From b71aff4f357e276efa7010a97b61bd1d63cd7fbb Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Fri, 13 Apr 2012 15:37:11 +0200
Subject: Initial PHP 5.4.0 compatibility
---
Changelog | 1 +
ex_imp.c | 3 +-
execute.c | 49 ++--------------
log.c | 6 ++
rfc1867.c | 8 +++
session.c | 93 ++++++++++++++++++++++++++++++-
sha256.c | 4 +-
suhosin.c | 12 ++++
tests/executor/negative_memory_limit.phpt | 2 +-
9 files changed, 127 insertions(+), 51 deletions(-)
diff --git a/Changelog b/Changelog
index 248a523..7793afb 100644
--- a/Changelog
+++ b/Changelog
@@ -1,5 +1,6 @@
2012-02-12 - 0.9.34
+ - Added initial support for PHP 5.4.0
- Fix read after efree() that lets function_exists() malfunction
- Fix build with clang compiler
- Added a request variable drop statistic log message
diff --git a/ex_imp.c b/ex_imp.c
index fe08fe5..412b5b3 100644
--- a/ex_imp.c
+++ b/ex_imp.c
@@ -727,14 +727,13 @@ ZEND_END_ARG_INFO()
/* {{{ suhosin_ex_imp_functions[]
*/
-function_entry suhosin_ex_imp_functions[] = {
+zend_function_entry suhosin_ex_imp_functions[] = {
PHP_NAMED_FE(extract, PHP_FN(suhosin_extract), suhosin_arginfo_extract)
PHP_NAMED_FE(import_request_variables, PHP_FN(suhosin_import_request_variables), suhosin_arginfo_import_request_variables)
{NULL, NULL, NULL}
};
/* }}} */
-
void suhosin_hook_ex_imp()
{
TSRMLS_FETCH();
diff --git a/execute.c b/execute.c
index 40a7cca..8f736b9 100644
--- a/execute.c
+++ b/execute.c
@@ -1031,50 +1031,6 @@ int ih_fixusername(IH_HANDLER_PARAMS)
return (0);
}
-static int suhosin_php_body_write(const char *str, uint str_length TSRMLS_DC)
-{
-#define P_META_ROBOTS ""
-#define S_META_ROBOTS ""
-
- SDEBUG("bw: %s", str);
-
- if ((str_length == sizeof("\n")-1) && (strcmp(str, "\n")==0)) {
- SUHOSIN_G(old_php_body_write)(S_META_ROBOTS, sizeof(S_META_ROBOTS)-1 TSRMLS_CC);
- OG(php_body_write) = SUHOSIN_G(old_php_body_write);
- return SUHOSIN_G(old_php_body_write)(str, str_length TSRMLS_CC);
- } else if ((str_length == sizeof(P_META_ROBOTS)-1) && (strcmp(str, P_META_ROBOTS)==0)) {
- return str_length;
- }
- return SUHOSIN_G(old_php_body_write)(str, str_length TSRMLS_CC);
-}
-
-static int ih_phpinfo(IH_HANDLER_PARAMS)
-{
- int argc = ZEND_NUM_ARGS();
- long flag;
-
- if (zend_parse_parameters(argc TSRMLS_CC, "|l", &flag) == FAILURE) {
- RETVAL_FALSE;
- return (1);
- }
-
- if(!argc) {
- flag = PHP_INFO_ALL;
- }
-
- /* Andale! Andale! Yee-Hah! */
- php_start_ob_buffer(NULL, 4096, 0 TSRMLS_CC);
- if (!sapi_module.phpinfo_as_text) {
- SUHOSIN_G(old_php_body_write) = OG(php_body_write);
- OG(php_body_write) = suhosin_php_body_write;
- }
- php_print_info(flag TSRMLS_CC);
- php_end_ob_buffer(1, 0 TSRMLS_CC);
-
- RETVAL_TRUE;
- return (1);
-}
-
static int ih_function_exists(IH_HANDLER_PARAMS)
{
@@ -1527,7 +1483,6 @@ internal_function_handler ihandlers[] = {
{ "preg_replace", ih_preg_replace, NULL, NULL, NULL },
{ "mail", ih_mail, NULL, NULL, NULL },
{ "symlink", ih_symlink, NULL, NULL, NULL },
- { "phpinfo", ih_phpinfo, NULL, NULL, NULL },
{ "srand", ih_srand, NULL, NULL, NULL },
{ "mt_srand", ih_mt_srand, NULL, NULL, NULL },
@@ -1615,7 +1570,11 @@ static void suhosin_execute_internal(zend_execute_data *execute_data_ptr, int re
}
#ifdef ZEND_ENGINE_2
+# if PHP_VERSION_ID < 50400
return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.u.var)).var.ptr;
+# else
+ return_value = (*(temp_variable *)((char *) execute_data_ptr->Ts + execute_data_ptr->opline->result.var)).var.ptr;
+# endif
#else
return_value = execute_data_ptr->Ts[execute_data_ptr->opline->result.u.var].var.ptr;
#endif
diff --git a/log.c b/log.c
index 2e3d7a1..7268864 100644
--- a/log.c
+++ b/log.c
@@ -317,7 +317,9 @@ log_phpscript:
zval *result = NULL;
long orig_execution_depth = SUHOSIN_G(execution_depth);
+#if PHP_VERSION_ID < 50400
zend_bool orig_safe_mode = PG(safe_mode);
+#endif
char *orig_basedir = PG(open_basedir);
char *phpscript = SUHOSIN_G(log_phpscriptname);
@@ -354,14 +356,18 @@ SDEBUG("scriptname %s", SUHOSIN_G(log_phpscriptname));
SUHOSIN_G(execution_depth) = 0;
if (SUHOSIN_G(log_phpscript_is_safe)) {
+#if PHP_VERSION_ID < 50400
PG(safe_mode) = 0;
+#endif
PG(open_basedir) = NULL;
}
zend_execute(new_op_array TSRMLS_CC);
SUHOSIN_G(execution_depth) = orig_execution_depth;
+#if PHP_VERSION_ID < 50400
PG(safe_mode) = orig_safe_mode;
+#endif
PG(open_basedir) = orig_basedir;
#ifdef ZEND_ENGINE_2
diff --git a/rfc1867.c b/rfc1867.c
index 8285329..b07ed68 100644
--- a/rfc1867.c
+++ b/rfc1867.c
@@ -244,21 +244,29 @@ static void safe_php_register_variable_ex(char *var, zval *val, zval *track_vars
static void register_http_post_files_variable(char *strvar, char *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
{
+#if PHP_VERSION_ID < 50400
int register_globals = PG(register_globals);
PG(register_globals) = 0;
+#endif
safe_php_register_variable(strvar, val, http_post_files, override_protection TSRMLS_CC);
+#if PHP_VERSION_ID < 50400
PG(register_globals) = register_globals;
+#endif
}
static void register_http_post_files_variable_ex(char *var, zval *val, zval *http_post_files, zend_bool override_protection TSRMLS_DC)
{
+#if PHP_VERSION_ID < 50400
int register_globals = PG(register_globals);
PG(register_globals) = 0;
+#endif
safe_php_register_variable_ex(var, val, http_post_files, override_protection TSRMLS_CC);
+#if PHP_VERSION_ID < 50400
PG(register_globals) = register_globals;
+#endif
}
/*
diff --git a/session.c b/session.c
index f045a36..1045a93 100644
--- a/session.c
+++ b/session.c
@@ -233,9 +233,94 @@ typedef struct _php_ps_globals_53 {
zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */
} php_ps_globals_53;
+#if PHP_VERSION_ID >= 50400
+typedef struct _php_session_rfc1867_progress_54 {
+
+ size_t sname_len;
+ zval sid;
+ smart_str key;
+
+ long update_step;
+ long next_update;
+ double next_update_time;
+ zend_bool cancel_upload;
+ zend_bool apply_trans_sid;
+ size_t content_length;
+
+ zval *data; /* the array exported to session data */
+ zval *post_bytes_processed; /* data["bytes_processed"] */
+ zval *files; /* data["files"] array */
+ zval *current_file; /* array of currently uploading file */
+ zval *current_file_bytes_processed;
+} php_session_rfc1867_progress_54;
+
+typedef struct _php_ps_globals_54 {
+ char *save_path;
+ char *session_name;
+ char *id;
+ char *extern_referer_chk;
+ char *entropy_file;
+ char *cache_limiter;
+ long entropy_length;
+ long cookie_lifetime;
+ char *cookie_path;
+ char *cookie_domain;
+ zend_bool cookie_secure;
+ zend_bool cookie_httponly;
+ ps_module *mod;
+ ps_module *default_mod;
+ void *mod_data;
+ php_session_status session_status;
+ long gc_probability;
+ long gc_divisor;
+ long gc_maxlifetime;
+ int module_number;
+ long cache_expire;
+ union {
+ zval *names[6];
+ struct {
+ zval *ps_open;
+ zval *ps_close;
+ zval *ps_read;
+ zval *ps_write;
+ zval *ps_destroy;
+ zval *ps_gc;
+ } name;
+ } mod_user_names;
+ int mod_user_implemented;
+ int mod_user_is_open;
+ const struct ps_serializer_struct *serializer;
+ zval *http_session_vars;
+ zend_bool auto_start;
+ zend_bool use_cookies;
+ zend_bool use_only_cookies;
+ zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */
+ zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */
+
+ long hash_func;
+#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH)
+ php_hash_ops *hash_ops;
+#endif
+ long hash_bits_per_character;
+ int send_cookie;
+ int define_sid;
+ zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */
+
+ php_session_rfc1867_progress_54 *rfc1867_progress;
+ zend_bool rfc1867_enabled; /* session.upload_progress.enabled */
+ zend_bool rfc1867_cleanup; /* session.upload_progress.cleanup */
+ smart_str rfc1867_prefix; /* session.upload_progress.prefix */
+ smart_str rfc1867_name; /* session.upload_progress.name */
+ long rfc1867_freq; /* session.upload_progress.freq */
+ double rfc1867_min_freq; /* session.upload_progress.min_freq */
+} php_ps_globals_54;
+#endif
+
#ifdef ZTS
static ts_rsrc_id session_globals_id = 0;
-# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
+# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4)
+# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_54 *, v)
+# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_53 *, v)
# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2)
# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_52 *, v)
@@ -247,7 +332,9 @@ static ts_rsrc_id session_globals_id = 0;
UNSUPPORTED PHP VERSION
# endif
#else
-# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
+# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4)
+static php_ps_globals_54 *session_globals = NULL;
+# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3)
static php_ps_globals_53 *session_globals = NULL;
# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2)
static php_ps_globals_52 *session_globals = NULL;
@@ -294,6 +381,7 @@ static int suhosin_get_session_var(char *name, size_t namelen, zval ***state_var
if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) {
ret = zend_hash_find(Z_ARRVAL_P(SESSION_G(http_session_vars)), name, namelen + 1, (void **) state_var);
+#if PHP_VERSION_ID < 50400
/* If register_globals is enabled, and
* if there is an entry for the slot in $_SESSION, and
* if that entry is still set to NULL, and
@@ -307,6 +395,7 @@ static int suhosin_get_session_var(char *name, size_t namelen, zval ***state_var
*state_var = tmp;
}
}
+#endif
}
return ret;
}
diff --git a/sha256.c b/sha256.c
index e8df13d..61c5a6a 100644
--- a/sha256.c
+++ b/sha256.c
@@ -86,9 +86,11 @@ static PHP_FUNCTION(suhosin_sha256_file)
return;
}
+#if PHP_VERSION_ID < 50400
if (PG(safe_mode) && (!php_checkuid(arg, NULL, CHECKUID_CHECK_FILE_AND_DIR))) {
RETURN_FALSE;
}
+#endif
if (php_check_open_basedir(arg TSRMLS_CC)) {
RETURN_FALSE;
@@ -392,7 +394,7 @@ unsigned int len;
/* {{{ suhosin_sha256_functions[]
*/
-static function_entry suhosin_sha256_functions[] = {
+static zend_function_entry suhosin_sha256_functions[] = {
PHP_NAMED_FE(sha256, PHP_FN(suhosin_sha256), NULL)
PHP_NAMED_FE(sha256_file, PHP_FN(suhosin_sha256_file), NULL)
{NULL, NULL, NULL}
diff --git a/suhosin.c b/suhosin.c
index 8570081..c04655b 100644
--- a/suhosin.c
+++ b/suhosin.c
@@ -649,12 +649,16 @@ static void suhosin_register_cookie_variable(char *var, zval *val, zval *track_v
array_init(gpc_element);
zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else {
+#if PHP_VERSION_ID < 50400
if (PG(magic_quotes_gpc) && (index != var)) {
/* no need to addslashes() the index if it's the main variable name */
escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
} else {
+#endif
escaped_index = index;
+#if PHP_VERSION_ID < 50400
}
+#endif
if (zend_symtable_find(symtable1, escaped_index, index_len + 1, (void **) &gpc_element_p) == FAILURE
|| Z_TYPE_PP(gpc_element_p) != IS_ARRAY) {
MAKE_STD_ZVAL(gpc_element);
@@ -686,11 +690,15 @@ plain_var:
if (!index) {
zend_hash_next_index_insert(symtable1, &gpc_element, sizeof(zval *), (void **) &gpc_element_p);
} else {
+#if PHP_VERSION_ID < 50400
if (PG(magic_quotes_gpc)) {
escaped_index = php_addslashes(index, index_len, &index_len, 0 TSRMLS_CC);
} else {
+#endif
escaped_index = index;
+#if PHP_VERSION_ID < 50400
}
+#endif
/*
* According to rfc2965, more specific paths are listed above the less specific ones.
* If we encounter a duplicate cookie name, we should skip it, since it is not possible
@@ -717,11 +725,15 @@ static void suhosin_register_cookie_variable_safe(char *var, char *strval, int s
/* Prepare value */
Z_STRLEN(new_entry) = str_len;
+#if PHP_VERSION_ID < 50400
if (PG(magic_quotes_gpc)) {
Z_STRVAL(new_entry) = php_addslashes(strval, Z_STRLEN(new_entry), &Z_STRLEN(new_entry), 0 TSRMLS_CC);
} else {
+#endif
Z_STRVAL(new_entry) = estrndup(strval, Z_STRLEN(new_entry));
+#if PHP_VERSION_ID < 50400
}
+#endif
Z_TYPE(new_entry) = IS_STRING;
suhosin_register_cookie_variable(var, &new_entry, track_vars_array TSRMLS_CC);
diff --git a/tests/executor/negative_memory_limit.phpt b/tests/executor/negative_memory_limit.phpt
index 8582cc9..7fad546 100644
--- a/tests/executor/negative_memory_limit.phpt
+++ b/tests/executor/negative_memory_limit.phpt
@@ -13,6 +13,6 @@ suhosin.log.sapi=2
ini_set("memory_limit", "-200000"); echo ini_get("memory_limit"), "\n";
?>
--EXPECTF--
-ALERT - script tried to increase memory_limit to %d bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+ALERT - script tried to disable memory_limit by setting it to a negative value -%d bytes which is not allowed (attacker 'REMOTE_ADDR not set', file '%s', line 2)
16M
--
cgit v1.3