From 11c4ca8e14c6b0a94e95f8c70daa3e3c47a15d26 Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Sat, 30 Jul 2016 19:27:12 +0200
Subject: introduced suhosin.log.max_error_length to limit log length (#105)

---
 log.c                                   |  9 +++++----
 php_suhosin.h                           |  3 ++-
 suhosin.c                               |  3 ++-
 tests/logging/log_max_error_length.phpt | 19 +++++++++++++++++++
 4 files changed, 28 insertions(+), 6 deletions(-)
 create mode 100644 tests/logging/log_max_error_length.phpt

diff --git a/log.c b/log.c
index eae3841..a956d1a 100644
--- a/log.c
+++ b/log.c
@@ -107,8 +107,8 @@ PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...)
 	unsigned short etype;
 	DWORD evid;
 #endif
-	char buf[5000];
-	char error[5000];
+	char buf[5000] = {0};
+	char error[5000] = {0};
 	char *ip_address;
 	char *fname;
 	char *alertstring;
@@ -146,6 +146,9 @@ PHP_SUHOSIN_API void suhosin_log(int loglevel, char *fmt, ...)
 	va_start(ap, fmt);
 	ap_php_vsnprintf(error, sizeof(error), fmt, ap);
 	va_end(ap);
+	if (SUHOSIN_G(log_max_error_length) > 0 && SUHOSIN_G(log_max_error_length) < (sizeof(error) - 4)) {
+		memcpy(error + SUHOSIN_G(log_max_error_length), "...", 4);
+	}
 	while (error[i]) {
 		if (error[i] < 32) error[i] = '.';
 		i++;
@@ -437,5 +440,3 @@ SDEBUG("scriptname %s", SUHOSIN_G(log_phpscriptname));
  * vim600: noet sw=4 ts=4 fdm=marker
  * vim<600: noet sw=4 ts=4
  */
-
-
diff --git a/php_suhosin.h b/php_suhosin.h
index 39cd9b1..4d44bda 100644
--- a/php_suhosin.h
+++ b/php_suhosin.h
@@ -236,7 +236,8 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin)
 	long	log_file;
 	char	*log_filename;
 	zend_bool log_file_time;
-
+	long log_max_error_length;
+	
 /*	header handler */
 	zend_bool allow_multiheader;
 
diff --git a/suhosin.c b/suhosin.c
index d95b92f..8336561 100644
--- a/suhosin.c
+++ b/suhosin.c
@@ -789,7 +789,8 @@ static zend_ini_entry shared_ini_entries[] = {
 ZEND_INI_END()
  
 PHP_INI_BEGIN()
-    ZEND_INI_ENTRY("suhosin.perdir",		"0",		ZEND_INI_SYSTEM,	OnUpdateSuhosin_perdir)
+	STD_PHP_INI_ENTRY("suhosin.log.max_error_length", "0", PHP_INI_SYSTEM, OnUpdateLogLong, log_max_error_length, zend_suhosin_globals, suhosin_globals)
+	ZEND_INI_ENTRY("suhosin.perdir",		"0",		ZEND_INI_SYSTEM,	OnUpdateSuhosin_perdir)
 	STD_ZEND_INI_ENTRY("suhosin.executor.include.max_traversal",		"0",		ZEND_INI_PERDIR|ZEND_INI_SYSTEM,	OnUpdateExecLong, executor_include_max_traversal,	zend_suhosin_globals,	suhosin_globals)
 	ZEND_INI_ENTRY("suhosin.executor.include.whitelist",	NULL,		ZEND_INI_PERDIR|ZEND_INI_SYSTEM,	OnUpdate_include_whitelist)
 	ZEND_INI_ENTRY("suhosin.executor.include.blacklist",	NULL,		ZEND_INI_PERDIR|ZEND_INI_SYSTEM,	OnUpdate_include_blacklist)
diff --git a/tests/logging/log_max_error_length.phpt b/tests/logging/log_max_error_length.phpt
new file mode 100644
index 0000000..e6984c7
--- /dev/null
+++ b/tests/logging/log_max_error_length.phpt
@@ -0,0 +1,19 @@
+--TEST--
+Testing: suhosin.log.use-x-forwarded-for=On (without X-Forwarded-For set)
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.script=0
+suhosin.log.file=255
+suhosin.log.file.time=0
+suhosin.log.max_error_length=20
+suhosin.log.file.name={PWD}/suhosintest.$$.log.tmp
+auto_append_file={PWD}/suhosintest.$$.log.tmp
+--FILE--
+<?php
+	ini_set("memory_limit", "-1");
+?>
+--EXPECTF--
+ALERT - script tried to disa... %s
-- 
cgit v1.3