summaryrefslogtreecommitdiff
path: root/ifilter.c
diff options
context:
space:
mode:
Diffstat (limited to 'ifilter.c')
-rw-r--r--ifilter.c196
1 files changed, 98 insertions, 98 deletions
diff --git a/ifilter.c b/ifilter.c
index b49e61e..627fdbd 100644
--- a/ifilter.c
+++ b/ifilter.c
@@ -219,7 +219,7 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
219 orig_register_server_variables(track_vars_array TSRMLS_CC); 219 orig_register_server_variables(track_vars_array TSRMLS_CC);
220 220
221 svars = Z_ARRVAL_P(track_vars_array); 221 svars = Z_ARRVAL_P(track_vars_array);
222 if (!SUHOSIN_G(simulation)) { 222 if (!SUHOSIN7_G(simulation)) {
223 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_GET_VARS")); 223 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_GET_VARS"));
224 if (retval == SUCCESS) failure = 1; 224 if (retval == SUCCESS) failure = 1;
225 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_POST_VARS")); 225 retval = zend_hash_str_del(svars, ZEND_STRL("HTTP_POST_VARS"));
@@ -252,24 +252,24 @@ void suhosin_register_server_variables(zval *track_vars_array TSRMLS_DC)
252 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header"); 252 suhosin_log(S_VARS, "Attacker tried to overwrite a superglobal through a HTTP header");
253 } 253 }
254 254
255 if (SUHOSIN_G(raw_cookie)) { 255 if (SUHOSIN7_G(raw_cookie)) {
256 zval z; 256 zval z;
257 ZVAL_STRING(&z, SUHOSIN_G(raw_cookie)); 257 ZVAL_STRING(&z, SUHOSIN7_G(raw_cookie));
258 zend_hash_str_add(svars, "RAW_HTTP_COOKIE", sizeof("RAW_HTTP_COOKIE")-1, &z); 258 zend_hash_str_add(svars, "RAW_HTTP_COOKIE", sizeof("RAW_HTTP_COOKIE")-1, &z);
259 } 259 }
260 if (SUHOSIN_G(decrypted_cookie)) { 260 if (SUHOSIN7_G(decrypted_cookie)) {
261 zval z; 261 zval z;
262 ZVAL_STRING(&z, SUHOSIN_G(decrypted_cookie)); 262 ZVAL_STRING(&z, SUHOSIN7_G(decrypted_cookie));
263 zend_hash_str_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE")-1, &z); 263 zend_hash_str_update(svars, "HTTP_COOKIE", sizeof("HTTP_COOKIE")-1, &z);
264 SUHOSIN_G(decrypted_cookie) = NULL; 264 SUHOSIN7_G(decrypted_cookie) = NULL;
265 } 265 }
266 266
267 if (SUHOSIN_G(server_encode)) { 267 if (SUHOSIN7_G(server_encode)) {
268 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */ 268 /* suhosin_server_encode(svars, ZEND_STRL("argv")); */
269 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI")); 269 suhosin_server_encode(svars, ZEND_STRL("REQUEST_URI"));
270 suhosin_server_encode(svars, ZEND_STRL("QUERY_STRING")); 270 suhosin_server_encode(svars, ZEND_STRL("QUERY_STRING"));
271 } 271 }
272 if (SUHOSIN_G(server_strip)) { 272 if (SUHOSIN7_G(server_strip)) {
273 suhosin_server_strip(svars, ZEND_STRL("PHP_SELF")); 273 suhosin_server_strip(svars, ZEND_STRL("PHP_SELF"));
274 suhosin_server_strip(svars, ZEND_STRL("PATH_INFO")); 274 suhosin_server_strip(svars, ZEND_STRL("PATH_INFO"));
275 suhosin_server_strip(svars, ZEND_STRL("PATH_TRANSLATED")); 275 suhosin_server_strip(svars, ZEND_STRL("PATH_TRANSLATED"));
@@ -287,10 +287,10 @@ unsigned int (*old_input_filter)(int arg, char *var, char **val, size_t val_len,
287 */ 287 */
288unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len) 288unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t val_len, size_t *new_val_len)
289{ 289{
290 zend_bool already_scanned = SUHOSIN_G(already_scanned); 290 zend_bool already_scanned = SUHOSIN7_G(already_scanned);
291 SUHOSIN_G(already_scanned) = 0; 291 SUHOSIN7_G(already_scanned) = 0;
292 292
293 if (SUHOSIN_G(do_not_scan)) { 293 if (SUHOSIN7_G(do_not_scan)) {
294 if (new_val_len) { 294 if (new_val_len) {
295 *new_val_len = val_len; 295 *new_val_len = val_len;
296 } 296 }
@@ -299,7 +299,7 @@ unsigned int suhosin_input_filter_wrapper(int arg, char *var, char **val, size_t
299 299
300 if (!already_scanned) { 300 if (!already_scanned) {
301 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) { 301 if (suhosin_input_filter(arg, var, val, val_len, new_val_len)==0) {
302 SUHOSIN_G(abort_request)=1; 302 SUHOSIN7_G(abort_request)=1;
303 return 0; 303 return 0;
304 } 304 }
305 if (new_val_len) { 305 if (new_val_len) {
@@ -321,7 +321,7 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
321 unsigned int var_len, total_len, depth = 0; 321 unsigned int var_len, total_len, depth = 0;
322 322
323 /* Mark that we were called */ 323 /* Mark that we were called */
324 SUHOSIN_G(already_scanned) = 1; 324 SUHOSIN7_G(already_scanned) = 1;
325 325
326 if (new_val_len) { 326 if (new_val_len) {
327 *new_val_len = 0; 327 *new_val_len = 0;
@@ -330,23 +330,23 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
330 /* Drop this variable if the limit was reached */ 330 /* Drop this variable if the limit was reached */
331 switch (arg) { 331 switch (arg) {
332 case PARSE_GET: 332 case PARSE_GET:
333 SUHOSIN_G(att_get_vars)++; 333 SUHOSIN7_G(att_get_vars)++;
334 SUHOSIN_G(att_request_variables)++; 334 SUHOSIN7_G(att_request_variables)++;
335 if (SUHOSIN_G(no_more_get_variables)) { 335 if (SUHOSIN7_G(no_more_get_variables)) {
336 return 0; 336 return 0;
337 } 337 }
338 break; 338 break;
339 case PARSE_POST: 339 case PARSE_POST:
340 SUHOSIN_G(att_post_vars)++; 340 SUHOSIN7_G(att_post_vars)++;
341 SUHOSIN_G(att_request_variables)++; 341 SUHOSIN7_G(att_request_variables)++;
342 if (SUHOSIN_G(no_more_post_variables)) { 342 if (SUHOSIN7_G(no_more_post_variables)) {
343 return 0; 343 return 0;
344 } 344 }
345 break; 345 break;
346 case PARSE_COOKIE: 346 case PARSE_COOKIE:
347 SUHOSIN_G(att_cookie_vars)++; 347 SUHOSIN7_G(att_cookie_vars)++;
348 SUHOSIN_G(att_request_variables)++; 348 SUHOSIN7_G(att_request_variables)++;
349 if (SUHOSIN_G(no_more_cookie_variables)) { 349 if (SUHOSIN7_G(no_more_cookie_variables)) {
350 return 0; 350 return 0;
351 } 351 }
352 break; 352 break;
@@ -360,28 +360,28 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
360 /* Drop this variable if the limit is now reached */ 360 /* Drop this variable if the limit is now reached */
361 switch (arg) { 361 switch (arg) {
362 case PARSE_GET: 362 case PARSE_GET:
363 if (SUHOSIN_G(max_get_vars) && SUHOSIN_G(max_get_vars) <= SUHOSIN_G(cur_get_vars)) { 363 if (SUHOSIN7_G(max_get_vars) && SUHOSIN7_G(max_get_vars) <= SUHOSIN7_G(cur_get_vars)) {
364 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var); 364 suhosin_log(S_VARS, "configured GET variable limit exceeded - dropped variable '%s' - all further GET variables are dropped", var);
365 if (!SUHOSIN_G(simulation)) { 365 if (!SUHOSIN7_G(simulation)) {
366 SUHOSIN_G(no_more_get_variables) = 1; 366 SUHOSIN7_G(no_more_get_variables) = 1;
367 return 0; 367 return 0;
368 } 368 }
369 } 369 }
370 break; 370 break;
371 case PARSE_COOKIE: 371 case PARSE_COOKIE:
372 if (SUHOSIN_G(max_cookie_vars) && SUHOSIN_G(max_cookie_vars) <= SUHOSIN_G(cur_cookie_vars)) { 372 if (SUHOSIN7_G(max_cookie_vars) && SUHOSIN7_G(max_cookie_vars) <= SUHOSIN7_G(cur_cookie_vars)) {
373 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var); 373 suhosin_log(S_VARS, "configured COOKIE variable limit exceeded - dropped variable '%s' - all further COOKIE variables are dropped", var);
374 if (!SUHOSIN_G(simulation)) { 374 if (!SUHOSIN7_G(simulation)) {
375 SUHOSIN_G(no_more_cookie_variables) = 1; 375 SUHOSIN7_G(no_more_cookie_variables) = 1;
376 return 0; 376 return 0;
377 } 377 }
378 } 378 }
379 break; 379 break;
380 case PARSE_POST: 380 case PARSE_POST:
381 if (SUHOSIN_G(max_post_vars) && SUHOSIN_G(max_post_vars) <= SUHOSIN_G(cur_post_vars)) { 381 if (SUHOSIN7_G(max_post_vars) && SUHOSIN7_G(max_post_vars) <= SUHOSIN7_G(cur_post_vars)) {
382 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var); 382 suhosin_log(S_VARS, "configured POST variable limit exceeded - dropped variable '%s' - all further POST variables are dropped", var);
383 if (!SUHOSIN_G(simulation)) { 383 if (!SUHOSIN7_G(simulation)) {
384 SUHOSIN_G(no_more_post_variables) = 1; 384 SUHOSIN7_G(no_more_post_variables) = 1;
385 return 0; 385 return 0;
386 } 386 }
387 } 387 }
@@ -390,33 +390,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
390 390
391 /* Drop this variable if it begins with whitespace which is disallowed */ 391 /* Drop this variable if it begins with whitespace which is disallowed */
392 if (isspace(*var)) { 392 if (isspace(*var)) {
393 if (SUHOSIN_G(disallow_ws)) { 393 if (SUHOSIN7_G(disallow_ws)) {
394 suhosin_log(S_VARS, "request variable name begins with disallowed whitespace - dropped variable '%s'", var); 394 suhosin_log(S_VARS, "request variable name begins with disallowed whitespace - dropped variable '%s'", var);
395 if (!SUHOSIN_G(simulation)) { 395 if (!SUHOSIN7_G(simulation)) {
396 return 0; 396 return 0;
397 } 397 }
398 } 398 }
399 switch (arg) { 399 switch (arg) {
400 case PARSE_GET: 400 case PARSE_GET:
401 if (SUHOSIN_G(disallow_get_ws)) { 401 if (SUHOSIN7_G(disallow_get_ws)) {
402 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var); 402 suhosin_log(S_VARS, "GET variable name begins with disallowed whitespace - dropped variable '%s'", var);
403 if (!SUHOSIN_G(simulation)) { 403 if (!SUHOSIN7_G(simulation)) {
404 return 0; 404 return 0;
405 } 405 }
406 } 406 }
407 break; 407 break;
408 case PARSE_POST: 408 case PARSE_POST:
409 if (SUHOSIN_G(disallow_post_ws)) { 409 if (SUHOSIN7_G(disallow_post_ws)) {
410 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var); 410 suhosin_log(S_VARS, "POST variable name begins with disallowed whitespace - dropped variable '%s'", var);
411 if (!SUHOSIN_G(simulation)) { 411 if (!SUHOSIN7_G(simulation)) {
412 return 0; 412 return 0;
413 } 413 }
414 } 414 }
415 break; 415 break;
416 case PARSE_COOKIE: 416 case PARSE_COOKIE:
417 if (SUHOSIN_G(disallow_cookie_ws)) { 417 if (SUHOSIN7_G(disallow_cookie_ws)) {
418 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var); 418 suhosin_log(S_VARS, "COOKIE variable name begins with disallowed whitespace - dropped variable '%s'", var);
419 if (!SUHOSIN_G(simulation)) { 419 if (!SUHOSIN7_G(simulation)) {
420 return 0; 420 return 0;
421 } 421 }
422 } 422 }
@@ -425,33 +425,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
425 } 425 }
426 426
427 /* Drop this variable if it exceeds the value length limit */ 427 /* Drop this variable if it exceeds the value length limit */
428 if (SUHOSIN_G(max_value_length) && SUHOSIN_G(max_value_length) < val_len) { 428 if (SUHOSIN7_G(max_value_length) && SUHOSIN7_G(max_value_length) < val_len) {
429 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var); 429 suhosin_log(S_VARS, "configured request variable value length limit exceeded - dropped variable '%s'", var);
430 if (!SUHOSIN_G(simulation)) { 430 if (!SUHOSIN7_G(simulation)) {
431 return 0; 431 return 0;
432 } 432 }
433 } 433 }
434 switch (arg) { 434 switch (arg) {
435 case PARSE_GET: 435 case PARSE_GET:
436 if (SUHOSIN_G(max_get_value_length) && SUHOSIN_G(max_get_value_length) < val_len) { 436 if (SUHOSIN7_G(max_get_value_length) && SUHOSIN7_G(max_get_value_length) < val_len) {
437 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var); 437 suhosin_log(S_VARS, "configured GET variable value length limit exceeded - dropped variable '%s'", var);
438 if (!SUHOSIN_G(simulation)) { 438 if (!SUHOSIN7_G(simulation)) {
439 return 0; 439 return 0;
440 } 440 }
441 } 441 }
442 break; 442 break;
443 case PARSE_COOKIE: 443 case PARSE_COOKIE:
444 if (SUHOSIN_G(max_cookie_value_length) && SUHOSIN_G(max_cookie_value_length) < val_len) { 444 if (SUHOSIN7_G(max_cookie_value_length) && SUHOSIN7_G(max_cookie_value_length) < val_len) {
445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var); 445 suhosin_log(S_VARS, "configured COOKIE variable value length limit exceeded - dropped variable '%s'", var);
446 if (!SUHOSIN_G(simulation)) { 446 if (!SUHOSIN7_G(simulation)) {
447 return 0; 447 return 0;
448 } 448 }
449 } 449 }
450 break; 450 break;
451 case PARSE_POST: 451 case PARSE_POST:
452 if (SUHOSIN_G(max_post_value_length) && SUHOSIN_G(max_post_value_length) < val_len) { 452 if (SUHOSIN7_G(max_post_value_length) && SUHOSIN7_G(max_post_value_length) < val_len) {
453 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var); 453 suhosin_log(S_VARS, "configured POST variable value length limit exceeded - dropped variable '%s'", var);
454 if (!SUHOSIN_G(simulation)) { 454 if (!SUHOSIN7_G(simulation)) {
455 return 0; 455 return 0;
456 } 456 }
457 } 457 }
@@ -467,57 +467,57 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
467 var_len = index ? index-var : total_len; 467 var_len = index ? index-var : total_len;
468 468
469 /* Drop this variable if it exceeds the varname/total length limit */ 469 /* Drop this variable if it exceeds the varname/total length limit */
470 if (SUHOSIN_G(max_varname_length) && SUHOSIN_G(max_varname_length) < var_len) { 470 if (SUHOSIN7_G(max_varname_length) && SUHOSIN7_G(max_varname_length) < var_len) {
471 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var); 471 suhosin_log(S_VARS, "configured request variable name length limit exceeded - dropped variable '%s'", var);
472 if (!SUHOSIN_G(simulation)) { 472 if (!SUHOSIN7_G(simulation)) {
473 return 0; 473 return 0;
474 } 474 }
475 } 475 }
476 if (SUHOSIN_G(max_totalname_length) && SUHOSIN_G(max_totalname_length) < total_len) { 476 if (SUHOSIN7_G(max_totalname_length) && SUHOSIN7_G(max_totalname_length) < total_len) {
477 suhosin_log(S_VARS, "configured request variable total name length limit exceeded - dropped variable '%s'", var); 477 suhosin_log(S_VARS, "configured request variable total name length limit exceeded - dropped variable '%s'", var);
478 if (!SUHOSIN_G(simulation)) { 478 if (!SUHOSIN7_G(simulation)) {
479 return 0; 479 return 0;
480 } 480 }
481 } 481 }
482 switch (arg) { 482 switch (arg) {
483 case PARSE_GET: 483 case PARSE_GET:
484 if (SUHOSIN_G(max_get_name_length) && SUHOSIN_G(max_get_name_length) < var_len) { 484 if (SUHOSIN7_G(max_get_name_length) && SUHOSIN7_G(max_get_name_length) < var_len) {
485 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var); 485 suhosin_log(S_VARS, "configured GET variable name length limit exceeded - dropped variable '%s'", var);
486 if (!SUHOSIN_G(simulation)) { 486 if (!SUHOSIN7_G(simulation)) {
487 return 0; 487 return 0;
488 } 488 }
489 } 489 }
490 if (SUHOSIN_G(max_get_totalname_length) && SUHOSIN_G(max_get_totalname_length) < total_len) { 490 if (SUHOSIN7_G(max_get_totalname_length) && SUHOSIN7_G(max_get_totalname_length) < total_len) {
491 suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var); 491 suhosin_log(S_VARS, "configured GET variable total name length limit exceeded - dropped variable '%s'", var);
492 if (!SUHOSIN_G(simulation)) { 492 if (!SUHOSIN7_G(simulation)) {
493 return 0; 493 return 0;
494 } 494 }
495 } 495 }
496 break; 496 break;
497 case PARSE_COOKIE: 497 case PARSE_COOKIE:
498 if (SUHOSIN_G(max_cookie_name_length) && SUHOSIN_G(max_cookie_name_length) < var_len) { 498 if (SUHOSIN7_G(max_cookie_name_length) && SUHOSIN7_G(max_cookie_name_length) < var_len) {
499 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var); 499 suhosin_log(S_VARS, "configured COOKIE variable name length limit exceeded - dropped variable '%s'", var);
500 if (!SUHOSIN_G(simulation)) { 500 if (!SUHOSIN7_G(simulation)) {
501 return 0; 501 return 0;
502 } 502 }
503 } 503 }
504 if (SUHOSIN_G(max_cookie_totalname_length) && SUHOSIN_G(max_cookie_totalname_length) < total_len) { 504 if (SUHOSIN7_G(max_cookie_totalname_length) && SUHOSIN7_G(max_cookie_totalname_length) < total_len) {
505 suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var); 505 suhosin_log(S_VARS, "configured COOKIE variable total name length limit exceeded - dropped variable '%s'", var);
506 if (!SUHOSIN_G(simulation)) { 506 if (!SUHOSIN7_G(simulation)) {
507 return 0; 507 return 0;
508 } 508 }
509 } 509 }
510 break; 510 break;
511 case PARSE_POST: 511 case PARSE_POST:
512 if (SUHOSIN_G(max_post_name_length) && SUHOSIN_G(max_post_name_length) < var_len) { 512 if (SUHOSIN7_G(max_post_name_length) && SUHOSIN7_G(max_post_name_length) < var_len) {
513 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var); 513 suhosin_log(S_VARS, "configured POST variable name length limit exceeded - dropped variable '%s'", var);
514 if (!SUHOSIN_G(simulation)) { 514 if (!SUHOSIN7_G(simulation)) {
515 return 0; 515 return 0;
516 } 516 }
517 } 517 }
518 if (SUHOSIN_G(max_post_totalname_length) && SUHOSIN_G(max_post_totalname_length) < total_len) { 518 if (SUHOSIN7_G(max_post_totalname_length) && SUHOSIN7_G(max_post_totalname_length) < total_len) {
519 suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var); 519 suhosin_log(S_VARS, "configured POST variable total name length limit exceeded - dropped variable '%s'", var);
520 if (!SUHOSIN_G(simulation)) { 520 if (!SUHOSIN7_G(simulation)) {
521 return 0; 521 return 0;
522 } 522 }
523 } 523 }
@@ -543,33 +543,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
543 index_length = index_end - index; 543 index_length = index_end - index;
544 544
545 /* max. array index length */ 545 /* max. array index length */
546 if (SUHOSIN_G(max_array_index_length) && SUHOSIN_G(max_array_index_length) < index_length) { 546 if (SUHOSIN7_G(max_array_index_length) && SUHOSIN7_G(max_array_index_length) < index_length) {
547 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var); 547 suhosin_log(S_VARS, "configured request variable array index length limit exceeded - dropped variable '%s'", var);
548 if (!SUHOSIN_G(simulation)) { 548 if (!SUHOSIN7_G(simulation)) {
549 return 0; 549 return 0;
550 } 550 }
551 } 551 }
552 switch (arg) { 552 switch (arg) {
553 case PARSE_GET: 553 case PARSE_GET:
554 if (SUHOSIN_G(max_get_array_index_length) && SUHOSIN_G(max_get_array_index_length) < index_length) { 554 if (SUHOSIN7_G(max_get_array_index_length) && SUHOSIN7_G(max_get_array_index_length) < index_length) {
555 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var); 555 suhosin_log(S_VARS, "configured GET variable array index length limit exceeded - dropped variable '%s'", var);
556 if (!SUHOSIN_G(simulation)) { 556 if (!SUHOSIN7_G(simulation)) {
557 return 0; 557 return 0;
558 } 558 }
559 } 559 }
560 break; 560 break;
561 case PARSE_COOKIE: 561 case PARSE_COOKIE:
562 if (SUHOSIN_G(max_cookie_array_index_length) && SUHOSIN_G(max_cookie_array_index_length) < index_length) { 562 if (SUHOSIN7_G(max_cookie_array_index_length) && SUHOSIN7_G(max_cookie_array_index_length) < index_length) {
563 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var); 563 suhosin_log(S_VARS, "configured COOKIE variable array index length limit exceeded - dropped variable '%s'", var);
564 if (!SUHOSIN_G(simulation)) { 564 if (!SUHOSIN7_G(simulation)) {
565 return 0; 565 return 0;
566 } 566 }
567 } 567 }
568 break; 568 break;
569 case PARSE_POST: 569 case PARSE_POST:
570 if (SUHOSIN_G(max_post_array_index_length) && SUHOSIN_G(max_post_array_index_length) < index_length) { 570 if (SUHOSIN7_G(max_post_array_index_length) && SUHOSIN7_G(max_post_array_index_length) < index_length) {
571 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var); 571 suhosin_log(S_VARS, "configured POST variable array index length limit exceeded - dropped variable '%s'", var);
572 if (!SUHOSIN_G(simulation)) { 572 if (!SUHOSIN7_G(simulation)) {
573 return 0; 573 return 0;
574 } 574 }
575 } 575 }
@@ -577,17 +577,17 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
577 } 577 }
578 578
579 /* index whitelist/blacklist */ 579 /* index whitelist/blacklist */
580 if (SUHOSIN_G(array_index_whitelist) && *(SUHOSIN_G(array_index_whitelist))) { 580 if (SUHOSIN7_G(array_index_whitelist) && *(SUHOSIN7_G(array_index_whitelist))) {
581 if (suhosin_strnspn(index, index_length, SUHOSIN_G(array_index_whitelist)) != index_length) { 581 if (suhosin_strnspn(index, index_length, SUHOSIN7_G(array_index_whitelist)) != index_length) {
582 suhosin_log(S_VARS, "array index contains not whitelisted characters - dropped variable '%s'", var); 582 suhosin_log(S_VARS, "array index contains not whitelisted characters - dropped variable '%s'", var);
583 if (!SUHOSIN_G(simulation)) { 583 if (!SUHOSIN7_G(simulation)) {
584 return 0; 584 return 0;
585 } 585 }
586 } 586 }
587 } else if (SUHOSIN_G(array_index_blacklist) && *(SUHOSIN_G(array_index_blacklist))) { 587 } else if (SUHOSIN7_G(array_index_blacklist) && *(SUHOSIN7_G(array_index_blacklist))) {
588 if (suhosin_strncspn(index, index_length, SUHOSIN_G(array_index_blacklist)) != index_length) { 588 if (suhosin_strncspn(index, index_length, SUHOSIN7_G(array_index_blacklist)) != index_length) {
589 suhosin_log(S_VARS, "array index contains blacklisted characters - dropped variable '%s'", var); 589 suhosin_log(S_VARS, "array index contains blacklisted characters - dropped variable '%s'", var);
590 if (!SUHOSIN_G(simulation)) { 590 if (!SUHOSIN7_G(simulation)) {
591 return 0; 591 return 0;
592 } 592 }
593 } 593 }
@@ -597,33 +597,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
597 } 597 }
598 598
599 /* Drop this variable if it exceeds the array depth limit */ 599 /* Drop this variable if it exceeds the array depth limit */
600 if (SUHOSIN_G(max_array_depth) && SUHOSIN_G(max_array_depth) < depth) { 600 if (SUHOSIN7_G(max_array_depth) && SUHOSIN7_G(max_array_depth) < depth) {
601 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var); 601 suhosin_log(S_VARS, "configured request variable array depth limit exceeded - dropped variable '%s'", var);
602 if (!SUHOSIN_G(simulation)) { 602 if (!SUHOSIN7_G(simulation)) {
603 return 0; 603 return 0;
604 } 604 }
605 } 605 }
606 switch (arg) { 606 switch (arg) {
607 case PARSE_GET: 607 case PARSE_GET:
608 if (SUHOSIN_G(max_get_array_depth) && SUHOSIN_G(max_get_array_depth) < depth) { 608 if (SUHOSIN7_G(max_get_array_depth) && SUHOSIN7_G(max_get_array_depth) < depth) {
609 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var); 609 suhosin_log(S_VARS, "configured GET variable array depth limit exceeded - dropped variable '%s'", var);
610 if (!SUHOSIN_G(simulation)) { 610 if (!SUHOSIN7_G(simulation)) {
611 return 0; 611 return 0;
612 } 612 }
613 } 613 }
614 break; 614 break;
615 case PARSE_COOKIE: 615 case PARSE_COOKIE:
616 if (SUHOSIN_G(max_cookie_array_depth) && SUHOSIN_G(max_cookie_array_depth) < depth) { 616 if (SUHOSIN7_G(max_cookie_array_depth) && SUHOSIN7_G(max_cookie_array_depth) < depth) {
617 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var); 617 suhosin_log(S_VARS, "configured COOKIE variable array depth limit exceeded - dropped variable '%s'", var);
618 if (!SUHOSIN_G(simulation)) { 618 if (!SUHOSIN7_G(simulation)) {
619 return 0; 619 return 0;
620 } 620 }
621 } 621 }
622 break; 622 break;
623 case PARSE_POST: 623 case PARSE_POST:
624 if (SUHOSIN_G(max_post_array_depth) && SUHOSIN_G(max_post_array_depth) < depth) { 624 if (SUHOSIN7_G(max_post_array_depth) && SUHOSIN7_G(max_post_array_depth) < depth) {
625 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var); 625 suhosin_log(S_VARS, "configured POST variable array depth limit exceeded - dropped variable '%s'", var);
626 if (!SUHOSIN_G(simulation)) { 626 if (!SUHOSIN7_G(simulation)) {
627 return 0; 627 return 0;
628 } 628 }
629 } 629 }
@@ -634,33 +634,33 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
634 634
635 if (val && *val && val_len != strnlen(*val, val_len)) { 635 if (val && *val && val_len != strnlen(*val, val_len)) {
636 636
637 if (SUHOSIN_G(disallow_nul)) { 637 if (SUHOSIN7_G(disallow_nul)) {
638 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var); 638 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within request variables - dropped variable '%s'", var);
639 if (!SUHOSIN_G(simulation)) { 639 if (!SUHOSIN7_G(simulation)) {
640 return 0; 640 return 0;
641 } 641 }
642 } 642 }
643 switch (arg) { 643 switch (arg) {
644 case PARSE_GET: 644 case PARSE_GET:
645 if (SUHOSIN_G(disallow_get_nul)) { 645 if (SUHOSIN7_G(disallow_get_nul)) {
646 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var); 646 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within GET variables - dropped variable '%s'", var);
647 if (!SUHOSIN_G(simulation)) { 647 if (!SUHOSIN7_G(simulation)) {
648 return 0; 648 return 0;
649 } 649 }
650 } 650 }
651 break; 651 break;
652 case PARSE_COOKIE: 652 case PARSE_COOKIE:
653 if (SUHOSIN_G(disallow_cookie_nul)) { 653 if (SUHOSIN7_G(disallow_cookie_nul)) {
654 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var); 654 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within COOKIE variables - dropped variable '%s'", var);
655 if (!SUHOSIN_G(simulation)) { 655 if (!SUHOSIN7_G(simulation)) {
656 return 0; 656 return 0;
657 } 657 }
658 } 658 }
659 break; 659 break;
660 case PARSE_POST: 660 case PARSE_POST:
661 if (SUHOSIN_G(disallow_post_nul)) { 661 if (SUHOSIN7_G(disallow_post_nul)) {
662 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var); 662 suhosin_log(S_VARS, "ASCII-NUL chars not allowed within POST variables - dropped variable '%s'", var);
663 if (!SUHOSIN_G(simulation)) { 663 if (!SUHOSIN7_G(simulation)) {
664 return 0; 664 return 0;
665 } 665 }
666 } 666 }
@@ -672,22 +672,22 @@ unsigned int suhosin_input_filter(int arg, char *var, char **val, size_t val_len
672 /* This is to protect several silly scripts that do globalizing themself */ 672 /* This is to protect several silly scripts that do globalizing themself */
673 if (suhosin_is_protected_varname(var, var_len)) { 673 if (suhosin_is_protected_varname(var, var_len)) {
674 suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE"); 674 suhosin_log(S_VARS, "tried to register forbidden variable '%s' through %s variables", var, arg == PARSE_GET ? "GET" : arg == PARSE_POST ? "POST" : "COOKIE");
675 if (!SUHOSIN_G(simulation)) { 675 if (!SUHOSIN7_G(simulation)) {
676 return 0; 676 return 0;
677 } 677 }
678 } 678 }
679 679
680 /* Okay let PHP register this variable */ 680 /* Okay let PHP register this variable */
681 SUHOSIN_G(cur_request_variables)++; 681 SUHOSIN7_G(cur_request_variables)++;
682 switch (arg) { 682 switch (arg) {
683 case PARSE_GET: 683 case PARSE_GET:
684 SUHOSIN_G(cur_get_vars)++; 684 SUHOSIN7_G(cur_get_vars)++;
685 break; 685 break;
686 case PARSE_COOKIE: 686 case PARSE_COOKIE:
687 SUHOSIN_G(cur_cookie_vars)++; 687 SUHOSIN7_G(cur_cookie_vars)++;
688 break; 688 break;
689 case PARSE_POST: 689 case PARSE_POST:
690 SUHOSIN_G(cur_post_vars)++; 690 SUHOSIN7_G(cur_post_vars)++;
691 break; 691 break;
692 } 692 }
693 693