summaryrefslogtreecommitdiff
path: root/ifilter.c
diff options
context:
space:
mode:
authorBen Fuhrmannek2016-02-19 11:20:59 +0100
committerBen Fuhrmannek2016-02-19 11:20:59 +0100
commit477b70127027407a7957690f24d5f857ca311de9 (patch)
treed23373fd82025eabea5b6cfd5d95c439e850f160 /ifilter.c
parenteebffdb4e6fb1d62d64f3de96cfee62f39f8448e (diff)
some input filter support
Diffstat (limited to '')
-rw-r--r--ifilter.c156
1 files changed, 53 insertions, 103 deletions
diff --git a/ifilter.c b/ifilter.c
index 627fdbd..c75abe8 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -3,7 +3,7 @@
3 | Suhosin Version 1 | 3 | Suhosin Version 1 |
4 +----------------------------------------------------------------------+ 4 +----------------------------------------------------------------------+
5 | Copyright (c) 2006-2007 The Hardened-PHP Project | 5 | Copyright (c) 2006-2007 The Hardened-PHP Project |
6 | Copyright (c) 2007-2015 SektionEins GmbH | 6 | Copyright (c) 2007-2016 SektionEins GmbH |
7 +----------------------------------------------------------------------+ 7 +----------------------------------------------------------------------+
8 | This source file is subject to version 3.01 of the PHP license, | 8 | This source file is subject to version 3.01 of the PHP license, |
9 | that is bundled with this package in the file LICENSE, and is | 9 | that is bundled with this package in the file LICENSE, and is |
@@ -13,7 +13,8 @@
13 | obtain it through the world-wide-web, please send a note to | 13 | obtain it through the world-wide-web, please send a note to |
14 | license@php.net so we can mail you a copy immediately. | 14 | license@php.net so we can mail you a copy immediately. |
15 +----------------------------------------------------------------------+ 15 +----------------------------------------------------------------------+
16 | Author: Stefan Esser <sesser@sektioneins.de> | 16 | Authors: Stefan Esser <sesser@sektioneins.de> |
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
17 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
18*/ 19*/
19/* 20/*
@@ -156,6 +157,7 @@ static void suhosin_server_strip(HashTable *arr, char *key, int klen)
156 } 157 }
157 158
158 t = (unsigned char *)Z_STRVAL_P(zv); 159 t = (unsigned char *)Z_STRVAL_P(zv);
160 // SDEBUG()
159 for (; *t; t++) { 161 for (; *t; t++) {
160 if (suhosin_is_dangerous_char[*t]) { 162 if (suhosin_is_dangerous_char[*t]) {
161 *t = '?'; 163 *t = '?';
@@ -205,7 +207,10 @@ static void suhosin_server_encode(HashTable *arr, char *key, int klen)
205 *n = 0; 207 *n = 0;
206 208
207 zend_string *zs = zend_string_extend(Z_STR_P(zv), dest_len, 0); 209 zend_string *zs = zend_string_extend(Z_STR_P(zv), dest_len, 0);
208 memcpy(Z_STR_P(zv), dest, dest_len); 210 memcpy(ZSTR_VAL(zs), dest, dest_len);
211 ZSTR_LEN(zs) = dest_len-1;
212 zend_string_forget_hash_val(zs);
213 Z_STR_P(zv) = zs;
209} 214}
210/* }}} */ 215/* }}} */
211 216
@@ -287,17 +292,20 @@ unsigned int (*old_input_filter)(int arg, char *var, char **val, size_t val_len,
287 */ 292 */
288unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len) 293unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
289{ 294{
290 zend_bool already_scanned = SUHOSIN7_G(already_scanned); 295 // zend_bool already_scanned = SUHOSIN7_G(already_scanned);
291 SUHOSIN7_G(already_scanned) = 0; 296 // SUHOSIN7_G(already_scanned) = 0;
297 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d already_scanned=%d", arg, var, SUHOSIN7_G(do_not_scan), already_scanned);
298 SDEBUG("ifilter arg=%d var=%s do_not_scan=%d", arg, var, SUHOSIN7_G(do_not_scan));
292 299
293 if (SUHOSIN7_G(do_not_scan)) { 300 if (SUHOSIN7_G(do_not_scan)) {
301 SDEBUG("do_not_scan");
294 if (new_val_len) { 302 if (new_val_len) {
295 *new_val_len = val_len; 303 *new_val_len = val_len;
296 } 304 }
297 return 1; 305 return 1;
298 } 306 }
299 307
300 if (!already_scanned) { 308 // if (!already_scanned) {
301 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) { 309 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) {
302 SUHOSIN7_G(abort_request)=1; 310 SUHOSIN7_G(abort_request)=1;
303 return 0; 311 return 0;
@@ -305,7 +313,7 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t
305 if (new_val_len) { 313 if (new_val_len) {
306 val_len = *new_val_len; 314 val_len = *new_val_len;
307 } 315 }
308 } 316 // }
309 if (old_input_filter) { 317 if (old_input_filter) {
310 return old_input_filter(arg, var, val, val_len, new_val_len); 318 return old_input_filter(arg, var, val, val_len, new_val_len);
311 } else { 319 } else {
@@ -317,11 +325,12 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t
317 */ 325 */
318unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len, size_t *new_val_len) 326unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
319{ 327{
328 SDEBUG("%s=%s arg=%d", var, *val, arg);
320 char *index, *prev_index = NULL; 329 char *index, *prev_index = NULL;
321 unsigned int var_len, total_len, depth = 0; 330 unsigned int var_len, total_len, depth = 0;
322 331
323 /* Mark that we were called */ 332 /* Mark that we were called */
324 SUHOSIN7_G(already_scanned) = 1; 333 // SUHOSIN7_G(already_scanned) = 1;
325 334
326 if (new_val_len) { 335 if (new_val_len) {
327 *new_val_len = 0; 336 *new_val_len = 0;
@@ -363,7 +372,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
363 if (SUHOSIN7_G(max_get_vars) && SUHOSIN7_G(max_get_vars) <= SUHOSIN7_G(cur_get_vars)) { 372 if (SUHOSIN7_G(max_get_vars) && SUHOSIN7_G(max_get_vars) <= SUHOSIN7_G(cur_get_vars)) {
364 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var); 373 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var);
365 if (!SUHOSIN7_G(simulation)) { 374 if (!SUHOSIN7_G(simulation)) {
366 SUHOSIN7_G(no_more_get_variables) = 1; 375 SUHOSIN7_G(no_more_get_variables) = 1;
367 return 0; 376 return 0;
368 } 377 }
369 } 378 }
@@ -372,7 +381,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
372 if (SUHOSIN7_G(max_cookie_vars) && SUHOSIN7_G(max_cookie_vars) <= SUHOSIN7_G(cur_cookie_vars)) { 381 if (SUHOSIN7_G(max_cookie_vars) && SUHOSIN7_G(max_cookie_vars) <= SUHOSIN7_G(cur_cookie_vars)) {
373 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var); 382 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var);
374 if (!SUHOSIN7_G(simulation)) { 383 if (!SUHOSIN7_G(simulation)) {
375 SUHOSIN7_G(no_more_cookie_variables) = 1; 384 SUHOSIN7_G(no_more_cookie_variables) = 1;
376 return 0; 385 return 0;
377 } 386 }
378 } 387 }
@@ -389,71 +398,58 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
389 } 398 }
390 399
391 /* Drop this variable if it begins with whitespace which is disallowed */ 400 /* Drop this variable if it begins with whitespace which is disallowed */
401 // SDEBUG("checking '%c'", *var);
392 if (isspace(*var)) { 402 if (isspace(*var)) {
403 SDEBUG("is WS");
393 if (SUHOSIN7_G(disallow_ws)) { 404 if (SUHOSIN7_G(disallow_ws)) {
394 suhosin_log(S_VARS, "request variable name begins with disallowed whitespace - dropped variable '%s'", var); 405 suhosin_log(S_VARS, "request variable name begins with disallowed whitespace - dropped variable '%s'", var);
395 if (!SUHOSIN7_G(simulation)) { 406 if (!SUHOSIN7_G(simulation)) { return 0; }
396 return 0;
397 }
398 } 407 }
399 switch (arg) { 408 switch (arg) {
400 case PARSE_GET: 409 case PARSE_GET:
401 if (SUHOSIN7_G(disallow_get_ws)) { 410 if (SUHOSIN7_G(disallow_get_ws)) {
402 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var); 411 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var);
403 if (!SUHOSIN7_G(simulation)) { 412 if (!SUHOSIN7_G(simulation)) { return 0; }
404 return 0;
405 }
406 } 413 }
407 break; 414 break;
408 case PARSE_POST: 415 case PARSE_POST:
409 if (SUHOSIN7_G(disallow_post_ws)) { 416 if (SUHOSIN7_G(disallow_post_ws)) {
410 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var); 417 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var);
411 if (!SUHOSIN7_G(simulation)) { 418 if (!SUHOSIN7_G(simulation)) { return 0; }
412 return 0;
413 }
414 } 419 }
415 break; 420 break;
416 case PARSE_COOKIE: 421 case PARSE_COOKIE:
417 if (SUHOSIN7_G(disallow_cookie_ws)) { 422 if (SUHOSIN7_G(disallow_cookie_ws)) {
418 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var); 423 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var);
419 if (!SUHOSIN7_G(simulation)) { 424 if (!SUHOSIN7_G(simulation)) { return 0; }
420 return 0;
421 }
422 } 425 }
423 break; 426 break;
424 } 427 }
425 } 428 }
429 // else { SDEBUG("not WS");}
426 430
427 /* Drop this variable if it exceeds the value length limit */ 431 /* Drop this variable if it exceeds the value length limit */
428 if (SUHOSIN7_G(max_value_length) && SUHOSIN7_G(max_value_length) < val_len) { 432 if (SUHOSIN7_G(max_value_length) && SUHOSIN7_G(max_value_length) < val_len) {
429 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var); 433 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var);
430 if (!SUHOSIN7_G(simulation)) { 434 if (!SUHOSIN7_G(simulation)) { return 0; }
431 return 0;
432 }
433 } 435 }
434 switch (arg) { 436 switch (arg) {
435 case PARSE_GET: 437 case PARSE_GET:
436 if (SUHOSIN7_G(max_get_value_length) && SUHOSIN7_G(max_get_value_length) < val_len) { 438 if (SUHOSIN7_G(max_get_value_length) && SUHOSIN7_G(max_get_value_length) < val_len) {
437 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var); 439 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var);
438 if (!SUHOSIN7_G(simulation)) { 440 if (!SUHOSIN7_G(simulation)) { return 0; }
439 return 0;
440 }
441 } 441 }
442 break; 442 break;
443 case PARSE_COOKIE: 443 case PARSE_COOKIE:
444 if (SUHOSIN7_G(max_cookie_value_length) && SUHOSIN7_G(max_cookie_value_length) < val_len) { 444 if (SUHOSIN7_G(max_cookie_value_length) && SUHOSIN7_G(max_cookie_value_length) < val_len) {
445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var); 445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var);
446 if (!SUHOSIN7_G(simulation)) { 446 if (!SUHOSIN7_G(simulation)) { return 0; }
447 return 0;
448 }
449 } 447 }
450 break; 448 break;
451 case PARSE_POST: 449 case PARSE_POST:
452 if (SUHOSIN7_G(max_post_value_length) && SUHOSIN7_G(max_post_value_length) < val_len) { 450 if (SUHOSIN7_G(max_post_value_length) && SUHOSIN7_G(max_post_value_length) < val_len) {
453 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var); 451 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var);
454 if (!SUHOSIN7_G(simulation)) { 452 if (!SUHOSIN7_G(simulation)) { return 0; }
455 return 0;
456 }
457 } 453 }
458 break; 454 break;
459 } 455 }
@@ -469,57 +465,41 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
469 /* Drop this variable if it exceeds the varname/total length limit */ 465 /* Drop this variable if it exceeds the varname/total length limit */
470 if (SUHOSIN7_G(max_varname_length) && SUHOSIN7_G(max_varname_length) < var_len) { 466 if (SUHOSIN7_G(max_varname_length) && SUHOSIN7_G(max_varname_length) < var_len) {
471 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var); 467 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var);
472 if (!SUHOSIN7_G(simulation)) { 468 if (!SUHOSIN7_G(simulation)) { return 0; }
473 return 0;
474 }
475 } 469 }
476 if (SUHOSIN7_G(max_totalname_length) && SUHOSIN7_G(max_totalname_length) < total_len) { 470 if (SUHOSIN7_G(max_totalname_length) && SUHOSIN7_G(max_totalname_length) < total_len) {
477 suhosin_log(S_VARS, "configured request variable total name length limit exceeded - dropped variable '%s'", var); 471 suhosin_log(S_VARS, "configured request variable total name length limit exceeded - dropped variable '%s'", var);
478 if (!SUHOSIN7_G(simulation)) { 472 if (!SUHOSIN7_G(simulation)) { return 0; }
479 return 0;
480 }
481 } 473 }
482 switch (arg) { 474 switch (arg) {
483 case PARSE_GET: 475 case PARSE_GET:
484 if (SUHOSIN7_G(max_get_name_length) && SUHOSIN7_G(max_get_name_length) < var_len) { 476 if (SUHOSIN7_G(max_get_name_length) && SUHOSIN7_G(max_get_name_length) < var_len) {
485 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var); 477 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var);
486 if (!SUHOSIN7_G(simulation)) { 478 if (!SUHOSIN7_G(simulation)) { return 0; }
487 return 0;
488 }
489 } 479 }
490 if (SUHOSIN7_G(max_get_totalname_length) && SUHOSIN7_G(max_get_totalname_length) < total_len) { 480 if (SUHOSIN7_G(max_get_totalname_length) && SUHOSIN7_G(max_get_totalname_length) < total_len) {
491 suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var); 481 suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var);
492 if (!SUHOSIN7_G(simulation)) { 482 if (!SUHOSIN7_G(simulation)) { return 0; }
493 return 0;
494 }
495 } 483 }
496 break; 484 break;
497 case PARSE_COOKIE: 485 case PARSE_COOKIE:
498 if (SUHOSIN7_G(max_cookie_name_length) && SUHOSIN7_G(max_cookie_name_length) < var_len) { 486 if (SUHOSIN7_G(max_cookie_name_length) && SUHOSIN7_G(max_cookie_name_length) < var_len) {
499 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var); 487 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var);
500 if (!SUHOSIN7_G(simulation)) { 488 if (!SUHOSIN7_G(simulation)) { return 0; }
501 return 0;
502 }
503 } 489 }
504 if (SUHOSIN7_G(max_cookie_totalname_length) && SUHOSIN7_G(max_cookie_totalname_length) < total_len) { 490 if (SUHOSIN7_G(max_cookie_totalname_length) && SUHOSIN7_G(max_cookie_totalname_length) < total_len) {
505 suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var); 491 suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var);
506 if (!SUHOSIN7_G(simulation)) { 492 if (!SUHOSIN7_G(simulation)) { return 0; }
507 return 0;
508 }
509 } 493 }
510 break; 494 break;
511 case PARSE_POST: 495 case PARSE_POST:
512 if (SUHOSIN7_G(max_post_name_length) && SUHOSIN7_G(max_post_name_length) < var_len) { 496 if (SUHOSIN7_G(max_post_name_length) && SUHOSIN7_G(max_post_name_length) < var_len) {
513 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var); 497 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var);
514 if (!SUHOSIN7_G(simulation)) { 498 if (!SUHOSIN7_G(simulation)) { return 0; }
515 return 0;
516 }
517 } 499 }
518 if (SUHOSIN7_G(max_post_totalname_length) && SUHOSIN7_G(max_post_totalname_length) < total_len) { 500 if (SUHOSIN7_G(max_post_totalname_length) && SUHOSIN7_G(max_post_totalname_length) < total_len) {
519 suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var); 501 suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var);
520 if (!SUHOSIN7_G(simulation)) { 502 if (!SUHOSIN7_G(simulation)) { return 0; }
521 return 0;
522 }
523 } 503 }
524 break; 504 break;
525 } 505 }
@@ -545,33 +525,25 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
545 /* max. array index length */ 525 /* max. array index length */
546 if (SUHOSIN7_G(max_array_index_length) && SUHOSIN7_G(max_array_index_length) < index_length) { 526 if (SUHOSIN7_G(max_array_index_length) && SUHOSIN7_G(max_array_index_length) < index_length) {
547 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var); 527 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var);
548 if (!SUHOSIN7_G(simulation)) { 528 if (!SUHOSIN7_G(simulation)) { return 0; }
549 return 0;
550 }
551 } 529 }
552 switch (arg) { 530 switch (arg) {
553 case PARSE_GET: 531 case PARSE_GET:
554 if (SUHOSIN7_G(max_get_array_index_length) && SUHOSIN7_G(max_get_array_index_length) < index_length) { 532 if (SUHOSIN7_G(max_get_array_index_length) && SUHOSIN7_G(max_get_array_index_length) < index_length) {
555 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var); 533 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var);
556 if (!SUHOSIN7_G(simulation)) { 534 if (!SUHOSIN7_G(simulation)) { return 0; }
557 return 0;
558 }
559 } 535 }
560 break; 536 break;
561 case PARSE_COOKIE: 537 case PARSE_COOKIE:
562 if (SUHOSIN7_G(max_cookie_array_index_length) && SUHOSIN7_G(max_cookie_array_index_length) < index_length) { 538 if (SUHOSIN7_G(max_cookie_array_index_length) && SUHOSIN7_G(max_cookie_array_index_length) < index_length) {
563 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var); 539 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var);
564 if (!SUHOSIN7_G(simulation)) { 540 if (!SUHOSIN7_G(simulation)) { return 0; }
565 return 0;
566 }
567 } 541 }
568 break; 542 break;
569 case PARSE_POST: 543 case PARSE_POST:
570 if (SUHOSIN7_G(max_post_array_index_length) && SUHOSIN7_G(max_post_array_index_length) < index_length) { 544 if (SUHOSIN7_G(max_post_array_index_length) && SUHOSIN7_G(max_post_array_index_length) < index_length) {
571 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var); 545 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var);
572 if (!SUHOSIN7_G(simulation)) { 546 if (!SUHOSIN7_G(simulation)) { return 0; }
573 return 0;
574 }
575 } 547 }
576 break; 548 break;
577 } 549 }
@@ -580,16 +552,12 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
580 if (SUHOSIN7_G(array_index_whitelist) && *(SUHOSIN7_G(array_index_whitelist))) { 552 if (SUHOSIN7_G(array_index_whitelist) && *(SUHOSIN7_G(array_index_whitelist))) {
581 if (suhosin_strnspn(index, index_length, SUHOSIN7_G(array_index_whitelist)) != index_length) { 553 if (suhosin_strnspn(index, index_length, SUHOSIN7_G(array_index_whitelist)) != index_length) {
582 suhosin_log(S_VARS, "array index contains not whitelisted characters - dropped variable '%s'", var); 554 suhosin_log(S_VARS, "array index contains not whitelisted characters - dropped variable '%s'", var);
583 if (!SUHOSIN7_G(simulation)) { 555 if (!SUHOSIN7_G(simulation)) { return 0; }
584 return 0;
585 }
586 } 556 }
587 } else if (SUHOSIN7_G(array_index_blacklist) && *(SUHOSIN7_G(array_index_blacklist))) { 557 } else if (SUHOSIN7_G(array_index_blacklist) && *(SUHOSIN7_G(array_index_blacklist))) {
588 if (suhosin_strncspn(index, index_length, SUHOSIN7_G(array_index_blacklist)) != index_length) { 558 if (suhosin_strncspn(index, index_length, SUHOSIN7_G(array_index_blacklist)) != index_length) {
589 suhosin_log(S_VARS, "array index contains blacklisted characters - dropped variable '%s'", var); 559 suhosin_log(S_VARS, "array index contains blacklisted characters - dropped variable '%s'", var);
590 if (!SUHOSIN7_G(simulation)) { 560 if (!SUHOSIN7_G(simulation)) { return 0; }
591 return 0;
592 }
593 } 561 }
594 } 562 }
595 563
@@ -599,33 +567,25 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
599 /* Drop this variable if it exceeds the array depth limit */ 567 /* Drop this variable if it exceeds the array depth limit */
600 if (SUHOSIN7_G(max_array_depth) && SUHOSIN7_G(max_array_depth) < depth) { 568 if (SUHOSIN7_G(max_array_depth) && SUHOSIN7_G(max_array_depth) < depth) {
601 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var); 569 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var);
602 if (!SUHOSIN7_G(simulation)) { 570 if (!SUHOSIN7_G(simulation)) { return 0; }
603 return 0;
604 }
605 } 571 }
606 switch (arg) { 572 switch (arg) {
607 case PARSE_GET: 573 case PARSE_GET:
608 if (SUHOSIN7_G(max_get_array_depth) && SUHOSIN7_G(max_get_array_depth) < depth) { 574 if (SUHOSIN7_G(max_get_array_depth) && SUHOSIN7_G(max_get_array_depth) < depth) {
609 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var); 575 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var);
610 if (!SUHOSIN7_G(simulation)) { 576 if (!SUHOSIN7_G(simulation)) { return 0; }
611 return 0;
612 }
613 } 577 }
614 break; 578 break;
615 case PARSE_COOKIE: 579 case PARSE_COOKIE:
616 if (SUHOSIN7_G(max_cookie_array_depth) && SUHOSIN7_G(max_cookie_array_depth) < depth) { 580 if (SUHOSIN7_G(max_cookie_array_depth) && SUHOSIN7_G(max_cookie_array_depth) < depth) {
617 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var); 581 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var);
618 if (!SUHOSIN7_G(simulation)) { 582 if (!SUHOSIN7_G(simulation)) { return 0; }
619 return 0;
620 }
621 } 583 }
622 break; 584 break;
623 case PARSE_POST: 585 case PARSE_POST:
624 if (SUHOSIN7_G(max_post_array_depth) && SUHOSIN7_G(max_post_array_depth) < depth) { 586 if (SUHOSIN7_G(max_post_array_depth) && SUHOSIN7_G(max_post_array_depth) < depth) {
625 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var); 587 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var);
626 if (!SUHOSIN7_G(simulation)) { 588 if (!SUHOSIN7_G(simulation)) { return 0; }
627 return 0;
628 }
629 } 589 }
630 break; 590 break;
631 } 591 }
@@ -636,33 +596,25 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
636 596
637 if (SUHOSIN7_G(disallow_nul)) { 597 if (SUHOSIN7_G(disallow_nul)) {
638 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var); 598 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var);
639 if (!SUHOSIN7_G(simulation)) { 599 if (!SUHOSIN7_G(simulation)) { return 0; }
640 return 0;
641 }
642 } 600 }
643 switch (arg) { 601 switch (arg) {
644 case PARSE_GET: 602 case PARSE_GET:
645 if (SUHOSIN7_G(disallow_get_nul)) { 603 if (SUHOSIN7_G(disallow_get_nul)) {
646 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var); 604 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var);
647 if (!SUHOSIN7_G(simulation)) { 605 if (!SUHOSIN7_G(simulation)) { return 0; }
648 return 0;
649 }
650 } 606 }
651 break; 607 break;
652 case PARSE_COOKIE: 608 case PARSE_COOKIE:
653 if (SUHOSIN7_G(disallow_cookie_nul)) { 609 if (SUHOSIN7_G(disallow_cookie_nul)) {
654 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var); 610 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var);
655 if (!SUHOSIN7_G(simulation)) { 611 if (!SUHOSIN7_G(simulation)) { return 0; }
656 return 0;
657 }
658 } 612 }
659 break; 613 break;
660 case PARSE_POST: 614 case PARSE_POST:
661 if (SUHOSIN7_G(disallow_post_nul)) { 615 if (SUHOSIN7_G(disallow_post_nul)) {
662 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var); 616 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var);
663 if (!SUHOSIN7_G(simulation)) { 617 if (!SUHOSIN7_G(simulation)) { return 0; }
664 return 0;
665 }
666 } 618 }
667 break; 619 break;
668 } 620 }
@@ -672,9 +624,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
672 /* This is to protect several silly scripts that do globalizing themself */ 624 /* This is to protect several silly scripts that do globalizing themself */
673 if (suhosin_is_protected_varname(var, var_len)) { 625 if (suhosin_is_protected_varname(var, var_len)) {
674 suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE"); 626 suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE");
675 if (!SUHOSIN7_G(simulation)) { 627 if (!SUHOSIN7_G(simulation)) { return 0; }
676 return 0;
677 }
678 } 628 }
679 629
680 /* Okay let PHP register this variable */ 630 /* Okay let PHP register this variable */