summaryrefslogtreecommitdiff
path: root/ifilter.c
diff options
context:
space:
mode:
authorBen Fuhrmannek2016-02-24 00:36:35 +0100
committerBen Fuhrmannek2016-02-24 00:36:35 +0100
commit346455c6b5716c8ce095235428614e15c0adf13e (patch)
treeaaa648869e88287ed34c6d36cc06474d062b4b32 /ifilter.c
parent35b7c9a0e3f8a0daf1718a8ba9889a2aec24dc84 (diff)
cookie encryption
Diffstat (limited to 'ifilter.c')
-rw-r--r--ifilter.c90
1 files changed, 48 insertions, 42 deletions
diff --git a/ifilter.c b/ifilter.c
index 3cbbc4e..5f55710 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -41,7 +41,7 @@ static size_t strnlen(const char *s, size_t maxlen) {
41} 41}
42#endif 42#endif
43 43
44size_t suhosin_strnspn(const char *input, size_t n, const char *accept) 44static size_t suhosin_strnspn(const char *input, size_t n, const char *accept)
45{ 45{
46 size_t count = 0; 46 size_t count = 0;
47 for (; *input != '\0' && count < n; input++, count++) { 47 for (; *input != '\0' && count < n; input++, count++) {
@@ -51,7 +51,7 @@ size_t suhosin_strnspn(const char *input, size_t n, const char *accept)
51 return count; 51 return count;
52} 52}
53 53
54size_t suhosin_strncspn(const char *input, size_t n, const char *reject) 54static size_t suhosin_strncspn(const char *input, size_t n, const char *reject)
55{ 55{
56 size_t count = 0; 56 size_t count = 0;
57 for (; *input != '\0' && count < n; input++, count++) { 57 for (; *input != '\0' && count < n; input++, count++) {
@@ -62,9 +62,9 @@ size_t suhosin_strncspn(const char *input, size_t n, const char *reject)
62} 62}
63 63
64 64
65/* {{{ normalize_varname 65/* {{{ suhosin_normalize_varname
66 */ 66 */
67void normalize_varname(char *varname) 67void suhosin_normalize_varname(char *varname)
68{ 68{
69 char *s=varname, *index=NULL, *indexend=NULL, *p; 69 char *s=varname, *index=NULL, *indexend=NULL, *p;
70 70
@@ -285,46 +285,11 @@ void suhosin_register_server_variables(zval *track_vars_array)
285 285
286 286
287/* Old Input filter */ 287/* Old Input filter */
288// unsigned int (*old_input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len) = NULL; 288static SAPI_INPUT_FILTER_FUNC((*orig_input_filter)) = NULL;
289unsigned int (*old_input_filter)(int arg, char *var, char **val, size_t val_len, size_t *new_val_len);
290
291/* {{{ suhosin_input_filter_wrapper
292 */
293unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
294{
295 // zend_bool already_scanned = SUHOSIN7_G(already_scanned);
296 // SUHOSIN7_G(already_scanned) = 0;
297 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d already_scanned=%d", arg, var, SUHOSIN7_G(do_not_scan), already_scanned);
298 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d", arg, var, SUHOSIN7_G(do_not_scan));
299 SDEBUG("ifilter arg=%d var=%s", arg, var);
300
301 // if (SUHOSIN7_G(do_not_scan)) {
302 // SDEBUG("do_not_scan");
303 // if (new_val_len) {
304 // *new_val_len = val_len;
305 // }
306 // return 1;
307 // }
308
309 // if (!already_scanned) {
310 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) {
311 SUHOSIN7_G(abort_request)=1;
312 return 0;
313 }
314 if (new_val_len) {
315 val_len = *new_val_len;
316 }
317 // }
318 if (old_input_filter) {
319 return old_input_filter(arg, var, val, val_len, new_val_len);
320 } else {
321 return 1;
322 }
323}
324 289
325/* {{{ suhosin_input_filter 290/* {{{ suhosin_input_filter
326 */ 291 */
327unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len, size_t *new_val_len) 292static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
328{ 293{
329 SDEBUG("%s=%s arg=%d", var, *val, arg); 294 SDEBUG("%s=%s arg=%d", var, *val, arg);
330 char *index, *prev_index = NULL; 295 char *index, *prev_index = NULL;
@@ -456,7 +421,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
456 } 421 }
457 422
458 /* Normalize the variable name */ 423 /* Normalize the variable name */
459 normalize_varname(var); 424 suhosin_normalize_varname(var);
460 425
461 /* Find length of variable name */ 426 /* Find length of variable name */
462 index = strchr(var, '['); 427 index = strchr(var, '[');
@@ -650,6 +615,39 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
650} 615}
651/* }}} */ 616/* }}} */
652 617
618/* {{{ suhosin_input_filter_wrapper
619 */
620SAPI_INPUT_FILTER_FUNC(suhosin_input_filter_wrapper)
621{
622 // zend_bool already_scanned = SUHOSIN7_G(already_scanned);
623 // SUHOSIN7_G(already_scanned) = 0;
624 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d already_scanned=%d", arg, var, SUHOSIN7_G(do_not_scan), already_scanned);
625 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d", arg, var, SUHOSIN7_G(do_not_scan));
626 SDEBUG("ifilter arg=%d var=%s", arg, var);
627
628 // if (SUHOSIN7_G(do_not_scan)) {
629 // SDEBUG("do_not_scan");
630 // if (new_val_len) {
631 // *new_val_len = val_len;
632 // }
633 // return 1;
634 // }
635
636 // if (!already_scanned) {
637 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) {
638 SUHOSIN7_G(abort_request)=1;
639 return 0;
640 }
641 if (new_val_len) {
642 val_len = *new_val_len;
643 }
644 // }
645 if (orig_input_filter) {
646 return orig_input_filter(arg, var, val, val_len, new_val_len);
647 } else {
648 return 1;
649 }
650}
653 651
654 652
655/* {{{ suhosin_hook_register_server_variables 653/* {{{ suhosin_hook_register_server_variables
@@ -663,6 +661,14 @@ void suhosin_hook_register_server_variables()
663} 661}
664/* }}} */ 662/* }}} */
665 663
664void suhosin_hook_input_filter()
665{
666 if (orig_input_filter == NULL) {
667 orig_input_filter = sapi_module.input_filter;
668 }
669 sapi_module.input_filter = suhosin_input_filter_wrapper;
670}
671
666 672
667/* 673/*
668 * Local variables: 674 * Local variables: