From fb48d9f8eae679d5a79fd488bdac6a90e61a923a Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Sun, 16 Feb 2014 12:04:31 +0100
Subject: Fix suhosin.get/post/cookie.max_totalname_length filter

---
 Changelog | 1 +
 ifilter.c | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/Changelog b/Changelog
index 5fd728d..9bc62e9 100644
--- a/Changelog
+++ b/Changelog
@@ -10,6 +10,7 @@
     - Added some test cases for various things
     - Added suhosin.log.stdout to log to stdout (for debugging purposes only)
     - Add ini_set() fail mode to suhosin.disable.display_errors
+    - Fix suhosin.get/post/cookie.max_totalname_length filter
     - TODO: WARN THAT FUNCTION WHITELISTS/BLACKLISTS NEVER WORKED CORRECTLY WITH PHP < 5.5
 
 2012-02-12 - 0.9.34
diff --git a/ifilter.c b/ifilter.c
index d231bc5..42f5d9b 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -463,7 +463,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
 					return 0;
 				}
 			}
-			if (SUHOSIN_G(max_get_totalname_length) && SUHOSIN_G(max_get_totalname_length) < var_len) {
+			if (SUHOSIN_G(max_get_totalname_length) && SUHOSIN_G(max_get_totalname_length) < total_len) {
 				suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var);
 				if (!SUHOSIN_G(simulation)) {
 					return 0;
@@ -477,7 +477,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
 					return 0;
 				}
 			}
-			if (SUHOSIN_G(max_cookie_totalname_length) && SUHOSIN_G(max_cookie_totalname_length) < var_len) {
+			if (SUHOSIN_G(max_cookie_totalname_length) && SUHOSIN_G(max_cookie_totalname_length) < total_len) {
 				suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var);
 				if (!SUHOSIN_G(simulation)) {
 					return 0;
@@ -491,7 +491,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
 					return 0;
 				}
 			}
-			if (SUHOSIN_G(max_post_totalname_length) && SUHOSIN_G(max_post_totalname_length) < var_len) {
+			if (SUHOSIN_G(max_post_totalname_length) && SUHOSIN_G(max_post_totalname_length) < total_len) {
 				suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var);
 				if (!SUHOSIN_G(simulation)) {
 					return 0;
-- 
cgit v1.3