From c20f47262ba9d180ae6ab7f7b608cd51a22c265d Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Wed, 12 Feb 2014 14:35:42 +0100
Subject: Detect some more code types

---
 execute.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'execute.c')

diff --git a/execute.c b/execute.c
index 5371d00..f6381e3 100644
--- a/execute.c
+++ b/execute.c
@@ -99,6 +99,7 @@ conts:
 #define SUHOSIN_CODE_TYPE_LONGNAME	13
 #define SUHOSIN_CODE_TYPE_MANYDOTS	14
 #define SUHOSIN_CODE_TYPE_WRITABLE      15
+#define SUHOSIN_CODE_TYPE_MBREGEXP	16
 
 static int suhosin_check_filename(char *s, int len TSRMLS_DC)
 {
@@ -332,6 +333,10 @@ static int suhosin_detect_codetype(zend_op_array *op_array TSRMLS_DC)
 			return SUHOSIN_CODE_TYPE_REGEXP;
 		}
 
+		if (strstr(s, "mbregex replace") != NULL) {
+			return SUHOSIN_CODE_TYPE_MBREGEXP;
+		}
+
 		if (strstr(s, "assert code") != NULL) {
 			return SUHOSIN_CODE_TYPE_ASSERT;
 		}
@@ -343,6 +348,18 @@ static int suhosin_detect_codetype(zend_op_array *op_array TSRMLS_DC)
 		if (strstr(s, "Command line code") != NULL) {
 			return SUHOSIN_CODE_TYPE_COMMANDLINE;
 		}
+
+		if (strstr(s, "Command line begin code") != NULL) {
+			return SUHOSIN_CODE_TYPE_COMMANDLINE;
+		}
+
+		if (strstr(s, "Command line run code") != NULL) {
+			return SUHOSIN_CODE_TYPE_COMMANDLINE;
+		}
+
+		if (strstr(s, "Command line end code") != NULL) {
+			return SUHOSIN_CODE_TYPE_COMMANDLINE;
+		}
 		
 		if (strstr(s, "suhosin internal code") != NULL) {
 			return SUHOSIN_CODE_TYPE_SUHOSIN;
@@ -540,6 +557,10 @@ not_evaled_code:
 		    }
 		    break;
 		    
+		case SUHOSIN_CODE_TYPE_MBREGEXP:
+			/* XXX TODO: Do we want to disallow this, too? */
+			break;
+		
 	    case SUHOSIN_CODE_TYPE_ASSERT:
 		    break;
 		    
-- 
cgit v1.3