summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ifilter.c196
-rw-r--r--php_suhosin7.h141
-rw-r--r--suhosin7.c34
3 files changed, 185 insertions, 186 deletions
diff --git a/ifilter.c b/ifilter.c
index b49e61e..627fdbd 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -219,7 +219,7 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
219 orig_register_server_variables(track_vars_array TSRMLS_CC); 219 orig_register_server_variables(track_vars_array TSRMLS_CC);
220 220
221 svars = Z_ARRVAL_P(track_vars_array); 221 svars = Z_ARRVAL_P(track_vars_array);
222 if (!SUHOSIN_G(simulation)) { 222 if (!SUHOSIN7_G(simulation)) {
223 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_GET_VARS")); 223 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_GET_VARS"));
224 if (retval == SUCCESS) failure = 1; 224 if (retval == SUCCESS) failure = 1;
225 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_POST_VARS")); 225 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_POST_VARS"));
@@ -252,24 +252,24 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
252 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header"); 252 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header");
253 } 253 }
254 254
255 if (SUHOSIN_G(raw_cookie)) { 255 if (SUHOSIN7_G(raw_cookie)) {
256 zval z; 256 zval z;
257 ZVAL_STRING(&z, SUHOSIN_G(raw_cookie)); 257 ZVAL_STRING(&z, SUHOSIN7_G(raw_cookie));
258 zend_hash_str_add(svars, "RAW_HTTP_COOKIE", sizeof("RAW_HTTP_COOKIE")-1, &z); 258 zend_hash_str_add(svars, "RAW_HTTP_COOKIE", sizeof("RAW_HTTP_COOKIE")-1, &z);
259 } 259 }
260 if (SUHOSIN_G(decrypted_cookie)) { 260 if (SUHOSIN7_G(decrypted_cookie)) {
261 zval z; 261 zval z;
262 ZVAL_STRING(&z, SUHOSIN_G(decrypted_cookie)); 262 ZVAL_STRING(&z, SUHOSIN7_G(decrypted_cookie));
263 zend_hash_str_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE")-1, &z); 263 zend_hash_str_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE")-1, &z);
264 SUHOSIN_G(decrypted_cookie) = NULL; 264 SUHOSIN7_G(decrypted_cookie) = NULL;
265 } 265 }
266 266
267 if (SUHOSIN_G(server_encode)) { 267 if (SUHOSIN7_G(server_encode)) {
268 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */ 268 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */
269 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI")); 269 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI"));
270 suhosin_server_encode(svars, ZEND_STRL("QUERY_STRING")); 270 suhosin_server_encode(svars, ZEND_STRL("QUERY_STRING"));
271 } 271 }
272 if (SUHOSIN_G(server_strip)) { 272 if (SUHOSIN7_G(server_strip)) {
273 suhosin_server_strip(svars, ZEND_STRL("PHP_SELF")); 273 suhosin_server_strip(svars, ZEND_STRL("PHP_SELF"));
274 suhosin_server_strip(svars, ZEND_STRL("PATH_INFO")); 274 suhosin_server_strip(svars, ZEND_STRL("PATH_INFO"));
275 suhosin_server_strip(svars, ZEND_STRL("PATH_TRANSLATED")); 275 suhosin_server_strip(svars, ZEND_STRL("PATH_TRANSLATED"));
@@ -287,10 +287,10 @@ unsigned int (*old_input_filter)(int arg, char *var, char **val, size_t val_len,
287 */ 287 */
288unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len) 288unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
289{ 289{
290 zend_bool already_scanned = SUHOSIN_G(already_scanned); 290 zend_bool already_scanned = SUHOSIN7_G(already_scanned);
291 SUHOSIN_G(already_scanned) = 0; 291 SUHOSIN7_G(already_scanned) = 0;
292 292
293 if (SUHOSIN_G(do_not_scan)) { 293 if (SUHOSIN7_G(do_not_scan)) {
294 if (new_val_len) { 294 if (new_val_len) {
295 *new_val_len = val_len; 295 *new_val_len = val_len;
296 } 296 }
@@ -299,7 +299,7 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t
299 299
300 if (!already_scanned) { 300 if (!already_scanned) {
301 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) { 301 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) {
302 SUHOSIN_G(abort_request)=1; 302 SUHOSIN7_G(abort_request)=1;
303 return 0; 303 return 0;
304 } 304 }
305 if (new_val_len) { 305 if (new_val_len) {
@@ -321,7 +321,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
321 unsigned int var_len, total_len, depth = 0; 321 unsigned int var_len, total_len, depth = 0;
322 322
323 /* Mark that we were called */ 323 /* Mark that we were called */
324 SUHOSIN_G(already_scanned) = 1; 324 SUHOSIN7_G(already_scanned) = 1;
325 325
326 if (new_val_len) { 326 if (new_val_len) {
327 *new_val_len = 0; 327 *new_val_len = 0;
@@ -330,23 +330,23 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
330 /* Drop this variable if the limit was reached */ 330 /* Drop this variable if the limit was reached */
331 switch (arg) { 331 switch (arg) {
332 case PARSE_GET: 332 case PARSE_GET:
333 SUHOSIN_G(att_get_vars)++; 333 SUHOSIN7_G(att_get_vars)++;
334 SUHOSIN_G(att_request_variables)++; 334 SUHOSIN7_G(att_request_variables)++;
335 if (SUHOSIN_G(no_more_get_variables)) { 335 if (SUHOSIN7_G(no_more_get_variables)) {
336 return 0; 336 return 0;
337 } 337 }
338 break; 338 break;
339 case PARSE_POST: 339 case PARSE_POST:
340 SUHOSIN_G(att_post_vars)++; 340 SUHOSIN7_G(att_post_vars)++;
341 SUHOSIN_G(att_request_variables)++; 341 SUHOSIN7_G(att_request_variables)++;
342 if (SUHOSIN_G(no_more_post_variables)) { 342 if (SUHOSIN7_G(no_more_post_variables)) {
343 return 0; 343 return 0;
344 } 344 }
345 break; 345 break;
346 case PARSE_COOKIE: 346 case PARSE_COOKIE:
347 SUHOSIN_G(att_cookie_vars)++; 347 SUHOSIN7_G(att_cookie_vars)++;
348 SUHOSIN_G(att_request_variables)++; 348 SUHOSIN7_G(att_request_variables)++;
349 if (SUHOSIN_G(no_more_cookie_variables)) { 349 if (SUHOSIN7_G(no_more_cookie_variables)) {
350 return 0; 350 return 0;
351 } 351 }
352 break; 352 break;
@@ -360,28 +360,28 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
360 /* Drop this variable if the limit is now reached */ 360 /* Drop this variable if the limit is now reached */
361 switch (arg) { 361 switch (arg) {
362 case PARSE_GET: 362 case PARSE_GET:
363 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) { 363 if (SUHOSIN7_G(max_get_vars) && SUHOSIN7_G(max_get_vars) <= SUHOSIN7_G(cur_get_vars)) {
364 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var); 364 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var);
365 if (!SUHOSIN_G(simulation)) { 365 if (!SUHOSIN7_G(simulation)) {
366 SUHOSIN_G(no_more_get_variables) = 1; 366 SUHOSIN7_G(no_more_get_variables) = 1;
367 return 0; 367 return 0;
368 } 368 }
369 } 369 }
370 break; 370 break;
371 case PARSE_COOKIE: 371 case PARSE_COOKIE:
372 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) { 372 if (SUHOSIN7_G(max_cookie_vars) && SUHOSIN7_G(max_cookie_vars) <= SUHOSIN7_G(cur_cookie_vars)) {
373 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var); 373 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var);
374 if (!SUHOSIN_G(simulation)) { 374 if (!SUHOSIN7_G(simulation)) {
375 SUHOSIN_G(no_more_cookie_variables) = 1; 375 SUHOSIN7_G(no_more_cookie_variables) = 1;
376 return 0; 376 return 0;
377 } 377 }
378 } 378 }
379 break; 379 break;
380 case PARSE_POST: 380 case PARSE_POST:
381 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) { 381 if (SUHOSIN7_G(max_post_vars) && SUHOSIN7_G(max_post_vars) <= SUHOSIN7_G(cur_post_vars)) {
382 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var); 382 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var);
383 if (!SUHOSIN_G(simulation)) { 383 if (!SUHOSIN7_G(simulation)) {
384 SUHOSIN_G(no_more_post_variables) = 1; 384 SUHOSIN7_G(no_more_post_variables) = 1;
385 return 0; 385 return 0;
386 } 386 }
387 } 387 }
@@ -390,33 +390,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
390 390
391 /* Drop this variable if it begins with whitespace which is disallowed */ 391 /* Drop this variable if it begins with whitespace which is disallowed */
392 if (isspace(*var)) { 392 if (isspace(*var)) {
393 if (SUHOSIN_G(disallow_ws)) { 393 if (SUHOSIN7_G(disallow_ws)) {
394 suhosin_log(S_VARS, "request variable name begins with disallowed whitespace - dropped variable '%s'", var); 394 suhosin_log(S_VARS, "request variable name begins with disallowed whitespace - dropped variable '%s'", var);
395 if (!SUHOSIN_G(simulation)) { 395 if (!SUHOSIN7_G(simulation)) {
396 return 0; 396 return 0;
397 } 397 }
398 } 398 }
399 switch (arg) { 399 switch (arg) {
400 case PARSE_GET: 400 case PARSE_GET:
401 if (SUHOSIN_G(disallow_get_ws)) { 401 if (SUHOSIN7_G(disallow_get_ws)) {
402 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var); 402 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var);
403 if (!SUHOSIN_G(simulation)) { 403 if (!SUHOSIN7_G(simulation)) {
404 return 0; 404 return 0;
405 } 405 }
406 } 406 }
407 break; 407 break;
408 case PARSE_POST: 408 case PARSE_POST:
409 if (SUHOSIN_G(disallow_post_ws)) { 409 if (SUHOSIN7_G(disallow_post_ws)) {
410 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var); 410 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var);
411 if (!SUHOSIN_G(simulation)) { 411 if (!SUHOSIN7_G(simulation)) {
412 return 0; 412 return 0;
413 } 413 }
414 } 414 }
415 break; 415 break;
416 case PARSE_COOKIE: 416 case PARSE_COOKIE:
417 if (SUHOSIN_G(disallow_cookie_ws)) { 417 if (SUHOSIN7_G(disallow_cookie_ws)) {
418 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var); 418 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var);
419 if (!SUHOSIN_G(simulation)) { 419 if (!SUHOSIN7_G(simulation)) {
420 return 0; 420 return 0;
421 } 421 }
422 } 422 }
@@ -425,33 +425,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
425 } 425 }
426 426
427 /* Drop this variable if it exceeds the value length limit */ 427 /* Drop this variable if it exceeds the value length limit */
428 if (SUHOSIN_G(max_value_length) && SUHOSIN_G(max_value_length) < val_len) { 428 if (SUHOSIN7_G(max_value_length) && SUHOSIN7_G(max_value_length) < val_len) {
429 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var); 429 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var);
430 if (!SUHOSIN_G(simulation)) { 430 if (!SUHOSIN7_G(simulation)) {
431 return 0; 431 return 0;
432 } 432 }
433 } 433 }
434 switch (arg) { 434 switch (arg) {
435 case PARSE_GET: 435 case PARSE_GET:
436 if (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) { 436 if (SUHOSIN7_G(max_get_value_length) && SUHOSIN7_G(max_get_value_length) < val_len) {
437 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var); 437 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var);
438 if (!SUHOSIN_G(simulation)) { 438 if (!SUHOSIN7_G(simulation)) {
439 return 0; 439 return 0;
440 } 440 }
441 } 441 }
442 break; 442 break;
443 case PARSE_COOKIE: 443 case PARSE_COOKIE:
444 if (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) { 444 if (SUHOSIN7_G(max_cookie_value_length) && SUHOSIN7_G(max_cookie_value_length) < val_len) {
445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var); 445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var);
446 if (!SUHOSIN_G(simulation)) { 446 if (!SUHOSIN7_G(simulation)) {
447 return 0; 447 return 0;
448 } 448 }
449 } 449 }
450 break; 450 break;
451 case PARSE_POST: 451 case PARSE_POST:
452 if (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) { 452 if (SUHOSIN7_G(max_post_value_length) && SUHOSIN7_G(max_post_value_length) < val_len) {
453 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var); 453 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var);
454 if (!SUHOSIN_G(simulation)) { 454 if (!SUHOSIN7_G(simulation)) {
455 return 0; 455 return 0;
456 } 456 }
457 } 457 }
@@ -467,57 +467,57 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
467 var_len = index ? index-var : total_len; 467 var_len = index ? index-var : total_len;
468 468
469 /* Drop this variable if it exceeds the varname/total length limit */ 469 /* Drop this variable if it exceeds the varname/total length limit */
470 if (SUHOSIN_G(max_varname_length) && SUHOSIN_G(max_varname_length) < var_len) { 470 if (SUHOSIN7_G(max_varname_length) && SUHOSIN7_G(max_varname_length) < var_len) {
471 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var); 471 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var);
472 if (!SUHOSIN_G(simulation)) { 472 if (!SUHOSIN7_G(simulation)) {
473 return 0; 473 return 0;
474 } 474 }
475 } 475 }
476 if (SUHOSIN_G(max_totalname_length) && SUHOSIN_G(max_totalname_length) < total_len) { 476 if (SUHOSIN7_G(max_totalname_length) && SUHOSIN7_G(max_totalname_length) < total_len) {
477 suhosin_log(S_VARS, "configured request variable total name length limit exceeded - dropped variable '%s'", var); 477 suhosin_log(S_VARS, "configured request variable total name length limit exceeded - dropped variable '%s'", var);
478 if (!SUHOSIN_G(simulation)) { 478 if (!SUHOSIN7_G(simulation)) {
479 return 0; 479 return 0;
480 } 480 }
481 } 481 }
482 switch (arg) { 482 switch (arg) {
483 case PARSE_GET: 483 case PARSE_GET:
484 if (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) { 484 if (SUHOSIN7_G(max_get_name_length) && SUHOSIN7_G(max_get_name_length) < var_len) {
485 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var); 485 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var);
486 if (!SUHOSIN_G(simulation)) { 486 if (!SUHOSIN7_G(simulation)) {
487 return 0; 487 return 0;
488 } 488 }
489 } 489 }
490 if (SUHOSIN_G(max_get_totalname_length) && SUHOSIN_G(max_get_totalname_length) < total_len) { 490 if (SUHOSIN7_G(max_get_totalname_length) && SUHOSIN7_G(max_get_totalname_length) < total_len) {
491 suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var); 491 suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var);
492 if (!SUHOSIN_G(simulation)) { 492 if (!SUHOSIN7_G(simulation)) {
493 return 0; 493 return 0;
494 } 494 }
495 } 495 }
496 break; 496 break;
497 case PARSE_COOKIE: 497 case PARSE_COOKIE:
498 if (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) { 498 if (SUHOSIN7_G(max_cookie_name_length) && SUHOSIN7_G(max_cookie_name_length) < var_len) {
499 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var); 499 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var);
500 if (!SUHOSIN_G(simulation)) { 500 if (!SUHOSIN7_G(simulation)) {
501 return 0; 501 return 0;
502 } 502 }
503 } 503 }
504 if (SUHOSIN_G(max_cookie_totalname_length) && SUHOSIN_G(max_cookie_totalname_length) < total_len) { 504 if (SUHOSIN7_G(max_cookie_totalname_length) && SUHOSIN7_G(max_cookie_totalname_length) < total_len) {
505 suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var); 505 suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var);
506 if (!SUHOSIN_G(simulation)) { 506 if (!SUHOSIN7_G(simulation)) {
507 return 0; 507 return 0;
508 } 508 }
509 } 509 }
510 break; 510 break;
511 case PARSE_POST: 511 case PARSE_POST:
512 if (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) { 512 if (SUHOSIN7_G(max_post_name_length) && SUHOSIN7_G(max_post_name_length) < var_len) {
513 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var); 513 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var);
514 if (!SUHOSIN_G(simulation)) { 514 if (!SUHOSIN7_G(simulation)) {
515 return 0; 515 return 0;
516 } 516 }
517 } 517 }
518 if (SUHOSIN_G(max_post_totalname_length) && SUHOSIN_G(max_post_totalname_length) < total_len) { 518 if (SUHOSIN7_G(max_post_totalname_length) && SUHOSIN7_G(max_post_totalname_length) < total_len) {
519 suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var); 519 suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var);
520 if (!SUHOSIN_G(simulation)) { 520 if (!SUHOSIN7_G(simulation)) {
521 return 0; 521 return 0;
522 } 522 }
523 } 523 }
@@ -543,33 +543,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
543 index_length = index_end - index; 543 index_length = index_end - index;
544 544
545 /* max. array index length */ 545 /* max. array index length */
546 if (SUHOSIN_G(max_array_index_length) && SUHOSIN_G(max_array_index_length) < index_length) { 546 if (SUHOSIN7_G(max_array_index_length) && SUHOSIN7_G(max_array_index_length) < index_length) {
547 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var); 547 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var);
548 if (!SUHOSIN_G(simulation)) { 548 if (!SUHOSIN7_G(simulation)) {
549 return 0; 549 return 0;
550 } 550 }
551 } 551 }
552 switch (arg) { 552 switch (arg) {
553 case PARSE_GET: 553 case PARSE_GET:
554 if (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) { 554 if (SUHOSIN7_G(max_get_array_index_length) && SUHOSIN7_G(max_get_array_index_length) < index_length) {
555 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var); 555 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var);
556 if (!SUHOSIN_G(simulation)) { 556 if (!SUHOSIN7_G(simulation)) {
557 return 0; 557 return 0;
558 } 558 }
559 } 559 }
560 break; 560 break;
561 case PARSE_COOKIE: 561 case PARSE_COOKIE:
562 if (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) { 562 if (SUHOSIN7_G(max_cookie_array_index_length) && SUHOSIN7_G(max_cookie_array_index_length) < index_length) {
563 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var); 563 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var);
564 if (!SUHOSIN_G(simulation)) { 564 if (!SUHOSIN7_G(simulation)) {
565 return 0; 565 return 0;
566 } 566 }
567 } 567 }
568 break; 568 break;
569 case PARSE_POST: 569 case PARSE_POST:
570 if (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) { 570 if (SUHOSIN7_G(max_post_array_index_length) && SUHOSIN7_G(max_post_array_index_length) < index_length) {
571 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var); 571 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var);
572 if (!SUHOSIN_G(simulation)) { 572 if (!SUHOSIN7_G(simulation)) {
573 return 0; 573 return 0;
574 } 574 }
575 } 575 }
@@ -577,17 +577,17 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
577 } 577 }
578 578
579 /* index whitelist/blacklist */ 579 /* index whitelist/blacklist */
580 if (SUHOSIN_G(array_index_whitelist) && *(SUHOSIN_G(array_index_whitelist))) { 580 if (SUHOSIN7_G(array_index_whitelist) && *(SUHOSIN7_G(array_index_whitelist))) {
581 if (suhosin_strnspn(index, index_length, SUHOSIN_G(array_index_whitelist)) != index_length) { 581 if (suhosin_strnspn(index, index_length, SUHOSIN7_G(array_index_whitelist)) != index_length) {
582 suhosin_log(S_VARS, "array index contains not whitelisted characters - dropped variable '%s'", var); 582 suhosin_log(S_VARS, "array index contains not whitelisted characters - dropped variable '%s'", var);
583 if (!SUHOSIN_G(simulation)) { 583 if (!SUHOSIN7_G(simulation)) {
584 return 0; 584 return 0;
585 } 585 }
586 } 586 }
587 } else if (SUHOSIN_G(array_index_blacklist) && *(SUHOSIN_G(array_index_blacklist))) { 587 } else if (SUHOSIN7_G(array_index_blacklist) && *(SUHOSIN7_G(array_index_blacklist))) {
588 if (suhosin_strncspn(index, index_length, SUHOSIN_G(array_index_blacklist)) != index_length) { 588 if (suhosin_strncspn(index, index_length, SUHOSIN7_G(array_index_blacklist)) != index_length) {
589 suhosin_log(S_VARS, "array index contains blacklisted characters - dropped variable '%s'", var); 589 suhosin_log(S_VARS, "array index contains blacklisted characters - dropped variable '%s'", var);
590 if (!SUHOSIN_G(simulation)) { 590 if (!SUHOSIN7_G(simulation)) {
591 return 0; 591 return 0;
592 } 592 }
593 } 593 }
@@ -597,33 +597,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
597 } 597 }
598 598
599 /* Drop this variable if it exceeds the array depth limit */ 599 /* Drop this variable if it exceeds the array depth limit */
600 if (SUHOSIN_G(max_array_depth) && SUHOSIN_G(max_array_depth) < depth) { 600 if (SUHOSIN7_G(max_array_depth) && SUHOSIN7_G(max_array_depth) < depth) {
601 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var); 601 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var);
602 if (!SUHOSIN_G(simulation)) { 602 if (!SUHOSIN7_G(simulation)) {
603 return 0; 603 return 0;
604 } 604 }
605 } 605 }
606 switch (arg) { 606 switch (arg) {
607 case PARSE_GET: 607 case PARSE_GET:
608 if (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) { 608 if (SUHOSIN7_G(max_get_array_depth) && SUHOSIN7_G(max_get_array_depth) < depth) {
609 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var); 609 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var);
610 if (!SUHOSIN_G(simulation)) { 610 if (!SUHOSIN7_G(simulation)) {
611 return 0; 611 return 0;
612 } 612 }
613 } 613 }
614 break; 614 break;
615 case PARSE_COOKIE: 615 case PARSE_COOKIE:
616 if (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) { 616 if (SUHOSIN7_G(max_cookie_array_depth) && SUHOSIN7_G(max_cookie_array_depth) < depth) {
617 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var); 617 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var);
618 if (!SUHOSIN_G(simulation)) { 618 if (!SUHOSIN7_G(simulation)) {
619 return 0; 619 return 0;
620 } 620 }
621 } 621 }
622 break; 622 break;
623 case PARSE_POST: 623 case PARSE_POST:
624 if (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) { 624 if (SUHOSIN7_G(max_post_array_depth) && SUHOSIN7_G(max_post_array_depth) < depth) {
625 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var); 625 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var);
626 if (!SUHOSIN_G(simulation)) { 626 if (!SUHOSIN7_G(simulation)) {
627 return 0; 627 return 0;
628 } 628 }
629 } 629 }
@@ -634,33 +634,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
634 634
635 if (val && *val && val_len != strnlen(*val, val_len)) { 635 if (val && *val && val_len != strnlen(*val, val_len)) {
636 636
637 if (SUHOSIN_G(disallow_nul)) { 637 if (SUHOSIN7_G(disallow_nul)) {
638 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var); 638 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var);
639 if (!SUHOSIN_G(simulation)) { 639 if (!SUHOSIN7_G(simulation)) {
640 return 0; 640 return 0;
641 } 641 }
642 } 642 }
643 switch (arg) { 643 switch (arg) {
644 case PARSE_GET: 644 case PARSE_GET:
645 if (SUHOSIN_G(disallow_get_nul)) { 645 if (SUHOSIN7_G(disallow_get_nul)) {
646 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var); 646 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var);
647 if (!SUHOSIN_G(simulation)) { 647 if (!SUHOSIN7_G(simulation)) {
648 return 0; 648 return 0;
649 } 649 }
650 } 650 }
651 break; 651 break;
652 case PARSE_COOKIE: 652 case PARSE_COOKIE:
653 if (SUHOSIN_G(disallow_cookie_nul)) { 653 if (SUHOSIN7_G(disallow_cookie_nul)) {
654 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var); 654 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var);
655 if (!SUHOSIN_G(simulation)) { 655 if (!SUHOSIN7_G(simulation)) {
656 return 0; 656 return 0;
657 } 657 }
658 } 658 }
659 break; 659 break;
660 case PARSE_POST: 660 case PARSE_POST:
661 if (SUHOSIN_G(disallow_post_nul)) { 661 if (SUHOSIN7_G(disallow_post_nul)) {
662 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var); 662 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var);
663 if (!SUHOSIN_G(simulation)) { 663 if (!SUHOSIN7_G(simulation)) {
664 return 0; 664 return 0;
665 } 665 }
666 } 666 }
@@ -672,22 +672,22 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
672 /* This is to protect several silly scripts that do globalizing themself */ 672 /* This is to protect several silly scripts that do globalizing themself */
673 if (suhosin_is_protected_varname(var, var_len)) { 673 if (suhosin_is_protected_varname(var, var_len)) {
674 suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE"); 674 suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE");
675 if (!SUHOSIN_G(simulation)) { 675 if (!SUHOSIN7_G(simulation)) {
676 return 0; 676 return 0;
677 } 677 }
678 } 678 }
679 679
680 /* Okay let PHP register this variable */ 680 /* Okay let PHP register this variable */
681 SUHOSIN_G(cur_request_variables)++; 681 SUHOSIN7_G(cur_request_variables)++;
682 switch (arg) { 682 switch (arg) {
683 case PARSE_GET: 683 case PARSE_GET:
684 SUHOSIN_G(cur_get_vars)++; 684 SUHOSIN7_G(cur_get_vars)++;
685 break; 685 break;
686 case PARSE_COOKIE: 686 case PARSE_COOKIE:
687 SUHOSIN_G(cur_cookie_vars)++; 687 SUHOSIN7_G(cur_cookie_vars)++;
688 break; 688 break;
689 case PARSE_POST: 689 case PARSE_POST:
690 SUHOSIN_G(cur_post_vars)++; 690 SUHOSIN7_G(cur_post_vars)++;
691 break; 691 break;
692 } 692 }
693 693
diff --git a/php_suhosin7.h b/php_suhosin7.h
index 11dcdd5..aefe4b9 100644
--- a/php_suhosin7.h
+++ b/php_suhosin7.h
@@ -123,21 +123,21 @@ protected_varname:
123 123
124 124
125ZEND_BEGIN_MODULE_GLOBALS(suhosin7) 125ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
126 zend_long global_value; 126 // zend_long global_value;
127 char *global_string; 127 // char *global_string;
128 zend_bool protectkey; 128 zend_bool protectkey;
129 129
130 zend_bool simulation; 130 zend_bool simulation;
131 zend_bool stealth; 131 // zend_bool stealth;
132 zend_bool already_scanned; 132 zend_bool already_scanned;
133 zend_bool abort_request; 133 zend_bool abort_request;
134 char *filter_action; 134 // char *filter_action;
135 135 //
136 136 //
137 zend_bool executor_allow_symlink; 137 // zend_bool executor_allow_symlink;
138 long max_execution_depth; 138 // long max_execution_depth;
139 long executor_include_max_traversal; 139 // long executor_include_max_traversal;
140 zend_bool executor_include_allow_writable_files; 140 // zend_bool executor_include_allow_writable_files;
141 141
142 142
143 HashTable *include_whitelist; 143 HashTable *include_whitelist;
@@ -148,8 +148,8 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
148 HashTable *eval_whitelist; 148 HashTable *eval_whitelist;
149 HashTable *eval_blacklist; 149 HashTable *eval_blacklist;
150 150
151 zend_bool executor_disable_eval; 151 // zend_bool executor_disable_eval;
152 zend_bool executor_disable_emod; 152 // zend_bool executor_disable_emod;
153 153
154 154
155/* request variables */ 155/* request variables */
@@ -198,25 +198,26 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
198 zend_long max_post_array_index_length; 198 zend_long max_post_array_index_length;
199 zend_bool disallow_post_nul; 199 zend_bool disallow_post_nul;
200 zend_bool disallow_post_ws; 200 zend_bool disallow_post_ws;
201 201
202/* fileupload */ 202/* fileupload */
203 zend_long upload_limit; 203 // zend_long upload_limit;
204 zend_long upload_max_newlines; 204 // zend_long upload_max_newlines;
205 zend_long num_uploads; 205 // zend_long num_uploads;
206 zend_bool upload_disallow_elf; 206 // zend_bool upload_disallow_elf;
207 zend_bool upload_disallow_binary; 207 // zend_bool upload_disallow_binary;
208 zend_bool upload_remove_binary; 208 // zend_bool upload_remove_binary;
209#ifdef SUHOSIN7_EXPERIMENTAL 209#ifdef SUHOSIN7_EXPERIMENTAL
210 zend_bool upload_allow_utf8; 210 // zend_bool upload_allow_utf8;
211#endif 211#endif
212 char *upload_verification_script; 212 // char *upload_verification_script;
213 213
214 zend_bool no_more_variables; 214 zend_bool no_more_variables;
215 zend_bool no_more_get_variables; 215 zend_bool no_more_get_variables;
216 zend_bool no_more_post_variables; 216 zend_bool no_more_post_variables;
217 zend_bool no_more_cookie_variables; 217 zend_bool no_more_cookie_variables;
218 zend_bool no_more_uploads; 218 zend_bool no_more_uploads;
219 219
220 /* encryption */
220 BYTE fi[24],ri[24]; 221 BYTE fi[24],ri[24];
221 WORD fkey[120]; 222 WORD fkey[120];
222 WORD rkey[120]; 223 WORD rkey[120];
@@ -241,29 +242,31 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
241 HashTable *cookie_plainlist; 242 HashTable *cookie_plainlist;
242 HashTable *cookie_cryptlist; 243 HashTable *cookie_cryptlist;
243 244
244 zend_bool coredump; 245 /* misc */
245 zend_bool apc_bug_workaround; 246 // zend_bool coredump;
247 // zend_bool apc_bug_workaround;
246 zend_bool do_not_scan; 248 zend_bool do_not_scan;
247 249 //
248 zend_bool server_encode; 250 zend_bool server_encode;
249 zend_bool server_strip; 251 zend_bool server_strip;
252 //
253 // zend_bool disable_display_errors;
250 254
251 zend_bool disable_display_errors; 255 /* random number generator */
252 256 // php_uint32 r_state[625];
253 php_uint32 r_state[625]; 257 // php_uint32 *r_next;
254 php_uint32 *r_next; 258 // int r_left;
255 int r_left; 259 // zend_bool srand_ignore;
256 zend_bool srand_ignore; 260 // zend_bool mt_srand_ignore;
257 zend_bool mt_srand_ignore; 261 // php_uint32 mt_state[625];
258 php_uint32 mt_state[625]; 262 // php_uint32 *mt_next;
259 php_uint32 *mt_next; 263 // int mt_left;
260 int mt_left; 264 //
261 265 // char *seedingkey;
262 char *seedingkey; 266 // zend_bool reseed_every_request;
263 zend_bool reseed_every_request; 267 //
264 268 // zend_bool r_is_seeded;
265 zend_bool r_is_seeded; 269 // zend_bool mt_is_seeded;
266 zend_bool mt_is_seeded;
267 270
268 271
269/* memory_limit */ 272/* memory_limit */
@@ -286,38 +289,38 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
286 zend_bool misc_perdir; 289 zend_bool misc_perdir;
287 290
288 /* log */ 291 /* log */
289 zend_bool log_use_x_forwarded_for; 292 // zend_bool log_use_x_forwarded_for;
290 long log_syslog; 293 // long log_syslog;
291 long log_syslog_facility; 294 // long log_syslog_facility;
292 long log_syslog_priority; 295 // long log_syslog_priority;
293 long log_script; 296 // long log_script;
294 long log_sapi; 297 // long log_sapi;
295 long log_stdout; 298 // long log_stdout;
296 char *log_scriptname; 299 // char *log_scriptname;
297 long log_phpscript; 300 // long log_phpscript;
298 char *log_phpscriptname; 301 // char *log_phpscriptname;
299 zend_bool log_phpscript_is_safe; 302 // zend_bool log_phpscript_is_safe;
300 long log_file; 303 // long log_file;
301 char *log_filename; 304 // char *log_filename;
302 zend_bool log_file_time; 305 // zend_bool log_file_time;
303 306
304 /* header handler */ 307 /* header handler */
305 zend_bool allow_multiheader; 308 // zend_bool allow_multiheader;
306 309
307 /* mailprotect */ 310 /* mailprotect */
308 long mailprotect; 311 // long mailprotect;
309 312
310 /* sqlprotect */ 313 /* sqlprotect */
311 zend_bool sql_bailout_on_error; 314 // zend_bool sql_bailout_on_error;
312 char *sql_user_prefix; 315 // char *sql_user_prefix;
313 char *sql_user_postfix; 316 // char *sql_user_postfix;
314 char *sql_user_match; 317 // char *sql_user_match;
315 long sql_comment; 318 // long sql_comment;
316 long sql_opencomment; 319 // long sql_opencomment;
317 long sql_union; 320 // long sql_union;
318 long sql_mselect; 321 // long sql_mselect;
319 322
320 int (*old_php_body_write)(const char *str, unsigned int str_length TSRMLS_DC); 323 // int (*old_php_body_write)(const char *str, unsigned int str_length TSRMLS_DC);
321 324
322ZEND_END_MODULE_GLOBALS(suhosin7) 325ZEND_END_MODULE_GLOBALS(suhosin7)
323 326
@@ -327,10 +330,6 @@ ZEND_END_MODULE_GLOBALS(suhosin7)
327*/ 330*/
328#define SUHOSIN7_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(suhosin7, v) 331#define SUHOSIN7_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(suhosin7, v)
329 332
330#ifdef SUHOSIN7_DEBUG
331#define SUHOSIN_G(v) SUHOSIN7_G(v)
332#endif
333
334#if defined(ZTS) && defined(COMPILE_DL_SUHOSIN7) 333#if defined(ZTS) && defined(COMPILE_DL_SUHOSIN7)
335ZEND_TSRMLS_CACHE_EXTERN(); 334ZEND_TSRMLS_CACHE_EXTERN();
336#endif 335#endif
diff --git a/suhosin7.c b/suhosin7.c
index 7b2a9d8..c799f9d 100644
--- a/suhosin7.c
+++ b/suhosin7.c
@@ -39,7 +39,7 @@ ZEND_DECLARE_MODULE_GLOBALS(suhosin7)
39/* ------------------------------------------------------------------------ */ 39/* ------------------------------------------------------------------------ */
40/* PERDIR CHECKS */ 40/* PERDIR CHECKS */
41#define PERDIR_CHECK(lower) \ 41#define PERDIR_CHECK(lower) \
42 if (!SUHOSIN_G(lower ## _perdir) && stage == ZEND_INI_STAGE_HTACCESS) { \ 42 if (!SUHOSIN7_G(lower ## _perdir) && stage == ZEND_INI_STAGE_HTACCESS) { \
43 return FAILURE; \ 43 return FAILURE; \
44 } 44 }
45 45
@@ -87,27 +87,27 @@ static ZEND_INI_MH(OnUpdateSuhosin_perdir)
87{ 87{
88 char *tmp; 88 char *tmp;
89 89
90 if (SUHOSIN_G(perdir)) { 90 if (SUHOSIN7_G(perdir)) {
91 pefree(SUHOSIN_G(perdir), 1); 91 pefree(SUHOSIN7_G(perdir), 1);
92 } 92 }
93 SUHOSIN_G(perdir) = NULL; 93 SUHOSIN7_G(perdir) = NULL;
94 94
95 /* Initialize the perdir flags */ 95 /* Initialize the perdir flags */
96 SUHOSIN_G(log_perdir) = 0; 96 SUHOSIN7_G(log_perdir) = 0;
97 SUHOSIN_G(exec_perdir) = 0; 97 SUHOSIN7_G(exec_perdir) = 0;
98 SUHOSIN_G(misc_perdir) = 0; 98 SUHOSIN7_G(misc_perdir) = 0;
99 SUHOSIN_G(get_perdir) = 0; 99 SUHOSIN7_G(get_perdir) = 0;
100 SUHOSIN_G(post_perdir) = 0; 100 SUHOSIN7_G(post_perdir) = 0;
101 SUHOSIN_G(cookie_perdir) = 0; 101 SUHOSIN7_G(cookie_perdir) = 0;
102 SUHOSIN_G(request_perdir) = 0; 102 SUHOSIN7_G(request_perdir) = 0;
103 SUHOSIN_G(upload_perdir) = 0; 103 SUHOSIN7_G(upload_perdir) = 0;
104 SUHOSIN_G(sql_perdir) = 0; 104 SUHOSIN7_G(sql_perdir) = 0;
105 105
106 if (new_value == NULL) { 106 if (new_value == NULL) {
107 return SUCCESS; 107 return SUCCESS;
108 } 108 }
109 109
110 tmp = SUHOSIN_G(perdir) = pestrdup(ZSTR_VAL(new_value), 1); 110 tmp = SUHOSIN7_G(perdir) = pestrdup(ZSTR_VAL(new_value), 1);
111 111
112 /* trim the whitespace */ 112 /* trim the whitespace */
113 while (isspace(*tmp)) tmp++; 113 while (isspace(*tmp)) tmp++;
@@ -195,7 +195,7 @@ list_destroy:
195static ZEND_INI_MH(OnUpdateSuhosin_ ## name) \ 195static ZEND_INI_MH(OnUpdateSuhosin_ ## name) \
196{ \ 196{ \
197 EXEC_PERDIR_CHECK(); \ 197 EXEC_PERDIR_CHECK(); \
198 parse_list(&SUHOSIN_G(name), ZSTR_VAL(new_value), 1); \ 198 parse_list(&SUHOSIN7_G(name), ZSTR_VAL(new_value), 1); \
199 return SUCCESS; \ 199 return SUCCESS; \
200} 200}
201S7_INI_MH_EXECLIST(include_whitelist) 201S7_INI_MH_EXECLIST(include_whitelist)
@@ -208,14 +208,14 @@ S7_INI_MH_EXECLIST(func_blacklist)
208static ZEND_INI_MH(OnUpdateSuhosin_cookie_cryptlist) 208static ZEND_INI_MH(OnUpdateSuhosin_cookie_cryptlist)
209{ 209{
210 COOKIE_PERDIR_CHECK(); 210 COOKIE_PERDIR_CHECK();
211 parse_list(&SUHOSIN_G(cookie_cryptlist), ZSTR_VAL(new_value), 0); 211 parse_list(&SUHOSIN7_G(cookie_cryptlist), ZSTR_VAL(new_value), 0);
212 return SUCCESS; 212 return SUCCESS;
213} 213}
214 214
215static ZEND_INI_MH(OnUpdateSuhosin_cookie_plainlist) 215static ZEND_INI_MH(OnUpdateSuhosin_cookie_plainlist)
216{ 216{
217 COOKIE_PERDIR_CHECK(); 217 COOKIE_PERDIR_CHECK();
218 parse_list(&SUHOSIN_G(cookie_plainlist), ZSTR_VAL(new_value), 0); 218 parse_list(&SUHOSIN7_G(cookie_plainlist), ZSTR_VAL(new_value), 0);
219 return SUCCESS; 219 return SUCCESS;
220} 220}
221 221