diff options
| author | Ben Fuhrmannek | 2016-03-04 14:49:07 +0100 |
|---|---|---|
| committer | Ben Fuhrmannek | 2016-03-04 14:49:07 +0100 |
| commit | c46f6fdffade1aa4f544adc871650d3e1e360454 (patch) | |
| tree | 824e2bc60ee1f63dc6a02be628bb2fc8e9228562 /execute_ih.c | |
| parent | 3d8cc07c5af283289f62f0964f153804f2cc1862 (diff) | |
handler for function_exists
Diffstat (limited to 'execute_ih.c')
| -rw-r--r-- | execute_ih.c | 130 |
1 files changed, 71 insertions, 59 deletions
diff --git a/execute_ih.c b/execute_ih.c index a59e6c5..ff35a34 100644 --- a/execute_ih.c +++ b/execute_ih.c | |||
| @@ -8,7 +8,6 @@ S7_IH_FUNCTION(preg_replace) | |||
| 8 | { | 8 | { |
| 9 | zval *regex, *replace, *subject, *zcount = NULL; | 9 | zval *regex, *replace, *subject, *zcount = NULL; |
| 10 | zend_long limit = -1; | 10 | zend_long limit = -1; |
| 11 | // int replace_count; | ||
| 12 | 11 | ||
| 13 | #ifndef FAST_ZPP | 12 | #ifndef FAST_ZPP |
| 14 | /* Get function parameters and do error-checking. */ | 13 | /* Get function parameters and do error-checking. */ |
| @@ -69,18 +68,86 @@ S7_IH_FUNCTION(preg_replace) | |||
| 69 | S7_IH_FUNCTION(symlink) | 68 | S7_IH_FUNCTION(symlink) |
| 70 | { | 69 | { |
| 71 | if (SUHOSIN7_G(executor_allow_symlink)) { | 70 | if (SUHOSIN7_G(executor_allow_symlink)) { |
| 72 | return (0); | 71 | return SUCCESS; |
| 73 | } | 72 | } |
| 74 | 73 | ||
| 75 | if (PG(open_basedir) && PG(open_basedir)[0]) { | 74 | if (PG(open_basedir) && PG(open_basedir)[0]) { |
| 76 | suhosin_log(S_EXECUTOR, "symlink called during open_basedir"); | 75 | suhosin_log(S_EXECUTOR, "symlink called during open_basedir"); |
| 77 | if (!SUHOSIN7_G(simulation)) { | 76 | if (!SUHOSIN7_G(simulation)) { |
| 78 | RETVAL_FALSE; | 77 | RETVAL_FALSE; |
| 79 | return (1); | 78 | return FAILURE; |
| 80 | } | 79 | } |
| 81 | } | 80 | } |
| 82 | 81 | ||
| 83 | return (0); | 82 | return SUCCESS; |
| 83 | } | ||
| 84 | |||
| 85 | S7_IH_FUNCTION(function_exists) | ||
| 86 | { | ||
| 87 | zend_string *name; | ||
| 88 | zend_string *lcname; | ||
| 89 | |||
| 90 | #ifndef FAST_ZPP | ||
| 91 | if (zend_parse_parameters(ZEND_NUM_ARGS(), "S", &name) == FAILURE) { | ||
| 92 | return FAILURE; | ||
| 93 | } | ||
| 94 | #else | ||
| 95 | ZEND_PARSE_PARAMETERS_START(1, 1) | ||
| 96 | Z_PARAM_STR(name) | ||
| 97 | ZEND_PARSE_PARAMETERS_END_EX(return FAILURE); | ||
| 98 | #endif | ||
| 99 | |||
| 100 | if (ZSTR_VAL(name)[0] == '\\') { | ||
| 101 | /* Ignore leading "\" */ | ||
| 102 | lcname = zend_string_alloc(ZSTR_LEN(name) - 1, 0); | ||
| 103 | zend_str_tolower_copy(ZSTR_VAL(lcname), ZSTR_VAL(name) + 1, ZSTR_LEN(name) - 1); | ||
| 104 | } else { | ||
| 105 | lcname = zend_string_tolower(name); | ||
| 106 | } | ||
| 107 | |||
| 108 | zend_function *func = zend_hash_find_ptr(EG(function_table), lcname); | ||
| 109 | |||
| 110 | /* | ||
| 111 | * A bit of a hack, but not a bad one: we see if the handler of the function | ||
| 112 | * is actually one that displays "function is disabled" message. | ||
| 113 | */ | ||
| 114 | zend_bool retval = (func && (func->type != ZEND_INTERNAL_FUNCTION || | ||
| 115 | func->internal_function.handler != zif_display_disabled_function)); | ||
| 116 | if (retval == 0) { | ||
| 117 | goto function_exists_return; | ||
| 118 | } | ||
| 119 | |||
| 120 | /* Now check if function is forbidden by Suhosin */ | ||
| 121 | if (SUHOSIN7_G(in_code_type) == SUHOSIN_EVAL) { | ||
| 122 | if (SUHOSIN7_G(eval_whitelist) != NULL) { | ||
| 123 | if (!zend_hash_exists(SUHOSIN7_G(eval_whitelist), lcname)) { | ||
| 124 | retval = 0; | ||
| 125 | goto function_exists_return; | ||
| 126 | } | ||
| 127 | } else if (SUHOSIN7_G(eval_blacklist) != NULL) { | ||
| 128 | if (zend_hash_exists(SUHOSIN7_G(eval_blacklist), lcname)) { | ||
| 129 | retval = 0; | ||
| 130 | goto function_exists_return; | ||
| 131 | } | ||
| 132 | } | ||
| 133 | } | ||
| 134 | |||
| 135 | if (SUHOSIN7_G(func_whitelist) != NULL) { | ||
| 136 | if (!zend_hash_exists(SUHOSIN7_G(func_whitelist), lcname)) { | ||
| 137 | retval = 0; | ||
| 138 | goto function_exists_return; | ||
| 139 | } | ||
| 140 | } else if (SUHOSIN7_G(func_blacklist) != NULL) { | ||
| 141 | if (zend_hash_exists(SUHOSIN7_G(func_blacklist), lcname)) { | ||
| 142 | retval = 0; | ||
| 143 | goto function_exists_return; | ||
| 144 | } | ||
| 145 | } | ||
| 146 | |||
| 147 | function_exists_return: | ||
| 148 | zend_string_release(lcname); | ||
| 149 | RETVAL_BOOL(retval); | ||
| 150 | return FAILURE; | ||
| 84 | } | 151 | } |
| 85 | 152 | ||
| 86 | // int ih_mail(IH_HANDLER_PARAMS) | 153 | // int ih_mail(IH_HANDLER_PARAMS) |
| @@ -438,58 +505,3 @@ S7_IH_FUNCTION(symlink) | |||
| 438 | // } | 505 | // } |
| 439 | // | 506 | // |
| 440 | // | 507 | // |
| 441 | // static int ih_function_exists(IH_HANDLER_PARAMS) | ||
| 442 | // { | ||
| 443 | // zval **function_name; | ||
| 444 | // zend_function *func; | ||
| 445 | // char *lcname; | ||
| 446 | // zend_bool retval; | ||
| 447 | // int func_name_len; | ||
| 448 | // | ||
| 449 | // if (ZEND_NUM_ARGS()!=1 || zend_get_parameters_ex(1, &function_name)==FAILURE) { | ||
| 450 | // ZEND_WRONG_PARAM_COUNT_WITH_RETVAL(1); | ||
| 451 | // } | ||
| 452 | // convert_to_string_ex(function_name); | ||
| 453 | // func_name_len = Z_STRLEN_PP(function_name); | ||
| 454 | // lcname = estrndup(Z_STRVAL_PP(function_name), func_name_len); | ||
| 455 | // zend_str_tolower(lcname, func_name_len); | ||
| 456 | // | ||
| 457 | // retval = (zend_hash_find(EG(function_table), lcname, func_name_len+1, (void **)&func) == SUCCESS); | ||
| 458 | // | ||
| 459 | // /* | ||
| 460 | // * A bit of a hack, but not a bad one: we see if the handler of the function | ||
| 461 | // * is actually one that displays "function is disabled" message. | ||
| 462 | // */ | ||
| 463 | // if (retval && func->type == ZEND_INTERNAL_FUNCTION && | ||
| 464 | // func->internal_function.handler == zif_display_disabled_function) { | ||
| 465 | // retval = 0; | ||
| 466 | // } | ||
| 467 | // | ||
| 468 | // /* Now check if function is forbidden by Suhosin */ | ||
| 469 | // if (SUHOSIN7_G(in_code_type) == SUHOSIN_EVAL) { | ||
| 470 | // if (SUHOSIN7_G(eval_whitelist) != NULL) { | ||
| 471 | // if (!zend_hash_exists(SUHOSIN7_G(eval_whitelist), lcname, func_name_len+1)) { | ||
| 472 | // retval = 0; | ||
| 473 | // } | ||
| 474 | // } else if (SUHOSIN7_G(eval_blacklist) != NULL) { | ||
| 475 | // if (zend_hash_exists(SUHOSIN7_G(eval_blacklist), lcname, func_name_len+1)) { | ||
| 476 | // retval = 0; | ||
| 477 | // } | ||
| 478 | // } | ||
| 479 | // } | ||
| 480 | // | ||
| 481 | // if (SUHOSIN7_G(func_whitelist) != NULL) { | ||
| 482 | // if (!zend_hash_exists(SUHOSIN7_G(func_whitelist), lcname, func_name_len+1)) { | ||
| 483 | // retval = 0; | ||
| 484 | // } | ||
| 485 | // } else if (SUHOSIN7_G(func_blacklist) != NULL) { | ||
| 486 | // if (zend_hash_exists(SUHOSIN7_G(func_blacklist), lcname, func_name_len+1)) { | ||
| 487 | // retval = 0; | ||
| 488 | // } | ||
| 489 | // } | ||
| 490 | // | ||
| 491 | // efree(lcname); | ||
| 492 | // | ||
| 493 | // RETVAL_BOOL(retval); | ||
| 494 | // return (1); | ||
| 495 | // } | ||