summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md25
-rw-r--r--ifilter.c319
-rw-r--r--memory_limit.c7
-rw-r--r--php_suhosin7.h200
-rw-r--r--sha256.c4
-rw-r--r--suhosin7.c421
-rw-r--r--treat_data.c9
7 files changed, 772 insertions, 213 deletions
diff --git a/README.md b/README.md
index 7efedf8..7bc8475 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,27 @@
1# suhosin7 1# suhosin7
2 2
3WARNING THIS IS ONLY A PARTIAL PORT AND THEREFORE HORRIBLY BROKEN 3WARNING: THIS IS ONLY A PARTIAL PORT AND THEREFORE HORRIBLY BROKEN
4DO NOT ATTEMPT TO RUN... EVEN ON A TEST SYSTEM 4DO NOT ATTEMPT TO RUN... EVEN ON A TEST SYSTEM
5
6PHP7 is different from PHP5 under the hood, that features will be added and tested one by one.
7
8
9## Reporting issues
10The issue tracker will be available once Suhosin7 can actually be compiled.
11
12When reporting bugs, please include as much information needed to reproduce the bug
13* PHP version
14* Suhosin version / GIT revision / ...
15* Installed from OS package manager?
16* Operating System
17* Description
18* Proof of Concept, e.g. PHP code
19* How to trigger the bug, e.g. PHP command line or Apache configuration
20* List of loaded PHP extensions, if problem is related to interaction with other extensions
21
22When reporting feature requests, please consider writing a patch yourself and provide a pull request.
23
24## FAQ
25
26nothing yet.
27
diff --git a/ifilter.c b/ifilter.c
index 7160f10..b49e61e 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -31,8 +31,7 @@
31#include "php_variables.h" 31#include "php_variables.h"
32#include "ext/standard/php_var.h" 32#include "ext/standard/php_var.h"
33 33
34 34static void (*orig_register_server_variables)(zval *track_vars_array) = NULL;
35static void (*orig_register_server_variables)(zval *track_vars_array TSRMLS_DC) = NULL;
36 35
37#if !HAVE_STRNLEN 36#if !HAVE_STRNLEN
38static size_t strnlen(const char *s, size_t maxlen) { 37static size_t strnlen(const char *s, size_t maxlen) {
@@ -148,20 +147,21 @@ static const char suhosin_is_dangerous_char[256] = {
148 */ 147 */
149static void suhosin_server_strip(HashTable *arr, char *key, int klen) 148static void suhosin_server_strip(HashTable *arr, char *key, int klen)
150{ 149{
151 zval **tzval; 150 zval *zv;
152 unsigned char *s, *t; 151 unsigned char *t;
153 152
154 if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS && 153 if ((zv = zend_hash_str_find(arr, key, klen)) == NULL ||
155 Z_TYPE_PP(tzval) == IS_STRING) { 154 Z_TYPE_P(zv) != IS_STRING) {
155 return;
156 }
156 157
157 s = t = (unsigned char *)Z_STRVAL_PP(tzval); 158 t = (unsigned char *)Z_STRVAL_P(zv);
158 for (; *t; t++) { 159 for (; *t; t++) {
159 if (suhosin_is_dangerous_char[*t]) { 160 if (suhosin_is_dangerous_char[*t]) {
160 *t = '?'; 161 *t = '?';
161 }
162 } 162 }
163 Z_STRLEN_PP(tzval) = t-s;
164 } 163 }
164 zend_string_forget_hash_val(Z_STR_P(zv));
165} 165}
166/* }}} */ 166/* }}} */
167 167
@@ -169,43 +169,43 @@ static void suhosin_server_strip(HashTable *arr, char *key, int klen)
169 */ 169 */
170static void suhosin_server_encode(HashTable *arr, char *key, int klen) 170static void suhosin_server_encode(HashTable *arr, char *key, int klen)
171{ 171{
172 zval **tzval; 172 zval *zv;
173 unsigned char *temp = NULL, *t, *newv, *n;
174 int extra = 0; 173 int extra = 0;
175 174
176 if (zend_hash_find(arr, key, klen, (void **) &tzval) == SUCCESS && 175 if ((zv = zend_hash_str_find(arr, key, klen)) == NULL ||
177 Z_TYPE_PP(tzval) == IS_STRING) { 176 Z_TYPE_P(zv) != IS_STRING) {
178 177 return;
179 temp = (unsigned char *)Z_STRVAL_PP(tzval); 178 }
180
181 for (t = temp; *t; t++) {
182 if (suhosin_is_dangerous_char[*t]) {
183 extra += 2;
184 }
185 }
186 179
187 /* no extra bytes required */ 180 unsigned char *orig = (unsigned char *)Z_STRVAL_P(zv);
188 if (extra == 0) { 181 unsigned char *t;
189 return; 182 for (t = orig; *t; t++) {
183 if (suhosin_is_dangerous_char[*t]) {
184 extra += 2;
190 } 185 }
191 186 }
192 n = newv = emalloc(t - temp + 1 + extra); 187
193 t = temp; 188 /* no extra bytes required */
194 for (t = temp; *t; t++, n++) { 189 if (extra == 0) {
195 if (suhosin_is_dangerous_char[*t]) { 190 return;
196 *n++ = '%'; 191 }
197 *n++ = suhosin_hexchars[*t >> 4]; 192
198 *n = suhosin_hexchars[*t & 15]; 193 size_t dest_len = t - orig + 1 + extra;
199 } else { 194 unsigned char dest[dest_len];
200 *n = *t; 195 unsigned char *n = dest;
201 } 196 for (t = orig; *t; t++, n++) {
197 if (suhosin_is_dangerous_char[*t]) {
198 *n++ = '%';
199 *n++ = suhosin_hexchars[*t >> 4];
200 *n = suhosin_hexchars[*t & 15];
201 } else {
202 *n = *t;
202 } 203 }
203 *n = 0;
204
205 /* XXX: we leak memory here, but only for the duration of the request */
206 Z_STRVAL_PP(tzval) = (char *)newv;
207 Z_STRLEN_PP(tzval) = n-newv;
208 } 204 }
205 *n = 0;
206
207 zend_string *zs = zend_string_extend(Z_STR_P(zv), dest_len, 0);
208 memcpy(Z_STR_P(zv), dest, dest_len);
209} 209}
210/* }}} */ 210/* }}} */
211 211
@@ -220,31 +220,31 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
220 220
221 svars = Z_ARRVAL_P(track_vars_array); 221 svars = Z_ARRVAL_P(track_vars_array);
222 if (!SUHOSIN_G(simulation)) { 222 if (!SUHOSIN_G(simulation)) {
223 retval = zend_hash_del(svars, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS")); 223 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_GET_VARS"));
224 if (retval == SUCCESS) failure = 1; 224 if (retval == SUCCESS) failure = 1;
225 retval = zend_hash_del(svars, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS")); 225 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_POST_VARS"));
226 if (retval == SUCCESS) failure = 1; 226 if (retval == SUCCESS) failure = 1;
227 retval = zend_hash_del(svars, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS")); 227 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_COOKIE_VARS"));
228 if (retval == SUCCESS) failure = 1; 228 if (retval == SUCCESS) failure = 1;
229 retval = zend_hash_del(svars, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS")); 229 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_ENV_VARS"));
230 if (retval == SUCCESS) failure = 1; 230 if (retval == SUCCESS) failure = 1;
231 retval = zend_hash_del(svars, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS")); 231 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_SERVER_VARS"));
232 if (retval == SUCCESS) failure = 1; 232 if (retval == SUCCESS) failure = 1;
233 retval = zend_hash_del(svars, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS")); 233 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_SESSION_VARS"));
234 if (retval == SUCCESS) failure = 1; 234 if (retval == SUCCESS) failure = 1;
235 retval = zend_hash_del(svars, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES")); 235 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_POST_FILES"));
236 if (retval == SUCCESS) failure = 1; 236 if (retval == SUCCESS) failure = 1;
237 retval = zend_hash_del(svars, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA")); 237 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_RAW_POST_DATA"));
238 if (retval == SUCCESS) failure = 1; 238 if (retval == SUCCESS) failure = 1;
239 } else { 239 } else {
240 retval = zend_hash_exists(svars, "HTTP_GET_VARS", sizeof("HTTP_GET_VARS")); 240 retval = zend_hash_str_exists(svars, ZEND_STRL("HTTP_GET_VARS"));
241 retval+= zend_hash_exists(svars, "HTTP_POST_VARS", sizeof("HTTP_POST_VARS")); 241 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_POST_VARS"));
242 retval+= zend_hash_exists(svars, "HTTP_COOKIE_VARS", sizeof("HTTP_COOKIE_VARS")); 242 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_COOKIE_VARS"));
243 retval+= zend_hash_exists(svars, "HTTP_ENV_VARS", sizeof("HTTP_ENV_VARS")); 243 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_ENV_VARS"));
244 retval+= zend_hash_exists(svars, "HTTP_SERVER_VARS", sizeof("HTTP_SERVER_VARS")); 244 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_SERVER_VARS"));
245 retval+= zend_hash_exists(svars, "HTTP_SESSION_VARS", sizeof("HTTP_SESSION_VARS")); 245 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_SESSION_VARS"));
246 retval+= zend_hash_exists(svars, "HTTP_POST_FILES", sizeof("HTTP_POST_FILES")); 246 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_POST_FILES"));
247 retval+= zend_hash_exists(svars, "HTTP_RAW_POST_DATA", sizeof("HTTP_RAW_POST_DATA")); 247 retval+= zend_hash_str_exists(svars, ZEND_STRL("HTTP_RAW_POST_DATA"));
248 if (retval > 0) failure = 1; 248 if (retval > 0) failure = 1;
249 } 249 }
250 250
@@ -253,40 +253,39 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
253 } 253 }
254 254
255 if (SUHOSIN_G(raw_cookie)) { 255 if (SUHOSIN_G(raw_cookie)) {
256 zval *z; 256 zval z;
257 MAKE_STD_ZVAL(z); 257 ZVAL_STRING(&z, SUHOSIN_G(raw_cookie));
258 ZVAL_STRING(z, SUHOSIN_G(raw_cookie), 1); 258 zend_hash_str_add(svars, "RAW_HTTP_COOKIE", sizeof("RAW_HTTP_COOKIE")-1, &z);
259 zend_hash_add(svars, "RAW_HTTP_COOKIE", sizeof("RAW_HTTP_COOKIE"), (void **)&z, sizeof(zval *), NULL);
260 } 259 }
261 if (SUHOSIN_G(decrypted_cookie)) { 260 if (SUHOSIN_G(decrypted_cookie)) {
262 zval *z; 261 zval z;
263 MAKE_STD_ZVAL(z); 262 ZVAL_STRING(&z, SUHOSIN_G(decrypted_cookie));
264 ZVAL_STRING(z, SUHOSIN_G(decrypted_cookie), 0); 263 zend_hash_str_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE")-1, &z);
265 zend_hash_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE"), (void **)&z, sizeof(zval *), NULL);
266 SUHOSIN_G(decrypted_cookie) = NULL; 264 SUHOSIN_G(decrypted_cookie) = NULL;
267 } 265 }
268 266
269 if (SUHOSIN_G(server_encode)) { 267 if (SUHOSIN_G(server_encode)) {
270 /* suhosin_server_encode(svars, "argv", sizeof("argv")); */ 268 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */
271 suhosin_server_encode(svars, "REQUEST_URI", sizeof("REQUEST_URI")); 269 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI"));
272 suhosin_server_encode(svars, "QUERY_STRING", sizeof("QUERY_STRING")); 270 suhosin_server_encode(svars, ZEND_STRL("QUERY_STRING"));
273 } 271 }
274 if (SUHOSIN_G(server_strip)) { 272 if (SUHOSIN_G(server_strip)) {
275 suhosin_server_strip(svars, "PHP_SELF", sizeof("PHP_SELF")); 273 suhosin_server_strip(svars, ZEND_STRL("PHP_SELF"));
276 suhosin_server_strip(svars, "PATH_INFO", sizeof("PATH_INFO")); 274 suhosin_server_strip(svars, ZEND_STRL("PATH_INFO"));
277 suhosin_server_strip(svars, "PATH_TRANSLATED", sizeof("PATH_TRANSLATED")); 275 suhosin_server_strip(svars, ZEND_STRL("PATH_TRANSLATED"));
278 suhosin_server_strip(svars, "HTTP_USER_AGENT", sizeof("HTTP_USER_AGENT")); 276 suhosin_server_strip(svars, ZEND_STRL("HTTP_USER_AGENT"));
279 } 277 }
280} 278}
281/* }}} */ 279/* }}} */
282 280
283 281
284/* Old Input filter */ 282/* Old Input filter */
285unsigned int (*old_input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC) = NULL; 283// unsigned int (*old_input_filter)(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC) = NULL;
284unsigned int (*old_input_filter)(int arg, char *var, char **val, size_t val_len, size_t *new_val_len);
286 285
287/* {{{ suhosin_input_filter_wrapper 286/* {{{ suhosin_input_filter_wrapper
288 */ 287 */
289unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC) 288unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
290{ 289{
291 zend_bool already_scanned = SUHOSIN_G(already_scanned); 290 zend_bool already_scanned = SUHOSIN_G(already_scanned);
292 SUHOSIN_G(already_scanned) = 0; 291 SUHOSIN_G(already_scanned) = 0;
@@ -295,11 +294,11 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsign
295 if (new_val_len) { 294 if (new_val_len) {
296 *new_val_len = val_len; 295 *new_val_len = val_len;
297 } 296 }
298 return 1; 297 return 1;
299 } 298 }
300 299
301 if (!already_scanned) { 300 if (!already_scanned) {
302 if (suhosin_input_filter(arg, var, val, val_len, new_val_len TSRMLS_CC)==0) { 301 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) {
303 SUHOSIN_G(abort_request)=1; 302 SUHOSIN_G(abort_request)=1;
304 return 0; 303 return 0;
305 } 304 }
@@ -308,7 +307,7 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsign
308 } 307 }
309 } 308 }
310 if (old_input_filter) { 309 if (old_input_filter) {
311 return old_input_filter(arg, var, val, val_len, new_val_len TSRMLS_CC); 310 return old_input_filter(arg, var, val, val_len, new_val_len);
312 } else { 311 } else {
313 return 1; 312 return 1;
314 } 313 }
@@ -316,7 +315,7 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, unsign
316 315
317/* {{{ suhosin_input_filter 316/* {{{ suhosin_input_filter
318 */ 317 */
319unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int val_len, unsigned int *new_val_len TSRMLS_DC) 318unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
320{ 319{
321 char *index, *prev_index = NULL; 320 char *index, *prev_index = NULL;
322 unsigned int var_len, total_len, depth = 0; 321 unsigned int var_len, total_len, depth = 0;
@@ -329,61 +328,61 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
329 } 328 }
330 329
331 /* Drop this variable if the limit was reached */ 330 /* Drop this variable if the limit was reached */
332 switch (arg) {
333 case PARSE_GET:
334 SUHOSIN_G(att_get_vars)++;
335 SUHOSIN_G(att_request_variables)++;
336 if (SUHOSIN_G(no_more_get_variables)) {
337 return 0;
338 }
339 break;
340 case PARSE_POST:
341 SUHOSIN_G(att_post_vars)++;
342 SUHOSIN_G(att_request_variables)++;
343 if (SUHOSIN_G(no_more_post_variables)) {
344 return 0;
345 }
346 break;
347 case PARSE_COOKIE:
348 SUHOSIN_G(att_cookie_vars)++;
349 SUHOSIN_G(att_request_variables)++;
350 if (SUHOSIN_G(no_more_cookie_variables)) {
351 return 0;
352 }
353 break;
354 default: /* we do not want to protect parse_str() and friends */
355 if (new_val_len) {
356 *new_val_len = val_len;
357 }
358 return 1;
359 }
360
361 /* Drop this variable if the limit is now reached */
362 switch (arg) { 331 switch (arg) {
363 case PARSE_GET: 332 case PARSE_GET:
333 SUHOSIN_G(att_get_vars)++;
334 SUHOSIN_G(att_request_variables)++;
335 if (SUHOSIN_G(no_more_get_variables)) {
336 return 0;
337 }
338 break;
339 case PARSE_POST:
340 SUHOSIN_G(att_post_vars)++;
341 SUHOSIN_G(att_request_variables)++;
342 if (SUHOSIN_G(no_more_post_variables)) {
343 return 0;
344 }
345 break;
346 case PARSE_COOKIE:
347 SUHOSIN_G(att_cookie_vars)++;
348 SUHOSIN_G(att_request_variables)++;
349 if (SUHOSIN_G(no_more_cookie_variables)) {
350 return 0;
351 }
352 break;
353 default: /* we do not want to protect parse_str() and friends */
354 if (new_val_len) {
355 *new_val_len = val_len;
356 }
357 return 1;
358 }
359
360 /* Drop this variable if the limit is now reached */
361 switch (arg) {
362 case PARSE_GET:
364 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) { 363 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) {
365 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var); 364 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var);
366 if (!SUHOSIN_G(simulation)) { 365 if (!SUHOSIN_G(simulation)) {
367 SUHOSIN_G(no_more_get_variables) = 1; 366 SUHOSIN_G(no_more_get_variables) = 1;
368 return 0; 367 return 0;
369 } 368 }
370 } 369 }
371 break; 370 break;
372 case PARSE_COOKIE: 371 case PARSE_COOKIE:
373 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) { 372 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) {
374 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var); 373 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var);
375 if (!SUHOSIN_G(simulation)) { 374 if (!SUHOSIN_G(simulation)) {
376 SUHOSIN_G(no_more_cookie_variables) = 1; 375 SUHOSIN_G(no_more_cookie_variables) = 1;
377 return 0; 376 return 0;
378 } 377 }
379 } 378 }
380 break; 379 break;
381 case PARSE_POST: 380 case PARSE_POST:
382 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) { 381 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) {
383 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var); 382 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var);
384 if (!SUHOSIN_G(simulation)) { 383 if (!SUHOSIN_G(simulation)) {
385 SUHOSIN_G(no_more_post_variables) = 1; 384 SUHOSIN_G(no_more_post_variables) = 1;
386 return 0; 385 return 0;
387 } 386 }
388 } 387 }
389 break; 388 break;
@@ -398,30 +397,30 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
398 } 397 }
399 } 398 }
400 switch (arg) { 399 switch (arg) {
401 case PARSE_GET: 400 case PARSE_GET:
402 if (SUHOSIN_G(disallow_get_ws)) { 401 if (SUHOSIN_G(disallow_get_ws)) {
403 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var); 402 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var);
404 if (!SUHOSIN_G(simulation)) { 403 if (!SUHOSIN_G(simulation)) {
405 return 0; 404 return 0;
406 } 405 }
407 } 406 }
408 break; 407 break;
409 case PARSE_POST: 408 case PARSE_POST:
410 if (SUHOSIN_G(disallow_post_ws)) { 409 if (SUHOSIN_G(disallow_post_ws)) {
411 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var); 410 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var);
412 if (!SUHOSIN_G(simulation)) { 411 if (!SUHOSIN_G(simulation)) {
413 return 0; 412 return 0;
414 } 413 }
415 } 414 }
416 break; 415 break;
417 case PARSE_COOKIE: 416 case PARSE_COOKIE:
418 if (SUHOSIN_G(disallow_cookie_ws)) { 417 if (SUHOSIN_G(disallow_cookie_ws)) {
419 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var); 418 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var);
420 if (!SUHOSIN_G(simulation)) { 419 if (!SUHOSIN_G(simulation)) {
421 return 0; 420 return 0;
422 } 421 }
423 } 422 }
424 break; 423 break;
425 } 424 }
426 } 425 }
427 426
@@ -433,7 +432,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
433 } 432 }
434 } 433 }
435 switch (arg) { 434 switch (arg) {
436 case PARSE_GET: 435 case PARSE_GET:
437 if (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) { 436 if (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) {
438 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var); 437 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var);
439 if (!SUHOSIN_G(simulation)) { 438 if (!SUHOSIN_G(simulation)) {
@@ -441,7 +440,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
441 } 440 }
442 } 441 }
443 break; 442 break;
444 case PARSE_COOKIE: 443 case PARSE_COOKIE:
445 if (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) { 444 if (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) {
446 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var); 445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var);
447 if (!SUHOSIN_G(simulation)) { 446 if (!SUHOSIN_G(simulation)) {
@@ -449,7 +448,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
449 } 448 }
450 } 449 }
451 break; 450 break;
452 case PARSE_POST: 451 case PARSE_POST:
453 if (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) { 452 if (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) {
454 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var); 453 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var);
455 if (!SUHOSIN_G(simulation)) { 454 if (!SUHOSIN_G(simulation)) {
@@ -481,7 +480,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
481 } 480 }
482 } 481 }
483 switch (arg) { 482 switch (arg) {
484 case PARSE_GET: 483 case PARSE_GET:
485 if (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) { 484 if (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) {
486 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var); 485 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var);
487 if (!SUHOSIN_G(simulation)) { 486 if (!SUHOSIN_G(simulation)) {
@@ -495,7 +494,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
495 } 494 }
496 } 495 }
497 break; 496 break;
498 case PARSE_COOKIE: 497 case PARSE_COOKIE:
499 if (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) { 498 if (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) {
500 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var); 499 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var);
501 if (!SUHOSIN_G(simulation)) { 500 if (!SUHOSIN_G(simulation)) {
@@ -509,7 +508,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
509 } 508 }
510 } 509 }
511 break; 510 break;
512 case PARSE_POST: 511 case PARSE_POST:
513 if (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) { 512 if (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) {
514 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var); 513 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var);
515 if (!SUHOSIN_G(simulation)) { 514 if (!SUHOSIN_G(simulation)) {
@@ -551,7 +550,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
551 } 550 }
552 } 551 }
553 switch (arg) { 552 switch (arg) {
554 case PARSE_GET: 553 case PARSE_GET:
555 if (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) { 554 if (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) {
556 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var); 555 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var);
557 if (!SUHOSIN_G(simulation)) { 556 if (!SUHOSIN_G(simulation)) {
@@ -559,7 +558,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
559 } 558 }
560 } 559 }
561 break; 560 break;
562 case PARSE_COOKIE: 561 case PARSE_COOKIE:
563 if (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) { 562 if (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) {
564 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var); 563 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var);
565 if (!SUHOSIN_G(simulation)) { 564 if (!SUHOSIN_G(simulation)) {
@@ -567,7 +566,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
567 } 566 }
568 } 567 }
569 break; 568 break;
570 case PARSE_POST: 569 case PARSE_POST:
571 if (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) { 570 if (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) {
572 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var); 571 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var);
573 if (!SUHOSIN_G(simulation)) { 572 if (!SUHOSIN_G(simulation)) {
@@ -605,7 +604,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
605 } 604 }
606 } 605 }
607 switch (arg) { 606 switch (arg) {
608 case PARSE_GET: 607 case PARSE_GET:
609 if (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) { 608 if (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) {
610 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var); 609 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var);
611 if (!SUHOSIN_G(simulation)) { 610 if (!SUHOSIN_G(simulation)) {
@@ -613,7 +612,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
613 } 612 }
614 } 613 }
615 break; 614 break;
616 case PARSE_COOKIE: 615 case PARSE_COOKIE:
617 if (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) { 616 if (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) {
618 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var); 617 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var);
619 if (!SUHOSIN_G(simulation)) { 618 if (!SUHOSIN_G(simulation)) {
@@ -621,7 +620,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
621 } 620 }
622 } 621 }
623 break; 622 break;
624 case PARSE_POST: 623 case PARSE_POST:
625 if (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) { 624 if (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) {
626 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var); 625 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var);
627 if (!SUHOSIN_G(simulation)) { 626 if (!SUHOSIN_G(simulation)) {
@@ -642,7 +641,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
642 } 641 }
643 } 642 }
644 switch (arg) { 643 switch (arg) {
645 case PARSE_GET: 644 case PARSE_GET:
646 if (SUHOSIN_G(disallow_get_nul)) { 645 if (SUHOSIN_G(disallow_get_nul)) {
647 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var); 646 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var);
648 if (!SUHOSIN_G(simulation)) { 647 if (!SUHOSIN_G(simulation)) {
@@ -650,7 +649,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
650 } 649 }
651 } 650 }
652 break; 651 break;
653 case PARSE_COOKIE: 652 case PARSE_COOKIE:
654 if (SUHOSIN_G(disallow_cookie_nul)) { 653 if (SUHOSIN_G(disallow_cookie_nul)) {
655 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var); 654 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var);
656 if (!SUHOSIN_G(simulation)) { 655 if (!SUHOSIN_G(simulation)) {
@@ -658,7 +657,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
658 } 657 }
659 } 658 }
660 break; 659 break;
661 case PARSE_POST: 660 case PARSE_POST:
662 if (SUHOSIN_G(disallow_post_nul)) { 661 if (SUHOSIN_G(disallow_post_nul)) {
663 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var); 662 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var);
664 if (!SUHOSIN_G(simulation)) { 663 if (!SUHOSIN_G(simulation)) {
@@ -681,13 +680,13 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, unsigned int v
681 /* Okay let PHP register this variable */ 680 /* Okay let PHP register this variable */
682 SUHOSIN_G(cur_request_variables)++; 681 SUHOSIN_G(cur_request_variables)++;
683 switch (arg) { 682 switch (arg) {
684 case PARSE_GET: 683 case PARSE_GET:
685 SUHOSIN_G(cur_get_vars)++; 684 SUHOSIN_G(cur_get_vars)++;
686 break; 685 break;
687 case PARSE_COOKIE: 686 case PARSE_COOKIE:
688 SUHOSIN_G(cur_cookie_vars)++; 687 SUHOSIN_G(cur_cookie_vars)++;
689 break; 688 break;
690 case PARSE_POST: 689 case PARSE_POST:
691 SUHOSIN_G(cur_post_vars)++; 690 SUHOSIN_G(cur_post_vars)++;
692 break; 691 break;
693 } 692 }
@@ -722,5 +721,3 @@ void suhosin_hook_register_server_variables()
722 * vim600: noet sw=4 ts=4 fdm=marker 721 * vim600: noet sw=4 ts=4 fdm=marker
723 * vim<600: noet sw=4 ts=4 722 * vim<600: noet sw=4 ts=4
724 */ 723 */
725
726
diff --git a/memory_limit.c b/memory_limit.c
index fa1683e..5b8b438 100644
--- a/memory_limit.c
+++ b/memory_limit.c
@@ -3,7 +3,7 @@
3 | Suhosin Version 1 | 3 | Suhosin Version 1 |
4 +----------------------------------------------------------------------+ 4 +----------------------------------------------------------------------+
5 | Copyright (c) 2006-2007 The Hardened-PHP Project | 5 | Copyright (c) 2006-2007 The Hardened-PHP Project |
6 | Copyright (c) 2007-2015 SektionEins GmbH | 6 | Copyright (c) 2007-2016 SektionEins GmbH |
7 +----------------------------------------------------------------------+ 7 +----------------------------------------------------------------------+
8 | This source file is subject to version 3.01 of the PHP license, | 8 | This source file is subject to version 3.01 of the PHP license, |
9 | that is bundled with this package in the file LICENSE, and is | 9 | that is bundled with this package in the file LICENSE, and is |
@@ -13,7 +13,7 @@
13 | obtain it through the world-wide-web, please send a note to | 13 | obtain it through the world-wide-web, please send a note to |
14 | license@php.net so we can mail you a copy immediately. | 14 | license@php.net so we can mail you a copy immediately. |
15 +----------------------------------------------------------------------+ 15 +----------------------------------------------------------------------+
16 | Author: Stefan Esser <sesser@sektioneins.de> | 16 | Author: Stefan Esser <sesser@sektioneins.de> and others |
17 +----------------------------------------------------------------------+ 17 +----------------------------------------------------------------------+
18*/ 18*/
19/* 19/*
@@ -79,7 +79,7 @@ void suhosin_hook_memory_limit()
79 zend_ini_entry *ini_entry; 79 zend_ini_entry *ini_entry;
80 80
81 /* check if we are compiled against memory_limit */ 81 /* check if we are compiled against memory_limit */
82 if ((ini_entry=zend_hash_str_find_ptr(EG(ini_directives), "memory_limit", sizeof("memory_limit")-1))) { 82 if ((ini_entry=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("memory_limit")))) {
83 /* replace OnUpdateMemoryLimit handler */ 83 /* replace OnUpdateMemoryLimit handler */
84 ini_entry->on_modify = suhosin_OnChangeMemoryLimit; 84 ini_entry->on_modify = suhosin_OnChangeMemoryLimit;
85 } 85 }
@@ -95,4 +95,3 @@ void suhosin_hook_memory_limit()
95 * vim600: noet sw=4 ts=4 fdm=marker 95 * vim600: noet sw=4 ts=4 fdm=marker
96 * vim<600: noet sw=4 ts=4 96 * vim<600: noet sw=4 ts=4
97 */ 97 */
98
diff --git a/php_suhosin7.h b/php_suhosin7.h
index 805701e..b12e49c 100644
--- a/php_suhosin7.h
+++ b/php_suhosin7.h
@@ -24,7 +24,11 @@
24extern zend_module_entry suhosin7_module_entry; 24extern zend_module_entry suhosin7_module_entry;
25#define phpext_suhosin7_ptr &suhosin7_module_entry 25#define phpext_suhosin7_ptr &suhosin7_module_entry
26 26
27#define SUHOSIN7_EXT_VERSION "0.10.0" 27#define SUHOSIN7_EXT_VERSION "0.10.0dev"
28
29#if PHP_VERSION_ID < 70000 | PHP_VERSION_ID >= 70100
30#error Suhosin7 works with PHP 7.0 only! Looking for Suhosin for PHP 5.x? Take a look at https://www.suhosin.org/
31#endif
28 32
29#ifdef PHP_WIN32 33#ifdef PHP_WIN32
30# define PHP_SUHOSIN7_API __declspec(dllexport) 34# define PHP_SUHOSIN7_API __declspec(dllexport)
@@ -38,17 +42,115 @@ extern zend_module_entry suhosin7_module_entry;
38#include "TSRM.h" 42#include "TSRM.h"
39#endif 43#endif
40 44
45/* -------------- */
46
47#define SUHOSIN_LOG "/tmp/suhosin_log.txt"
48
49#ifdef PHP_WIN32
50#define SDEBUG
51#else
52
53#ifdef SUHOSIN_DEBUG
54#define SDEBUG(msg...) \
55 {FILE *f;f=fopen(SUHOSIN_LOG, "a+");if(f){fprintf(f,"[%u] ",getpid());fprintf(f, msg);fprintf(f,"\n");fclose(f);}}
56#else
57#define SDEBUG(msg...)
58#endif
59#endif
60
61/* -------------- */
62
41#define BYTE unsigned char /* 8 bits */ 63#define BYTE unsigned char /* 8 bits */
42#define WORD unsigned int /* 32 bits */ 64#define WORD unsigned int /* 32 bits */
43 65
66// PHP_MINIT_FUNCTION(suhosin);
67// PHP_MSHUTDOWN_FUNCTION(suhosin);
68// PHP_RINIT_FUNCTION(suhosin);
69// PHP_RSHUTDOWN_FUNCTION(suhosin);
70// PHP_MINFO_FUNCTION(suhosin);
71
72#include "ext/standard/basic_functions.h"
73
74static inline int suhosin_is_protected_varname(char *var, int var_len)
75{
76 switch (var_len) {
77 case 18:
78 if (memcmp(var, "HTTP_RAW_POST_DATA", 18)==0) goto protected_varname;
79 break;
80 case 17:
81 if (memcmp(var, "HTTP_SESSION_VARS", 17)==0) goto protected_varname;
82 break;
83 case 16:
84 if (memcmp(var, "HTTP_SERVER_VARS", 16)==0) goto protected_varname;
85 if (memcmp(var, "HTTP_COOKIE_VARS", 16)==0) goto protected_varname;
86 break;
87 case 15:
88 if (memcmp(var, "HTTP_POST_FILES", 15)==0) goto protected_varname;
89 break;
90 case 14:
91 if (memcmp(var, "HTTP_POST_VARS", 14)==0) goto protected_varname;
92 break;
93 case 13:
94 if (memcmp(var, "HTTP_GET_VARS", 13)==0) goto protected_varname;
95 if (memcmp(var, "HTTP_ENV_VARS", 13)==0) goto protected_varname;
96 break;
97 case 8:
98 if (memcmp(var, "_SESSION", 8)==0) goto protected_varname;
99 if (memcmp(var, "_REQUEST", 8)==0) goto protected_varname;
100 break;
101 case 7:
102 if (memcmp(var, "GLOBALS", 7)==0) goto protected_varname;
103 if (memcmp(var, "_COOKIE", 7)==0) goto protected_varname;
104 if (memcmp(var, "_SERVER", 7)==0) goto protected_varname;
105 break;
106 case 6:
107 if (memcmp(var, "_FILES", 6)==0) goto protected_varname;
108 break;
109 case 5:
110 if (memcmp(var, "_POST", 5)==0) goto protected_varname;
111 break;
112 case 4:
113 if (memcmp(var, "_ENV", 4)==0) goto protected_varname;
114 if (memcmp(var, "_GET", 4)==0) goto protected_varname;
115 break;
116 }
117
118 return 0;
119protected_varname:
120 return 1;
121}
122
123
124
44ZEND_BEGIN_MODULE_GLOBALS(suhosin7) 125ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
45 zend_long global_value; 126 zend_long global_value;
46 char *global_string; 127 char *global_string;
47 zend_bool protectkey; 128 zend_bool protectkey;
48 129
49 zend_bool simulation; 130 zend_bool simulation;
131 zend_bool stealth;
50 zend_bool already_scanned; 132 zend_bool already_scanned;
51 zend_bool abort_request; 133 zend_bool abort_request;
134 char *filter_action;
135
136
137 zend_bool executor_allow_symlink;
138 long max_execution_depth;
139 long executor_include_max_traversal;
140 zend_bool executor_include_allow_writable_files;
141
142
143 HashTable *include_whitelist;
144 HashTable *include_blacklist;
145
146 HashTable *func_whitelist;
147 HashTable *func_blacklist;
148 HashTable *eval_whitelist;
149 HashTable *eval_blacklist;
150
151 zend_bool executor_disable_eval;
152 zend_bool executor_disable_emod;
153
52 154
53/* request variables */ 155/* request variables */
54 zend_long max_request_variables; 156 zend_long max_request_variables;
@@ -108,7 +210,7 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
108 zend_bool upload_allow_utf8; 210 zend_bool upload_allow_utf8;
109#endif 211#endif
110 char *upload_verification_script; 212 char *upload_verification_script;
111 213
112 zend_bool no_more_variables; 214 zend_bool no_more_variables;
113 zend_bool no_more_get_variables; 215 zend_bool no_more_get_variables;
114 zend_bool no_more_post_variables; 216 zend_bool no_more_post_variables;
@@ -119,9 +221,14 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
119 WORD fkey[120]; 221 WORD fkey[120];
120 WORD rkey[120]; 222 WORD rkey[120];
121 223
122/* memory_limit */ 224 zend_bool session_encrypt;
123 zend_long memory_limit; 225 char* session_cryptkey;
124 zend_long hard_memory_limit; 226 zend_bool session_cryptua;
227 zend_bool session_cryptdocroot;
228 long session_cryptraddr;
229 long session_checkraddr;
230
231 long session_max_id_length;
125 232
126 char* decrypted_cookie; 233 char* decrypted_cookie;
127 char* raw_cookie; 234 char* raw_cookie;
@@ -133,6 +240,85 @@ ZEND_BEGIN_MODULE_GLOBALS(suhosin7)
133 long cookie_checkraddr; 240 long cookie_checkraddr;
134 HashTable *cookie_plainlist; 241 HashTable *cookie_plainlist;
135 HashTable *cookie_cryptlist; 242 HashTable *cookie_cryptlist;
243
244 zend_bool coredump;
245 zend_bool apc_bug_workaround;
246 zend_bool do_not_scan;
247
248 zend_bool server_encode;
249 zend_bool server_strip;
250
251 zend_bool disable_display_errors;
252
253 php_uint32 r_state[625];
254 php_uint32 *r_next;
255 int r_left;
256 zend_bool srand_ignore;
257 zend_bool mt_srand_ignore;
258 php_uint32 mt_state[625];
259 php_uint32 *mt_next;
260 int mt_left;
261
262 char *seedingkey;
263 zend_bool reseed_every_request;
264
265 zend_bool r_is_seeded;
266 zend_bool mt_is_seeded;
267
268
269/* memory_limit */
270 zend_long memory_limit;
271 zend_long hard_memory_limit;
272
273
274
275
276 /* PERDIR Handling */
277 char *perdir;
278 zend_bool log_perdir;
279 zend_bool exec_perdir;
280 zend_bool get_perdir;
281 zend_bool post_perdir;
282 zend_bool cookie_perdir;
283 zend_bool request_perdir;
284 zend_bool upload_perdir;
285 zend_bool sql_perdir;
286 zend_bool misc_perdir;
287
288 /* log */
289 zend_bool log_use_x_forwarded_for;
290 long log_syslog;
291 long log_syslog_facility;
292 long log_syslog_priority;
293 long log_script;
294 long log_sapi;
295 long log_stdout;
296 char *log_scriptname;
297 long log_phpscript;
298 char *log_phpscriptname;
299 zend_bool log_phpscript_is_safe;
300 long log_file;
301 char *log_filename;
302 zend_bool log_file_time;
303
304 /* header handler */
305 zend_bool allow_multiheader;
306
307 /* mailprotect */
308 long mailprotect;
309
310 /* sqlprotect */
311 zend_bool sql_bailout_on_error;
312 char *sql_user_prefix;
313 char *sql_user_postfix;
314 char *sql_user_match;
315 long sql_comment;
316 long sql_opencomment;
317 long sql_union;
318 long sql_mselect;
319
320 int (*old_php_body_write)(const char *str, unsigned int str_length TSRMLS_DC);
321
136ZEND_END_MODULE_GLOBALS(suhosin7) 322ZEND_END_MODULE_GLOBALS(suhosin7)
137 323
138/* Always refer to the globals in your function as SUHOSIN7_G(variable). 324/* Always refer to the globals in your function as SUHOSIN7_G(variable).
@@ -141,6 +327,10 @@ ZEND_END_MODULE_GLOBALS(suhosin7)
141*/ 327*/
142#define SUHOSIN7_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(suhosin7, v) 328#define SUHOSIN7_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(suhosin7, v)
143 329
330#ifdef SUHOSIN_DEBUG
331#define SUHOSIN_G(v) SUHOSIN7_G(v)
332#endif
333
144#if defined(ZTS) && defined(COMPILE_DL_SUHOSIN7) 334#if defined(ZTS) && defined(COMPILE_DL_SUHOSIN7)
145ZEND_TSRMLS_CACHE_EXTERN(); 335ZEND_TSRMLS_CACHE_EXTERN();
146#endif 336#endif
diff --git a/sha256.c b/sha256.c
index bf938c4..2ab5a0e 100644
--- a/sha256.c
+++ b/sha256.c
@@ -93,7 +93,7 @@ static PHP_FUNCTION(suhosin_sha256_file)
93 93
94 suhosin_SHA256Init(&context); 94 suhosin_SHA256Init(&context);
95 95
96 while ((n = php_stream_read(stream, buf, sizeof(buf))) > 0) { 96 while ((n = php_stream_read(stream, (char*)buf, sizeof(buf))) > 0) {
97 suhosin_SHA256Update(&context, buf, n); 97 suhosin_SHA256Update(&context, buf, n);
98 } 98 }
99 99
@@ -394,7 +394,7 @@ static zend_function_entry suhosin_sha256_functions[] = {
394void suhosin_hook_sha256(TSRMLS_D) 394void suhosin_hook_sha256(TSRMLS_D)
395{ 395{
396 /* check if we already have sha256 support */ 396 /* check if we already have sha256 support */
397 if (zend_hash_str_find(CG(function_table), "sha256", sizeof("sha256"))) { 397 if (zend_hash_str_find(CG(function_table), ZEND_STRL("sha256"))) {
398 return; 398 return;
399 } 399 }
400 400
diff --git a/suhosin7.c b/suhosin7.c
index ebea5ab..4aa755d 100644
--- a/suhosin7.c
+++ b/suhosin7.c
@@ -34,15 +34,344 @@
34ZEND_DECLARE_MODULE_GLOBALS(suhosin7) 34ZEND_DECLARE_MODULE_GLOBALS(suhosin7)
35 35
36/* True global resources - no need for thread safety here */ 36/* True global resources - no need for thread safety here */
37static int le_suhosin7; 37// static int le_suhosin7;
38
39/* ------------------------------------------------------------------------ */
40/* PERDIR CHECKS */
41#define PERDIR_CHECK(lower) \
42 if (!SUHOSIN_G(lower ## _perdir) && stage == ZEND_INI_STAGE_HTACCESS) { \
43 return FAILURE; \
44 }
45
46#define LOG_PERDIR_CHECK() PERDIR_CHECK(log)
47#define EXEC_PERDIR_CHECK() PERDIR_CHECK(exec)
48#define MISC_PERDIR_CHECK() PERDIR_CHECK(misc)
49#define GET_PERDIR_CHECK() PERDIR_CHECK(get)
50#define POST_PERDIR_CHECK() PERDIR_CHECK(post)
51#define COOKIE_PERDIR_CHECK() PERDIR_CHECK(cookie)
52#define REQUEST_PERDIR_CHECK() PERDIR_CHECK(request)
53#define UPLOAD_PERDIR_CHECK() PERDIR_CHECK(upload)
54#define SQL_PERDIR_CHECK() PERDIR_CHECK(sql)
55
56#define dohandler(handler, name, lower) \
57 static ZEND_INI_MH(OnUpdate ## name ## handler) \
58 { \
59 PERDIR_CHECK(lower) \
60 return OnUpdate ## handler (entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); \
61 } \
62
63#define dohandlers(name, lower) \
64 dohandler(Bool, name, lower) \
65 dohandler(String, name, lower) \
66 dohandler(Long, name, lower) \
67
68dohandlers(Log, log)
69dohandlers(Exec, exec)
70dohandlers(Misc, misc)
71dohandlers(Get, get)
72dohandlers(Post, post)
73dohandlers(Cookie, cookie)
74dohandlers(Request, request)
75dohandlers(Upload, upload)
76dohandlers(SQL, sql)
77
78
79/* ------------------------------------------------------------------------ */
80#define PERDIR_CASE(l, U, name) \
81 case l: \
82 case U: \
83 SUHOSIN7_G(name ## _perdir) = 1; \
84 break;
85
86static ZEND_INI_MH(OnUpdateSuhosin_perdir)
87{
88 char *tmp;
89
90 if (SUHOSIN_G(perdir)) {
91 pefree(SUHOSIN_G(perdir), 1);
92 }
93 SUHOSIN_G(perdir) = NULL;
94
95 /* Initialize the perdir flags */
96 SUHOSIN_G(log_perdir) = 0;
97 SUHOSIN_G(exec_perdir) = 0;
98 SUHOSIN_G(misc_perdir) = 0;
99 SUHOSIN_G(get_perdir) = 0;
100 SUHOSIN_G(post_perdir) = 0;
101 SUHOSIN_G(cookie_perdir) = 0;
102 SUHOSIN_G(request_perdir) = 0;
103 SUHOSIN_G(upload_perdir) = 0;
104 SUHOSIN_G(sql_perdir) = 0;
105
106 if (new_value == NULL) {
107 return SUCCESS;
108 }
109
110 tmp = SUHOSIN_G(perdir) = pestrdup(ZSTR_VAL(new_value), 1);
111
112 /* trim the whitespace */
113 while (isspace(*tmp)) tmp++;
114
115 /* should we deactivate perdir completely? */
116 if (*tmp == 0 || *tmp == '0') {
117 return SUCCESS;
118 }
119
120 /* no deactivation so check the flags */
121 while (*tmp) {
122 switch (*tmp) {
123 PERDIR_CASE('l', 'L', log)
124 PERDIR_CASE('e', 'E', exec)
125 PERDIR_CASE('g', 'G', get)
126 PERDIR_CASE('c', 'C', cookie)
127 PERDIR_CASE('p', 'P', post)
128 PERDIR_CASE('r', 'R', request)
129 PERDIR_CASE('s', 'S', sql)
130 PERDIR_CASE('u', 'U', upload)
131 PERDIR_CASE('m', 'M', misc)
132 }
133 tmp++;
134 }
135 return SUCCESS;
136}
137
138static void parse_list(HashTable **ht, char *list, zend_bool lc)
139{
140 char *s = NULL, *e, *val;
141 // unsigned long dummy = 1;
142
143 if (list == NULL) {
144list_destroy:
145 if (*ht) {
146 zend_hash_destroy(*ht);
147 pefree(*ht, 1);
148 }
149 *ht = NULL;
150 return;
151 }
152 while (*list == ' ' || *list == '\t') list++;
153 if (*list == 0) {
154 goto list_destroy;
155 }
156
157 *ht = pemalloc(sizeof(HashTable), 1);
158 zend_hash_init(*ht, 5, NULL, NULL, 1);
159
160 val = estrndup(list, strlen(list));
161 if (lc) {
162 zend_str_tolower(val, strlen(list));
163 }
164
165 e = val;
166
167 while (*e) {
168 switch (*e) {
169 case ' ':
170 case ',':
171 if (s) {
172 *e = '\0';
173 zend_hash_str_add_empty_element(*ht, s, e-s);
174 // zend_hash_str_add(*ht, s, e-s, &dummy, sizeof(unsigned long), NULL);
175 s = NULL;
176 }
177 break;
178 default:
179 if (!s) {
180 s = e;
181 }
182 break;
183 }
184 e++;
185 }
186 if (s) {
187 // zend_hash_str_add(*ht, s, e-s, &dummy, sizeof(unsigned long), NULL);
188 zend_hash_str_add_empty_element(*ht, s, e-s);
189 }
190 efree(val);
191
192}
193
194#define S7_INI_MH_EXECLIST(name) \
195static ZEND_INI_MH(OnUpdateSuhosin_ ## name) \
196{ \
197 EXEC_PERDIR_CHECK(); \
198 parse_list(&SUHOSIN_G(name), ZSTR_VAL(new_value), 1); \
199 return SUCCESS; \
200}
201S7_INI_MH_EXECLIST(include_whitelist)
202S7_INI_MH_EXECLIST(include_blacklist)
203S7_INI_MH_EXECLIST(eval_whitelist)
204S7_INI_MH_EXECLIST(eval_blacklist)
205S7_INI_MH_EXECLIST(func_whitelist)
206S7_INI_MH_EXECLIST(func_blacklist)
207
208static ZEND_INI_MH(OnUpdateSuhosin_cookie_cryptlist)
209{
210 COOKIE_PERDIR_CHECK();
211 parse_list(&SUHOSIN_G(cookie_cryptlist), ZSTR_VAL(new_value), 0);
212 return SUCCESS;
213}
214
215static ZEND_INI_MH(OnUpdateSuhosin_cookie_plainlist)
216{
217 COOKIE_PERDIR_CHECK();
218 parse_list(&SUHOSIN_G(cookie_plainlist), ZSTR_VAL(new_value), 0);
219 return SUCCESS;
220}
221
222/* ------------------------------------------------------------------------ */
223
224#define STD_S7_INI_ENTRY(name, default_value, modifiable, on_modify, property_name) \
225 STD_PHP_INI_ENTRY(name, default_value, modifiable, on_modify, property_name, zend_suhosin7_globals, suhosin7_globals)
226#define STD_S7_INI_BOOLEAN(name, default_value, modifiable, on_modify, property_name) \
227 STD_PHP_INI_BOOLEAN(name, default_value, modifiable, on_modify, property_name, zend_suhosin7_globals, suhosin7_globals)
228// #define STD_S7_INI_LIST(name, modifiable, )
38 229
39/* {{{ PHP_INI 230/* {{{ PHP_INI
40 */ 231 */
41PHP_INI_BEGIN() 232PHP_INI_BEGIN()
42 STD_ZEND_INI_BOOLEAN("suhosin.protectkey", "1", ZEND_INI_SYSTEM, OnUpdateBool, protectkey, zend_suhosin7_globals, suhosin7_globals) 233 // STD_S7_INI_BOOLEAN("suhosin.protectkey", "1", PHP_INI_SYSTEM, OnUpdateBool, protectkey, zend_suhosin7_globals, suhosin7_globals)
43 STD_ZEND_INI_BOOLEAN("suhosin.cookie.cryptkey", "1", ZEND_INI_SYSTEM, OnUpdateBool, protectkey, zend_suhosin7_globals, suhosin7_globals) 234 // STD_S7_INI_BOOLEAN("suhosin.cookie.cryptkey", "1", PHP_INI_SYSTEM, OnUpdateBool, protectkey, zend_suhosin7_globals, suhosin7_globals)
44 STD_PHP_INI_ENTRY("suhosin.global_value", "42", PHP_INI_ALL, OnUpdateLong, global_value, zend_suhosin7_globals, suhosin7_globals) 235 // STD_S7_INI_ENTRY("suhosin.global_value", "42", PHP_INI_ALL, OnUpdateLong, global_value, zend_suhosin7_globals, suhosin7_globals)
45 STD_PHP_INI_ENTRY("suhosin.global_string", "foobar", PHP_INI_ALL, OnUpdateString, global_string, zend_suhosin7_globals, suhosin7_globals) 236 // STD_S7_INI_ENTRY("suhosin.global_string", "foobar", PHP_INI_ALL, OnUpdateString, global_string, zend_suhosin7_globals, suhosin7_globals)
237
238 PHP_INI_ENTRY("suhosin.perdir", "0", PHP_INI_SYSTEM, OnUpdateSuhosin_perdir)
239 // PHP_INI_ENTRY("suhosin.log.syslog", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_syslog)
240 // PHP_INI_ENTRY("suhosin.log.syslog.facility", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_syslog_facility)
241 // PHP_INI_ENTRY("suhosin.log.syslog.priority", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_syslog_priority)
242 // PHP_INI_ENTRY("suhosin.log.sapi", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_sapi)
243 // PHP_INI_ENTRY("suhosin.log.stdout", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_stdout)
244 // PHP_INI_ENTRY("suhosin.log.script", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_script)
245 // PHP_INI_ENTRY("suhosin.log.script.name", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_scriptname)
246 // STD_S7_INI_BOOLEAN("suhosin.log.use-x-forwarded-for", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLogBool, log_use_x_forwarded_for)
247 // PHP_INI_ENTRY("suhosin.log.phpscript", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_phpscript)
248 // STD_S7_INI_ENTRY("suhosin.log.phpscript.name", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLogString, log_phpscriptname)
249 // PHP_INI_ENTRY("suhosin.log.file", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_log_file)
250 // STD_S7_INI_ENTRY("suhosin.log.file.name", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLogString, log_filename)
251 // STD_S7_INI_BOOLEAN("suhosin.log.file.time", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLogBool, log_file_time)
252 // STD_S7_INI_BOOLEAN("suhosin.log.phpscript.is_safe", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateLogBool, log_phpscript_is_safe)
253
254 // STD_S7_INI_ENTRY("suhosin.executor.include.max_traversal", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecLong, executor_include_max_traversal)
255 PHP_INI_ENTRY("suhosin.executor.include.whitelist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_include_whitelist)
256 PHP_INI_ENTRY("suhosin.executor.include.blacklist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_include_blacklist)
257 // STD_S7_INI_BOOLEAN("suhosin.executor.include.allow_writable_files", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_include_allow_writable_files)
258 PHP_INI_ENTRY("suhosin.executor.eval.whitelist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_eval_whitelist)
259 PHP_INI_ENTRY("suhosin.executor.eval.blacklist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_eval_blacklist)
260 PHP_INI_ENTRY("suhosin.executor.func.whitelist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_func_whitelist)
261 PHP_INI_ENTRY("suhosin.executor.func.blacklist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_func_blacklist)
262 // STD_S7_INI_BOOLEAN("suhosin.executor.disable_eval", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_disable_eval)
263 // STD_S7_INI_BOOLEAN("suhosin.executor.disable_emodifier", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_disable_emod)
264 //
265 // STD_S7_INI_BOOLEAN("suhosin.executor.allow_symlink", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecBool, executor_allow_symlink)
266 // STD_S7_INI_ENTRY("suhosin.executor.max_depth", "750", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateExecLong, max_execution_depth)
267 //
268 //
269 // STD_S7_INI_BOOLEAN("suhosin.multiheader", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, allow_multiheader)
270 // STD_S7_INI_ENTRY("suhosin.mail.protect", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscLong, mailprotect)
271 // STD_S7_INI_ENTRY("suhosin.memory_limit", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscLong, memory_limit)
272 // STD_S7_INI_BOOLEAN("suhosin.simulation", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, simulation)
273 // STD_S7_INI_ENTRY("suhosin.filter.action", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, filter_action)
274 //
275 // STD_S7_INI_BOOLEAN("suhosin.protectkey", "1", PHP_INI_SYSTEM, OnUpdateBool, protectkey)
276 // STD_S7_INI_BOOLEAN("suhosin.coredump", "0", PHP_INI_SYSTEM, OnUpdateBool, coredump)
277 // STD_S7_INI_BOOLEAN("suhosin.stealth", "1", PHP_INI_SYSTEM, OnUpdateBool, stealth)
278 // STD_S7_INI_BOOLEAN("suhosin.apc_bug_workaround", "0", PHP_INI_SYSTEM, OnUpdateBool, apc_bug_workaround)
279 // STD_S7_INI_BOOLEAN("suhosin.disable.display_errors", "0", PHP_INI_SYSTEM, OnUpdate_disable_display_errors, disable_display_errors)
280
281
282 //
283 // STD_S7_INI_ENTRY("suhosin.request.max_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_request_variables)
284 // STD_S7_INI_ENTRY("suhosin.request.max_varname_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_varname_length)
285 // STD_S7_INI_ENTRY("suhosin.request.max_value_length", "1000000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_value_length)
286 // STD_S7_INI_ENTRY("suhosin.request.max_array_depth", "50", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_array_depth)
287 // STD_S7_INI_ENTRY("suhosin.request.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_totalname_length)
288 // STD_S7_INI_ENTRY("suhosin.request.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestLong, max_array_index_length)
289 // STD_S7_INI_ENTRY("suhosin.request.array_index_whitelist", "", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestString, array_index_whitelist)
290 // STD_S7_INI_ENTRY("suhosin.request.array_index_blacklist", "'\"+<>;()", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestString, array_index_blacklist)
291 // STD_S7_INI_ENTRY("suhosin.request.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_nul)
292 // STD_S7_INI_ENTRY("suhosin.request.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateRequestBool, disallow_ws)
293 //
294 // STD_S7_INI_ENTRY("suhosin.cookie.max_vars", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_vars)
295 // STD_S7_INI_ENTRY("suhosin.cookie.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_name_length)
296 // STD_S7_INI_ENTRY("suhosin.cookie.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_totalname_length)
297 // STD_S7_INI_ENTRY("suhosin.cookie.max_value_length", "10000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_value_length)
298 // STD_S7_INI_ENTRY("suhosin.cookie.max_array_depth", "50", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_array_depth)
299 // STD_S7_INI_ENTRY("suhosin.cookie.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, max_cookie_array_index_length)
300 // STD_S7_INI_ENTRY("suhosin.cookie.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_nul)
301 // STD_S7_INI_ENTRY("suhosin.cookie.disallow_ws", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieBool, disallow_cookie_ws)
302 //
303 // STD_S7_INI_ENTRY("suhosin.get.max_vars", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_vars)
304 // STD_S7_INI_ENTRY("suhosin.get.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_name_length)
305 // STD_S7_INI_ENTRY("suhosin.get.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_totalname_length)
306 // STD_S7_INI_ENTRY("suhosin.get.max_value_length", "512", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_value_length)
307 // STD_S7_INI_ENTRY("suhosin.get.max_array_depth", "50", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_array_depth)
308 // STD_S7_INI_ENTRY("suhosin.get.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetLong, max_get_array_index_length)
309 // STD_S7_INI_ENTRY("suhosin.get.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_nul)
310 // STD_S7_INI_ENTRY("suhosin.get.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateGetBool, disallow_get_ws)
311 //
312 // STD_S7_INI_ENTRY("suhosin.post.max_vars", "1000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_vars)
313 // STD_S7_INI_ENTRY("suhosin.post.max_name_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_name_length)
314 // STD_S7_INI_ENTRY("suhosin.post.max_totalname_length", "256", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_totalname_length)
315 // STD_S7_INI_ENTRY("suhosin.post.max_value_length", "1000000", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_value_length)
316 // STD_S7_INI_ENTRY("suhosin.post.max_array_depth", "50", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_array_depth)
317 // STD_S7_INI_ENTRY("suhosin.post.max_array_index_length", "64", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostLong, max_post_array_index_length)
318 // STD_S7_INI_ENTRY("suhosin.post.disallow_nul", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_nul)
319 // STD_S7_INI_ENTRY("suhosin.post.disallow_ws", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdatePostBool, disallow_post_ws)
320 //
321 // STD_S7_INI_ENTRY("suhosin.upload.max_uploads", "25", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_limit)
322 // STD_S7_INI_ENTRY("suhosin.upload.max_newlines", "100", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadLong, upload_max_newlines)
323 // STD_S7_INI_ENTRY("suhosin.upload.disallow_elf", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_elf)
324 // STD_S7_INI_ENTRY("suhosin.upload.disallow_binary", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_disallow_binary)
325 // STD_S7_INI_ENTRY("suhosin.upload.remove_binary", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_remove_binary)
326#ifdef SUHOSIN_EXPERIMENTAL
327 // STD_S7_INI_BOOLEAN("suhosin.upload.allow_utf8", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadBool, upload_allow_utf8)
328#endif
329 // STD_S7_INI_ENTRY("suhosin.upload.verification_script", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateUploadString, upload_verification_script)
330
331
332 // STD_S7_INI_BOOLEAN("suhosin.sql.bailout_on_error", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSQLBool, sql_bailout_on_error)
333 // STD_S7_INI_ENTRY("suhosin.sql.user_prefix", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLString, sql_user_prefix)
334 // STD_S7_INI_ENTRY("suhosin.sql.user_postfix", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLString, sql_user_postfix)
335 // STD_S7_INI_ENTRY("suhosin.sql.user_match", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLString, sql_user_match)
336 // STD_S7_INI_ENTRY("suhosin.sql.comment", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_comment)
337 // STD_S7_INI_ENTRY("suhosin.sql.opencomment", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_opencomment)
338 // STD_S7_INI_ENTRY("suhosin.sql.multiselect", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_mselect)
339 // STD_S7_INI_ENTRY("suhosin.sql.union", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateSQLLong, sql_union)
340
341#ifdef HAVE_PHP_SESSION
342 // STD_S7_INI_BOOLEAN("suhosin.session.encrypt", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, session_encrypt)
343 // STD_S7_INI_ENTRY("suhosin.session.cryptkey", "", PHP_INI_ALL, OnUpdateMiscString, session_cryptkey)
344 // STD_S7_INI_BOOLEAN("suhosin.session.cryptua", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, session_cryptua)
345 // STD_S7_INI_BOOLEAN("suhosin.session.cryptdocroot", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateMiscBool, session_cryptdocroot)
346 // STD_S7_INI_ENTRY("suhosin.session.cryptraddr", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_cryptraddr)
347 // STD_S7_INI_ENTRY("suhosin.session.checkraddr", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_checkraddr)
348 // STD_S7_INI_ENTRY("suhosin.session.max_id_length", "128", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_max_id_length)
349#else /* HAVE_PHP_SESSION */
350#warning BUILDING SUHOSIN WITHOUT SESSION SUPPORT. THIS IS A BAD IDEA!
351#ifndef SUHOSIN_WITHOUT_SESSION
352#error Please recompile with -DSUHOSIN_WITHOUT_SESSION if you really know what you are doing.
353#endif
354#endif /* HAVE_PHP_SESSION */
355
356
357 // STD_S7_INI_BOOLEAN("suhosin.cookie.encrypt", "0", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateCookieBool, cookie_encrypt)
358 // STD_S7_INI_ENTRY("suhosin.cookie.cryptkey", "", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieString, cookie_cryptkey)
359 // STD_S7_INI_BOOLEAN("suhosin.cookie.cryptua", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateCookieBool, cookie_cryptua)
360 // STD_S7_INI_BOOLEAN("suhosin.cookie.cryptdocroot", "1", PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateCookieBool, cookie_cryptdocroot)
361 // STD_S7_INI_ENTRY("suhosin.cookie.cryptraddr", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, cookie_cryptraddr)
362 // STD_S7_INI_ENTRY("suhosin.cookie.checkraddr", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateCookieLong, cookie_checkraddr)
363 PHP_INI_ENTRY("suhosin.cookie.cryptlist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_cookie_cryptlist)
364 PHP_INI_ENTRY("suhosin.cookie.plainlist", NULL, PHP_INI_PERDIR|PHP_INI_SYSTEM, OnUpdateSuhosin_cookie_plainlist)
365 //
366 // STD_S7_INI_BOOLEAN("suhosin.server.encode", "1", PHP_INI_SYSTEM, OnUpdateBool, server_encode)
367 // STD_S7_INI_BOOLEAN("suhosin.server.strip", "1", PHP_INI_SYSTEM, OnUpdateBool, server_strip)
368 //
369 // STD_S7_INI_ENTRY("suhosin.rand.seedingkey", "", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscString, seedingkey)
370 // STD_S7_INI_BOOLEAN("suhosin.rand.reseed_every_request", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, reseed_every_request)
371 // STD_S7_INI_BOOLEAN("suhosin.srand.ignore", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, srand_ignore)
372 // STD_S7_INI_BOOLEAN("suhosin.mt_srand.ignore", "1", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscBool, mt_srand_ignore)
373
374
46PHP_INI_END() 375PHP_INI_END()
47/* }}} */ 376/* }}} */
48 377
@@ -61,6 +390,24 @@ static void php_suhosin7_init_globals(zend_suhosin7_globals *suhosin7_globals)
61 */ 390 */
62PHP_MINIT_FUNCTION(suhosin7) 391PHP_MINIT_FUNCTION(suhosin7)
63{ 392{
393 SDEBUG("(MINIT)");
394 ZEND_INIT_MODULE_GLOBALS(suhosin7, php_suhosin7_init_globals, NULL);
395
396 /* only register constants if they have not previously been registered by a patched PHP */
397 // if (zend_hash_str_exists(EG(zend_constants), "S_MEMORY", sizeof("S_MEMORY"))==0) {
398 REGISTER_MAIN_LONG_CONSTANT("S_MEMORY", S_MEMORY, CONST_PERSISTENT | CONST_CS);
399 REGISTER_MAIN_LONG_CONSTANT("S_VARS", S_VARS, CONST_PERSISTENT | CONST_CS);
400 REGISTER_MAIN_LONG_CONSTANT("S_FILES", S_FILES, CONST_PERSISTENT | CONST_CS);
401 REGISTER_MAIN_LONG_CONSTANT("S_INCLUDE", S_INCLUDE, CONST_PERSISTENT | CONST_CS);
402 REGISTER_MAIN_LONG_CONSTANT("S_SQL", S_SQL, CONST_PERSISTENT | CONST_CS);
403 REGISTER_MAIN_LONG_CONSTANT("S_EXECUTOR", S_EXECUTOR, CONST_PERSISTENT | CONST_CS);
404 REGISTER_MAIN_LONG_CONSTANT("S_MAIL", S_MAIL, CONST_PERSISTENT | CONST_CS);
405 REGISTER_MAIN_LONG_CONSTANT("S_SESSION", S_SESSION, CONST_PERSISTENT | CONST_CS);
406 REGISTER_MAIN_LONG_CONSTANT("S_MISC", S_MISC, CONST_PERSISTENT | CONST_CS);
407 REGISTER_MAIN_LONG_CONSTANT("S_INTERNAL", S_INTERNAL, CONST_PERSISTENT | CONST_CS);
408 REGISTER_MAIN_LONG_CONSTANT("S_ALL", S_ALL, CONST_PERSISTENT | CONST_CS);
409 // }
410
64 REGISTER_INI_ENTRIES(); 411 REGISTER_INI_ENTRIES();
65 return SUCCESS; 412 return SUCCESS;
66} 413}
@@ -70,6 +417,7 @@ PHP_MINIT_FUNCTION(suhosin7)
70 */ 417 */
71PHP_MSHUTDOWN_FUNCTION(suhosin7) 418PHP_MSHUTDOWN_FUNCTION(suhosin7)
72{ 419{
420 SDEBUG("(MSHUTDOWN)");
73 UNREGISTER_INI_ENTRIES(); 421 UNREGISTER_INI_ENTRIES();
74 return SUCCESS; 422 return SUCCESS;
75} 423}
@@ -80,6 +428,7 @@ PHP_MSHUTDOWN_FUNCTION(suhosin7)
80 */ 428 */
81PHP_RINIT_FUNCTION(suhosin7) 429PHP_RINIT_FUNCTION(suhosin7)
82{ 430{
431 SDEBUG("(RINIT)");
83#if defined(COMPILE_DL_SUHOSIN7) && defined(ZTS) 432#if defined(COMPILE_DL_SUHOSIN7) && defined(ZTS)
84 ZEND_TSRMLS_CACHE_UPDATE(); 433 ZEND_TSRMLS_CACHE_UPDATE();
85#endif 434#endif
@@ -92,15 +441,17 @@ PHP_RINIT_FUNCTION(suhosin7)
92 */ 441 */
93PHP_RSHUTDOWN_FUNCTION(suhosin7) 442PHP_RSHUTDOWN_FUNCTION(suhosin7)
94{ 443{
444 SDEBUG("(RSHUTDOWN)");
445
95 return SUCCESS; 446 return SUCCESS;
96} 447}
97/* }}} */ 448/* }}} */
98 449
99/* {{{ suhosin_ini_displayer(zend_ini_entry *ini_entry, int type) 450/* {{{ suhosin_ini_displayer(PHP_INI_ENTRY *ini_entry, int type)
100 */ 451 */
101static void suhosin_ini_displayer(zend_ini_entry *ini_entry, int type) 452static void suhosin_ini_displayer(php_ini_entry *ini_entry, int type)
102{ 453{
103 PHPWRITE("[ protected ]", strlen("[ protected ]")); 454 PHPWRITE("[ protected ]", strlen("[ protected ]"));
104} 455}
105/* }}} */ 456/* }}} */
106 457
@@ -126,42 +477,42 @@ PHP_MINFO_FUNCTION(suhosin7)
126 PUTS(!sapi_module.phpinfo_as_text?"<br /><br />":"\n\n"); 477 PUTS(!sapi_module.phpinfo_as_text?"<br /><br />":"\n\n");
127 if (sapi_module.phpinfo_as_text) { 478 if (sapi_module.phpinfo_as_text) {
128 PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n"); 479 PUTS("Copyright (c) 2006-2007 Hardened-PHP Project\n");
129 PUTS("Copyright (c) 2007-2015 SektionEins GmbH\n"); 480 PUTS("Copyright (c) 2007-2016 SektionEins GmbH\n");
130 } else { 481 } else {
131 PUTS("Copyright (c) 2006-2007 <a href=\"http://www.hardened-php.net/\">Hardened-PHP Project</a><br />\n"); 482 PUTS("Copyright (c) 2006-2007 <a href=\"http://www.hardened-php.net/\">Hardened-PHP Project</a><br />\n");
132 PUTS("Copyright (c) 2007-2015 <a href=\"http://www.sektioneins.de/\">SektionEins GmbH</a>\n"); 483 PUTS("Copyright (c) 2007-2016 <a href=\"http://www.sektioneins.de/\">SektionEins GmbH</a>\n");
133 } 484 }
134 php_info_print_box_end(); 485 php_info_print_box_end();
135 486
136 if (SUHOSIN7_G(protectkey)) { 487 if (SUHOSIN7_G(protectkey)) {
137 zend_ini_entry *i; 488 php_ini_entry *i;
489
490 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.cookie.cryptkey")))) {
491 i->displayer = suhosin_ini_displayer;
492 }
493 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.session.cryptkey")))) {
494 i->displayer = suhosin_ini_displayer;
495 }
496 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.rand.seedingkey")))) {
497 i->displayer = suhosin_ini_displayer;
498 }
499 }
138 500
139 if ((i=zend_hash_str_find_ptr(EG(ini_directives), "suhosin.cookie.cryptkey", sizeof("suhosin.cookie.cryptkey")-1))) {
140 i->displayer = suhosin_ini_displayer;
141 }
142 if ((i=zend_hash_str_find_ptr(EG(ini_directives), "suhosin.session.cryptkey", sizeof("suhosin.session.cryptkey")-1))) {
143 i->displayer = suhosin_ini_displayer;
144 }
145 if ((i=zend_hash_str_find_ptr(EG(ini_directives), "suhosin.rand.seedingkey", sizeof("suhosin.rand.seedingkey")-1))) {
146 i->displayer = suhosin_ini_displayer;
147 }
148 }
149
150 DISPLAY_INI_ENTRIES(); 501 DISPLAY_INI_ENTRIES();
151 502
152 if (SUHOSIN7_G(protectkey)) { 503 if (SUHOSIN7_G(protectkey)) {
153 zend_ini_entry *i; 504 php_ini_entry *i;
154 505
155 if ((i=zend_hash_str_find_ptr(EG(ini_directives), "suhosin.cookie.cryptkey", sizeof("suhosin.cookie.cryptkey")))) { 506 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.cookie.cryptkey")))) {
156 i->displayer = NULL; 507 i->displayer = NULL;
157 } 508 }
158 if ((i=zend_hash_str_find_ptr(EG(ini_directives), "suhosin.session.cryptkey", sizeof("suhosin.session.cryptkey")-1))) { 509 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.session.cryptkey")))) {
159 i->displayer = NULL; 510 i->displayer = NULL;
160 } 511 }
161 if ((i=zend_hash_str_find_ptr(EG(ini_directives), "suhosin.rand.seedingkey", sizeof("suhosin.rand.seedingkey")-1))) { 512 if ((i=zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("suhosin.rand.seedingkey")))) {
162 i->displayer = NULL; 513 i->displayer = NULL;
163 } 514 }
164 } 515 }
165 516
166} 517}
167/* }}} */ 518/* }}} */
diff --git a/treat_data.c b/treat_data.c
index 86fcd9f..dc31b17 100644
--- a/treat_data.c
+++ b/treat_data.c
@@ -97,11 +97,11 @@ SAPI_TREAT_DATA_FUNC(suhosin_treat_data)
97 } else if (arg == PARSE_COOKIE) { /* Cookie data */ 97 } else if (arg == PARSE_COOKIE) { /* Cookie data */
98 c_var = SG(request_info).cookie_data; 98 c_var = SG(request_info).cookie_data;
99 if (c_var && *c_var) { 99 if (c_var && *c_var) {
100 if (SUHOSIN7_G(cookie_encrypt)) { 100 // if (SUHOSIN7_G(cookie_encrypt)) {
101 res = (char *) estrdup(suhosin_cookie_decryptor()); 101 // res = (char *) estrdup(suhosin_cookie_decryptor());
102 } else { 102 // } else {
103 res = (char *) estrdup(c_var); 103 res = (char *) estrdup(c_var);
104 } 104 // }
105 free_buffer = 1; 105 free_buffer = 1;
106 } else { 106 } else {
107 free_buffer = 0; 107 free_buffer = 0;
@@ -211,4 +211,3 @@ void suhosin_hook_treat_data()
211 * vim600: noet sw=4 ts=4 fdm=marker 211 * vim600: noet sw=4 ts=4 fdm=marker
212 * vim<600: noet sw=4 ts=4 212 * vim<600: noet sw=4 ts=4
213 */ 213 */
214