --git a/treat_data.c b/treat_data.c
new file mode 100644
index 0000000..d4af286
--- /dev/null
+++ b/treat_data.c
@@ -0,0 +1,216 @@
+/*
+  +----------------------------------------------------------------------+
+  | Suhosin Version 1                                                    |
+  +----------------------------------------------------------------------+
+  | Copyright (c) 2006-2007 The Hardened-PHP Project                     |
+  | Copyright (c) 2007 SektionEins GmbH                                  |
+  +----------------------------------------------------------------------+
+  | This source file is subject to version 3.01 of the PHP license,      |
+  | that is bundled with this package in the file LICENSE, and is        |
+  | available through the world-wide-web at the following url:           |
+  | http://www.php.net/license/3_01.txt                                  |
+  | If you did not receive a copy of the PHP license and are unable to   |
+  | obtain it through the world-wide-web, please send a note to          |
+  | license@php.net so we can mail you a copy immediately.               |
+  +----------------------------------------------------------------------+
+  | Author: Stefan Esser <sesser@sektioneins.de>                         |
+  +----------------------------------------------------------------------+
+*/
+/*
+  $Id: treat_data.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ 
+*/
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+#include "php.h"
+#include "php_ini.h"
+#include "php_suhosin.h"
+#include "SAPI.h"
+#include "php_variables.h"
+#include "ext/standard/url.h"
+SAPI_TREAT_DATA_FUNC(suhosin_treat_data)
+{
+        char *res = NULL, *var, *val, *separator = NULL;
+        const char *c_var;
+        zval *array_ptr;
+        int free_buffer = 0;
+        char *strtok_buf = NULL;
+        /* Mark that we were not yet called */
+        SUHOSIN_G(already_scanned) = 0;
+        
+        switch (arg) {
+                case PARSE_POST:
+                case PARSE_GET:
+                case PARSE_COOKIE:
+                        ALLOC_ZVAL(array_ptr);
+                        array_init(array_ptr);
+                        INIT_PZVAL(array_ptr);
+                        switch (arg) {
+                                case PARSE_POST:
+                                        if (PG(http_globals)[TRACK_VARS_POST]) {
+                                                zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_POST]);
+                                        }
+                                        PG(http_globals)[TRACK_VARS_POST] = array_ptr;
+                                        
+                                        if (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_post_vars) == 0 || 
+                                            SUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_post_vars))) {
+                                                SUHOSIN_G(max_post_vars) = SUHOSIN_G(max_request_variables);
+                                        }
+                                        break;
+                                case PARSE_GET:
+                                        if (PG(http_globals)[TRACK_VARS_GET]) {
+                                                zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_GET]);
+                                        }
+                                        PG(http_globals)[TRACK_VARS_GET] = array_ptr;
+                                        if (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_get_vars) == 0 || 
+                                            SUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_get_vars))) {
+                                                SUHOSIN_G(max_get_vars) = SUHOSIN_G(max_request_variables);
+                                        }
+                                        break;
+                                case PARSE_COOKIE:
+                                        if (PG(http_globals)[TRACK_VARS_COOKIE]) {
+                                                zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_COOKIE]);
+                                        }
+                                        PG(http_globals)[TRACK_VARS_COOKIE] = array_ptr;
+                                        if (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_cookie_vars) == 0 || 
+                                            SUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_cookie_vars))) {
+                                                SUHOSIN_G(max_cookie_vars) = SUHOSIN_G(max_request_variables);
+                                        }                                       
+                                        break;
+                        }
+                        break;
+                default:
+                        array_ptr = destArray;
+                        break;
+        }
+        if (arg == PARSE_POST) {
+                sapi_handle_post(array_ptr TSRMLS_CC);
+                return;
+        }
+        if (arg == PARSE_GET) {         /* GET data */
+                c_var = SG(request_info).query_string;
+                if (c_var && *c_var) {
+                        res = (char *) estrdup(c_var);
+                        free_buffer = 1;
+                } else {
+                        free_buffer = 0;
+                }
+        } else if (arg == PARSE_COOKIE) {               /* Cookie data */
+                c_var = SG(request_info).cookie_data;
+                if (c_var && *c_var) {
+                        if (SUHOSIN_G(cookie_encrypt)) {
+                                res = (char *) estrdup(suhosin_cookie_decryptor(TSRMLS_C));
+                        } else {
+                                res = (char *) estrdup(c_var);
+                        }
+                        free_buffer = 1;
+                } else {
+                        free_buffer = 0;
+                }
+        } else if (arg == PARSE_STRING) {               /* String data */
+                res = str;
+                free_buffer = 1;
+        }
+        if (!res) {
+                return;
+        }
+        switch (arg) {
+                case PARSE_GET:
+                case PARSE_STRING:
+                        separator = (char *) estrdup(PG(arg_separator).input);
+                        break;
+                case PARSE_COOKIE:
+                        separator = ";\0";
+                        break;
+        }
+        
+        var = php_strtok_r(res, separator, &strtok_buf);
+        
+        while (var) {
+                /* Overjump plain whitespace */
+                while (*var && *var == ' ') var++;
+                val = strchr(var, '=');
+                if (val) { /* have a value */
+                        int val_len;
+                        unsigned int new_val_len;
+                        *val++ = '\0';
+                        php_url_decode(var, strlen(var));
+                        val_len = php_url_decode(val, strlen(val));
+                        val = estrndup(val, val_len);
+                        if (suhosin_input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+#ifdef ZEND_ENGINE_2
+                                if (sapi_module.input_filter(arg, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {
+#endif
+                                        php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
+#ifdef ZEND_ENGINE_2
+                                }
+#endif                  
+                        } else {
+                                SUHOSIN_G(abort_request) = 1;
+                        }
+                        efree(val);
+                } else {
+                        int val_len;
+                        unsigned int new_val_len;
+                        php_url_decode(var, strlen(var));
+                        val_len = 0;
+                        val = estrndup("", val_len);
+                        if (suhosin_input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) {
+#ifdef ZEND_ENGINE_2
+                                if (sapi_module.input_filter(arg, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {
+#endif
+                                        php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
+#ifdef ZEND_ENGINE_2
+                                }
+#endif                  
+                        } else {
+                                SUHOSIN_G(abort_request) = 1;
+                        }
+                        efree(val);
+                }
+                var = php_strtok_r(NULL, separator, &strtok_buf);
+        }
+        if (arg != PARSE_COOKIE) {
+                efree(separator);
+        }
+        if (free_buffer) {
+                efree(res);
+        }
+}
+void suhosin_hook_treat_data()
+{
+        sapi_register_treat_data(suhosin_treat_data);
+#ifdef ZEND_ENGINE_2
+        if (old_input_filter == NULL) {
+                old_input_filter = sapi_module.input_filter;
+        }
+        sapi_module.input_filter = suhosin_input_filter_wrapper;
+#endif                  
+}
+/*
+ * Local variables:
+ * tab-width: 4
+ * c-basic-offset: 4
+ * End:
+ * vim600: noet sw=4 ts=4 fdm=marker
+ * vim<600: noet sw=4 ts=4
+ */

diff --git a/treat_data.c b/treat_data.c new file mode 100644 index 0000000..d4af286 --- /dev/null +++ b/treat_data.c
@@ -0,0 +1,216 @@
	1	/*
	2	+----------------------------------------------------------------------+
	3	\| Suhosin Version 1 \|
	4	+----------------------------------------------------------------------+
	5	\| Copyright (c) 2006-2007 The Hardened-PHP Project \|
	6	\| Copyright (c) 2007 SektionEins GmbH \|
	7	+----------------------------------------------------------------------+
	8	\| This source file is subject to version 3.01 of the PHP license, \|
	9	\| that is bundled with this package in the file LICENSE, and is \|
	10	\| available through the world-wide-web at the following url: \|
	11	\| http://www.php.net/license/3_01.txt \|
	12	\| If you did not receive a copy of the PHP license and are unable to \|
	13	\| obtain it through the world-wide-web, please send a note to \|
	14	\| license@php.net so we can mail you a copy immediately. \|
	15	+----------------------------------------------------------------------+
	16	\| Author: Stefan Esser <sesser@sektioneins.de> \|
	17	+----------------------------------------------------------------------+
	18	*/
	19	/*
	20	$Id: treat_data.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
	21	*/
	22
	23	#ifdef HAVE_CONFIG_H
	24	#include "config.h"
	25	#endif
	26
	27	#include "php.h"
	28	#include "php_ini.h"
	29	#include "php_suhosin.h"
	30	#include "SAPI.h"
	31	#include "php_variables.h"
	32	#include "ext/standard/url.h"
	33
	34	SAPI_TREAT_DATA_FUNC(suhosin_treat_data)
	35	{
	36	char res = NULL, var, val, separator = NULL;
	37	const char *c_var;
	38	zval *array_ptr;
	39	int free_buffer = 0;
	40	char *strtok_buf = NULL;
	41
	42	/* Mark that we were not yet called */
	43	SUHOSIN_G(already_scanned) = 0;
	44
	45	switch (arg) {
	46	case PARSE_POST:
	47	case PARSE_GET:
	48	case PARSE_COOKIE:
	49	ALLOC_ZVAL(array_ptr);
	50	array_init(array_ptr);
	51	INIT_PZVAL(array_ptr);
	52	switch (arg) {
	53	case PARSE_POST:
	54	if (PG(http_globals)[TRACK_VARS_POST]) {
	55	zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_POST]);
	56	}
	57	PG(http_globals)[TRACK_VARS_POST] = array_ptr;
	58
	59	if (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_post_vars) == 0 \|\|
	60	SUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_post_vars))) {
	61	SUHOSIN_G(max_post_vars) = SUHOSIN_G(max_request_variables);
	62	}
	63	break;
	64	case PARSE_GET:
	65	if (PG(http_globals)[TRACK_VARS_GET]) {
	66	zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_GET]);
	67	}
	68	PG(http_globals)[TRACK_VARS_GET] = array_ptr;
	69	if (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_get_vars) == 0 \|\|
	70	SUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_get_vars))) {
	71	SUHOSIN_G(max_get_vars) = SUHOSIN_G(max_request_variables);
	72	}
	73	break;
	74	case PARSE_COOKIE:
	75	if (PG(http_globals)[TRACK_VARS_COOKIE]) {
	76	zval_ptr_dtor(&PG(http_globals)[TRACK_VARS_COOKIE]);
	77	}
	78	PG(http_globals)[TRACK_VARS_COOKIE] = array_ptr;
	79	if (SUHOSIN_G(max_request_variables) && (SUHOSIN_G(max_cookie_vars) == 0 \|\|
	80	SUHOSIN_G(max_request_variables) <= SUHOSIN_G(max_cookie_vars))) {
	81	SUHOSIN_G(max_cookie_vars) = SUHOSIN_G(max_request_variables);
	82	}
	83	break;
	84	}
	85	break;
	86	default:
	87	array_ptr = destArray;
	88	break;
	89	}
	90
	91	if (arg == PARSE_POST) {
	92	sapi_handle_post(array_ptr TSRMLS_CC);
	93	return;
	94	}
	95
	96	if (arg == PARSE_GET) { /* GET data */
	97	c_var = SG(request_info).query_string;
	98	if (c_var && *c_var) {
	99	res = (char *) estrdup(c_var);
	100	free_buffer = 1;
	101	} else {
	102	free_buffer = 0;
	103	}
	104	} else if (arg == PARSE_COOKIE) { /* Cookie data */
	105	c_var = SG(request_info).cookie_data;
	106	if (c_var && *c_var) {
	107	if (SUHOSIN_G(cookie_encrypt)) {
	108	res = (char *) estrdup(suhosin_cookie_decryptor(TSRMLS_C));
	109	} else {
	110	res = (char *) estrdup(c_var);
	111	}
	112	free_buffer = 1;
	113	} else {
	114	free_buffer = 0;
	115	}
	116	} else if (arg == PARSE_STRING) { /* String data */
	117	res = str;
	118	free_buffer = 1;
	119	}
	120
	121	if (!res) {
	122	return;
	123	}
	124
	125	switch (arg) {
	126	case PARSE_GET:
	127	case PARSE_STRING:
	128	separator = (char *) estrdup(PG(arg_separator).input);
	129	break;
	130	case PARSE_COOKIE:
	131	separator = ";\0";
	132	break;
	133	}
	134
	135	var = php_strtok_r(res, separator, &strtok_buf);
	136
	137	while (var) {
	138	/* Overjump plain whitespace */
	139	while (var && var == ' ') var++;
	140
	141	val = strchr(var, '=');
	142	if (val) { /* have a value */
	143	int val_len;
	144	unsigned int new_val_len;
	145
	146	*val++ = '\0';
	147	php_url_decode(var, strlen(var));
	148	val_len = php_url_decode(val, strlen(val));
	149	val = estrndup(val, val_len);
	150	if (suhosin_input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) {
	151	#ifdef ZEND_ENGINE_2
	152	if (sapi_module.input_filter(arg, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {
	153	#endif
	154	php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
	155	#ifdef ZEND_ENGINE_2
	156	}
	157	#endif
	158	} else {
	159	SUHOSIN_G(abort_request) = 1;
	160	}
	161	efree(val);
	162	} else {
	163	int val_len;
	164	unsigned int new_val_len;
	165
	166	php_url_decode(var, strlen(var));
	167	val_len = 0;
	168	val = estrndup("", val_len);
	169	if (suhosin_input_filter(arg, var, &val, val_len, &new_val_len TSRMLS_CC)) {
	170	#ifdef ZEND_ENGINE_2
	171	if (sapi_module.input_filter(arg, var, &val, new_val_len, &new_val_len TSRMLS_CC)) {
	172	#endif
	173	php_register_variable_safe(var, val, new_val_len, array_ptr TSRMLS_CC);
	174	#ifdef ZEND_ENGINE_2
	175	}
	176	#endif
	177	} else {
	178	SUHOSIN_G(abort_request) = 1;
	179	}
	180	efree(val);
	181	}
	182	var = php_strtok_r(NULL, separator, &strtok_buf);
	183	}
	184
	185	if (arg != PARSE_COOKIE) {
	186	efree(separator);
	187	}
	188
	189	if (free_buffer) {
	190	efree(res);
	191	}
	192	}
	193
	194
	195	void suhosin_hook_treat_data()
	196	{
	197	sapi_register_treat_data(suhosin_treat_data);
	198	#ifdef ZEND_ENGINE_2
	199	if (old_input_filter == NULL) {
	200	old_input_filter = sapi_module.input_filter;
	201	}
	202	sapi_module.input_filter = suhosin_input_filter_wrapper;
	203	#endif
	204	}
	205
	206
	207	/*
	208	* Local variables:
	209	* tab-width: 4
	210	* c-basic-offset: 4
	211	* End:
	212	* vim600: noet sw=4 ts=4 fdm=marker
	213	* vim<600: noet sw=4 ts=4
	214	*/
	215
	216