summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--aes.c38
-rw-r--r--config.m41
-rw-r--r--config.w322
-rw-r--r--cookiecrypt.c23
-rw-r--r--crypt.c50
-rw-r--r--ex_imp.c2
-rw-r--r--execute.c181
-rw-r--r--execute_rnd.c26
-rw-r--r--header.c13
-rw-r--r--ifilter.c73
-rw-r--r--log.c73
-rw-r--r--memory_limit.c5
-rw-r--r--php_suhosin7.h28
-rw-r--r--post_handler.c19
-rw-r--r--rfc1867.c2
-rw-r--r--session.c47
-rw-r--r--sha256.c18
-rw-r--r--sha256.h2
-rw-r--r--suhosin7.c50
-rw-r--r--suhosin_rfc1867.h20
-rw-r--r--treat_data.c11
-rw-r--r--ufilter.c3
22 files changed, 322 insertions, 365 deletions
diff --git a/aes.c b/aes.c
index b44d88b..ca56cd9 100644
--- a/aes.c
+++ b/aes.c
@@ -2,7 +2,7 @@
2 2
3 Written by Mike Scott 21st April 1999 3 Written by Mike Scott 21st April 1999
4 mike@compapp.dcu.ie 4 mike@compapp.dcu.ie
5 An alternative faster version is implemented in MIRACL 5 An alternative faster version is implemented in MIRACL
6 ftp://ftp.computing.dcu.ie/pub/crypto/miracl.zip 6 ftp://ftp.computing.dcu.ie/pub/crypto/miracl.zip
7 7
8 Copyright (c) 1999 Mike Scott 8 Copyright (c) 1999 Mike Scott
@@ -18,15 +18,15 @@
18 See rijndael documentation. The code follows the documentation as closely 18 See rijndael documentation. The code follows the documentation as closely
19 as possible, and where possible uses the same function and variable names. 19 as possible, and where possible uses the same function and variable names.
20 20
21 Permission for free direct or derivative use is granted subject 21 Permission for free direct or derivative use is granted subject
22 to compliance with any conditions that the originators of the 22 to compliance with any conditions that the originators of the
23 algorithm place on its exploitation. 23 algorithm place on its exploitation.
24 24
25 Inspiration from Brian Gladman's implementation is acknowledged. 25 Inspiration from Brian Gladman's implementation is acknowledged.
26 26
27 Written for clarity, rather than speed. 27 Written for clarity, rather than speed.
28 Assumes long is 32 bit quantity. 28 Assumes long is 32 bit quantity.
29 Full implementation. 29 Full implementation.
30 Endian indifferent. 30 Endian indifferent.
31*/ 31*/
32 32
@@ -95,14 +95,14 @@ static WORD SubByte(WORD a)
95 b[1]=fbsub[b[1]]; 95 b[1]=fbsub[b[1]];
96 b[2]=fbsub[b[2]]; 96 b[2]=fbsub[b[2]];
97 b[3]=fbsub[b[3]]; 97 b[3]=fbsub[b[3]];
98 return pack(b); 98 return pack(b);
99} 99}
100 100
101static BYTE product(WORD x,WORD y) 101static BYTE product(WORD x,WORD y)
102{ /* dot product of two 4-byte arrays */ 102{ /* dot product of two 4-byte arrays */
103 BYTE xb[4],yb[4]; 103 BYTE xb[4],yb[4];
104 unpack(x,xb); 104 unpack(x,xb);
105 unpack(y,yb); 105 unpack(y,yb);
106 return bmul(xb[0],yb[0])^bmul(xb[1],yb[1])^bmul(xb[2],yb[2])^bmul(xb[3],yb[3]); 106 return bmul(xb[0],yb[0])^bmul(xb[1],yb[1])^bmul(xb[2],yb[2])^bmul(xb[3],yb[3]);
107} 107}
108 108
@@ -143,13 +143,13 @@ void suhosin_aes_gentables()
143 143
144 ltab[0]=0; 144 ltab[0]=0;
145 ptab[0]=1; ltab[1]=0; 145 ptab[0]=1; ltab[1]=0;
146 ptab[1]=3; ltab[3]=1; 146 ptab[1]=3; ltab[3]=1;
147 for (i=2;i<256;i++) 147 for (i=2;i<256;i++)
148 { 148 {
149 ptab[i]=ptab[i-1]^xtime(ptab[i-1]); 149 ptab[i]=ptab[i-1]^xtime(ptab[i-1]);
150 ltab[ptab[i]]=i; 150 ltab[ptab[i]]=i;
151 } 151 }
152 152
153 /* affine transformation:- each bit is xored with itself shifted one bit */ 153 /* affine transformation:- each bit is xored with itself shifted one bit */
154 154
155 fbsub[0]=0x63; 155 fbsub[0]=0x63;
@@ -212,7 +212,7 @@ void suhosin_aes_gkey(int nb,int nk,char *key)
212 } 212 }
213 213
214 N=Nb*(Nr+1); 214 N=Nb*(Nr+1);
215 215
216 for (i=j=0;i<Nk;i++,j+=4) 216 for (i=j=0;i<Nk;i++,j+=4)
217 { 217 {
218 CipherKey[i]=pack((BYTE *)&key[j]); 218 CipherKey[i]=pack((BYTE *)&key[j]);
@@ -239,7 +239,7 @@ void suhosin_aes_gkey(int nb,int nk,char *key)
239 239
240 /* now for the expanded decrypt key in reverse order */ 240 /* now for the expanded decrypt key in reverse order */
241 241
242 for (j=0;j<Nb;j++) SUHOSIN7_G(rkey)[j+N-Nb]=SUHOSIN7_G(fkey)[j]; 242 for (j=0;j<Nb;j++) SUHOSIN7_G(rkey)[j+N-Nb]=SUHOSIN7_G(fkey)[j];
243 for (i=Nb;i<N-Nb;i+=Nb) 243 for (i=Nb;i<N-Nb;i+=Nb)
244 { 244 {
245 k=N-Nb-i; 245 k=N-Nb-i;
@@ -251,7 +251,7 @@ void suhosin_aes_gkey(int nb,int nk,char *key)
251 251
252/* There is an obvious time/space trade-off possible here. * 252/* There is an obvious time/space trade-off possible here. *
253 * Instead of just one ftable[], I could have 4, the other * 253 * Instead of just one ftable[], I could have 4, the other *
254 * 3 pre-rotated to save the ROTL8, ROTL16 and ROTL24 overhead */ 254 * 3 pre-rotated to save the ROTL8, ROTL16 and ROTL24 overhead */
255 255
256void suhosin_aes_encrypt(char *buff) 256void suhosin_aes_encrypt(char *buff)
257{ 257{
@@ -270,7 +270,7 @@ void suhosin_aes_encrypt(char *buff)
270 for (i=1;i<Nr;i++) 270 for (i=1;i<Nr;i++)
271 { /* Nr is number of rounds. May be odd. */ 271 { /* Nr is number of rounds. May be odd. */
272 272
273/* if Nb is fixed - unroll this next 273/* if Nb is fixed - unroll this next
274 loop and hard-code in the values of fi[] */ 274 loop and hard-code in the values of fi[] */
275 275
276 for (m=j=0;j<Nb;j++,m+=3) 276 for (m=j=0;j<Nb;j++,m+=3)
@@ -284,14 +284,14 @@ void suhosin_aes_encrypt(char *buff)
284 t=x; x=y; y=t; /* swap pointers */ 284 t=x; x=y; y=t; /* swap pointers */
285 } 285 }
286 286
287/* Last Round - unroll if possible */ 287/* Last Round - unroll if possible */
288 for (m=j=0;j<Nb;j++,m+=3) 288 for (m=j=0;j<Nb;j++,m+=3)
289 { 289 {
290 y[j]=SUHOSIN7_G(fkey)[k++]^(WORD)fbsub[(BYTE)x[j]]^ 290 y[j]=SUHOSIN7_G(fkey)[k++]^(WORD)fbsub[(BYTE)x[j]]^
291 ROTL8((WORD)fbsub[(BYTE)(x[SUHOSIN7_G(fi)[m]]>>8)])^ 291 ROTL8((WORD)fbsub[(BYTE)(x[SUHOSIN7_G(fi)[m]]>>8)])^
292 ROTL16((WORD)fbsub[(BYTE)(x[SUHOSIN7_G(fi)[m+1]]>>16)])^ 292 ROTL16((WORD)fbsub[(BYTE)(x[SUHOSIN7_G(fi)[m+1]]>>16)])^
293 ROTL24((WORD)fbsub[x[SUHOSIN7_G(fi)[m+2]]>>24]); 293 ROTL24((WORD)fbsub[x[SUHOSIN7_G(fi)[m+2]]>>24]);
294 } 294 }
295 for (i=j=0;i<Nb;i++,j+=4) 295 for (i=j=0;i<Nb;i++,j+=4)
296 { 296 {
297 unpack(y[i],(BYTE *)&buff[j]); 297 unpack(y[i],(BYTE *)&buff[j]);
@@ -317,7 +317,7 @@ void suhosin_aes_decrypt(char *buff)
317 for (i=1;i<Nr;i++) 317 for (i=1;i<Nr;i++)
318 { /* Nr is number of rounds. May be odd. */ 318 { /* Nr is number of rounds. May be odd. */
319 319
320/* if Nb is fixed - unroll this next 320/* if Nb is fixed - unroll this next
321 loop and hard-code in the values of ri[] */ 321 loop and hard-code in the values of ri[] */
322 322
323 for (m=j=0;j<Nb;j++,m+=3) 323 for (m=j=0;j<Nb;j++,m+=3)
@@ -330,14 +330,14 @@ void suhosin_aes_decrypt(char *buff)
330 t=x; x=y; y=t; /* swap pointers */ 330 t=x; x=y; y=t; /* swap pointers */
331 } 331 }
332 332
333/* Last Round - unroll if possible */ 333/* Last Round - unroll if possible */
334 for (m=j=0;j<Nb;j++,m+=3) 334 for (m=j=0;j<Nb;j++,m+=3)
335 { 335 {
336 y[j]=SUHOSIN7_G(rkey)[k++]^(WORD)rbsub[(BYTE)x[j]]^ 336 y[j]=SUHOSIN7_G(rkey)[k++]^(WORD)rbsub[(BYTE)x[j]]^
337 ROTL8((WORD)rbsub[(BYTE)(x[SUHOSIN7_G(ri)[m]]>>8)])^ 337 ROTL8((WORD)rbsub[(BYTE)(x[SUHOSIN7_G(ri)[m]]>>8)])^
338 ROTL16((WORD)rbsub[(BYTE)(x[SUHOSIN7_G(ri)[m+1]]>>16)])^ 338 ROTL16((WORD)rbsub[(BYTE)(x[SUHOSIN7_G(ri)[m+1]]>>16)])^
339 ROTL24((WORD)rbsub[x[SUHOSIN7_G(ri)[m+2]]>>24]); 339 ROTL24((WORD)rbsub[x[SUHOSIN7_G(ri)[m+2]]>>24]);
340 } 340 }
341 for (i=j=0;i<Nb;i++,j+=4) 341 for (i=j=0;i<Nb;i++,j+=4)
342 { 342 {
343 unpack(y[i],(BYTE *)&buff[j]); 343 unpack(y[i],(BYTE *)&buff[j]);
@@ -362,7 +362,7 @@ static int main()
362 362
363 for (nb=4;nb<=8;nb+=2) 363 for (nb=4;nb<=8;nb+=2)
364 for (nk=4;nk<=8;nk+=2) 364 for (nk=4;nk<=8;nk+=2)
365 { 365 {
366 printf("\nBlock Size= %d bits, Key Size= %d bits\n",nb*32,nk*32); 366 printf("\nBlock Size= %d bits, Key Size= %d bits\n",nb*32,nk*32);
367 gkey(nb,nk,key); 367 gkey(nb,nk,key);
368 printf("Plain= "); 368 printf("Plain= ");
diff --git a/config.m4 b/config.m4
index 23081dd..3649579 100644
--- a/config.m4
+++ b/config.m4
@@ -1,4 +1,3 @@
1dnl $Id$
2dnl config.m4 for extension suhosin7 1dnl config.m4 for extension suhosin7
3 2
4PHP_ARG_ENABLE(suhosin7, whether to enable suhosin support, 3PHP_ARG_ENABLE(suhosin7, whether to enable suhosin support,
diff --git a/config.w32 b/config.w32
index eefaedf..330afed 100644
--- a/config.w32
+++ b/config.w32
@@ -1,4 +1,3 @@
1// $Id$
2// vim:ft=javascript 1// vim:ft=javascript
3 2
4// If your extension references something external, use ARG_WITH 3// If your extension references something external, use ARG_WITH
@@ -10,4 +9,3 @@
10if (PHP_SUHOSIN7 != "no") { 9if (PHP_SUHOSIN7 != "no") {
11 EXTENSION("suhosin7", "suhosin7.c", PHP_EXTNAME_SHARED, "/DZEND_ENABLE_STATIC_ACHE=1"); 10 EXTENSION("suhosin7", "suhosin7.c", PHP_EXTNAME_SHARED, "/DZEND_ENABLE_STATIC_ACHE=1");
12} 11}
13
diff --git a/cookiecrypt.c b/cookiecrypt.c
index f4f3638..42169f8 100644
--- a/cookiecrypt.c
+++ b/cookiecrypt.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: header.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -35,11 +32,11 @@ zend_string *suhosin_encrypt_single_cookie(char *name, int name_len, char *value
35{ 32{
36 int l; 33 int l;
37 34
38 name = estrndup(name, name_len); 35 name = estrndup(name, name_len);
39 name_len = php_url_decode(name, name_len); 36 name_len = php_url_decode(name, name_len);
40 suhosin_normalize_varname(name); 37 suhosin_normalize_varname(name);
41 name_len = strlen(name); 38 name_len = strlen(name);
42 39
43 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name, name_len)) || 40 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name, name_len)) ||
44 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name, name_len))) { 41 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name, name_len))) {
45 efree(name); 42 efree(name);
@@ -48,7 +45,7 @@ zend_string *suhosin_encrypt_single_cookie(char *name, int name_len, char *value
48 45
49 value = estrndup(value, value_len); 46 value = estrndup(value, value_len);
50 value_len = php_url_decode(value, value_len); 47 value_len = php_url_decode(value, value_len);
51 48
52 zend_string *d = suhosin_encrypt_string(value, value_len, name, name_len, key); 49 zend_string *d = suhosin_encrypt_string(value, value_len, name, name_len, key);
53 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d)); 50 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d));
54 zend_string_release(d); 51 zend_string_release(d);
@@ -63,7 +60,7 @@ char *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int v
63 int name2_len = php_url_decode(name2, name_len); 60 int name2_len = php_url_decode(name2, name_len);
64 suhosin_normalize_varname(name2); 61 suhosin_normalize_varname(name2);
65 name2_len = strlen(name2); 62 name2_len = strlen(name2);
66 63
67 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name2, name2_len)) || 64 if ((SUHOSIN7_G(cookie_plainlist) && zend_hash_str_exists(SUHOSIN7_G(cookie_plainlist), name2, name2_len)) ||
68 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name2, name2_len))) { 65 (SUHOSIN7_G(cookie_plainlist) == NULL && SUHOSIN7_G(cookie_cryptlist) && !zend_hash_str_exists(SUHOSIN7_G(cookie_cryptlist), name2, name2_len))) {
69 // if (1) { 66 // if (1) {
@@ -75,10 +72,10 @@ char *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int v
75 *out += value_len; 72 *out += value_len;
76 return *out; 73 return *out;
77 } 74 }
78 75
79 value = estrndup(value, value_len); 76 value = estrndup(value, value_len);
80 value_len = php_url_decode(value, value_len); 77 value_len = php_url_decode(value, value_len);
81 78
82 zend_string *d = suhosin_decrypt_string(value, value_len, name2, name2_len, key, SUHOSIN7_G(cookie_checkraddr)); 79 zend_string *d = suhosin_decrypt_string(value, value_len, name2, name2_len, key, SUHOSIN7_G(cookie_checkraddr));
83 if (d) { 80 if (d) {
84 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d)); 81 zend_string *d_url = php_url_encode(ZSTR_VAL(d), ZSTR_LEN(d));
@@ -93,7 +90,7 @@ char *suhosin_decrypt_single_cookie(char *name, int name_len, char *value, int v
93 90
94 efree(name2); 91 efree(name2);
95 efree(value); 92 efree(value);
96 93
97 return *out; 94 return *out;
98} 95}
99 96
@@ -109,7 +106,7 @@ char *suhosin_cookie_decryptor(char *raw_cookie)
109 // suhosin_generate_key(SUHOSIN7_G(cookie_cryptkey), SUHOSIN7_G(cookie_cryptua), SUHOSIN7_G(cookie_cryptdocroot), SUHOSIN7_G(cookie_cryptraddr), cryptkey); 106 // suhosin_generate_key(SUHOSIN7_G(cookie_cryptkey), SUHOSIN7_G(cookie_cryptua), SUHOSIN7_G(cookie_cryptdocroot), SUHOSIN7_G(cookie_cryptraddr), cryptkey);
110 S7_GENERATE_KEY(cookie, cryptkey); 107 S7_GENERATE_KEY(cookie, cryptkey);
111 // SDEBUG("cryptkey=%02x.%02x.%02x", cryptkey[0], cryptkey[1], cryptkey[2]); 108 // SDEBUG("cryptkey=%02x.%02x.%02x", cryptkey[0], cryptkey[1], cryptkey[2]);
112 109
113 ret = decrypted = emalloc(strlen(raw_cookie)*4+1); 110 ret = decrypted = emalloc(strlen(raw_cookie)*4+1);
114 raw_cookie = estrdup(raw_cookie); 111 raw_cookie = estrdup(raw_cookie);
115 SUHOSIN7_G(raw_cookie) = estrdup(raw_cookie); 112 SUHOSIN7_G(raw_cookie) = estrdup(raw_cookie);
@@ -138,10 +135,10 @@ char *suhosin_cookie_decryptor(char *raw_cookie)
138 135
139 *decrypted++ = 0; 136 *decrypted++ = 0;
140 ret = erealloc(ret, decrypted-ret); 137 ret = erealloc(ret, decrypted-ret);
141 138
142 SUHOSIN7_G(decrypted_cookie) = ret; 139 SUHOSIN7_G(decrypted_cookie) = ret;
143 efree(raw_cookie); 140 efree(raw_cookie);
144 141
145 return ret; 142 return ret;
146} 143}
147/* }}} */ 144/* }}} */
diff --git a/crypt.c b/crypt.c
index 6daaa03..1bde7c7 100644
--- a/crypt.c
+++ b/crypt.c
@@ -41,7 +41,7 @@ static void suhosin_get_ipv4(char *buf)
41 memset(buf, 0, 4); 41 memset(buf, 0, 4);
42 return; 42 return;
43 } 43 }
44 44
45 for (i=0; i<4; i++) { 45 for (i=0; i<4; i++) {
46 if (raddr[0] == 0) { 46 if (raddr[0] == 0) {
47 buf[i] = 0; 47 buf[i] = 0;
@@ -59,11 +59,11 @@ zend_string *suhosin_encrypt_string(char *str, int len, char *var, int vlen, cha
59 int padded_len, i, slen; 59 int padded_len, i, slen;
60 unsigned char *crypted, *tmp; 60 unsigned char *crypted, *tmp;
61 unsigned int check = 0x13579BDF; 61 unsigned int check = 0x13579BDF;
62 62
63 if (str == NULL) { 63 if (str == NULL) {
64 return NULL; 64 return NULL;
65 } 65 }
66 66
67 if (len == 0) { 67 if (len == 0) {
68 return ZSTR_EMPTY_ALLOC(); 68 return ZSTR_EMPTY_ALLOC();
69 } 69 }
@@ -86,10 +86,10 @@ zend_string *suhosin_encrypt_string(char *str, int len, char *var, int vlen, cha
86 check += check << 1; 86 check += check << 1;
87 check ^= (unsigned char)str[i]; 87 check ^= (unsigned char)str[i];
88 } 88 }
89 89
90 /* store ip value */ 90 /* store ip value */
91 suhosin_get_ipv4((char *)crypted + 4); 91 suhosin_get_ipv4((char *)crypted + 4);
92 92
93 /* store check value */ 93 /* store check value */
94 crypted[8] = check & 0xff; 94 crypted[8] = check & 0xff;
95 crypted[9] = (check >> 8) & 0xff; 95 crypted[9] = (check >> 8) & 0xff;
@@ -101,7 +101,7 @@ zend_string *suhosin_encrypt_string(char *str, int len, char *var, int vlen, cha
101 crypted[13] = (len >> 8) & 0xff; 101 crypted[13] = (len >> 8) & 0xff;
102 crypted[14] = (len >> 16) & 0xff; 102 crypted[14] = (len >> 16) & 0xff;
103 crypted[15] = (len >> 24) & 0xff; 103 crypted[15] = (len >> 24) & 0xff;
104 104
105 for (i = 0, tmp = crypted; i < padded_len + 16; i += 16, tmp += 16) { 105 for (i = 0, tmp = crypted; i < padded_len + 16; i += 16, tmp += 16) {
106 if (i > 0) { 106 if (i > 0) {
107 int j; 107 int j;
@@ -109,7 +109,7 @@ zend_string *suhosin_encrypt_string(char *str, int len, char *var, int vlen, cha
109 } 109 }
110 suhosin_aes_encrypt((char *)tmp); 110 suhosin_aes_encrypt((char *)tmp);
111 } 111 }
112 112
113 zend_string *zs = php_base64_encode(crypted, padded_len+16); 113 zend_string *zs = php_base64_encode(crypted, padded_len+16);
114 efree(crypted); 114 efree(crypted);
115 // slen=strlen((char *)tmp); 115 // slen=strlen((char *)tmp);
@@ -129,11 +129,11 @@ zend_string *suhosin_decrypt_string(char *str, int padded_len, char *var, int vl
129 SDEBUG("decrypting string |%s|", str); 129 SDEBUG("decrypting string |%s|", str);
130 int i; 130 int i;
131 unsigned int check = 0x13579BDF; 131 unsigned int check = 0x13579BDF;
132 132
133 if (str == NULL) { 133 if (str == NULL) {
134 return NULL; 134 return NULL;
135 } 135 }
136 136
137 if (padded_len == 0) { 137 if (padded_len == 0) {
138 return ZSTR_EMPTY_ALLOC(); 138 return ZSTR_EMPTY_ALLOC();
139 } 139 }
@@ -146,7 +146,7 @@ zend_string *suhosin_decrypt_string(char *str, int padded_len, char *var, int vl
146 case '_': str[i]='+'; break; 146 case '_': str[i]='+'; break;
147 } 147 }
148 } 148 }
149 149
150 zend_string *decrypted_zs = php_base64_decode((unsigned char *)str, padded_len); 150 zend_string *decrypted_zs = php_base64_decode((unsigned char *)str, padded_len);
151 if (decrypted_zs == NULL) { 151 if (decrypted_zs == NULL) {
152 return NULL; 152 return NULL;
@@ -158,7 +158,7 @@ zend_string *suhosin_decrypt_string(char *str, int padded_len, char *var, int vl
158 if (len < 2*16 || (len % 16) != 0) { 158 if (len < 2*16 || (len % 16) != 0) {
159 goto error_out; 159 goto error_out;
160 } 160 }
161 161
162 unsigned char *tmp; 162 unsigned char *tmp;
163 for (i = len - 16, tmp = decrypted + i; i >= 0; i -= 16, tmp -= 16) { 163 for (i = len - 16, tmp = decrypted + i; i >= 0; i -= 16, tmp -= 16) {
164 suhosin_aes_decrypt((char *)tmp); 164 suhosin_aes_decrypt((char *)tmp);
@@ -176,7 +176,7 @@ zend_string *suhosin_decrypt_string(char *str, int padded_len, char *var, int vl
176 o_len |= decrypted[13]; 176 o_len |= decrypted[13];
177 o_len <<= 8; 177 o_len <<= 8;
178 o_len |= decrypted[12]; 178 o_len |= decrypted[12];
179 179
180 if (o_len < 0 || o_len > len-16) { 180 if (o_len < 0 || o_len > len-16) {
181 goto error_out; 181 goto error_out;
182 } 182 }
@@ -192,13 +192,13 @@ zend_string *suhosin_decrypt_string(char *str, int padded_len, char *var, int vl
192 check += check << 1; 192 check += check << 1;
193 check ^= decrypted[16+i]; 193 check ^= decrypted[16+i];
194 } 194 }
195 195
196 /* check value */ 196 /* check value */
197 int invalid = (decrypted[8] != (check & 0xff)) || 197 int invalid = (decrypted[8] != (check & 0xff)) ||
198 (decrypted[9] != ((check >> 8) & 0xff)) || 198 (decrypted[9] != ((check >> 8) & 0xff)) ||
199 (decrypted[10] != ((check >> 16) & 0xff)) || 199 (decrypted[10] != ((check >> 16) & 0xff)) ||
200 (decrypted[11] != ((check >> 24) & 0xff)); 200 (decrypted[11] != ((check >> 24) & 0xff));
201 201
202 /* check IP */ 202 /* check IP */
203 if (check_ra) { 203 if (check_ra) {
204 if (check_ra > 4) { 204 if (check_ra > 4) {
@@ -210,16 +210,16 @@ zend_string *suhosin_decrypt_string(char *str, int padded_len, char *var, int vl
210 goto error_out; 210 goto error_out;
211 } 211 }
212 } 212 }
213 213
214 if (invalid) { 214 if (invalid) {
215 goto error_out; 215 goto error_out;
216 } 216 }
217 217
218 memmove(decrypted, decrypted+16, o_len); 218 memmove(decrypted, decrypted+16, o_len);
219 decrypted[o_len] = 0; 219 decrypted[o_len] = 0;
220 ZSTR_LEN(decrypted_zs) = o_len; 220 ZSTR_LEN(decrypted_zs) = o_len;
221 /* we do not realloc() here because 16 byte less 221 /* we do not realloc() here because 16 byte less
222 is simply not worth the overhead */ 222 is simply not worth the overhead */
223 return decrypted_zs; 223 return decrypted_zs;
224 224
225error_out: 225error_out:
@@ -236,21 +236,21 @@ char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, ch
236 char *_dr = NULL; 236 char *_dr = NULL;
237 char *_ra = NULL; 237 char *_ra = NULL;
238 PHP_SHA256_CTX ctx; 238 PHP_SHA256_CTX ctx;
239 239
240 if (ua) { 240 if (ua) {
241 _ua = suhosin_getenv(ZEND_STRL("HTTP_USER_AGENT")); 241 _ua = suhosin_getenv(ZEND_STRL("HTTP_USER_AGENT"));
242 } 242 }
243 243
244 if (dr) { 244 if (dr) {
245 _dr = suhosin_getenv(ZEND_STRL("DOCUMENT_ROOT")); 245 _dr = suhosin_getenv(ZEND_STRL("DOCUMENT_ROOT"));
246 } 246 }
247 247
248 if (raddr > 0) { 248 if (raddr > 0) {
249 _ra = suhosin_getenv(ZEND_STRL("REMOTE_ADDR")); 249 _ra = suhosin_getenv(ZEND_STRL("REMOTE_ADDR"));
250 } 250 }
251 251
252 SDEBUG("KEY: %s - UA: %s - DR: %s - RA: %s", key,_ua,_dr,_ra); 252 SDEBUG("KEY: %s - UA: %s - DR: %s - RA: %s", key,_ua,_dr,_ra);
253 253
254 PHP_SHA256Init(&ctx); 254 PHP_SHA256Init(&ctx);
255 if (key == NULL || *key == 0) { 255 if (key == NULL || *key == 0) {
256 PHP_SHA256Update(&ctx, (unsigned char*)ZEND_STRL("D3F4UL7")); 256 PHP_SHA256Update(&ctx, (unsigned char*)ZEND_STRL("D3F4UL7"));
@@ -269,7 +269,7 @@ char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, ch
269 } else { 269 } else {
270 long dots = 0; 270 long dots = 0;
271 char *tmp = _ra; 271 char *tmp = _ra;
272 272
273 while (*tmp) { 273 while (*tmp) {
274 if (*tmp == '.') { 274 if (*tmp == '.') {
275 dots++; 275 dots++;
@@ -284,6 +284,6 @@ char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, ch
284 } 284 }
285 PHP_SHA256Final((unsigned char *)cryptkey, &ctx); 285 PHP_SHA256Final((unsigned char *)cryptkey, &ctx);
286 cryptkey[32] = 0; /* uhmm... not really a string */ 286 cryptkey[32] = 0; /* uhmm... not really a string */
287 287
288 return cryptkey; 288 return cryptkey;
289} 289}
diff --git a/ex_imp.c b/ex_imp.c
index fd940ce..7ea0f29 100644
--- a/ex_imp.c
+++ b/ex_imp.c
@@ -108,7 +108,7 @@ static zend_always_inline int php_valid_var_name(char *var_name, size_t var_name
108 if (suhosin_is_protected_varname(var_name, var_name_len)) { 108 if (suhosin_is_protected_varname(var_name, var_name_len)) {
109 return 0; 109 return 0;
110 } 110 }
111 111
112 return 1; 112 return 1;
113} 113}
114 114
diff --git a/execute.c b/execute.c
index 4b52fe4..698c637 100644
--- a/execute.c
+++ b/execute.c
@@ -17,7 +17,6 @@
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19 19
20/* $Id: execute.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */
21// #if 0 20// #if 0
22#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
23#include "config.h" 22#include "config.h"
@@ -90,13 +89,13 @@ static int match_include_list(HashTable *ht, char *s, size_t slen)
90 h2 = h2 == NULL ? NULL : h2 + 4; 89 h2 = h2 == NULL ? NULL : h2 + 4;
91 char *t = h = (h == NULL) ? h2 : ( (h2 == NULL) ? h : ( (h <= h2) ? h : h2 ) ); 90 char *t = h = (h == NULL) ? h2 : ( (h2 == NULL) ? h : ( (h <= h2) ? h : h2 ) );
92 if (h == NULL) return -1; // no URL 91 if (h == NULL) return -1; // no URL
93 92
94 while (t > s && (isalnum(t[-1]) || t[-1]=='_' || t[-1]=='.')) { 93 while (t > s && (isalnum(t[-1]) || t[-1]=='_' || t[-1]=='.')) {
95 t--; 94 t--;
96 } 95 }
97 96
98 size_t tlen = slen - (t - s); 97 size_t tlen = slen - (t - s);
99 98
100 zend_ulong num_key; 99 zend_ulong num_key;
101 zend_string *key; 100 zend_string *key;
102 ZEND_HASH_FOREACH_KEY(ht, num_key, key) { 101 ZEND_HASH_FOREACH_KEY(ht, num_key, key) {
@@ -137,7 +136,7 @@ static int suhosin_check_filename(char *s, int slen)
137 char fname[MAXPATHLEN+1]; 136 char fname[MAXPATHLEN+1];
138 137
139 memcpy(fname, s, slen); 138 memcpy(fname, s, slen);
140 fname[slen] = 0; 139 fname[slen] = 0;
141 s = (char *)fname; 140 s = (char *)fname;
142 char *e = s + slen; 141 char *e = s + slen;
143 142
@@ -145,7 +144,7 @@ static int suhosin_check_filename(char *s, int slen)
145 if (slen != strlen(s)) { 144 if (slen != strlen(s)) {
146 return SUHOSIN_CODE_TYPE_0FILE; 145 return SUHOSIN_CODE_TYPE_0FILE;
147 } 146 }
148 147
149 SDEBUG("fn=%s", s); 148 SDEBUG("fn=%s", s);
150 /* disallow uploaded files */ 149 /* disallow uploaded files */
151 if (SG(rfc1867_uploaded_files)) { 150 if (SG(rfc1867_uploaded_files)) {
@@ -153,7 +152,7 @@ static int suhosin_check_filename(char *s, int slen)
153 return SUHOSIN_CODE_TYPE_UPLOADED; 152 return SUHOSIN_CODE_TYPE_UPLOADED;
154 } 153 }
155 } 154 }
156 155
157 /* count number of directory traversals */ 156 /* count number of directory traversals */
158 int traversal_conut = 0; 157 int traversal_conut = 0;
159 for (int i = 0; i < slen-3; i++) { 158 for (int i = 0; i < slen-3; i++) {
@@ -165,7 +164,7 @@ static int suhosin_check_filename(char *s, int slen)
165 if (SUHOSIN7_G(executor_include_max_traversal) && traversal_conut > SUHOSIN7_G(executor_include_max_traversal)) { 164 if (SUHOSIN7_G(executor_include_max_traversal) && traversal_conut > SUHOSIN7_G(executor_include_max_traversal)) {
166 return SUHOSIN_CODE_TYPE_MANYDOTS; 165 return SUHOSIN_CODE_TYPE_MANYDOTS;
167 } 166 }
168 167
169 SDEBUG("include wl=%p bl=%p", SUHOSIN7_G(include_whitelist), SUHOSIN7_G(include_blacklist)); 168 SDEBUG("include wl=%p bl=%p", SUHOSIN7_G(include_whitelist), SUHOSIN7_G(include_blacklist));
170 /* no black or whitelist then disallow all */ 169 /* no black or whitelist then disallow all */
171 if (SUHOSIN7_G(include_whitelist) == NULL && SUHOSIN7_G(include_blacklist) == NULL) { 170 if (SUHOSIN7_G(include_whitelist) == NULL && SUHOSIN7_G(include_blacklist) == NULL) {
@@ -184,7 +183,7 @@ static int suhosin_check_filename(char *s, int slen)
184 } 183 }
185 } 184 }
186 } 185 }
187 186
188check_filename_skip_lists: 187check_filename_skip_lists:
189 188
190 /* disallow writable files */ 189 /* disallow writable files */
@@ -211,7 +210,7 @@ static void suhosin_check_codetype(zend_ulong code_type, char *filename)
211 } 210 }
212 } 211 }
213 break; 212 break;
214 213
215 // case SUHOSIN_CODE_TYPE_REGEXP: 214 // case SUHOSIN_CODE_TYPE_REGEXP:
216 // if (SUHOSIN7_G(executor_disable_emod)) { 215 // if (SUHOSIN7_G(executor_disable_emod)) {
217 // suhosin_log(S_EXECUTOR|S_GETCALLER, "use of preg_replace() with /e modifier is forbidden by configuration"); 216 // suhosin_log(S_EXECUTOR|S_GETCALLER, "use of preg_replace() with /e modifier is forbidden by configuration");
@@ -220,7 +219,7 @@ static void suhosin_check_codetype(zend_ulong code_type, char *filename)
220 // } 219 // }
221 // } 220 // }
222 // break; 221 // break;
223 222
224 case SUHOSIN_CODE_TYPE_MBREGEXP: 223 case SUHOSIN_CODE_TYPE_MBREGEXP:
225 if (SUHOSIN7_G(executor_disable_emod)) { 224 if (SUHOSIN7_G(executor_disable_emod)) {
226 suhosin_log(S_EXECUTOR|S_GETCALLER, "use of /e modifier in replace function is forbidden by configuration"); 225 suhosin_log(S_EXECUTOR|S_GETCALLER, "use of /e modifier in replace function is forbidden by configuration");
@@ -229,13 +228,13 @@ static void suhosin_check_codetype(zend_ulong code_type, char *filename)
229 } 228 }
230 } 229 }
231 break; 230 break;
232 231
233 case SUHOSIN_CODE_TYPE_ASSERT: 232 case SUHOSIN_CODE_TYPE_ASSERT:
234 break; 233 break;
235 234
236 case SUHOSIN_CODE_TYPE_CFUNC: 235 case SUHOSIN_CODE_TYPE_CFUNC:
237 break; 236 break;
238 237
239 case SUHOSIN_CODE_TYPE_LONGNAME: 238 case SUHOSIN_CODE_TYPE_LONGNAME:
240 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is too long: %s", filename); 239 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is too long: %s", filename);
241 suhosin_bailout(); 240 suhosin_bailout();
@@ -245,27 +244,27 @@ static void suhosin_check_codetype(zend_ulong code_type, char *filename)
245 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename contains too many '../': %s", filename); 244 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename contains too many '../': %s", filename);
246 suhosin_bailout(); 245 suhosin_bailout();
247 break; 246 break;
248 247
249 case SUHOSIN_CODE_TYPE_UPLOADED: 248 case SUHOSIN_CODE_TYPE_UPLOADED:
250 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is an uploaded file"); 249 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is an uploaded file");
251 suhosin_bailout(); 250 suhosin_bailout();
252 break; 251 break;
253 252
254 case SUHOSIN_CODE_TYPE_0FILE: 253 case SUHOSIN_CODE_TYPE_0FILE:
255 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename contains an ASCIIZ character"); 254 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename contains an ASCIIZ character");
256 suhosin_bailout(); 255 suhosin_bailout();
257 break; 256 break;
258 257
259 case SUHOSIN_CODE_TYPE_WRITABLE: 258 case SUHOSIN_CODE_TYPE_WRITABLE:
260 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is writable by PHP process: %s", filename); 259 suhosin_log(S_INCLUDE|S_GETCALLER, "Include filename is writable by PHP process: %s", filename);
261 suhosin_bailout(); 260 suhosin_bailout();
262 break; 261 break;
263 262
264 case SUHOSIN_CODE_TYPE_BLACKURL: 263 case SUHOSIN_CODE_TYPE_BLACKURL:
265 suhosin_log(S_INCLUDE|S_GETCALLER, "Included URL is blacklisted: %s", filename); 264 suhosin_log(S_INCLUDE|S_GETCALLER, "Included URL is blacklisted: %s", filename);
266 suhosin_bailout(); 265 suhosin_bailout();
267 break; 266 break;
268 267
269 case SUHOSIN_CODE_TYPE_BADURL: 268 case SUHOSIN_CODE_TYPE_BADURL:
270 suhosin_log(S_INCLUDE|S_GETCALLER, "Included URL is not allowed: %s", filename); 269 suhosin_log(S_INCLUDE|S_GETCALLER, "Included URL is not allowed: %s", filename);
271 suhosin_bailout(); 270 suhosin_bailout();
@@ -295,11 +294,11 @@ static void suhosin_check_codetype(zend_ulong code_type, char *filename)
295 294
296ZEND_API static int (*old_zend_stream_open)(const char *filename, zend_file_handle *handle) = NULL; 295ZEND_API static int (*old_zend_stream_open)(const char *filename, zend_file_handle *handle) = NULL;
297 296
298// 297//
299ZEND_API static int suhosin_zend_stream_open(const char *filename, zend_file_handle *handle) 298ZEND_API static int suhosin_zend_stream_open(const char *filename, zend_file_handle *handle)
300{ 299{
301 zend_execute_data *execute_data = EG(current_execute_data); 300 zend_execute_data *execute_data = EG(current_execute_data);
302 301
303 if ((execute_data != NULL) && (execute_data->opline != NULL) && (execute_data->opline->opcode == ZEND_INCLUDE_OR_EVAL)) { 302 if ((execute_data != NULL) && (execute_data->opline != NULL) && (execute_data->opline->opcode == ZEND_INCLUDE_OR_EVAL)) {
304 int filetype = suhosin_check_filename((char *)filename, strlen(filename)); 303 int filetype = suhosin_check_filename((char *)filename, strlen(filename));
305 suhosin_check_codetype(filetype, (char*)filename); 304 suhosin_check_codetype(filetype, (char*)filename);
@@ -319,11 +318,11 @@ static inline int suhosin_detect_codetype(zend_op_array *op_array)
319 318
320 /* eval, assert, create_function, mb_ereg_replace */ 319 /* eval, assert, create_function, mb_ereg_replace */
321 if (op_array->type == ZEND_EVAL_CODE) { 320 if (op_array->type == ZEND_EVAL_CODE) {
322 321
323 if (s == NULL) { 322 if (s == NULL) {
324 return SUHOSIN_CODE_TYPE_UNKNOWN; 323 return SUHOSIN_CODE_TYPE_UNKNOWN;
325 } 324 }
326 325
327 if (strstr(s, "eval()'d code") != NULL) { 326 if (strstr(s, "eval()'d code") != NULL) {
328 return SUHOSIN_CODE_TYPE_EVAL; 327 return SUHOSIN_CODE_TYPE_EVAL;
329 } 328 }
@@ -343,7 +342,7 @@ static inline int suhosin_detect_codetype(zend_op_array *op_array)
343 if (strstr(s, "runtime-created function") != NULL) { 342 if (strstr(s, "runtime-created function") != NULL) {
344 return SUHOSIN_CODE_TYPE_CFUNC; 343 return SUHOSIN_CODE_TYPE_CFUNC;
345 } 344 }
346 345
347 if (strstr(s, "Command line code") != NULL) { 346 if (strstr(s, "Command line code") != NULL) {
348 return SUHOSIN_CODE_TYPE_COMMANDLINE; 347 return SUHOSIN_CODE_TYPE_COMMANDLINE;
349 } 348 }
@@ -359,17 +358,17 @@ static inline int suhosin_detect_codetype(zend_op_array *op_array)
359 if (strstr(s, "Command line end code") != NULL) { 358 if (strstr(s, "Command line end code") != NULL) {
360 return SUHOSIN_CODE_TYPE_COMMANDLINE; 359 return SUHOSIN_CODE_TYPE_COMMANDLINE;
361 } 360 }
362 361
363 if (strstr(s, "suhosin internal code") != NULL) { 362 if (strstr(s, "suhosin internal code") != NULL) {
364 return SUHOSIN_CODE_TYPE_SUHOSIN; 363 return SUHOSIN_CODE_TYPE_SUHOSIN;
365 } 364 }
366 365
367 } else { 366 } else {
368 367
369 return suhosin_check_filename(s, strlen(s)); 368 return suhosin_check_filename(s, strlen(s));
370 369
371 } 370 }
372 371
373 return SUHOSIN_CODE_TYPE_UNKNOWN; 372 return SUHOSIN_CODE_TYPE_UNKNOWN;
374} 373}
375 374
@@ -384,19 +383,19 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
384 old_execute_ex(execute_data); 383 old_execute_ex(execute_data);
385 return; 384 return;
386 } 385 }
387 386
388 zend_op_array *new_op_array; 387 zend_op_array *new_op_array;
389 int op_array_type;//, len; 388 int op_array_type;//, len;
390 // char *fn; 389 // char *fn;
391 zval cs; 390 zval cs;
392 zend_ulong orig_code_type; 391 zend_ulong orig_code_type;
393 unsigned long *suhosin_flags = NULL; 392 unsigned long *suhosin_flags = NULL;
394 393
395 /* log variable dropping statistics */ 394 /* log variable dropping statistics */
396 if (SUHOSIN7_G(abort_request)) { 395 if (SUHOSIN7_G(abort_request)) {
397 396
398 SUHOSIN7_G(abort_request) = 0; /* we only want this to happen the first time */ 397 SUHOSIN7_G(abort_request) = 0; /* we only want this to happen the first time */
399 398
400 if (SUHOSIN7_G(att_request_variables)-SUHOSIN7_G(cur_request_variables) > 0) { 399 if (SUHOSIN7_G(att_request_variables)-SUHOSIN7_G(cur_request_variables) > 0) {
401 suhosin_log(S_VARS, "dropped %u request variables - (%u in GET, %u in POST, %u in COOKIE)", 400 suhosin_log(S_VARS, "dropped %u request variables - (%u in GET, %u in POST, %u in COOKIE)",
402 SUHOSIN7_G(att_request_variables)-SUHOSIN7_G(cur_request_variables), 401 SUHOSIN7_G(att_request_variables)-SUHOSIN7_G(cur_request_variables),
@@ -404,33 +403,33 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
404 SUHOSIN7_G(att_post_vars)-SUHOSIN7_G(cur_post_vars), 403 SUHOSIN7_G(att_post_vars)-SUHOSIN7_G(cur_post_vars),
405 SUHOSIN7_G(att_cookie_vars)-SUHOSIN7_G(cur_cookie_vars)); 404 SUHOSIN7_G(att_cookie_vars)-SUHOSIN7_G(cur_cookie_vars));
406 } 405 }
407 406
408 // if (!SUHOSIN7_G(simulation) && SUHOSIN7_G(filter_action)) { 407 // if (!SUHOSIN7_G(simulation) && SUHOSIN7_G(filter_action)) {
409 // 408 //
410 // char *action = SUHOSIN7_G(filter_action); 409 // char *action = SUHOSIN7_G(filter_action);
411 // long code = -1; 410 // long code = -1;
412 // 411 //
413 // while (*action == ' ' || *action == '\t') action++; 412 // while (*action == ' ' || *action == '\t') action++;
414 // 413 //
415 // if (*action >= '0' && *action <= '9') { 414 // if (*action >= '0' && *action <= '9') {
416 // char *end = action; 415 // char *end = action;
417 // while (*end && *end != ',' && *end != ';') end++; 416 // while (*end && *end != ',' && *end != ';') end++;
418 // code = zend_atoi(action, end-action); 417 // code = zend_atoi(action, end-action);
419 // action = end; 418 // action = end;
420 // } 419 // }
421 // 420 //
422 // while (*action == ' ' || *action == '\t' || *action == ',' || *action == ';') action++; 421 // while (*action == ' ' || *action == '\t' || *action == ',' || *action == ';') action++;
423 // 422 //
424 // if (*action) { 423 // if (*action) {
425 // 424 //
426 // if (strncasecmp("http://", action, sizeof("http://")-1)==0 425 // if (strncasecmp("http://", action, sizeof("http://")-1)==0
427 // || strncasecmp("https://", action, sizeof("https://")-1)==0) { 426 // || strncasecmp("https://", action, sizeof("https://")-1)==0) {
428 // sapi_header_line ctr = {0}; 427 // sapi_header_line ctr = {0};
429 // 428 //
430 // if (code == -1) { 429 // if (code == -1) {
431 // code = 302; 430 // code = 302;
432 // } 431 // }
433 // 432 //
434 // ctr.line_len = spprintf(&ctr.line, 0, "Location: %s", action); 433 // ctr.line_len = spprintf(&ctr.line, 0, "Location: %s", action);
435 // ctr.response_code = code; 434 // ctr.response_code = code;
436 // sapi_header_op(SAPI_HEADER_REPLACE, &ctr); 435 // sapi_header_op(SAPI_HEADER_REPLACE, &ctr);
@@ -439,11 +438,11 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
439 // zend_file_handle file_handle; 438 // zend_file_handle file_handle;
440 // zend_op_array *new_op_array; 439 // zend_op_array *new_op_array;
441 // zval *result = NULL; 440 // zval *result = NULL;
442 // 441 //
443 // if (code == -1) { 442 // if (code == -1) {
444 // code = 200; 443 // code = 200;
445 // } 444 // }
446 // 445 //
447 // if (zend_stream_open(action, &file_handle) == SUCCESS) { 446 // if (zend_stream_open(action, &file_handle) == SUCCESS) {
448 // if (!file_handle.opened_path) { 447 // if (!file_handle.opened_path) {
449 // file_handle.opened_path = estrndup(action, strlen(action)); 448 // file_handle.opened_path = estrndup(action, strlen(action));
@@ -456,7 +455,7 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
456 // zend_execute(new_op_array); 455 // zend_execute(new_op_array);
457 // destroy_op_array(new_op_array); 456 // destroy_op_array(new_op_array);
458 // efree(new_op_array); 457 // efree(new_op_array);
459 // 458 //
460 // if (!EG(exception)) 459 // if (!EG(exception))
461 // { 460 // {
462 // if (EG(return_value_ptr_ptr)) { 461 // if (EG(return_value_ptr_ptr)) {
@@ -472,24 +471,24 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
472 // } 471 // }
473 // } 472 // }
474 // } 473 // }
475 // 474 //
476 // sapi_header_op(SAPI_HEADER_SET_STATUS, (void *)code); 475 // sapi_header_op(SAPI_HEADER_SET_STATUS, (void *)code);
477 // zend_bailout(); 476 // zend_bailout();
478 // } 477 // }
479 } 478 }
480 479
481 // SDEBUG("%s %s", op_array->filename, op_array->function_name); 480 // SDEBUG("%s %s", op_array->filename, op_array->function_name);
482 481
483 SUHOSIN7_G(execution_depth)++; 482 SUHOSIN7_G(execution_depth)++;
484 483
485 if (SUHOSIN7_G(max_execution_depth) && SUHOSIN7_G(execution_depth) > SUHOSIN7_G(max_execution_depth)) { 484 if (SUHOSIN7_G(max_execution_depth) && SUHOSIN7_G(execution_depth) > SUHOSIN7_G(max_execution_depth)) {
486 suhosin_log(S_EXECUTOR|S_GETCALLER, "maximum execution depth reached - script terminated"); 485 suhosin_log(S_EXECUTOR|S_GETCALLER, "maximum execution depth reached - script terminated");
487 suhosin_bailout(); 486 suhosin_bailout();
488 } 487 }
489 488
490 // fn = (char *)execute_data->func->op_array.filename; 489 // fn = (char *)execute_data->func->op_array.filename;
491 // len = strlen(fn); 490 // len = strlen(fn);
492 491
493 orig_code_type = SUHOSIN7_G(in_code_type); 492 orig_code_type = SUHOSIN7_G(in_code_type);
494 if (execute_data->func->op_array.type == ZEND_EVAL_CODE) { 493 if (execute_data->func->op_array.type == ZEND_EVAL_CODE) {
495 SUHOSIN7_G(in_code_type) = SUHOSIN_EVAL; 494 SUHOSIN7_G(in_code_type) = SUHOSIN_EVAL;
@@ -497,7 +496,7 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
497 // if (suhosin_zend_extension_entry.resource_number != -1) { 496 // if (suhosin_zend_extension_entry.resource_number != -1) {
498 // suhosin_flags = (unsigned long *) &execute_data->func->op_array.reserved[suhosin_zend_extension_entry.resource_number]; 497 // suhosin_flags = (unsigned long *) &execute_data->func->op_array.reserved[suhosin_zend_extension_entry.resource_number];
499 // SDEBUG("suhosin flags: %08lx", *suhosin_flags); 498 // SDEBUG("suhosin flags: %08lx", *suhosin_flags);
500 // 499 //
501 // if (*suhosin_flags & SUHOSIN_FLAG_CREATED_BY_EVAL) { 500 // if (*suhosin_flags & SUHOSIN_FLAG_CREATED_BY_EVAL) {
502 // SUHOSIN7_G(in_code_type) = SUHOSIN_EVAL; 501 // SUHOSIN7_G(in_code_type) = SUHOSIN_EVAL;
503 // } 502 // }
@@ -505,7 +504,7 @@ ZEND_API static void suhosin_execute_ex(zend_execute_data *execute_data)
505 // goto not_evaled_code; 504 // goto not_evaled_code;
506 // } 505 // }
507 // } 506 // }
508 507
509 if (zend_string_equals_literal(execute_data->func->op_array.filename, "eval()'d code")) { 508 if (zend_string_equals_literal(execute_data->func->op_array.filename, "eval()'d code")) {
510 SUHOSIN7_G(in_code_type) = SUHOSIN_EVAL; 509 SUHOSIN7_G(in_code_type) = SUHOSIN_EVAL;
511 } // else { 510 } // else {
@@ -523,7 +522,7 @@ not_evaled_code:
523/* if (SUHOSIN7_G(deactivate)) { 522/* if (SUHOSIN7_G(deactivate)) {
524 goto continue_execution; 523 goto continue_execution;
525 } 524 }
526*/ 525*/
527 526
528 op_array_type = suhosin_detect_codetype(&execute_data->func->op_array); 527 op_array_type = suhosin_detect_codetype(&execute_data->func->op_array);
529 char *filename = execute_data->func->op_array.filename ? ZSTR_VAL(execute_data->func->op_array.filename) : "<unknown>"; 528 char *filename = execute_data->func->op_array.filename ? ZSTR_VAL(execute_data->func->op_array.filename) : "<unknown>";
@@ -553,7 +552,7 @@ static suhosin_internal_function_handler ihandlers[] = {
553 // { "mail", ih_mail, NULL, NULL, NULL }, 552 // { "mail", ih_mail, NULL, NULL, NULL },
554 // { "symlink", ih_symlink, NULL, NULL, NULL }, 553 // { "symlink", ih_symlink, NULL, NULL, NULL },
555 S7_IH_ENTRY0i(symlink) 554 S7_IH_ENTRY0i(symlink)
556 555
557 // random number functions 556 // random number functions
558 S7_IH_ENTRY0i(srand) 557 S7_IH_ENTRY0i(srand)
559 S7_IH_ENTRY0i(mt_srand) 558 S7_IH_ENTRY0i(mt_srand)
@@ -561,9 +560,9 @@ static suhosin_internal_function_handler ihandlers[] = {
561 S7_IH_ENTRY0i(mt_rand) 560 S7_IH_ENTRY0i(mt_rand)
562 S7_IH_ENTRY0i(getrandmax) 561 S7_IH_ENTRY0i(getrandmax)
563 S7_IH_ENTRY0("mt_getrandmax", getrandmax) 562 S7_IH_ENTRY0("mt_getrandmax", getrandmax)
564 563
565 S7_IH_ENTRY0i(function_exists) 564 S7_IH_ENTRY0i(function_exists)
566 565
567 /* Mysqli */ 566 /* Mysqli */
568 // { "mysqli::mysqli", ih_fixusername, (void *)2, NULL, NULL }, 567 // { "mysqli::mysqli", ih_fixusername, (void *)2, NULL, NULL },
569 // { "mysqli_connect", ih_fixusername, (void *)2, NULL, NULL }, 568 // { "mysqli_connect", ih_fixusername, (void *)2, NULL, NULL },
@@ -571,7 +570,7 @@ static suhosin_internal_function_handler ihandlers[] = {
571 // { "mysqli_real_connect", ih_fixusername, (void *)3, NULL, NULL }, 570 // { "mysqli_real_connect", ih_fixusername, (void *)3, NULL, NULL },
572 // { "mysqli_change_user", ih_fixusername, (void *)2, NULL, NULL }, 571 // { "mysqli_change_user", ih_fixusername, (void *)2, NULL, NULL },
573 // { "mysqli::change_user", ih_fixusername, (void *)1, NULL, NULL }, 572 // { "mysqli::change_user", ih_fixusername, (void *)1, NULL, NULL },
574 573
575 // { "mysqli::query", ih_querycheck, (void *)1, (void *)1, NULL }, 574 // { "mysqli::query", ih_querycheck, (void *)1, (void *)1, NULL },
576 // { "mysqli_query", ih_querycheck, (void *)2, (void *)1, NULL }, 575 // { "mysqli_query", ih_querycheck, (void *)2, (void *)1, NULL },
577 // { "mysqli::multi_query", ih_querycheck, (void *)1, (void *)1, NULL }, 576 // { "mysqli::multi_query", ih_querycheck, (void *)1, (void *)1, NULL },
@@ -586,14 +585,14 @@ static suhosin_internal_function_handler ihandlers[] = {
586 // { "mysqli_master_query", ih_querycheck, (void *)2, (void *)1, NULL }, 585 // { "mysqli_master_query", ih_querycheck, (void *)2, (void *)1, NULL },
587 // { "mysqli_slave_query", ih_querycheck, (void *)2, (void *)1, NULL }, 586 // { "mysqli_slave_query", ih_querycheck, (void *)2, (void *)1, NULL },
588 // ---- 587 // ----
589 588
590 /* Mysql API - deprecated in PHP 5.5 */ 589 /* Mysql API - deprecated in PHP 5.5 */
591 // { "mysql_connect", ih_fixusername, (void *)2, NULL, NULL }, 590 // { "mysql_connect", ih_fixusername, (void *)2, NULL, NULL },
592 // { "mysql_pconnect", ih_fixusername, (void *)2, NULL, NULL }, 591 // { "mysql_pconnect", ih_fixusername, (void *)2, NULL, NULL },
593 // { "mysql_query", ih_querycheck, (void *)1, (void *)1, NULL }, 592 // { "mysql_query", ih_querycheck, (void *)1, (void *)1, NULL },
594 // { "mysql_db_query", ih_querycheck, (void *)2, (void *)1, NULL }, 593 // { "mysql_db_query", ih_querycheck, (void *)2, (void *)1, NULL },
595 // { "mysql_unbuffered_query", ih_querycheck, (void *)1, (void *)1, NULL }, 594 // { "mysql_unbuffered_query", ih_querycheck, (void *)1, (void *)1, NULL },
596 595
597#ifdef SUHOSIN7_EXPERIMENTAL 596#ifdef SUHOSIN7_EXPERIMENTAL
598 /* MaxDB */ 597 /* MaxDB */
599 // { "maxdb::maxdb", ih_fixusername, (void *)2, NULL, NULL }, 598 // { "maxdb::maxdb", ih_fixusername, (void *)2, NULL, NULL },
@@ -602,7 +601,7 @@ static suhosin_internal_function_handler ihandlers[] = {
602 // { "maxdb_real_connect", ih_fixusername, (void *)3, NULL, NULL }, 601 // { "maxdb_real_connect", ih_fixusername, (void *)3, NULL, NULL },
603 // { "maxdb::change_user", ih_fixusername, (void *)1, NULL, NULL }, 602 // { "maxdb::change_user", ih_fixusername, (void *)1, NULL, NULL },
604 // { "maxdb_change_user", ih_fixusername, (void *)2, NULL, NULL }, 603 // { "maxdb_change_user", ih_fixusername, (void *)2, NULL, NULL },
605 // 604 //
606 // { "maxdb_master_query", ih_querycheck, (void *)2, NULL, NULL }, 605 // { "maxdb_master_query", ih_querycheck, (void *)2, NULL, NULL },
607 // { "maxdb::multi_query", ih_querycheck, (void *)1, NULL, NULL }, 606 // { "maxdb::multi_query", ih_querycheck, (void *)1, NULL, NULL },
608 // { "maxdb_multi_query", ih_querycheck, (void *)2, NULL, NULL }, 607 // { "maxdb_multi_query", ih_querycheck, (void *)2, NULL, NULL },
@@ -621,7 +620,7 @@ static suhosin_internal_function_handler ihandlers[] = {
621 // { "pdo::query", ih_querycheck, (void *)1, NULL, NULL }, 620 // { "pdo::query", ih_querycheck, (void *)1, NULL, NULL },
622 // { "pdo::prepare", ih_querycheck, (void *)1, NULL, NULL }, 621 // { "pdo::prepare", ih_querycheck, (void *)1, NULL, NULL },
623 // { "pdo::exec", ih_querycheck, (void *)1, NULL, NULL }, 622 // { "pdo::exec", ih_querycheck, (void *)1, NULL, NULL },
624 623
625 /* Oracle OCI8 */ 624 /* Oracle OCI8 */
626 // { "ocilogon", ih_fixusername, (void *)1, NULL, NULL }, 625 // { "ocilogon", ih_fixusername, (void *)1, NULL, NULL },
627 // { "ociplogon", ih_fixusername, (void *)1, NULL, NULL }, 626 // { "ociplogon", ih_fixusername, (void *)1, NULL, NULL },
@@ -639,7 +638,7 @@ static suhosin_internal_function_handler ihandlers[] = {
639 /* Informix */ 638 /* Informix */
640 // { "ifx_connect", ih_fixusername, (void *)2, NULL, NULL }, 639 // { "ifx_connect", ih_fixusername, (void *)2, NULL, NULL },
641 // { "ifx_pconnect", ih_fixusername, (void *)2, NULL, NULL }, 640 // { "ifx_pconnect", ih_fixusername, (void *)2, NULL, NULL },
642 // 641 //
643 /* Firebird/InterBase */ 642 /* Firebird/InterBase */
644 // { "ibase_connect", ih_fixusername, (void *)2, NULL, NULL }, 643 // { "ibase_connect", ih_fixusername, (void *)2, NULL, NULL },
645 // { "ibase_pconnect", ih_fixusername, (void *)2, NULL, NULL }, 644 // { "ibase_pconnect", ih_fixusername, (void *)2, NULL, NULL },
@@ -671,21 +670,21 @@ ZEND_API static void suhosin_execute_internal(zend_execute_data *execute_data, z
671 suhosin_bailout(); 670 suhosin_bailout();
672 return; 671 return;
673 } 672 }
674 673
675 zend_function *func = execute_data->func; 674 zend_function *func = execute_data->func;
676 if (func == NULL) { 675 if (func == NULL) {
677 suhosin_log(S_EXECUTOR|S_GETCALLER, "execution without function context. something is wrong."); 676 suhosin_log(S_EXECUTOR|S_GETCALLER, "execution without function context. something is wrong.");
678 suhosin_bailout(); 677 suhosin_bailout();
679 } 678 }
680 679
681 680
682 // zval *return_value; 681 // zval *return_value;
683 // zval **return_value_ptr; 682 // zval **return_value_ptr;
684 // zval *this_ptr; 683 // zval *this_ptr;
685 int ht = 0; 684 int ht = 0;
686 int retval = SUCCESS; 685 int retval = SUCCESS;
687 686
688 687
689 // if (fci) { 688 // if (fci) {
690 // return_value = *fci->retval_ptr_ptr; 689 // return_value = *fci->retval_ptr_ptr;
691 // return_value_ptr = fci->retval_ptr_ptr; 690 // return_value_ptr = fci->retval_ptr_ptr;
@@ -698,17 +697,17 @@ ZEND_API static void suhosin_execute_internal(zend_execute_data *execute_data, z
698 // return_value_ptr = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) ? &ret->var.ptr : NULL; 697 // return_value_ptr = (fbc->common.fn_flags & ZEND_ACC_RETURN_REFERENCE) ? &ret->var.ptr : NULL;
699 // this_ptr = execute_data_ptr->object; 698 // this_ptr = execute_data_ptr->object;
700 // ht = execute_data->opline->extended_value; 699 // ht = execute_data->opline->extended_value;
701 // } 700 // }
702 701
703 // char *lcname; 702 // char *lcname;
704 // int function_name_strlen, free_lcname = 0; 703 // int function_name_strlen, free_lcname = 0;
705 // zend_class_entry *ce = NULL; 704 // zend_class_entry *ce = NULL;
706 // internal_function_handler *ih; 705 // internal_function_handler *ih;
707 // 706 //
708 // ce = ((zend_internal_function *) execute_data_ptr->function_state.function)->scope; 707 // ce = ((zend_internal_function *) execute_data_ptr->function_state.function)->scope;
709 // lcname = (char *)((zend_internal_function *) execute_data_ptr->function_state.function)->function_name; 708 // lcname = (char *)((zend_internal_function *) execute_data_ptr->function_state.function)->function_name;
710 // function_name_strlen = strlen(lcname); 709 // function_name_strlen = strlen(lcname);
711 710
712 /* handle methodcalls correctly */ 711 /* handle methodcalls correctly */
713 // if (ce != NULL) { 712 // if (ce != NULL) {
714 // char *tmp = (char *) emalloc(function_name_strlen + 2 + ce->name_length + 1); 713 // char *tmp = (char *) emalloc(function_name_strlen + 2 + ce->name_length + 1);
@@ -730,11 +729,11 @@ ZEND_API static void suhosin_execute_internal(zend_execute_data *execute_data, z
730 // no function name -> skip whitelists/blacklists 729 // no function name -> skip whitelists/blacklists
731 goto execute_internal_continue; 730 goto execute_internal_continue;
732 } 731 }
733 732
734 SDEBUG("function: [%s]/%zu", ZSTR_VAL(function_name), ZSTR_LEN(function_name)) ; 733 SDEBUG("function: [%s]/%zu", ZSTR_VAL(function_name), ZSTR_LEN(function_name)) ;
735 734
736 if (SUHOSIN7_G(in_code_type) == SUHOSIN_EVAL) { 735 if (SUHOSIN7_G(in_code_type) == SUHOSIN_EVAL) {
737 736
738 if (SUHOSIN7_G(eval_whitelist) != NULL) { 737 if (SUHOSIN7_G(eval_whitelist) != NULL) {
739 if (!zend_hash_exists(SUHOSIN7_G(eval_whitelist), function_name)) { 738 if (!zend_hash_exists(SUHOSIN7_G(eval_whitelist), function_name)) {
740 suhosin_log(S_EXECUTOR|S_GETCALLER, "eval'd function not whitelisted: %s()", ZSTR_VAL(function_name)); 739 suhosin_log(S_EXECUTOR|S_GETCALLER, "eval'd function not whitelisted: %s()", ZSTR_VAL(function_name));
@@ -755,7 +754,7 @@ ZEND_API static void suhosin_execute_internal(zend_execute_data *execute_data, z
755 } 754 }
756 } 755 }
757 } 756 }
758 757
759 if (SUHOSIN7_G(func_whitelist) != NULL) { 758 if (SUHOSIN7_G(func_whitelist) != NULL) {
760 if (!zend_hash_exists(SUHOSIN7_G(func_whitelist), function_name)) { 759 if (!zend_hash_exists(SUHOSIN7_G(func_whitelist), function_name)) {
761 suhosin_log(S_EXECUTOR|S_GETCALLER, "function not whitelisted: %s()", ZSTR_VAL(function_name)); 760 suhosin_log(S_EXECUTOR|S_GETCALLER, "function not whitelisted: %s()", ZSTR_VAL(function_name));
@@ -775,19 +774,19 @@ ZEND_API static void suhosin_execute_internal(zend_execute_data *execute_data, z
775 } 774 }
776 } 775 }
777 } 776 }
778 777
779 suhosin_internal_function_handler *ih; 778 suhosin_internal_function_handler *ih;
780 if ((ih = zend_hash_find_ptr(&ihandler_table, function_name))) { 779 if ((ih = zend_hash_find_ptr(&ihandler_table, function_name))) {
781 void *handler = execute_data->func->internal_function.handler; 780 void *handler = execute_data->func->internal_function.handler;
782 781
783 if (handler != ZEND_FN(display_disabled_function)) { 782 if (handler != ZEND_FN(display_disabled_function)) {
784 retval = ih->handler(S7_IH_HANDLER_PARAM_PASSTHRU); 783 retval = ih->handler(S7_IH_HANDLER_PARAM_PASSTHRU);
785 } 784 }
786 785
787 } 786 }
788 787
789execute_internal_continue: 788execute_internal_continue:
790 789
791 if (retval == SUCCESS) { 790 if (retval == SUCCESS) {
792 old_execute_internal(execute_data, return_value); 791 old_execute_internal(execute_data, return_value);
793 } 792 }
@@ -813,13 +812,13 @@ execute_internal_bailout:
813// if (zo_set_oe_ex != NULL) { 812// if (zo_set_oe_ex != NULL) {
814// return ZEND_HASH_APPLY_STOP; 813// return ZEND_HASH_APPLY_STOP;
815// } 814// }
816// 815//
817// if (extension->handle != NULL) { 816// if (extension->handle != NULL) {
818// 817//
819// zo_set_oe_ex = (void *)DL_FETCH_SYMBOL(extension->handle, "zend_optimizer_set_oe_ex"); 818// zo_set_oe_ex = (void *)DL_FETCH_SYMBOL(extension->handle, "zend_optimizer_set_oe_ex");
820// 819//
821// } 820// }
822// 821//
823// return 0; 822// return 0;
824// } 823// }
825/* }}} */ 824/* }}} */
@@ -831,29 +830,29 @@ void suhosin_hook_execute()
831{ 830{
832 old_execute_ex = zend_execute_ex; 831 old_execute_ex = zend_execute_ex;
833 zend_execute_ex = suhosin_execute_ex; 832 zend_execute_ex = suhosin_execute_ex;
834 833
835/* old_compile_file = zend_compile_file; 834/* old_compile_file = zend_compile_file;
836 zend_compile_file = suhosin_compile_file; */ 835 zend_compile_file = suhosin_compile_file; */
837 836
838// #if ZO_COMPATIBILITY_HACK_TEMPORARY_DISABLED 837// #if ZO_COMPATIBILITY_HACK_TEMPORARY_DISABLED
839// if (zo_set_oe_ex == NULL) { 838// if (zo_set_oe_ex == NULL) {
840// zo_set_oe_ex = (void *)DL_FETCH_SYMBOL(NULL, "zend_optimizer_set_oe_ex"); 839// zo_set_oe_ex = (void *)DL_FETCH_SYMBOL(NULL, "zend_optimizer_set_oe_ex");
841// } 840// }
842// if (zo_set_oe_ex == NULL) { 841// if (zo_set_oe_ex == NULL) {
843// zend_llist_apply(&zend_extensions, (llist_apply_func_t)function_lookup); 842// zend_llist_apply(&zend_extensions, (llist_apply_func_t)function_lookup);
844// } 843// }
845// 844//
846// if (zo_set_oe_ex != NULL) { 845// if (zo_set_oe_ex != NULL) {
847// old_execute_ZO = zo_set_oe_ex(suhosin_execute_ZO); 846// old_execute_ZO = zo_set_oe_ex(suhosin_execute_ZO);
848// } 847// }
849// #endif 848// #endif
850 849
851 old_execute_internal = zend_execute_internal; 850 old_execute_internal = zend_execute_internal;
852 if (old_execute_internal == NULL) { 851 if (old_execute_internal == NULL) {
853 old_execute_internal = execute_internal; 852 old_execute_internal = execute_internal;
854 } 853 }
855 zend_execute_internal = suhosin_execute_internal; 854 zend_execute_internal = suhosin_execute_internal;
856 855
857 /* register internal function handlers */ 856 /* register internal function handlers */
858 zend_hash_init(&ihandler_table, 16, NULL, NULL, 1); 857 zend_hash_init(&ihandler_table, 16, NULL, NULL, 1);
859 suhosin_internal_function_handler *ih = &ihandlers[0]; 858 suhosin_internal_function_handler *ih = &ihandlers[0];
@@ -863,8 +862,8 @@ void suhosin_hook_execute()
863 zend_hash_str_add_ptr(&ihandler_table, ih->name, strlen(ih->name), ih); 862 zend_hash_str_add_ptr(&ihandler_table, ih->name, strlen(ih->name), ih);
864 ih++; 863 ih++;
865 } 864 }
866 865
867 866
868 /* Add additional protection layer, that SHOULD 867 /* Add additional protection layer, that SHOULD
869 catch ZEND_INCLUDE_OR_EVAL *before* the engine tries 868 catch ZEND_INCLUDE_OR_EVAL *before* the engine tries
870 to execute */ 869 to execute */
@@ -872,7 +871,7 @@ void suhosin_hook_execute()
872 old_zend_stream_open = zend_stream_open_function; 871 old_zend_stream_open = zend_stream_open_function;
873 } 872 }
874 zend_stream_open_function = suhosin_zend_stream_open; 873 zend_stream_open_function = suhosin_zend_stream_open;
875 874
876} 875}
877/* }}} */ 876/* }}} */
878 877
@@ -888,7 +887,7 @@ void suhosin_unhook_execute()
888// #endif 887// #endif
889 888
890 zend_execute_ex = old_execute_ex; 889 zend_execute_ex = old_execute_ex;
891 890
892/* zend_compile_file = old_compile_file; */ 891/* zend_compile_file = old_compile_file; */
893 892
894 if (old_execute_internal == execute_internal) { 893 if (old_execute_internal == execute_internal) {
@@ -896,10 +895,10 @@ void suhosin_unhook_execute()
896 } 895 }
897 zend_execute_internal = old_execute_internal; 896 zend_execute_internal = old_execute_internal;
898 zend_hash_clean(&ihandler_table); 897 zend_hash_clean(&ihandler_table);
899 898
900 /* remove zend_open protection */ 899 /* remove zend_open protection */
901 zend_stream_open_function = old_zend_stream_open; 900 zend_stream_open_function = old_zend_stream_open;
902 901
903} 902}
904/* }}} */ 903/* }}} */
905 904
diff --git a/execute_rnd.c b/execute_rnd.c
index e2f6016..10d7d5a 100644
--- a/execute_rnd.c
+++ b/execute_rnd.c
@@ -44,7 +44,7 @@
44 44
45 Copyright (C) 1997 - 2002, Makoto Matsumoto and Takuji Nishimura, 45 Copyright (C) 1997 - 2002, Makoto Matsumoto and Takuji Nishimura,
46 Copyright (C) 2000 - 2003, Richard J. Wagner 46 Copyright (C) 2000 - 2003, Richard J. Wagner
47 All rights reserved. 47 All rights reserved.
48 48
49 Redistribution and use in source and binary forms, with or without 49 Redistribution and use in source and binary forms, with or without
50 modification, are permitted provided that the following conditions 50 modification, are permitted provided that the following conditions
@@ -57,8 +57,8 @@
57 notice, this list of conditions and the following disclaimer in the 57 notice, this list of conditions and the following disclaimer in the
58 documentation and/or other materials provided with the distribution. 58 documentation and/or other materials provided with the distribution.
59 59
60 3. The names of its contributors may not be used to endorse or promote 60 3. The names of its contributors may not be used to endorse or promote
61 products derived from this software without specific prior written 61 products derived from this software without specific prior written
62 permission. 62 permission.
63 63
64 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 64 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
@@ -187,14 +187,14 @@ static php_uint32 suhosin_mt_rand()
187{ 187{
188 /* Pull a 32-bit integer from the generator state 188 /* Pull a 32-bit integer from the generator state
189 Every other access function simply transforms the numbers extracted here */ 189 Every other access function simply transforms the numbers extracted here */
190 190
191 register php_uint32 s1; 191 register php_uint32 s1;
192 192
193 if (SUHOSIN7_G(mt_left) == 0) { 193 if (SUHOSIN7_G(mt_left) == 0) {
194 suhosin_mt_reload(SUHOSIN7_G(mt_state), &SUHOSIN7_G(mt_next), &SUHOSIN7_G(mt_left)); 194 suhosin_mt_reload(SUHOSIN7_G(mt_state), &SUHOSIN7_G(mt_next), &SUHOSIN7_G(mt_left));
195 } 195 }
196 --SUHOSIN7_G(mt_left); 196 --SUHOSIN7_G(mt_left);
197 197
198 s1 = *SUHOSIN7_G(mt_next)++; 198 s1 = *SUHOSIN7_G(mt_next)++;
199 s1 ^= (s1 >> 11); 199 s1 ^= (s1 >> 11);
200 s1 ^= (s1 << 7) & 0x9d2c5680U; 200 s1 ^= (s1 << 7) & 0x9d2c5680U;
@@ -263,7 +263,7 @@ static void SUHOSIN7_Gen_entropy(php_uint32 *entropybuf)
263 */ 263 */
264static void suhosin_srand_auto() 264static void suhosin_srand_auto()
265{ 265{
266 php_uint32 seed[8]; 266 php_uint32 seed[8];
267 SUHOSIN7_Gen_entropy(&seed[0]); 267 SUHOSIN7_Gen_entropy(&seed[0]);
268 268
269 suhosin_mt_init_by_array(seed, 8, SUHOSIN7_G(r_state)); 269 suhosin_mt_init_by_array(seed, 8, SUHOSIN7_G(r_state));
@@ -278,7 +278,7 @@ static void suhosin_srand_auto()
278 */ 278 */
279static void suhosin_mt_srand_auto() 279static void suhosin_mt_srand_auto()
280{ 280{
281 php_uint32 seed[8]; 281 php_uint32 seed[8];
282 SUHOSIN7_Gen_entropy(&seed[0]); 282 SUHOSIN7_Gen_entropy(&seed[0]);
283 283
284 suhosin_mt_init_by_array(seed, 8, SUHOSIN7_G(mt_state)); 284 suhosin_mt_init_by_array(seed, 8, SUHOSIN7_G(mt_state));
@@ -309,14 +309,14 @@ static php_uint32 suhosin_rand()
309{ 309{
310 /* Pull a 32-bit integer from the generator state 310 /* Pull a 32-bit integer from the generator state
311 Every other access function simply transforms the numbers extracted here */ 311 Every other access function simply transforms the numbers extracted here */
312 312
313 register php_uint32 s1; 313 register php_uint32 s1;
314 314
315 if (SUHOSIN7_G(r_left) == 0) { 315 if (SUHOSIN7_G(r_left) == 0) {
316 suhosin_mt_reload(SUHOSIN7_G(r_state), &SUHOSIN7_G(r_next), &SUHOSIN7_G(r_left)); 316 suhosin_mt_reload(SUHOSIN7_G(r_state), &SUHOSIN7_G(r_next), &SUHOSIN7_G(r_left));
317 } 317 }
318 --SUHOSIN7_G(r_left); 318 --SUHOSIN7_G(r_left);
319 319
320 s1 = *SUHOSIN7_G(r_next)++; 320 s1 = *SUHOSIN7_G(r_next)++;
321 s1 ^= (s1 >> 11); 321 s1 ^= (s1 >> 11);
322 s1 ^= (s1 << 7) & 0x9d2c5680U; 322 s1 ^= (s1 << 7) & 0x9d2c5680U;
@@ -334,7 +334,7 @@ S7_IH_FUNCTION(srand)
334 SUHOSIN7_G(r_is_seeded) = 0; 334 SUHOSIN7_G(r_is_seeded) = 0;
335 return 1; 335 return 1;
336 } 336 }
337 337
338 if (zend_parse_parameters(argc, "|l", &seed) == FAILURE) { 338 if (zend_parse_parameters(argc, "|l", &seed) == FAILURE) {
339 return 1; 339 return 1;
340 } 340 }
@@ -356,7 +356,7 @@ S7_IH_FUNCTION(mt_srand)
356 SUHOSIN7_G(mt_is_seeded) = 0; 356 SUHOSIN7_G(mt_is_seeded) = 0;
357 return 1; 357 return 1;
358 } 358 }
359 359
360 if (zend_parse_parameters(argc, "|l", &seed) == FAILURE) { 360 if (zend_parse_parameters(argc, "|l", &seed) == FAILURE) {
361 return 1; 361 return 1;
362 } 362 }
@@ -377,7 +377,7 @@ S7_IH_FUNCTION(mt_rand)
377 long number; 377 long number;
378 378
379 if (argc != 0 && zend_parse_parameters(argc, "ll", &min, &max) == FAILURE) { 379 if (argc != 0 && zend_parse_parameters(argc, "ll", &min, &max) == FAILURE) {
380 return (1); 380 return (1);
381 } 381 }
382 382
383 if (!SUHOSIN7_G(mt_is_seeded)) { 383 if (!SUHOSIN7_G(mt_is_seeded)) {
@@ -401,7 +401,7 @@ S7_IH_FUNCTION(rand)
401 long number; 401 long number;
402 402
403 if (argc != 0 && zend_parse_parameters(argc, "ll", &min, &max) == FAILURE) { 403 if (argc != 0 && zend_parse_parameters(argc, "ll", &min, &max) == FAILURE) {
404 return (1); 404 return (1);
405 } 405 }
406 406
407 if (!SUHOSIN7_G(r_is_seeded)) { 407 if (!SUHOSIN7_G(r_is_seeded)) {
diff --git a/header.c b/header.c
index b7ce010..f747bbd 100644
--- a/header.c
+++ b/header.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: header.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -41,9 +38,9 @@ static int suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_o
41 if (op != SAPI_HEADER_ADD && op != SAPI_HEADER_REPLACE) { 38 if (op != SAPI_HEADER_ADD && op != SAPI_HEADER_REPLACE) {
42 goto suhosin_skip_header_handling; 39 goto suhosin_skip_header_handling;
43 } 40 }
44 41
45 if (sapi_header && sapi_header->header) { 42 if (sapi_header && sapi_header->header) {
46 43
47 char *tmp = sapi_header->header; 44 char *tmp = sapi_header->header;
48 45
49 for (int i = 0; i < sapi_header->header_len; i++, tmp++) { 46 for (int i = 0; i < sapi_header->header_len; i++, tmp++) {
@@ -55,7 +52,7 @@ static int suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_o
55 } 52 }
56 if (SUHOSIN7_G(allow_multiheader)) { 53 if (SUHOSIN7_G(allow_multiheader)) {
57 continue; 54 continue;
58 } else if ((tmp[0] == '\r' && (tmp[1] != '\n' || i == 0)) || 55 } else if ((tmp[0] == '\r' && (tmp[1] != '\n' || i == 0)) ||
59 (tmp[0] == '\n' && (i == sapi_header->header_len-1 || i == 0 || (tmp[1] != ' ' && tmp[1] != '\t')))) { 56 (tmp[0] == '\n' && (i == sapi_header->header_len-1 || i == 0 || (tmp[1] != ' ' && tmp[1] != '\t')))) {
60 suhosin_log(S_MISC, "%s() - wanted to send multiple HTTP headers at once", suhosin_get_active_function_name()); 57 suhosin_log(S_MISC, "%s() - wanted to send multiple HTTP headers at once", suhosin_get_active_function_name());
61 if (!SUHOSIN7_G(simulation)) { 58 if (!SUHOSIN7_G(simulation)) {
@@ -99,8 +96,8 @@ static int suhosin_header_handler(sapi_header_struct *sapi_header, sapi_header_o
99 } 96 }
100 vlen = end-value; 97 vlen = end-value;
101 98
102 zend_string *zs_val = suhosin_encrypt_single_cookie(name, nlen, value, vlen, (char *)cryptkey); 99 zend_string *zs_val = suhosin_encrypt_single_cookie(name, nlen, value, vlen, (char *)cryptkey);
103 100
104 len = sizeof("Set-Cookie: ")-1 + nlen + 1 + ZSTR_LEN(zs_val) + rend-end; 101 len = sizeof("Set-Cookie: ")-1 + nlen + 1 + ZSTR_LEN(zs_val) + rend-end;
105 tmp = emalloc(len + 1); 102 tmp = emalloc(len + 1);
106 tlen = sprintf(tmp, "Set-Cookie: %.*s=%s", nlen, name, ZSTR_VAL(zs_val)); 103 tlen = sprintf(tmp, "Set-Cookie: %.*s=%s", nlen, name, ZSTR_VAL(zs_val));
diff --git a/ifilter.c b/ifilter.c
index a8fa8e2..cdef00c 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: ifilter.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -67,12 +64,12 @@ size_t suhosin_strncspn(const char *input, size_t n, const char *reject)
67void suhosin_normalize_varname(char *varname) 64void suhosin_normalize_varname(char *varname)
68{ 65{
69 char *s=varname, *index=NULL, *indexend=NULL, *p; 66 char *s=varname, *index=NULL, *indexend=NULL, *p;
70 67
71 /* overjump leading space */ 68 /* overjump leading space */
72 while (*s == ' ') { 69 while (*s == ' ') {
73 s++; 70 s++;
74 } 71 }
75 72
76 /* and remove it */ 73 /* and remove it */
77 if (s != varname) { 74 if (s != varname) {
78 memmove(varname, s, strlen(s)+1); 75 memmove(varname, s, strlen(s)+1);
@@ -104,7 +101,7 @@ void suhosin_normalize_varname(char *varname)
104 } 101 }
105 indexend = strchr(index, ']'); 102 indexend = strchr(index, ']');
106 indexend = indexend ? indexend + 1 : index + strlen(index); 103 indexend = indexend ? indexend + 1 : index + strlen(index);
107 104
108 if (s != index) { 105 if (s != index) {
109 memmove(s, index, strlen(index)+1); 106 memmove(s, index, strlen(index)+1);
110 s += indexend-index; 107 s += indexend-index;
@@ -117,7 +114,7 @@ void suhosin_normalize_varname(char *varname)
117 index = s; 114 index = s;
118 } else { 115 } else {
119 index = NULL; 116 index = NULL;
120 } 117 }
121 } 118 }
122 *s++='\0'; 119 *s++='\0';
123} 120}
@@ -155,7 +152,7 @@ static void suhosin_server_strip(HashTable *arr, char *key, int klen)
155 Z_TYPE_P(zv) != IS_STRING) { 152 Z_TYPE_P(zv) != IS_STRING) {
156 return; 153 return;
157 } 154 }
158 155
159 t = (unsigned char *)Z_STRVAL_P(zv); 156 t = (unsigned char *)Z_STRVAL_P(zv);
160 // SDEBUG() 157 // SDEBUG()
161 for (; *t; t++) { 158 for (; *t; t++) {
@@ -178,7 +175,7 @@ static void suhosin_server_encode(HashTable *arr, char *key, int klen)
178 Z_TYPE_P(zv) != IS_STRING) { 175 Z_TYPE_P(zv) != IS_STRING) {
179 return; 176 return;
180 } 177 }
181 178
182 unsigned char *orig = (unsigned char *)Z_STRVAL_P(zv); 179 unsigned char *orig = (unsigned char *)Z_STRVAL_P(zv);
183 unsigned char *t; 180 unsigned char *t;
184 for (t = orig; *t; t++) { 181 for (t = orig; *t; t++) {
@@ -186,12 +183,12 @@ static void suhosin_server_encode(HashTable *arr, char *key, int klen)
186 extra += 2; 183 extra += 2;
187 } 184 }
188 } 185 }
189 186
190 /* no extra bytes required */ 187 /* no extra bytes required */
191 if (extra == 0) { 188 if (extra == 0) {
192 return; 189 return;
193 } 190 }
194 191
195 size_t dest_len = t - orig + 1 + extra; 192 size_t dest_len = t - orig + 1 + extra;
196 unsigned char dest[dest_len]; 193 unsigned char dest[dest_len];
197 unsigned char *n = dest; 194 unsigned char *n = dest;
@@ -256,7 +253,7 @@ void suhosin_register_server_variables(zval *track_vars_array)
256 if (failure) { 253 if (failure) {
257 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header"); 254 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header");
258 } 255 }
259 256
260 if (SUHOSIN7_G(raw_cookie)) { 257 if (SUHOSIN7_G(raw_cookie)) {
261 zval z; 258 zval z;
262 ZVAL_STRING(&z, SUHOSIN7_G(raw_cookie)); 259 ZVAL_STRING(&z, SUHOSIN7_G(raw_cookie));
@@ -269,7 +266,7 @@ void suhosin_register_server_variables(zval *track_vars_array)
269 efree(SUHOSIN7_G(decrypted_cookie)); 266 efree(SUHOSIN7_G(decrypted_cookie));
270 SUHOSIN7_G(decrypted_cookie) = NULL; 267 SUHOSIN7_G(decrypted_cookie) = NULL;
271 } 268 }
272 269
273 if (SUHOSIN7_G(server_encode)) { 270 if (SUHOSIN7_G(server_encode)) {
274 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */ 271 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */
275 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI")); 272 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI"));
@@ -332,7 +329,7 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
332 } 329 }
333 return 1; 330 return 1;
334 } 331 }
335 332
336 /* Drop this variable if the limit is now reached */ 333 /* Drop this variable if the limit is now reached */
337 switch (arg) { 334 switch (arg) {
338 case PARSE_GET: 335 case PARSE_GET:
@@ -363,7 +360,7 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
363 } 360 }
364 break; 361 break;
365 } 362 }
366 363
367 /* Drop this variable if it begins with whitespace which is disallowed */ 364 /* Drop this variable if it begins with whitespace which is disallowed */
368 // SDEBUG("checking '%c'", *var); 365 // SDEBUG("checking '%c'", *var);
369 if (isspace(*var)) { 366 if (isspace(*var)) {
@@ -394,7 +391,7 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
394 } 391 }
395 } 392 }
396 // else { SDEBUG("not WS");} 393 // else { SDEBUG("not WS");}
397 394
398 /* Drop this variable if it exceeds the value length limit */ 395 /* Drop this variable if it exceeds the value length limit */
399 if (SUHOSIN7_G(max_value_length) && SUHOSIN7_G(max_value_length) < val_len) { 396 if (SUHOSIN7_G(max_value_length) && SUHOSIN7_G(max_value_length) < val_len) {
400 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var); 397 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var);
@@ -420,15 +417,15 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
420 } 417 }
421 break; 418 break;
422 } 419 }
423 420
424 /* Normalize the variable name */ 421 /* Normalize the variable name */
425 suhosin_normalize_varname(var); 422 suhosin_normalize_varname(var);
426 423
427 /* Find length of variable name */ 424 /* Find length of variable name */
428 index = strchr(var, '['); 425 index = strchr(var, '[');
429 total_len = strlen(var); 426 total_len = strlen(var);
430 var_len = index ? index-var : total_len; 427 var_len = index ? index-var : total_len;
431 428
432 /* Drop this variable if it exceeds the varname/total length limit */ 429 /* Drop this variable if it exceeds the varname/total length limit */
433 if (SUHOSIN7_G(max_varname_length) && SUHOSIN7_G(max_varname_length) < var_len) { 430 if (SUHOSIN7_G(max_varname_length) && SUHOSIN7_G(max_varname_length) < var_len) {
434 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var); 431 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var);
@@ -470,51 +467,51 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
470 } 467 }
471 break; 468 break;
472 } 469 }
473 470
474 /* Find out array depth */ 471 /* Find out array depth */
475 while (index) { 472 while (index) {
476 char *index_end; 473 char *index_end;
477 unsigned int index_length; 474 unsigned int index_length;
478 475
479 /* overjump '[' */ 476 /* overjump '[' */
480 index++; 477 index++;
481 478
482 /* increase array depth */ 479 /* increase array depth */
483 depth++; 480 depth++;
484 481
485 index_end = strchr(index, ']'); 482 index_end = strchr(index, ']');
486 if (index_end == NULL) { 483 if (index_end == NULL) {
487 index_end = index+strlen(index); 484 index_end = index+strlen(index);
488 } 485 }
489 486
490 index_length = index_end - index; 487 index_length = index_end - index;
491 488
492 /* max. array index length */ 489 /* max. array index length */
493 if (SUHOSIN7_G(max_array_index_length) && SUHOSIN7_G(max_array_index_length) < index_length) { 490 if (SUHOSIN7_G(max_array_index_length) && SUHOSIN7_G(max_array_index_length) < index_length) {
494 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var); 491 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var);
495 if (!SUHOSIN7_G(simulation)) { return 0; } 492 if (!SUHOSIN7_G(simulation)) { return 0; }
496 } 493 }
497 switch (arg) { 494 switch (arg) {
498 case PARSE_GET: 495 case PARSE_GET:
499 if (SUHOSIN7_G(max_get_array_index_length) && SUHOSIN7_G(max_get_array_index_length) < index_length) { 496 if (SUHOSIN7_G(max_get_array_index_length) && SUHOSIN7_G(max_get_array_index_length) < index_length) {
500 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var); 497 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var);
501 if (!SUHOSIN7_G(simulation)) { return 0; } 498 if (!SUHOSIN7_G(simulation)) { return 0; }
502 } 499 }
503 break; 500 break;
504 case PARSE_COOKIE: 501 case PARSE_COOKIE:
505 if (SUHOSIN7_G(max_cookie_array_index_length) && SUHOSIN7_G(max_cookie_array_index_length) < index_length) { 502 if (SUHOSIN7_G(max_cookie_array_index_length) && SUHOSIN7_G(max_cookie_array_index_length) < index_length) {
506 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var); 503 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var);
507 if (!SUHOSIN7_G(simulation)) { return 0; } 504 if (!SUHOSIN7_G(simulation)) { return 0; }
508 } 505 }
509 break; 506 break;
510 case PARSE_POST: 507 case PARSE_POST:
511 if (SUHOSIN7_G(max_post_array_index_length) && SUHOSIN7_G(max_post_array_index_length) < index_length) { 508 if (SUHOSIN7_G(max_post_array_index_length) && SUHOSIN7_G(max_post_array_index_length) < index_length) {
512 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var); 509 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var);
513 if (!SUHOSIN7_G(simulation)) { return 0; } 510 if (!SUHOSIN7_G(simulation)) { return 0; }
514 } 511 }
515 break; 512 break;
516 } 513 }
517 514
518 /* index whitelist/blacklist */ 515 /* index whitelist/blacklist */
519 if (SUHOSIN7_G(array_index_whitelist) && *(SUHOSIN7_G(array_index_whitelist))) { 516 if (SUHOSIN7_G(array_index_whitelist) && *(SUHOSIN7_G(array_index_whitelist))) {
520 if (suhosin_strnspn(index, index_length, SUHOSIN7_G(array_index_whitelist)) != index_length) { 517 if (suhosin_strnspn(index, index_length, SUHOSIN7_G(array_index_whitelist)) != index_length) {
@@ -527,10 +524,10 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
527 if (!SUHOSIN7_G(simulation)) { return 0; } 524 if (!SUHOSIN7_G(simulation)) { return 0; }
528 } 525 }
529 } 526 }
530 527
531 index = strchr(index, '['); 528 index = strchr(index, '[');
532 } 529 }
533 530
534 /* Drop this variable if it exceeds the array depth limit */ 531 /* Drop this variable if it exceeds the array depth limit */
535 if (SUHOSIN7_G(max_array_depth) && SUHOSIN7_G(max_array_depth) < depth) { 532 if (SUHOSIN7_G(max_array_depth) && SUHOSIN7_G(max_array_depth) < depth) {
536 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var); 533 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var);
@@ -558,9 +555,9 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
558 } 555 }
559 556
560 /* Check if variable value is truncated by a \0 */ 557 /* Check if variable value is truncated by a \0 */
561 558
562 if (val && *val && val_len != strnlen(*val, val_len)) { 559 if (val && *val && val_len != strnlen(*val, val_len)) {
563 560
564 if (SUHOSIN7_G(disallow_nul)) { 561 if (SUHOSIN7_G(disallow_nul)) {
565 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var); 562 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var);
566 if (!SUHOSIN7_G(simulation)) { return 0; } 563 if (!SUHOSIN7_G(simulation)) { return 0; }
@@ -586,7 +583,7 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
586 break; 583 break;
587 } 584 }
588 } 585 }
589 586
590 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */ 587 /* Drop this variable if it is one of GLOBALS, _GET, _POST, ... */
591 /* This is to protect several silly scripts that do globalizing themself */ 588 /* This is to protect several silly scripts that do globalizing themself */
592 if (suhosin_is_protected_varname(var, var_len)) { 589 if (suhosin_is_protected_varname(var, var_len)) {
@@ -607,7 +604,7 @@ static SAPI_INPUT_FILTER_FUNC(suhosin_input_filter)
607 SUHOSIN7_G(cur_post_vars)++; 604 SUHOSIN7_G(cur_post_vars)++;
608 break; 605 break;
609 } 606 }
610 607
611 if (new_val_len) { 608 if (new_val_len) {
612 *new_val_len = val_len; 609 *new_val_len = val_len;
613 } 610 }
@@ -625,7 +622,7 @@ SAPI_INPUT_FILTER_FUNC(suhosin_input_filter_wrapper)
625 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d already_scanned=%d", arg, var, SUHOSIN7_G(do_not_scan), already_scanned); 622 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d already_scanned=%d", arg, var, SUHOSIN7_G(do_not_scan), already_scanned);
626 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d", arg, var, SUHOSIN7_G(do_not_scan)); 623 // SDEBUG("ifilter arg=%d var=%s do_not_scan=%d", arg, var, SUHOSIN7_G(do_not_scan));
627 SDEBUG("ifilter arg=%d var=%s", arg, var); 624 SDEBUG("ifilter arg=%d var=%s", arg, var);
628 625
629 // if (SUHOSIN7_G(do_not_scan)) { 626 // if (SUHOSIN7_G(do_not_scan)) {
630 // SDEBUG("do_not_scan"); 627 // SDEBUG("do_not_scan");
631 // if (new_val_len) { 628 // if (new_val_len) {
@@ -633,7 +630,7 @@ SAPI_INPUT_FILTER_FUNC(suhosin_input_filter_wrapper)
633 // } 630 // }
634 // return 1; 631 // return 1;
635 // } 632 // }
636 633
637 // if (!already_scanned) { 634 // if (!already_scanned) {
638 if (suhosin_input_filter(arg, var, val, val_len, new_val_len) == 0) { 635 if (suhosin_input_filter(arg, var, val, val_len, new_val_len) == 0) {
639 SUHOSIN7_G(abort_request)=1; 636 SUHOSIN7_G(abort_request)=1;
diff --git a/log.c b/log.c
index 67e37b4..fe6d824 100644
--- a/log.c
+++ b/log.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: log.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -82,7 +79,7 @@ static HANDLE log_source = 0;
82// case S_VARS: 79// case S_VARS:
83// return "VARS"; 80// return "VARS";
84// default: 81// default:
85// return "UNKNOWN"; 82// return "UNKNOWN";
86// } 83// }
87// } 84// }
88 85
@@ -129,7 +126,7 @@ SUHOSIN7_API void suhosin_log(int loglevel, char *fmt, ...)
129 volatile unsigned int *x = 0; 126 volatile unsigned int *x = 0;
130 volatile int y = *x; 127 volatile int y = *x;
131 } 128 }
132 129
133 if (SUHOSIN7_G(log_use_x_forwarded_for)) { 130 if (SUHOSIN7_G(log_use_x_forwarded_for)) {
134 ip_address = suhosin_getenv("HTTP_X_FORWARDED_FOR", 20); 131 ip_address = suhosin_getenv("HTTP_X_FORWARDED_FOR", 20);
135 if (ip_address == NULL) { 132 if (ip_address == NULL) {
@@ -141,8 +138,8 @@ SUHOSIN7_API void suhosin_log(int loglevel, char *fmt, ...)
141 ip_address = "REMOTE_ADDR not set"; 138 ip_address = "REMOTE_ADDR not set";
142 } 139 }
143 } 140 }
144 141
145 142
146 va_start(ap, fmt); 143 va_start(ap, fmt);
147 ap_php_vsnprintf(error, sizeof(error), fmt, ap); 144 ap_php_vsnprintf(error, sizeof(error), fmt, ap);
148 va_end(ap); 145 va_end(ap);
@@ -150,13 +147,13 @@ SUHOSIN7_API void suhosin_log(int loglevel, char *fmt, ...)
150 if (error[i] < 32) error[i] = '.'; 147 if (error[i] < 32) error[i] = '.';
151 i++; 148 i++;
152 } 149 }
153 150
154 if (SUHOSIN7_G(simulation)) { 151 if (SUHOSIN7_G(simulation)) {
155 alertstring = "ALERT-SIMULATION"; 152 alertstring = "ALERT-SIMULATION";
156 } else { 153 } else {
157 alertstring = "ALERT"; 154 alertstring = "ALERT";
158 } 155 }
159 156
160 if (zend_is_executing()) { 157 if (zend_is_executing()) {
161 // zend_execute_data *exdata = EG(current_execute_data); 158 // zend_execute_data *exdata = EG(current_execute_data);
162 // if (exdata) { 159 // if (exdata) {
@@ -182,25 +179,25 @@ SUHOSIN7_API void suhosin_log(int loglevel, char *fmt, ...)
182 } 179 }
183 ap_php_snprintf(buf, sizeof(buf), "%s - %s (attacker '%s', file '%s')", alertstring, error, ip_address, fname); 180 ap_php_snprintf(buf, sizeof(buf), "%s - %s (attacker '%s', file '%s')", alertstring, error, ip_address, fname);
184 } 181 }
185 182
186 /* Syslog-Logging disabled? */ 183 /* Syslog-Logging disabled? */
187// if (((SUHOSIN7_G(log_syslog)|S_INTERNAL) & loglevel)==0) { 184// if (((SUHOSIN7_G(log_syslog)|S_INTERNAL) & loglevel)==0) {
188// goto log_file; 185// goto log_file;
189// } 186// }
190// 187//
191// #if defined(AF_UNIX) 188// #if defined(AF_UNIX)
192// ap_php_snprintf(error, sizeof(error), "<%u>suhosin[%u]: %s\n", (unsigned int)(SUHOSIN7_G(log_syslog_facility)|SUHOSIN7_G(log_syslog_priority)),getpid(),buf); 189// ap_php_snprintf(error, sizeof(error), "<%u>suhosin[%u]: %s\n", (unsigned int)(SUHOSIN7_G(log_syslog_facility)|SUHOSIN7_G(log_syslog_priority)),getpid(),buf);
193// 190//
194// s = socket(AF_UNIX, SOCK_DGRAM, 0); 191// s = socket(AF_UNIX, SOCK_DGRAM, 0);
195// if (s == -1) { 192// if (s == -1) {
196// goto log_file; 193// goto log_file;
197// } 194// }
198// 195//
199// memset(&saun, 0, sizeof(saun)); 196// memset(&saun, 0, sizeof(saun));
200// saun.sun_family = AF_UNIX; 197// saun.sun_family = AF_UNIX;
201// strcpy(saun.sun_path, SYSLOG_PATH); 198// strcpy(saun.sun_path, SYSLOG_PATH);
202// /*saun.sun_len = sizeof(saun);*/ 199// /*saun.sun_len = sizeof(saun);*/
203// 200//
204// r = connect(s, (struct sockaddr *)&saun, sizeof(saun)); 201// r = connect(s, (struct sockaddr *)&saun, sizeof(saun));
205// if (r) { 202// if (r) {
206// close(s); 203// close(s);
@@ -208,25 +205,25 @@ SUHOSIN7_API void suhosin_log(int loglevel, char *fmt, ...)
208// if (s == -1) { 205// if (s == -1) {
209// goto log_file; 206// goto log_file;
210// } 207// }
211// 208//
212// memset(&saun, 0, sizeof(saun)); 209// memset(&saun, 0, sizeof(saun));
213// saun.sun_family = AF_UNIX; 210// saun.sun_family = AF_UNIX;
214// strcpy(saun.sun_path, SYSLOG_PATH); 211// strcpy(saun.sun_path, SYSLOG_PATH);
215// /*saun.sun_len = sizeof(saun);*/ 212// /*saun.sun_len = sizeof(saun);*/
216// 213//
217// r = connect(s, (struct sockaddr *)&saun, sizeof(saun)); 214// r = connect(s, (struct sockaddr *)&saun, sizeof(saun));
218// if (r) { 215// if (r) {
219// close(s); 216// close(s);
220// goto log_file; 217// goto log_file;
221// } 218// }
222// } 219// }
223// send(s, error, strlen(error), 0); 220// send(s, error, strlen(error), 0);
224// 221//
225// close(s); 222// close(s);
226// #endif 223// #endif
227// #ifdef PHP_WIN32 224// #ifdef PHP_WIN32
228// ap_php_snprintf(error, sizeof(error), "suhosin[%u]: %s", getpid(),buf); 225// ap_php_snprintf(error, sizeof(error), "suhosin[%u]: %s", getpid(),buf);
229// 226//
230// switch (SUHOSIN7_G(log_syslog_priority)) { /* translate UNIX type into NT type */ 227// switch (SUHOSIN7_G(log_syslog_priority)) { /* translate UNIX type into NT type */
231// case 1: /*LOG_ALERT:*/ 228// case 1: /*LOG_ALERT:*/
232// etype = EVENTLOG_ERROR_TYPE; 229// etype = EVENTLOG_ERROR_TYPE;
@@ -244,14 +241,14 @@ SUHOSIN7_API void suhosin_log(int loglevel, char *fmt, ...)
244// log_source = RegisterEventSource(NULL, "Suhosin-" SUHOSIN_EXT_VERSION); 241// log_source = RegisterEventSource(NULL, "Suhosin-" SUHOSIN_EXT_VERSION);
245// } 242// }
246// ReportEvent(log_source, etype, (unsigned short) SUHOSIN7_G(log_syslog_priority), evid, NULL, 1, 0, strs, NULL); 243// ReportEvent(log_source, etype, (unsigned short) SUHOSIN7_G(log_syslog_priority), evid, NULL, 1, 0, strs, NULL);
247// 244//
248// #endif 245// #endif
249log_file: 246log_file:
250 /* File-Logging disabled? */ 247 /* File-Logging disabled? */
251 if ((SUHOSIN7_G(log_file) & loglevel)==0) { 248 if ((SUHOSIN7_G(log_file) & loglevel)==0) {
252 goto log_sapi; 249 goto log_sapi;
253 } 250 }
254 251
255 if (!SUHOSIN7_G(log_filename) || !SUHOSIN7_G(log_filename)[0]) { 252 if (!SUHOSIN7_G(log_filename) || !SUHOSIN7_G(log_filename)[0]) {
256 goto log_sapi; 253 goto log_sapi;
257 } 254 }
@@ -300,20 +297,20 @@ log_sapi:
300// FILE *in; 297// FILE *in;
301// int space; 298// int space;
302// struct stat st; 299// struct stat st;
303// 300//
304// char *sname = SUHOSIN7_G(log_scriptname); 301// char *sname = SUHOSIN7_G(log_scriptname);
305// while (isspace(*sname)) ++sname; 302// while (isspace(*sname)) ++sname;
306// if (*sname == 0) goto log_phpscript; 303// if (*sname == 0) goto log_phpscript;
307// 304//
308// if (VCWD_STAT(sname, &st) < 0) { 305// if (VCWD_STAT(sname, &st) < 0) {
309// suhosin_log(S_INTERNAL, "unable to find logging shell script %s - file dropped", sname); 306// suhosin_log(S_INTERNAL, "unable to find logging shell script %s - file dropped", sname);
310// goto log_phpscript; 307// goto log_phpscript;
311// } 308// }
312// if (access(sname, X_OK|R_OK) < 0) { 309// if (access(sname, X_OK|R_OK) < 0) {
313// suhosin_log(S_INTERNAL, "logging shell script %s is not executable - file dropped", sname); 310// suhosin_log(S_INTERNAL, "logging shell script %s is not executable - file dropped", sname);
314// goto log_phpscript; 311// goto log_phpscript;
315// } 312// }
316// 313//
317// /* TODO: clean up this code to calculate size of output dynamically */ 314// /* TODO: clean up this code to calculate size of output dynamically */
318// ap_php_snprintf(cmd, sizeof(cmd) - 20, "%s %s \'", sname, loglevel2string(loglevel)); 315// ap_php_snprintf(cmd, sizeof(cmd) - 20, "%s %s \'", sname, loglevel2string(loglevel));
319// space = sizeof(cmd) - strlen(cmd) - 20; 316// space = sizeof(cmd) - strlen(cmd) - 20;
@@ -341,7 +338,7 @@ log_sapi:
341// *cmdpos++ = '&'; 338// *cmdpos++ = '&';
342// *cmdpos++ = '1'; 339// *cmdpos++ = '1';
343// *cmdpos = 0; 340// *cmdpos = 0;
344// 341//
345// if ((in=VCWD_POPEN(cmd, "r"))==NULL) { 342// if ((in=VCWD_POPEN(cmd, "r"))==NULL) {
346// suhosin_log(S_INTERNAL, "Unable to execute logging shell script: %s", sname); 343// suhosin_log(S_INTERNAL, "Unable to execute logging shell script: %s", sname);
347// goto log_phpscript; 344// goto log_phpscript;
@@ -366,10 +363,10 @@ log_sapi:
366// zend_file_handle file_handle; 363// zend_file_handle file_handle;
367// zend_op_array *new_op_array; 364// zend_op_array *new_op_array;
368// zval *result = NULL; 365// zval *result = NULL;
369// 366//
370// long orig_execution_depth = SUHOSIN7_G(execution_depth); 367// long orig_execution_depth = SUHOSIN7_G(execution_depth);
371// char *orig_basedir = PG(open_basedir); 368// char *orig_basedir = PG(open_basedir);
372// 369//
373// char *phpscript = SUHOSIN7_G(log_phpscriptname); 370// char *phpscript = SUHOSIN7_G(log_phpscriptname);
374// SDEBUG("scriptname %s", SUHOSIN7_G(log_phpscriptname)); 371// SDEBUG("scriptname %s", SUHOSIN7_G(log_phpscriptname));
375// if (zend_stream_open(phpscript, &file_handle) == SUCCESS) { 372// if (zend_stream_open(phpscript, &file_handle) == SUCCESS) {
@@ -381,34 +378,34 @@ log_sapi:
381// if (new_op_array) { 378// if (new_op_array) {
382// HashTable *active_symbol_table = EG(active_symbol_table); 379// HashTable *active_symbol_table = EG(active_symbol_table);
383// zval *zerror, *zerror_class; 380// zval *zerror, *zerror_class;
384// 381//
385// if (active_symbol_table == NULL) { 382// if (active_symbol_table == NULL) {
386// active_symbol_table = &EG(symbol_table); 383// active_symbol_table = &EG(symbol_table);
387// } 384// }
388// EG(return_value_ptr_ptr) = &result; 385// EG(return_value_ptr_ptr) = &result;
389// EG(active_op_array) = new_op_array; 386// EG(active_op_array) = new_op_array;
390// 387//
391// MAKE_STD_ZVAL(zerror); 388// MAKE_STD_ZVAL(zerror);
392// MAKE_STD_ZVAL(zerror_class); 389// MAKE_STD_ZVAL(zerror_class);
393// ZVAL_STRING(zerror, buf, 1); 390// ZVAL_STRING(zerror, buf, 1);
394// ZVAL_LONG(zerror_class, loglevel); 391// ZVAL_LONG(zerror_class, loglevel);
395// 392//
396// zend_hash_update(active_symbol_table, "SUHOSIN_ERROR", sizeof("SUHOSIN_ERROR"), (void **)&zerror, sizeof(zval *), NULL); 393// zend_hash_update(active_symbol_table, "SUHOSIN_ERROR", sizeof("SUHOSIN_ERROR"), (void **)&zerror, sizeof(zval *), NULL);
397// zend_hash_update(active_symbol_table, "SUHOSIN_ERRORCLASS", sizeof("SUHOSIN_ERRORCLASS"), (void **)&zerror_class, sizeof(zval *), NULL); 394// zend_hash_update(active_symbol_table, "SUHOSIN_ERRORCLASS", sizeof("SUHOSIN_ERRORCLASS"), (void **)&zerror_class, sizeof(zval *), NULL);
398// 395//
399// SUHOSIN7_G(execution_depth) = 0; 396// SUHOSIN7_G(execution_depth) = 0;
400// if (SUHOSIN7_G(log_phpscript_is_safe)) { 397// if (SUHOSIN7_G(log_phpscript_is_safe)) {
401// PG(open_basedir) = NULL; 398// PG(open_basedir) = NULL;
402// } 399// }
403// 400//
404// zend_execute(new_op_array); 401// zend_execute(new_op_array);
405// 402//
406// SUHOSIN7_G(execution_depth) = orig_execution_depth; 403// SUHOSIN7_G(execution_depth) = orig_execution_depth;
407// PG(open_basedir) = orig_basedir; 404// PG(open_basedir) = orig_basedir;
408// 405//
409// destroy_op_array(new_op_array); 406// destroy_op_array(new_op_array);
410// efree(new_op_array); 407// efree(new_op_array);
411// 408//
412// if (!EG(exception)) 409// if (!EG(exception))
413// { 410// {
414// if (EG(return_value_ptr_ptr)) { 411// if (EG(return_value_ptr_ptr)) {
@@ -425,7 +422,7 @@ log_sapi:
425// return; 422// return;
426// } 423// }
427// } 424// }
428// 425//
429} 426}
430 427
431 428
diff --git a/memory_limit.c b/memory_limit.c
index 2a7a114..63c09b6 100644
--- a/memory_limit.c
+++ b/memory_limit.c
@@ -16,9 +16,6 @@
16 | Author: Stefan Esser <sesser@sektioneins.de> and others | 16 | Author: Stefan Esser <sesser@sektioneins.de> and others |
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19/*
20 $Id: memory_limit.c $
21*/
22 19
23#ifdef HAVE_CONFIG_H 20#ifdef HAVE_CONFIG_H
24#include "config.h" 21#include "config.h"
@@ -84,7 +81,7 @@ void suhosin_hook_memory_limit()
84 /* replace OnUpdateMemoryLimit handler */ 81 /* replace OnUpdateMemoryLimit handler */
85 ini_entry->on_modify = suhosin_OnChangeMemoryLimit; 82 ini_entry->on_modify = suhosin_OnChangeMemoryLimit;
86 } 83 }
87 84
88} 85}
89 86
90 87
diff --git a/php_suhosin7.h b/php_suhosin7.h
index 6c515ba..1398a36 100644
--- a/php_suhosin7.h
+++ b/php_suhosin7.h
@@ -16,8 +16,6 @@
16 +----------------------------------------------------------------------+ 16 +----------------------------------------------------------------------+
17*/ 17*/
18 18
19/* $Id$ */
20
21#pragma once 19#pragma once
22 20
23extern zend_module_entry suhosin7_module_entry; 21extern zend_module_entry suhosin7_module_entry;
@@ -56,7 +54,7 @@ extern zend_module_entry suhosin7_module_entry;
56 {FILE *f;f=fopen(SUHOSIN_LOG, "a+");if(f){fprintf(f,"[%u] %s:%u %s #> ",getpid(), __FILE__, __LINE__, __func__);fprintf(f, msg);fprintf(f,"\n");fclose(f);}} 54 {FILE *f;f=fopen(SUHOSIN_LOG, "a+");if(f){fprintf(f,"[%u] %s:%u %s #> ",getpid(), __FILE__, __LINE__, __func__);fprintf(f, msg);fprintf(f,"\n");fclose(f);}}
57#else 55#else
58#define SDEBUG(msg...) 56#define SDEBUG(msg...)
59#endif 57#endif
60#endif 58#endif
61 59
62/* -------------- */ 60/* -------------- */
@@ -128,13 +126,13 @@ protected_varname:
128 126
129ZEND_BEGIN_MODULE_GLOBALS(suhosin7) 127ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
130 zend_bool protectkey; 128 zend_bool protectkey;
131 129
132 zend_bool simulation; 130 zend_bool simulation;
133 // zend_bool stealth; 131 // zend_bool stealth;
134 // zend_bool already_scanned; 132 // zend_bool already_scanned;
135 zend_bool abort_request; 133 zend_bool abort_request;
136 // 134 //
137 135
138 /* executor */ 136 /* executor */
139 zend_ulong in_code_type; 137 zend_ulong in_code_type;
140 zend_bool executor_allow_symlink; 138 zend_bool executor_allow_symlink;
@@ -203,7 +201,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
203 zend_long max_post_array_index_length; 201 zend_long max_post_array_index_length;
204 zend_bool disallow_post_nul; 202 zend_bool disallow_post_nul;
205 zend_bool disallow_post_ws; 203 zend_bool disallow_post_ws;
206 204
207/* fileupload */ 205/* fileupload */
208 zend_long upload_max_newlines; 206 zend_long upload_max_newlines;
209 zend_long upload_limit; 207 zend_long upload_limit;
@@ -235,7 +233,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
235 BYTE fi[24],ri[24]; 233 BYTE fi[24],ri[24];
236 WORD fkey[120]; 234 WORD fkey[120];
237 WORD rkey[120]; 235 WORD rkey[120];
238 236
239 zend_bool session_encrypt; 237 zend_bool session_encrypt;
240 char* session_cryptkey; 238 char* session_cryptkey;
241 zend_bool session_cryptua; 239 zend_bool session_cryptua;
@@ -260,10 +258,10 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
260 zend_bool coredump; 258 zend_bool coredump;
261 // zend_bool apc_bug_workaround; 259 // zend_bool apc_bug_workaround;
262 // zend_bool do_not_scan; 260 // zend_bool do_not_scan;
263 // 261 //
264 zend_bool server_encode; 262 zend_bool server_encode;
265 zend_bool server_strip; 263 zend_bool server_strip;
266 // 264 //
267 zend_bool disable_display_errors; 265 zend_bool disable_display_errors;
268 266
269 /* random number generator */ 267 /* random number generator */
@@ -275,11 +273,11 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
275 php_uint32 mt_state[625]; 273 php_uint32 mt_state[625];
276 php_uint32 *mt_next; 274 php_uint32 *mt_next;
277 int mt_left; 275 int mt_left;
278 276
279 char *seedingkey; 277 char *seedingkey;
280 zend_bool reseed_every_request; 278 zend_bool reseed_every_request;
281 // 279 //
282 zend_bool r_is_seeded; 280 zend_bool r_is_seeded;
283 zend_bool mt_is_seeded; 281 zend_bool mt_is_seeded;
284 282
285 283
@@ -287,7 +285,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
287 zend_long memory_limit; 285 zend_long memory_limit;
288 zend_long hard_memory_limit; 286 zend_long hard_memory_limit;
289 287
290 288
291 289
292 290
293 /* PERDIR Handling */ 291 /* PERDIR Handling */
@@ -333,7 +331,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
333 // long sql_opencomment; 331 // long sql_opencomment;
334 // long sql_union; 332 // long sql_union;
335 // long sql_mselect; 333 // long sql_mselect;
336 334
337 // int (*old_php_body_write)(const char *str, unsigned int str_length); 335 // int (*old_php_body_write)(const char *str, unsigned int str_length);
338 336
339ZEND_END_MODULE_GLOBALS(suhosin7) 337ZEND_END_MODULE_GLOBALS(suhosin7)
diff --git a/post_handler.c b/post_handler.c
index 1a2374c..3b8ca47 100644
--- a/post_handler.c
+++ b/post_handler.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: post_handler.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -49,7 +46,7 @@ static void suhosin_post_handler_modification(sapi_post_entry *spe)
49} 46}
50 47
51// static PHP_INI_MH((*old_OnUpdate_mbstring_encoding_translation)) = NULL; 48// static PHP_INI_MH((*old_OnUpdate_mbstring_encoding_translation)) = NULL;
52// 49//
53// /* {{{ static PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation) */ 50// /* {{{ static PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation) */
54// static PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation) 51// static PHP_INI_MH(suhosin_OnUpdate_mbstring_encoding_translation)
55// { 52// {
@@ -58,12 +55,12 @@ static void suhosin_post_handler_modification(sapi_post_entry *spe)
58// char *base = (char *) mh_arg2; 55// char *base = (char *) mh_arg2;
59// #else 56// #else
60// char *base; 57// char *base;
61// 58//
62// base = (char *) ts_resource(*((int *) mh_arg2)); 59// base = (char *) ts_resource(*((int *) mh_arg2));
63// #endif 60// #endif
64// 61//
65// p = (zend_bool *) (base+(size_t) mh_arg1); 62// p = (zend_bool *) (base+(size_t) mh_arg1);
66// 63//
67// if (new_value_length == 2 && strcasecmp("on", new_value) == 0) { 64// if (new_value_length == 2 && strcasecmp("on", new_value) == 0) {
68// *p = (zend_bool) 1; 65// *p = (zend_bool) 1;
69// } 66// }
@@ -96,7 +93,7 @@ void suhosin_hook_post_handlers()
96{ 93{
97 HashTable tempht; 94 HashTable tempht;
98 // zend_ini_entry *ini_entry; 95 // zend_ini_entry *ini_entry;
99 96
100 sapi_unregister_post_entry(&suhosin_post_entries[0]); 97 sapi_unregister_post_entry(&suhosin_post_entries[0]);
101 // sapi_unregister_post_entry(&suhosin_post_entries[1]); 98 // sapi_unregister_post_entry(&suhosin_post_entries[1]);
102 sapi_register_post_entries(suhosin_post_entries); 99 sapi_register_post_entries(suhosin_post_entries);
@@ -109,7 +106,7 @@ void suhosin_hook_post_handlers()
109 // zend_hash_destroy(&tempht); 106 // zend_hash_destroy(&tempht);
110 /* And now we can overwrite the destructor for post entries */ 107 /* And now we can overwrite the destructor for post entries */
111 // SG(known_post_content_types).pDestructor = (dtor_func_t)suhosin_post_handler_modification; 108 // SG(known_post_content_types).pDestructor = (dtor_func_t)suhosin_post_handler_modification;
112 109
113 /* we have to stop mbstring from replacing our post handler */ 110 /* we have to stop mbstring from replacing our post handler */
114 // if (zend_hash_find(EG(ini_directives), "mbstring.encoding_translation", sizeof("mbstring.encoding_translation"), (void **) &ini_entry) == FAILURE) { 111 // if (zend_hash_find(EG(ini_directives), "mbstring.encoding_translation", sizeof("mbstring.encoding_translation"), (void **) &ini_entry) == FAILURE) {
115 // return; 112 // return;
@@ -122,10 +119,10 @@ void suhosin_hook_post_handlers()
122// void suhosin_unhook_post_handlers() 119// void suhosin_unhook_post_handlers()
123// { 120// {
124// zend_ini_entry *ini_entry; 121// zend_ini_entry *ini_entry;
125// 122//
126// /* Restore to an empty destructor */ 123// /* Restore to an empty destructor */
127// SG(known_post_content_types).pDestructor = NULL; 124// SG(known_post_content_types).pDestructor = NULL;
128// 125//
129// /* Now restore the ini entry handler */ 126// /* Now restore the ini entry handler */
130// if (zend_hash_find(EG(ini_directives), "mbstring.encoding_translation", sizeof("mbstring.encoding_translation"), (void **) &ini_entry) == FAILURE) { 127// if (zend_hash_find(EG(ini_directives), "mbstring.encoding_translation", sizeof("mbstring.encoding_translation"), (void **) &ini_entry) == FAILURE) {
131// return; 128// return;
diff --git a/rfc1867.c b/rfc1867.c
index 983f9b4..579c235 100644
--- a/rfc1867.c
+++ b/rfc1867.c
@@ -25,8 +25,6 @@
25 25
26 */ 26 */
27 27
28/* $Id$ */
29
30/* 28/*
31 * This product includes software developed by the Apache Group 29 * This product includes software developed by the Apache Group
32 * for use in the Apache HTTP server project (http://www.apache.org/). 30 * for use in the Apache HTTP server project (http://www.apache.org/).
diff --git a/session.c b/session.c
index ad114d4..2abe2ec 100644
--- a/session.c
+++ b/session.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: session.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -59,8 +56,8 @@ static void suhosin_send_cookie()
59 int * session_send_cookie = &SESSION_G(send_cookie); 56 int * session_send_cookie = &SESSION_G(send_cookie);
60 char * base; 57 char * base;
61 zend_ini_entry *ini_entry; 58 zend_ini_entry *ini_entry;
62 59
63 /* The following is requires to be 100% compatible to PHP 60 /* The following is requires to be 100% compatible to PHP
64 versions where the hash extension is not available by default */ 61 versions where the hash extension is not available by default */
65 if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.hash_bits_per_character"))) != NULL) { 62 if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.hash_bits_per_character"))) != NULL) {
66#ifndef ZTS 63#ifndef ZTS
@@ -81,12 +78,12 @@ static int (*old_SessionRINIT)(INIT_FUNC_ARGS) = NULL;
81static int suhosin_hook_s_read(PS_READ_ARGS) 78static int suhosin_hook_s_read(PS_READ_ARGS)
82{ 79{
83 zend_string *new_key = key; 80 zend_string *new_key = key;
84 81
85 /* protect session vars */ 82 /* protect session vars */
86/* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { 83/* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) {
87 SESSION_G(http_session_vars)->refcount++; 84 SESSION_G(http_session_vars)->refcount++;
88 }*/ 85 }*/
89 86
90 /* protect dumb session handlers */ 87 /* protect dumb session handlers */
91 if (COND_DUMB_SH) { 88 if (COND_DUMB_SH) {
92regenerate: 89regenerate:
@@ -105,10 +102,10 @@ regenerate:
105 102
106 if (r == SUCCESS && SUHOSIN7_G(session_encrypt) && val != NULL && *val != NULL && ZSTR_LEN(*val)) { 103 if (r == SUCCESS && SUHOSIN7_G(session_encrypt) && val != NULL && *val != NULL && ZSTR_LEN(*val)) {
107 char cryptkey[33]; 104 char cryptkey[33];
108 105
109 // SUHOSIN7_G(do_not_scan) = 1; 106 // SUHOSIN7_G(do_not_scan) = 1;
110 S7_GENERATE_KEY(session, cryptkey); 107 S7_GENERATE_KEY(session, cryptkey);
111 108
112 zend_string *orig_val = *val; 109 zend_string *orig_val = *val;
113 *val = suhosin_decrypt_string(ZSTR_VAL(*val), ZSTR_LEN(*val), "", 0, (char *)cryptkey, SUHOSIN7_G(session_checkraddr)); 110 *val = suhosin_decrypt_string(ZSTR_VAL(*val), ZSTR_LEN(*val), "", 0, (char *)cryptkey, SUHOSIN7_G(session_checkraddr));
114 // SUHOSIN7_G(do_not_scan) = 0; 111 // SUHOSIN7_G(do_not_scan) = 0;
@@ -117,7 +114,7 @@ regenerate:
117 } 114 }
118 zend_string_release(orig_val); 115 zend_string_release(orig_val);
119 } 116 }
120 117
121 return r; 118 return r;
122} 119}
123 120
@@ -132,7 +129,7 @@ static int suhosin_hook_s_write(PS_WRITE_ARGS)
132 char cryptkey[33]; 129 char cryptkey[33];
133 // SUHOSIN7_G(do_not_scan) = 1; 130 // SUHOSIN7_G(do_not_scan) = 1;
134 S7_GENERATE_KEY(session, cryptkey); 131 S7_GENERATE_KEY(session, cryptkey);
135 132
136 zend_string *v = suhosin_encrypt_string(ZSTR_VAL(val), ZSTR_LEN(val), "", 0, cryptkey); 133 zend_string *v = suhosin_encrypt_string(ZSTR_VAL(val), ZSTR_LEN(val), "", 0, cryptkey);
137 134
138 // SUHOSIN7_G(do_not_scan) = 0; 135 // SUHOSIN7_G(do_not_scan) = 0;
@@ -140,7 +137,7 @@ static int suhosin_hook_s_write(PS_WRITE_ARGS)
140 } 137 }
141 138
142 return SUHOSIN7_G(old_s_write)(mod_data, key, val, maxlifetime); 139 return SUHOSIN7_G(old_s_write)(mod_data, key, val, maxlifetime);
143 140
144// return_write: 141// return_write:
145 /* protect session vars */ 142 /* protect session vars */
146/* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { 143/* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) {
@@ -163,7 +160,7 @@ static int suhosin_hook_s_destroy(PS_DESTROY_ARGS)
163 if (COND_DUMB_SH) { 160 if (COND_DUMB_SH) {
164 return FAILURE; 161 return FAILURE;
165 } 162 }
166 163
167 return SUHOSIN7_G(old_s_destroy)(mod_data, key); 164 return SUHOSIN7_G(old_s_destroy)(mod_data, key);
168} 165}
169 166
@@ -171,7 +168,7 @@ static void suhosin_hook_session_module()
171{ 168{
172 ps_module *old_mod = SESSION_G(mod); 169 ps_module *old_mod = SESSION_G(mod);
173 ps_module *mod; 170 ps_module *mod;
174 171
175 if (old_mod == NULL || SUHOSIN7_G(s_module) == old_mod) { 172 if (old_mod == NULL || SUHOSIN7_G(s_module) == old_mod) {
176 return; 173 return;
177 } 174 }
@@ -182,19 +179,19 @@ static void suhosin_hook_session_module()
182 return; 179 return;
183 } 180 }
184 } 181 }
185 182
186 SUHOSIN7_G(s_original_mod) = old_mod; 183 SUHOSIN7_G(s_original_mod) = old_mod;
187 184
188 mod = SUHOSIN7_G(s_module); 185 mod = SUHOSIN7_G(s_module);
189 memcpy(mod, old_mod, sizeof(ps_module)); 186 memcpy(mod, old_mod, sizeof(ps_module));
190 187
191 SUHOSIN7_G(old_s_read) = mod->s_read; 188 SUHOSIN7_G(old_s_read) = mod->s_read;
192 mod->s_read = suhosin_hook_s_read; 189 mod->s_read = suhosin_hook_s_read;
193 SUHOSIN7_G(old_s_write) = mod->s_write; 190 SUHOSIN7_G(old_s_write) = mod->s_write;
194 mod->s_write = suhosin_hook_s_write; 191 mod->s_write = suhosin_hook_s_write;
195 SUHOSIN7_G(old_s_destroy) = mod->s_destroy; 192 SUHOSIN7_G(old_s_destroy) = mod->s_destroy;
196 mod->s_destroy = suhosin_hook_s_destroy; 193 mod->s_destroy = suhosin_hook_s_destroy;
197 194
198 SESSION_G(mod) = mod; 195 SESSION_G(mod) = mod;
199} 196}
200 197
@@ -211,7 +208,7 @@ static PHP_INI_MH(suhosin_OnUpdateSaveHandler)
211 SESSION_G(mod) = SUHOSIN7_G(s_original_mod); 208 SESSION_G(mod) = SUHOSIN7_G(s_original_mod);
212 209
213 int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); 210 int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage);
214 211
215 suhosin_hook_session_module(); 212 suhosin_hook_session_module();
216 213
217 return r; 214 return r;
@@ -234,7 +231,7 @@ static int suhosin_hook_session_RINIT(INIT_FUNC_ARGS)
234void suhosin_hook_session() 231void suhosin_hook_session()
235{ 232{
236 zend_module_entry *module; 233 zend_module_entry *module;
237 234
238 if ((module = zend_hash_str_find_ptr(&module_registry, ZEND_STRL("session"))) == NULL) { 235 if ((module = zend_hash_str_find_ptr(&module_registry, ZEND_STRL("session"))) == NULL) {
239 return; 236 return;
240 } 237 }
@@ -248,15 +245,15 @@ void suhosin_hook_session()
248 session_globals = module->globals_ptr; 245 session_globals = module->globals_ptr;
249 } 246 }
250#endif 247#endif
251 248
252 if (old_OnUpdateSaveHandler != NULL) { 249 if (old_OnUpdateSaveHandler != NULL) {
253 return; 250 return;
254 } 251 }
255 252
256 /* hook request startup function of session module */ 253 /* hook request startup function of session module */
257 old_SessionRINIT = module->request_startup_func; 254 old_SessionRINIT = module->request_startup_func;
258 module->request_startup_func = suhosin_hook_session_RINIT; 255 module->request_startup_func = suhosin_hook_session_RINIT;
259 256
260 /* retrieve pointer to session.save_handler ini entry */ 257 /* retrieve pointer to session.save_handler ini entry */
261 zend_ini_entry *ini_entry; 258 zend_ini_entry *ini_entry;
262 if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) { 259 if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) {
@@ -282,14 +279,14 @@ void suhosin_hook_session()
282// if (old_OnUpdateSaveHandler == NULL) { 279// if (old_OnUpdateSaveHandler == NULL) {
283// return; 280// return;
284// } 281// }
285// 282//
286// /* retrieve pointer to session.save_handler ini entry */ 283// /* retrieve pointer to session.save_handler ini entry */
287// zend_ini_entry *ini_entry; 284// zend_ini_entry *ini_entry;
288// if ((ini_entry = zend_hash_find(EG(ini_directives), ZEND_STRL("session.save_handler"))) == NULL) { 285// if ((ini_entry = zend_hash_find(EG(ini_directives), ZEND_STRL("session.save_handler"))) == NULL) {
289// return; 286// return;
290// } 287// }
291// ini_entry->on_modify = old_OnUpdateSaveHandler; 288// ini_entry->on_modify = old_OnUpdateSaveHandler;
292// old_OnUpdateSaveHandler = NULL; 289// old_OnUpdateSaveHandler = NULL;
293// } 290// }
294 291
295#else /* HAVE_PHP_SESSION */ 292#else /* HAVE_PHP_SESSION */
diff --git a/sha256.c b/sha256.c
index ae9f0da..264bb8e 100644
--- a/sha256.c
+++ b/sha256.c
@@ -17,12 +17,10 @@
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19 19
20/* $Id: sha256.c $ */
21
22#include <stdio.h> 20#include <stdio.h>
23#include "php.h" 21#include "php.h"
24 22
25/* This code is heavily based on the PHP md5/sha1 implementations */ 23/* This code is heavily based on the PHP md5/sha1 implementations */
26 24
27#include "sha256.h" 25#include "sha256.h"
28 26
@@ -48,7 +46,7 @@ static PHP_FUNCTION(suhosin_sha256)
48 char sha256str[65]; 46 char sha256str[65];
49 suhosin_SHA256_CTX context; 47 suhosin_SHA256_CTX context;
50 unsigned char digest[32]; 48 unsigned char digest[32];
51 49
52 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|b", &arg, &arg_len, &raw_output) == FAILURE) { 50 if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|b", &arg, &arg_len, &raw_output) == FAILURE) {
53 return; 51 return;
54 } 52 }
@@ -141,7 +139,7 @@ static unsigned char PADDING[64] =
141 */ 139 */
142#define W(i) ( tmp1=ROTATE_RIGHT(x[(i-15)&15],7)^ROTATE_RIGHT(x[(i-15)&15],18)^(x[(i-15)&15] >> 3), \ 140#define W(i) ( tmp1=ROTATE_RIGHT(x[(i-15)&15],7)^ROTATE_RIGHT(x[(i-15)&15],18)^(x[(i-15)&15] >> 3), \
143 tmp2=ROTATE_RIGHT(x[(i-2)&15],17)^ROTATE_RIGHT(x[(i-2)&15],19)^(x[(i-2)&15] >> 10), \ 141 tmp2=ROTATE_RIGHT(x[(i-2)&15],17)^ROTATE_RIGHT(x[(i-2)&15],19)^(x[(i-2)&15] >> 10), \
144 (x[i&15]=x[i&15] + tmp1 + x[(i-7)&15] + tmp2) ) 142 (x[i&15]=x[i&15] + tmp1 + x[(i-7)&15] + tmp2) )
145 143
146/* ROUND function of sha256 144/* ROUND function of sha256
147 */ 145 */
@@ -150,8 +148,8 @@ static unsigned char PADDING[64] =
150 t1 = (h) + H((e)) + I((e), (f), (g)) + (k) + (php_uint32)(w); \ 148 t1 = (h) + H((e)) + I((e), (f), (g)) + (k) + (php_uint32)(w); \
151 (h) = F((a)) + G((a), (b), (c)) + t1; \ 149 (h) = F((a)) + G((a), (b), (c)) + t1; \
152 (d) += t1; \ 150 (d) += t1; \
153 } 151 }
154 152
155 153
156/* {{{ suhosin_SHA256Init 154/* {{{ suhosin_SHA256Init
157 * SHA256 initialization. Begins an SHA256 operation, writing a new context. 155 * SHA256 initialization. Begins an SHA256 operation, writing a new context.
@@ -168,7 +166,7 @@ void suhosin_SHA256Init(suhosin_SHA256_CTX * context)
168 context->state[4] = 0x510e527f; 166 context->state[4] = 0x510e527f;
169 context->state[5] = 0x9b05688c; 167 context->state[5] = 0x9b05688c;
170 context->state[6] = 0x1f83d9ab; 168 context->state[6] = 0x1f83d9ab;
171 context->state[7] = 0x5be0cd19; 169 context->state[7] = 0x5be0cd19;
172} 170}
173/* }}} */ 171/* }}} */
174 172
@@ -232,7 +230,7 @@ void suhosin_SHA256Final(unsigned char digest[32], suhosin_SHA256_CTX * context)
232 bits[2] = (context->count[1] >> 8) & 0xFF; 230 bits[2] = (context->count[1] >> 8) & 0xFF;
233 bits[1] = (context->count[1] >> 16) & 0xFF; 231 bits[1] = (context->count[1] >> 16) & 0xFF;
234 bits[0] = (context->count[1] >> 24) & 0xFF; 232 bits[0] = (context->count[1] >> 24) & 0xFF;
235 233
236 /* Pad out to 56 mod 64. 234 /* Pad out to 56 mod 64.
237 */ 235 */
238 index = (unsigned int) ((context->count[0] >> 3) & 0x3f); 236 index = (unsigned int) ((context->count[0] >> 3) & 0x3f);
@@ -397,7 +395,7 @@ void suhosin_hook_sha256()
397 if (zend_hash_str_find(CG(function_table), ZEND_STRL("sha256"))) { 395 if (zend_hash_str_find(CG(function_table), ZEND_STRL("sha256"))) {
398 return; 396 return;
399 } 397 }
400 398
401 /* add the sha256 functions */ 399 /* add the sha256 functions */
402 zend_register_functions(NULL, suhosin_sha256_functions, NULL, MODULE_PERSISTENT); 400 zend_register_functions(NULL, suhosin_sha256_functions, NULL, MODULE_PERSISTENT);
403} 401}
diff --git a/sha256.h b/sha256.h
index d728506..03b10b7 100644
--- a/sha256.h
+++ b/sha256.h
@@ -17,8 +17,6 @@
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19 19
20/* $Id: sha256.h $ */
21
22#ifndef SHA256_H 20#ifndef SHA256_H
23#define SHA256_H 21#define SHA256_H
24 22
diff --git a/suhosin7.c b/suhosin7.c
index 2952629..2ec5b68 100644
--- a/suhosin7.c
+++ b/suhosin7.c
@@ -18,8 +18,6 @@
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20 20
21/* $Id$ */
22
23#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
24#include "config.h" 22#include "config.h"
25#endif 23#endif
@@ -40,7 +38,7 @@ ZEND_DECLARE_MODULE_GLOBALS(suhosin7)
40#define PERDIR_CHECK(lower) \ 38#define PERDIR_CHECK(lower) \
41 if (!SUHOSIN7_G(lower ## _perdir) && stage == ZEND_INI_STAGE_HTACCESS) { \ 39 if (!SUHOSIN7_G(lower ## _perdir) && stage == ZEND_INI_STAGE_HTACCESS) { \
42 return FAILURE; \ 40 return FAILURE; \
43 } 41 }
44 42
45#define LOG_PERDIR_CHECK() PERDIR_CHECK(log) 43#define LOG_PERDIR_CHECK() PERDIR_CHECK(log)
46#define EXEC_PERDIR_CHECK() PERDIR_CHECK(exec) 44#define EXEC_PERDIR_CHECK() PERDIR_CHECK(exec)
@@ -98,9 +96,9 @@ static ZEND_INI_MH(OnUpdateSuhosin_perdir)
98 if (new_value == NULL || ZSTR_LEN(new_value) == 0) { 96 if (new_value == NULL || ZSTR_LEN(new_value) == 0) {
99 return SUCCESS; 97 return SUCCESS;
100 } 98 }
101 99
102 char *tmp = ZSTR_VAL(new_value); 100 char *tmp = ZSTR_VAL(new_value);
103 101
104 /* should we deactivate perdir completely? */ 102 /* should we deactivate perdir completely? */
105 if (*tmp == '0') { 103 if (*tmp == '0') {
106 return SUCCESS; 104 return SUCCESS;
@@ -145,7 +143,7 @@ list_destroy:
145 143
146 *ht = pemalloc(sizeof(HashTable), 1); 144 *ht = pemalloc(sizeof(HashTable), 1);
147 zend_hash_init(*ht, 5, NULL, NULL, 1); 145 zend_hash_init(*ht, 5, NULL, NULL, 1);
148 146
149 char *val = estrndup(list, strlen(list)); 147 char *val = estrndup(list, strlen(list));
150 if (lc) { 148 if (lc) {
151 zend_str_tolower(val, strlen(list)); 149 zend_str_tolower(val, strlen(list));
@@ -153,7 +151,7 @@ list_destroy:
153 151
154 char *e = val; 152 char *e = val;
155 char *s = NULL; 153 char *s = NULL;
156 154
157 while (*e) { 155 while (*e) {
158 switch (*e) { 156 switch (*e) {
159 case ' ': 157 case ' ':
@@ -299,25 +297,25 @@ PHP_INI_BEGIN()
299 PHP_INI_ENTRY("suhosin.executor.func.blacklist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_func_blacklist) 297 PHP_INI_ENTRY("suhosin.executor.func.blacklist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_func_blacklist)
300 // STD_S7_INI_BOOLEAN("suhosin.executor.disable_eval", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_disable_eval) 298 // STD_S7_INI_BOOLEAN("suhosin.executor.disable_eval", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_disable_eval)
301 STD_S7_INI_BOOLEAN("suhosin.executor.disable_emodifier", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_disable_emod) 299 STD_S7_INI_BOOLEAN("suhosin.executor.disable_emodifier", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_disable_emod)
302 // 300 //
303 STD_S7_INI_BOOLEAN("suhosin.executor.allow_symlink", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_allow_symlink) 301 STD_S7_INI_BOOLEAN("suhosin.executor.allow_symlink", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_allow_symlink)
304 STD_S7_INI_ENTRY("suhosin.executor.max_depth", "750", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecLong, max_execution_depth) 302 STD_S7_INI_ENTRY("suhosin.executor.max_depth", "750", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecLong, max_execution_depth)
305 // 303 //
306 // 304 //
307 STD_S7_INI_BOOLEAN("suhosin.multiheader", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, allow_multiheader) 305 STD_S7_INI_BOOLEAN("suhosin.multiheader", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, allow_multiheader)
308 // STD_S7_INI_ENTRY("suhosin.mail.protect", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscLong, mailprotect) 306 // STD_S7_INI_ENTRY("suhosin.mail.protect", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscLong, mailprotect)
309 STD_S7_INI_ENTRY("suhosin.memory_limit", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscLong, memory_limit) 307 STD_S7_INI_ENTRY("suhosin.memory_limit", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscLong, memory_limit)
310 STD_S7_INI_BOOLEAN("suhosin.simulation", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, simulation) 308 STD_S7_INI_BOOLEAN("suhosin.simulation", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, simulation)
311 // STD_S7_INI_ENTRY("suhosin.filter.action", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, filter_action) 309 // STD_S7_INI_ENTRY("suhosin.filter.action", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, filter_action)
312 // 310 //
313 STD_S7_INI_BOOLEAN("suhosin.protectkey", "1", PHP_INI_SYSTEM, OnUpdateBool, protectkey) 311 STD_S7_INI_BOOLEAN("suhosin.protectkey", "1", PHP_INI_SYSTEM, OnUpdateBool, protectkey)
314 STD_S7_INI_BOOLEAN("suhosin.coredump", "0", PHP_INI_SYSTEM, OnUpdateBool, coredump) 312 STD_S7_INI_BOOLEAN("suhosin.coredump", "0", PHP_INI_SYSTEM, OnUpdateBool, coredump)
315 // STD_S7_INI_BOOLEAN("suhosin.stealth", "1", PHP_INI_SYSTEM, OnUpdateBool, stealth) 313 // STD_S7_INI_BOOLEAN("suhosin.stealth", "1", PHP_INI_SYSTEM, OnUpdateBool, stealth)
316 // STD_S7_INI_BOOLEAN("suhosin.apc_bug_workaround", "0", PHP_INI_SYSTEM, OnUpdateBool, apc_bug_workaround) 314 // STD_S7_INI_BOOLEAN("suhosin.apc_bug_workaround", "0", PHP_INI_SYSTEM, OnUpdateBool, apc_bug_workaround)
317 STD_S7_INI_BOOLEAN("suhosin.disable.display_errors", "0", PHP_INI_SYSTEM, OnUpdate_disable_display_errors, disable_display_errors) 315 STD_S7_INI_BOOLEAN("suhosin.disable.display_errors", "0", PHP_INI_SYSTEM, OnUpdate_disable_display_errors, disable_display_errors)
318 316
319 317
320 // 318 //
321 STD_S7_INI_ENTRY("suhosin.request.max_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_request_variables) 319 STD_S7_INI_ENTRY("suhosin.request.max_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_request_variables)
322 STD_S7_INI_ENTRY("suhosin.request.max_varname_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_varname_length) 320 STD_S7_INI_ENTRY("suhosin.request.max_varname_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_varname_length)
323 STD_S7_INI_ENTRY("suhosin.request.max_value_length", "1000000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_value_length) 321 STD_S7_INI_ENTRY("suhosin.request.max_value_length", "1000000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_value_length)
@@ -328,7 +326,7 @@ PHP_INI_BEGIN()
328 STD_S7_INI_ENTRY("suhosin.request.array_index_char_blacklist", "'\"+<>;()", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestString, array_index_blacklist) 326 STD_S7_INI_ENTRY("suhosin.request.array_index_char_blacklist", "'\"+<>;()", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestString, array_index_blacklist)
329 STD_S7_INI_ENTRY("suhosin.request.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_nul) 327 STD_S7_INI_ENTRY("suhosin.request.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_nul)
330 STD_S7_INI_ENTRY("suhosin.request.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_ws) 328 STD_S7_INI_ENTRY("suhosin.request.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_ws)
331 // 329 //
332 STD_S7_INI_ENTRY("suhosin.cookie.max_vars", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_vars) 330 STD_S7_INI_ENTRY("suhosin.cookie.max_vars", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_vars)
333 STD_S7_INI_ENTRY("suhosin.cookie.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_name_length) 331 STD_S7_INI_ENTRY("suhosin.cookie.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_name_length)
334 STD_S7_INI_ENTRY("suhosin.cookie.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_totalname_length) 332 STD_S7_INI_ENTRY("suhosin.cookie.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_totalname_length)
@@ -337,7 +335,7 @@ PHP_INI_BEGIN()
337 STD_S7_INI_ENTRY("suhosin.cookie.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_array_index_length) 335 STD_S7_INI_ENTRY("suhosin.cookie.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_array_index_length)
338 STD_S7_INI_ENTRY("suhosin.cookie.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_nul) 336 STD_S7_INI_ENTRY("suhosin.cookie.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_nul)
339 STD_S7_INI_ENTRY("suhosin.cookie.disallow_ws", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_ws) 337 STD_S7_INI_ENTRY("suhosin.cookie.disallow_ws", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_ws)
340 // 338 //
341 STD_S7_INI_ENTRY("suhosin.get.max_vars", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_vars) 339 STD_S7_INI_ENTRY("suhosin.get.max_vars", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_vars)
342 STD_S7_INI_ENTRY("suhosin.get.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_name_length) 340 STD_S7_INI_ENTRY("suhosin.get.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_name_length)
343 STD_S7_INI_ENTRY("suhosin.get.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_totalname_length) 341 STD_S7_INI_ENTRY("suhosin.get.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_totalname_length)
@@ -346,7 +344,7 @@ PHP_INI_BEGIN()
346 STD_S7_INI_ENTRY("suhosin.get.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_array_index_length) 344 STD_S7_INI_ENTRY("suhosin.get.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_array_index_length)
347 STD_S7_INI_ENTRY("suhosin.get.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_nul) 345 STD_S7_INI_ENTRY("suhosin.get.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_nul)
348 STD_S7_INI_ENTRY("suhosin.get.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_ws) 346 STD_S7_INI_ENTRY("suhosin.get.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_ws)
349 // 347 //
350 STD_S7_INI_ENTRY("suhosin.post.max_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_vars) 348 STD_S7_INI_ENTRY("suhosin.post.max_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_vars)
351 STD_S7_INI_ENTRY("suhosin.post.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_name_length) 349 STD_S7_INI_ENTRY("suhosin.post.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_name_length)
352 STD_S7_INI_ENTRY("suhosin.post.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_totalname_length) 350 STD_S7_INI_ENTRY("suhosin.post.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_totalname_length)
@@ -355,7 +353,7 @@ PHP_INI_BEGIN()
355 STD_S7_INI_ENTRY("suhosin.post.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_array_index_length) 353 STD_S7_INI_ENTRY("suhosin.post.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_array_index_length)
356 STD_S7_INI_ENTRY("suhosin.post.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_nul) 354 STD_S7_INI_ENTRY("suhosin.post.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_nul)
357 STD_S7_INI_ENTRY("suhosin.post.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_ws) 355 STD_S7_INI_ENTRY("suhosin.post.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_ws)
358 // 356 //
359 STD_S7_INI_ENTRY("suhosin.upload.max_uploads", "25", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_limit) 357 STD_S7_INI_ENTRY("suhosin.upload.max_uploads", "25", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_limit)
360 STD_S7_INI_ENTRY("suhosin.upload.max_newlines", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_max_newlines) 358 STD_S7_INI_ENTRY("suhosin.upload.max_newlines", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_max_newlines)
361 STD_S7_INI_ENTRY("suhosin.upload.disallow_elf", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_elf) 359 STD_S7_INI_ENTRY("suhosin.upload.disallow_elf", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_elf)
@@ -403,7 +401,7 @@ PHP_INI_BEGIN()
403 // 401 //
404 STD_S7_INI_BOOLEAN("suhosin.server.encode", "1", PHP_INI_SYSTEM, OnUpdateBool, server_encode) 402 STD_S7_INI_BOOLEAN("suhosin.server.encode", "1", PHP_INI_SYSTEM, OnUpdateBool, server_encode)
405 STD_S7_INI_BOOLEAN("suhosin.server.strip", "1", PHP_INI_SYSTEM, OnUpdateBool, server_strip) 403 STD_S7_INI_BOOLEAN("suhosin.server.strip", "1", PHP_INI_SYSTEM, OnUpdateBool, server_strip)
406 // 404 //
407 STD_S7_INI_ENTRY("suhosin.rand.seedingkey", "", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, seedingkey) 405 STD_S7_INI_ENTRY("suhosin.rand.seedingkey", "", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, seedingkey)
408 STD_S7_INI_BOOLEAN("suhosin.rand.reseed_every_request", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, reseed_every_request) 406 STD_S7_INI_BOOLEAN("suhosin.rand.reseed_every_request", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, reseed_every_request)
409 STD_S7_INI_BOOLEAN("suhosin.srand.ignore", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, srand_ignore) 407 STD_S7_INI_BOOLEAN("suhosin.srand.ignore", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, srand_ignore)
@@ -428,7 +426,7 @@ char *suhosin_getenv(char *name, size_t name_len)
428 } else { 426 } else {
429 /* fallback to the system's getenv() function */ 427 /* fallback to the system's getenv() function */
430 char *tmp; 428 char *tmp;
431 429
432 name = estrndup(name, name_len); 430 name = estrndup(name, name_len);
433 tmp = getenv(name); 431 tmp = getenv(name);
434 efree(name); 432 efree(name);
@@ -476,7 +474,7 @@ PHP_MINIT_FUNCTION(suhosin7)
476 REGISTER_MAIN_LONG_CONSTANT("S_ALL", S_ALL, CONST_PERSISTENT | CONST_CS); 474 REGISTER_MAIN_LONG_CONSTANT("S_ALL", S_ALL, CONST_PERSISTENT | CONST_CS);
477 475
478 REGISTER_INI_ENTRIES(); 476 REGISTER_INI_ENTRIES();
479 477
480#if !defined(HAVE_PHP_SESSION) && !defined(SUHOSIN_NO_SESSION_WARNING) 478#if !defined(HAVE_PHP_SESSION) && !defined(SUHOSIN_NO_SESSION_WARNING)
481 php_error_docref(NULL, E_WARNING, "Suhosin was compiled without session support, which is probably not what you want. All session related features will not be available, e.g. session encryption. If session support is really not needed, recompile Suhosin with -DSUHOSIN_NO_SESSION_WARNING=1 to suppress this warning."); 479 php_error_docref(NULL, E_WARNING, "Suhosin was compiled without session support, which is probably not what you want. All session related features will not be available, e.g. session encryption. If session support is really not needed, recompile Suhosin with -DSUHOSIN_NO_SESSION_WARNING=1 to suppress this warning.");
482#endif 480#endif
@@ -492,7 +490,7 @@ PHP_MINIT_FUNCTION(suhosin7)
492 if (i->on_modify) { 490 if (i->on_modify) {
493 i->on_modify(i, val0, i->mh_arg1, i->mh_arg2, i->mh_arg3, ZEND_INI_STAGE_STARTUP); 491 i->on_modify(i, val0, i->mh_arg1, i->mh_arg2, i->mh_arg3, ZEND_INI_STAGE_STARTUP);
494 } 492 }
495 493
496 SDEBUG("display_errors=%s", ZSTR_VAL(val0)); 494 SDEBUG("display_errors=%s", ZSTR_VAL(val0));
497 if (SUHOSIN7_G(disable_display_errors) >= 2) { 495 if (SUHOSIN7_G(disable_display_errors) >= 2) {
498 i->modified = 0; 496 i->modified = 0;
@@ -565,9 +563,9 @@ PHP_RINIT_FUNCTION(suhosin7)
565PHP_RSHUTDOWN_FUNCTION(suhosin7) 563PHP_RSHUTDOWN_FUNCTION(suhosin7)
566{ 564{
567 SDEBUG("(RSHUTDOWN)"); 565 SDEBUG("(RSHUTDOWN)");
568 /* We need to clear the input filtering 566 /* We need to clear the input filtering
569 variables in the request shutdown 567 variables in the request shutdown
570 because input filtering is done before 568 because input filtering is done before
571 RINIT */ 569 RINIT */
572 570
573 SUHOSIN7_G(cur_request_variables) = 0; 571 SUHOSIN7_G(cur_request_variables) = 0;
@@ -621,7 +619,7 @@ PHP_MINFO_FUNCTION(suhosin7)
621 php_info_print_box_start(0); 619 php_info_print_box_start(0);
622 if (!sapi_module.phpinfo_as_text) { 620 if (!sapi_module.phpinfo_as_text) {
623 zend_string *enc_logo; 621 zend_string *enc_logo;
624 622
625 PUTS("<a href=\"http://www.suhosin.org/\"><img border=\"0\" src=\"data:image/jpeg;base64,"); 623 PUTS("<a href=\"http://www.suhosin.org/\"><img border=\"0\" src=\"data:image/jpeg;base64,");
626 enc_logo = php_base64_encode(suhosin_logo, sizeof(suhosin_logo)); 624 enc_logo = php_base64_encode(suhosin_logo, sizeof(suhosin_logo));
627 if (ZSTR_LEN(enc_logo)) { 625 if (ZSTR_LEN(enc_logo)) {
@@ -659,7 +657,7 @@ PHP_MINFO_FUNCTION(suhosin7)
659 657
660 if (SUHOSIN7_G(protectkey)) { 658 if (SUHOSIN7_G(protectkey)) {
661 php_ini_entry *i; 659 php_ini_entry *i;
662 660
663 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.cookie.cryptkey")))) { 661 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.cookie.cryptkey")))) {
664 i->displayer = NULL; 662 i->displayer = NULL;
665 } 663 }
diff --git a/suhosin_rfc1867.h b/suhosin_rfc1867.h
index 5d946b0..52878b8 100644
--- a/suhosin_rfc1867.h
+++ b/suhosin_rfc1867.h
@@ -17,8 +17,6 @@
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19 19
20/* $Id: suhosin_rfc1867.h,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ */
21
22#ifndef SUHOSIN_RFC1867_H 20#ifndef SUHOSIN_RFC1867_H
23#define SUHOSIN_RFC1867_H 21#define SUHOSIN_RFC1867_H
24 22
@@ -37,11 +35,11 @@
37// #define MULTIPART_EVENT_FILE_DATA 3 35// #define MULTIPART_EVENT_FILE_DATA 3
38// #define MULTIPART_EVENT_FILE_END 4 36// #define MULTIPART_EVENT_FILE_END 4
39// #define MULTIPART_EVENT_END 5 37// #define MULTIPART_EVENT_END 5
40// 38//
41// typedef struct _multipart_event_start { 39// typedef struct _multipart_event_start {
42// size_t content_length; 40// size_t content_length;
43// } multipart_event_start; 41// } multipart_event_start;
44// 42//
45// typedef struct _multipart_event_formdata { 43// typedef struct _multipart_event_formdata {
46// size_t post_bytes_processed; 44// size_t post_bytes_processed;
47// char *name; 45// char *name;
@@ -49,13 +47,13 @@
49// size_t length; 47// size_t length;
50// size_t *newlength; 48// size_t *newlength;
51// } multipart_event_formdata; 49// } multipart_event_formdata;
52// 50//
53// typedef struct _multipart_event_file_start { 51// typedef struct _multipart_event_file_start {
54// size_t post_bytes_processed; 52// size_t post_bytes_processed;
55// char *name; 53// char *name;
56// char **filename; 54// char **filename;
57// } multipart_event_file_start; 55// } multipart_event_file_start;
58// 56//
59// typedef struct _multipart_event_file_data { 57// typedef struct _multipart_event_file_data {
60// size_t post_bytes_processed; 58// size_t post_bytes_processed;
61// zend_off_t offset; 59// zend_off_t offset;
@@ -63,20 +61,20 @@
63// size_t length; 61// size_t length;
64// size_t *newlength; 62// size_t *newlength;
65// } multipart_event_file_data; 63// } multipart_event_file_data;
66// 64//
67// typedef struct _multipart_event_file_end { 65// typedef struct _multipart_event_file_end {
68// size_t post_bytes_processed; 66// size_t post_bytes_processed;
69// char *temp_filename; 67// char *temp_filename;
70// int cancel_upload; 68// int cancel_upload;
71// } multipart_event_file_end; 69// } multipart_event_file_end;
72// 70//
73// typedef struct _multipart_event_end { 71// typedef struct _multipart_event_end {
74// size_t post_bytes_processed; 72// size_t post_bytes_processed;
75// } multipart_event_end; 73// } multipart_event_end;
76// 74//
77// 75//
78// #endif 76// #endif
79// 77//
80int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra); 78int suhosin_rfc1867_filter(unsigned int event, void *event_data, void **extra);
81 79
82SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler); 80SAPI_POST_HANDLER_FUNC(suhosin_rfc1867_post_handler);
diff --git a/treat_data.c b/treat_data.c
index bdd06c0..25c24c4 100644
--- a/treat_data.c
+++ b/treat_data.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: treat_data.c $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"
@@ -38,19 +35,19 @@ SAPI_TREAT_DATA_FUNC(suhosin_treat_data)
38{ 35{
39 switch (arg) { 36 switch (arg) {
40 case PARSE_POST: 37 case PARSE_POST:
41 if (SUHOSIN7_G(max_request_variables) && (SUHOSIN7_G(max_post_vars) == 0 || 38 if (SUHOSIN7_G(max_request_variables) && (SUHOSIN7_G(max_post_vars) == 0 ||
42 SUHOSIN7_G(max_request_variables) <= SUHOSIN7_G(max_post_vars))) { 39 SUHOSIN7_G(max_request_variables) <= SUHOSIN7_G(max_post_vars))) {
43 SUHOSIN7_G(max_post_vars) = SUHOSIN7_G(max_request_variables); 40 SUHOSIN7_G(max_post_vars) = SUHOSIN7_G(max_request_variables);
44 } 41 }
45 break; 42 break;
46 case PARSE_GET: 43 case PARSE_GET:
47 if (SUHOSIN7_G(max_request_variables) && (SUHOSIN7_G(max_get_vars) == 0 || 44 if (SUHOSIN7_G(max_request_variables) && (SUHOSIN7_G(max_get_vars) == 0 ||
48 SUHOSIN7_G(max_request_variables) <= SUHOSIN7_G(max_get_vars))) { 45 SUHOSIN7_G(max_request_variables) <= SUHOSIN7_G(max_get_vars))) {
49 SUHOSIN7_G(max_get_vars) = SUHOSIN7_G(max_request_variables); 46 SUHOSIN7_G(max_get_vars) = SUHOSIN7_G(max_request_variables);
50 } 47 }
51 break; 48 break;
52 case PARSE_COOKIE: 49 case PARSE_COOKIE:
53 if (SUHOSIN7_G(max_request_variables) && (SUHOSIN7_G(max_cookie_vars) == 0 || 50 if (SUHOSIN7_G(max_request_variables) && (SUHOSIN7_G(max_cookie_vars) == 0 ||
54 SUHOSIN7_G(max_request_variables) <= SUHOSIN7_G(max_cookie_vars))) { 51 SUHOSIN7_G(max_request_variables) <= SUHOSIN7_G(max_cookie_vars))) {
55 SUHOSIN7_G(max_cookie_vars) = SUHOSIN7_G(max_request_variables); 52 SUHOSIN7_G(max_cookie_vars) = SUHOSIN7_G(max_request_variables);
56 } 53 }
@@ -60,7 +57,7 @@ SAPI_TREAT_DATA_FUNC(suhosin_treat_data)
60 if (arg == PARSE_COOKIE && SUHOSIN7_G(cookie_encrypt) && SG(request_info).cookie_data) { 57 if (arg == PARSE_COOKIE && SUHOSIN7_G(cookie_encrypt) && SG(request_info).cookie_data) {
61 SG(request_info).cookie_data = suhosin_cookie_decryptor(SG(request_info).cookie_data); 58 SG(request_info).cookie_data = suhosin_cookie_decryptor(SG(request_info).cookie_data);
62 } 59 }
63 60
64 if (orig_treat_data) { 61 if (orig_treat_data) {
65 orig_treat_data(arg, str, destArray); 62 orig_treat_data(arg, str, destArray);
66 } 63 }
diff --git a/ufilter.c b/ufilter.c
index b7543ea..af4a051 100644
--- a/ufilter.c
+++ b/ufilter.c
@@ -17,9 +17,6 @@
17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | 17 | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> |
18 +----------------------------------------------------------------------+ 18 +----------------------------------------------------------------------+
19*/ 19*/
20/*
21 $Id: ufilter.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $
22*/
23 20
24#ifdef HAVE_CONFIG_H 21#ifdef HAVE_CONFIG_H
25#include "config.h" 22#include "config.h"