From dd270c094df080ff8438d29e14ec1bbffe0ca993 Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Fri, 11 Jul 2014 16:15:21 +0200
Subject: remove_binary and disallow_binary allow utf-8. +testcases

---
 .../suhosin_upload_disallow_binary_utf8.phpt       |  43 +++++++++++++++++++++
 tests/filter/suhosin_upload_remove_binary.phpt     | Bin 0 -> 796 bytes
 .../filter/suhosin_upload_remove_binary_utf8.phpt  |  31 +++++++++++++++
 3 files changed, 74 insertions(+)
 create mode 100644 tests/filter/suhosin_upload_disallow_binary_utf8.phpt
 create mode 100644 tests/filter/suhosin_upload_remove_binary.phpt
 create mode 100644 tests/filter/suhosin_upload_remove_binary_utf8.phpt

(limited to 'tests')

diff --git a/tests/filter/suhosin_upload_disallow_binary_utf8.phpt b/tests/filter/suhosin_upload_disallow_binary_utf8.phpt
new file mode 100644
index 0000000..4661dc9
--- /dev/null
+++ b/tests/filter/suhosin_upload_disallow_binary_utf8.phpt
@@ -0,0 +1,43 @@
+--TEST--
+Testing: suhosin.upload.disallow_binary=On with UTF-8
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+file_uploads=1
+suhosin.upload.disallow_binary=On
+max_file_uploads=40
+suhosin.upload.max_uploads=40
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--COOKIE--
+--GET--
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=bound
+--bound
+Content-Disposition: form-data; name="test"; filename="test"
+
+Spaß am Gerät!
+
+--bound--
+--FILE--
+<?php
+var_dump($_FILES);
+?>
+--EXPECTF--
+array(1) {
+  ["test"]=>
+  array(5) {
+    ["name"]=>
+    string(4) "test"
+    ["type"]=>
+    string(0) ""
+    ["tmp_name"]=>
+    string(%d) "%s"
+    ["error"]=>
+    int(0)
+    ["size"]=>
+    int(17)
+  }
+}
diff --git a/tests/filter/suhosin_upload_remove_binary.phpt b/tests/filter/suhosin_upload_remove_binary.phpt
new file mode 100644
index 0000000..f4337d9
Binary files /dev/null and b/tests/filter/suhosin_upload_remove_binary.phpt differ
diff --git a/tests/filter/suhosin_upload_remove_binary_utf8.phpt b/tests/filter/suhosin_upload_remove_binary_utf8.phpt
new file mode 100644
index 0000000..2d10eaa
--- /dev/null
+++ b/tests/filter/suhosin_upload_remove_binary_utf8.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Testing: suhosin.upload.remove_binary=On with UTF-8
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+file_uploads=1
+suhosin.upload.disallow_binary=Off
+suhosin.upload.remove_binary=On
+max_file_uploads=40
+suhosin.upload.max_uploads=40
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--COOKIE--
+--GET--
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=bound
+--bound
+Content-Disposition: form-data; name="test"; filename="test"
+
+Spaß am Gerät!
+
+--bound--
+--FILE--
+<?php
+var_dump(file_get_contents($_FILES['test']['tmp_name']));
+?>
+--EXPECTF--
+string(17) "Spaß am Gerät!
+"
\ No newline at end of file
-- 
cgit v1.3


From 6bb8cdbbd56c09a6864b40ce21f9a87abd942305 Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Sat, 12 Jul 2014 09:25:28 +0200
Subject: introduced suhosin.upload.allow_utf8

---
 php_suhosin.h                                      |  1 +
 suhosin.c                                          |  1 +
 .../suhosin_upload_disallow_binary_utf8.phpt       |  1 +
 .../suhosin_upload_disallow_binary_utf8fail.phpt   | 45 ++++++++++++++++++++++
 .../filter/suhosin_upload_remove_binary_utf8.phpt  |  1 +
 .../suhosin_upload_remove_binary_utf8fail.phpt     | 32 +++++++++++++++
 ufilter.c                                          | 18 ++++-----
 7 files changed, 88 insertions(+), 11 deletions(-)
 create mode 100644 tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt
 create mode 100644 tests/filter/suhosin_upload_remove_binary_utf8fail.phpt

(limited to 'tests')

diff --git a/php_suhosin.h b/php_suhosin.h
index e5604a7..6d2ea80 100644
--- a/php_suhosin.h
+++ b/php_suhosin.h
@@ -150,6 +150,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin)
 	zend_bool  upload_disallow_elf;
 	zend_bool  upload_disallow_binary;
 	zend_bool  upload_remove_binary;
+	zend_bool  upload_allow_utf8;
 	char *upload_verification_script;
         
         zend_bool  no_more_variables;
diff --git a/suhosin.c b/suhosin.c
index 0d1eba0..f2533cb 100644
--- a/suhosin.c
+++ b/suhosin.c
@@ -986,6 +986,7 @@ PHP_INI_BEGIN()
         STD_PHP_INI_ENTRY("suhosin.upload.disallow_elf", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_elf, zend_suhosin_globals, suhosin_globals)
         STD_PHP_INI_ENTRY("suhosin.upload.disallow_binary", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_binary, zend_suhosin_globals, suhosin_globals)
         STD_PHP_INI_ENTRY("suhosin.upload.remove_binary", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_remove_binary, zend_suhosin_globals, suhosin_globals)
+        STD_PHP_INI_ENTRY("suhosin.upload.allow_utf8", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_allow_utf8, zend_suhosin_globals, suhosin_globals)
         STD_PHP_INI_ENTRY("suhosin.upload.verification_script", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadString, upload_verification_script, zend_suhosin_globals, suhosin_globals)
 
 
diff --git a/tests/filter/suhosin_upload_disallow_binary_utf8.phpt b/tests/filter/suhosin_upload_disallow_binary_utf8.phpt
index 4661dc9..557a8d5 100644
--- a/tests/filter/suhosin_upload_disallow_binary_utf8.phpt
+++ b/tests/filter/suhosin_upload_disallow_binary_utf8.phpt
@@ -7,6 +7,7 @@ suhosin.log.stdout=255
 suhosin.log.script=0
 file_uploads=1
 suhosin.upload.disallow_binary=On
+suhosin.upload.allow_utf8=On
 max_file_uploads=40
 suhosin.upload.max_uploads=40
 --SKIPIF--
diff --git a/tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt b/tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt
new file mode 100644
index 0000000..413d25a
--- /dev/null
+++ b/tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt
@@ -0,0 +1,45 @@
+--TEST--
+Testing: suhosin.upload.disallow_binary=On with UTF-8 and allow_utf8=Off
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+file_uploads=1
+suhosin.upload.disallow_binary=On
+suhosin.upload.allow_utf8=Off
+max_file_uploads=40
+suhosin.upload.max_uploads=40
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--COOKIE--
+--GET--
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=bound
+--bound
+Content-Disposition: form-data; name="test"; filename="test"
+
+Spaß am Gerät!
+
+--bound--
+--FILE--
+<?php
+var_dump($_FILES);
+?>
+--EXPECTF--
+array(1) {
+  ["test"]=>
+  array(5) {
+    ["name"]=>
+    string(4) "test"
+    ["type"]=>
+    string(0) ""
+    ["tmp_name"]=>
+    string(0) ""
+    ["error"]=>
+    int(8)
+    ["size"]=>
+    int(0)
+  }
+}
+ALERT - uploaded file contains binary data - file dropped (attacker 'REMOTE_ADDR not set', file '%s')
diff --git a/tests/filter/suhosin_upload_remove_binary_utf8.phpt b/tests/filter/suhosin_upload_remove_binary_utf8.phpt
index 2d10eaa..6fbd240 100644
--- a/tests/filter/suhosin_upload_remove_binary_utf8.phpt
+++ b/tests/filter/suhosin_upload_remove_binary_utf8.phpt
@@ -8,6 +8,7 @@ suhosin.log.script=0
 file_uploads=1
 suhosin.upload.disallow_binary=Off
 suhosin.upload.remove_binary=On
+suhosin.upload.allow_utf8=On
 max_file_uploads=40
 suhosin.upload.max_uploads=40
 --SKIPIF--
diff --git a/tests/filter/suhosin_upload_remove_binary_utf8fail.phpt b/tests/filter/suhosin_upload_remove_binary_utf8fail.phpt
new file mode 100644
index 0000000..5c31115
--- /dev/null
+++ b/tests/filter/suhosin_upload_remove_binary_utf8fail.phpt
@@ -0,0 +1,32 @@
+--TEST--
+Testing: suhosin.upload.remove_binary=On with UTF-8 and allow_utf8=Off
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+file_uploads=1
+suhosin.upload.disallow_binary=Off
+suhosin.upload.remove_binary=On
+suhosin.upload.allow_utf8=Off
+max_file_uploads=40
+suhosin.upload.max_uploads=40
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--COOKIE--
+--GET--
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=bound
+--bound
+Content-Disposition: form-data; name="test"; filename="test"
+
+Spaß am Gerät!
+
+--bound--
+--FILE--
+<?php
+var_dump(file_get_contents($_FILES['test']['tmp_name']));
+?>
+--EXPECTF--
+string(13) "Spa am Gert!
+"
\ No newline at end of file
diff --git a/ufilter.c b/ufilter.c
index 2eeed56..6d9669f 100644
--- a/ufilter.c
+++ b/ufilter.c
@@ -281,10 +281,10 @@ int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TS
 				int n;
 				cpend = mefd->data + mefd->length;
 				for (char *cp = mefd->data; cp < cpend; cp++) {
-					if (*cp >= 32) {
+					if (*cp >= 32 || isspace(*cp)) {
 						continue;
 					}
-					if (*cp & 0x80) {
+					if ((*cp & 0x80) && SUHOSIN_G(upload_allow_utf8)) {
 						SDEBUG("checking char %x", *cp);
 						if ((n = suhosin_validate_utf8_multibyte(cp))) { // valid UTF8 multibyte character
 							cp += n - 1;
@@ -292,16 +292,12 @@ int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TS
 						}
 					}
 					
-					if (!isspace(*cp)) {
-						suhosin_log(S_FILES, "uploaded file contains binary data - file dropped");
-						if (!SUHOSIN_G(simulation)) {
-							goto continue_with_failure;
-						}
-						break;
+					suhosin_log(S_FILES, "uploaded file contains binary data - file dropped");
+					if (!SUHOSIN_G(simulation)) {
+						goto continue_with_failure;
 					}
-
+					break;
 				}
-				
 			}
 
 			if (SUHOSIN_G(upload_remove_binary)) {
@@ -313,7 +309,7 @@ int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra TS
 				for (i=0, j=0; i<mefd->length; i++) {
 					if (mefd->data[i] >= 32 || isspace(mefd->data[i])) {
 						mefd->data[j++] = mefd->data[i];
-					} else if (mefd->data[i] & 0x80) {
+					} else if (SUHOSIN_G(upload_allow_utf8) && mefd->data[i] & 0x80) {
 						n = suhosin_validate_utf8_multibyte(mefd->data + i);
 						if (!n) { continue; }
 						while (n) {
-- 
cgit v1.3