From 9160beeceff38cd6e0725b0f6b215de1d5617ac3 Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Wed, 12 Feb 2014 17:42:06 +0100
Subject: Fix server variables filter

---
 ifilter.c | 40 ++++++++++------------------------------
 1 file changed, 10 insertions(+), 30 deletions(-)

(limited to 'ifilter.c')

diff --git a/ifilter.c b/ifilter.c
index be3067b..d231bc5 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -33,26 +33,6 @@
 
 static void (*orig_register_server_variables)(zval *track_vars_array TSRMLS_DC) = NULL;
 
-#ifdef ZEND_ENGINE_2
-#define HASH_HTTP_GET_VARS      0x2095733f
-#define HASH_HTTP_POST_VARS     0xbfee1265
-#define HASH_HTTP_COOKIE_VARS   0xaaca9d99
-#define HASH_HTTP_ENV_VARS      0x1fe186a8
-#define HASH_HTTP_SERVER_VARS   0xc987afd6
-#define HASH_HTTP_SESSION_VARS  0x7aba0d43
-#define HASH_HTTP_POST_FILES    0x98eb1ddc
-#define HASH_HTTP_RAW_POST_DATA 0xdd633fec
-#else
-#define HASH_HTTP_GET_VARS      0x8d8645bd
-#define HASH_HTTP_POST_VARS     0x7c699bf3
-#define HASH_HTTP_COOKIE_VARS   0x93ad0d6f
-#define HASH_HTTP_ENV_VARS      0x84da3016
-#define HASH_HTTP_SERVER_VARS   0x6dbf964e
-#define HASH_HTTP_SESSION_VARS  0x322906f5
-#define HASH_HTTP_POST_FILES    0xe4e4ce70
-#define HASH_HTTP_RAW_POST_DATA 0xe6137a0e
-#endif
-
 
 /* {{{ normalize_varname
  */
@@ -209,26 +189,26 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
         HashTable *svars;
         int retval, failure=0;
         
-        orig_register_server_variables(track_vars_array TSRMLS_CC);
+		orig_register_server_variables(track_vars_array TSRMLS_CC);
 
         svars = Z_ARRVAL_P(track_vars_array);
         
 	if (!SUHOSIN_G(simulation)) {
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"), HASH_HTTP_GET_VARS, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"));
+    		if (retval == SUCCESS) failure = 1;
+    		retval = zend_hash_del(svars, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"));
     		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS"), HASH_HTTP_POST_VARS, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"));
     		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS"), HASH_HTTP_COOKIE_VARS, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"));
     		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS"), HASH_HTTP_ENV_VARS, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"));
     		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS"), HASH_HTTP_SERVER_VARS, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS"));
     		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS"), HASH_HTTP_SESSION_VARS, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"));
     		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES"), HASH_HTTP_POST_FILES, HASH_DEL_INDEX);
-		if (retval == SUCCESS) failure = 1;
-    		retval = zend_hash_del_key_or_index(svars, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA"), HASH_HTTP_RAW_POST_DATA, HASH_DEL_INDEX);
+    		retval = zend_hash_del(svars, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA"));
     		if (retval == SUCCESS) failure = 1;
 	} else {
 		retval = zend_hash_exists(svars, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS"));
-- 
cgit v1.3