diff options
| author | Ben Fuhrmannek | 2022-01-11 19:46:47 +0100 |
|---|---|---|
| committer | Ben Fuhrmannek | 2022-01-11 19:47:40 +0100 |
| commit | 2ed170be25a3a0dfe74c6520baf40ada89797ff7 (patch) | |
| tree | 00de2dc7a6164b7f7f14b441caf24e96dc38ff15 | |
| parent | 62433175a6f7d31772942f1f49971c7085b83ab5 (diff) | |
made xml a runtime requirement instead of compile time
| -rw-r--r-- | src/sp_disable_xxe.c | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/src/sp_disable_xxe.c b/src/sp_disable_xxe.c index b6030c6..44e60ab 100644 --- a/src/sp_disable_xxe.c +++ b/src/sp_disable_xxe.c | |||
| @@ -1,23 +1,22 @@ | |||
| 1 | #include "php_snuffleupagus.h" | 1 | #include "php_snuffleupagus.h" |
| 2 | 2 | ||
| 3 | #ifdef HAVE_XML | ||
| 4 | |||
| 5 | PHP_FUNCTION(sp_libxml_disable_entity_loader) { | 3 | PHP_FUNCTION(sp_libxml_disable_entity_loader) { |
| 6 | sp_log_warn("xxe", | 4 | sp_log_warn("xxe", "A call to libxml_disable_entity_loader was tried and nopped"); |
| 7 | "A call to libxml_disable_entity_loader was tried and nopped"); | ||
| 8 | RETURN_TRUE; | 5 | RETURN_TRUE; |
| 9 | } | 6 | } |
| 10 | 7 | ||
| 11 | PHP_FUNCTION(sp_libxml_set_external_entity_loader) { | 8 | PHP_FUNCTION(sp_libxml_set_external_entity_loader) { |
| 12 | sp_log_warn( | 9 | sp_log_warn("xxe", "A call to libxml_set_external_entity_loader was tried and nopped"); |
| 13 | "xxe", | ||
| 14 | "A call to libxml_set_external_entity_loader was tried and nopped"); | ||
| 15 | RETURN_TRUE; | 10 | RETURN_TRUE; |
| 16 | } | 11 | } |
| 17 | 12 | ||
| 18 | int hook_libxml_disable_entity_loader() { | 13 | int hook_libxml_disable_entity_loader() { |
| 19 | TSRMLS_FETCH(); | 14 | TSRMLS_FETCH(); |
| 20 | 15 | ||
| 16 | if (!zend_hash_str_find_ptr(&module_registry, ZEND_STRL("xml"))) { | ||
| 17 | sp_log_warn("xxe", "Cannot enable XXE protection. XML support is disabled in PHP."); | ||
| 18 | } | ||
| 19 | |||
| 21 | zval func_name; | 20 | zval func_name; |
| 22 | zval retval; | 21 | zval retval; |
| 23 | zval params[1] = {0}; | 22 | zval params[1] = {0}; |
| @@ -34,15 +33,8 @@ int hook_libxml_disable_entity_loader() { | |||
| 34 | ZVAL_NULL(¶ms[0]); | 33 | ZVAL_NULL(¶ms[0]); |
| 35 | call_user_function(CG(function_table), NULL, &func_name, &retval, 1, params); | 34 | call_user_function(CG(function_table), NULL, &func_name, &retval, 1, params); |
| 36 | 35 | ||
| 37 | HOOK_FUNCTION("libxml_disable_entity_loader", sp_internal_functions_hook, | 36 | HOOK_FUNCTION("libxml_disable_entity_loader", sp_internal_functions_hook, PHP_FN(sp_libxml_disable_entity_loader)); |
| 38 | PHP_FN(sp_libxml_disable_entity_loader)); | 37 | HOOK_FUNCTION("libxml_set_external_entity_loader", sp_internal_functions_hook, PHP_FN(sp_libxml_set_external_entity_loader)); |
| 39 | HOOK_FUNCTION("libxml_set_external_entity_loader", sp_internal_functions_hook, | ||
| 40 | PHP_FN(sp_libxml_set_external_entity_loader)); | ||
| 41 | 38 | ||
| 42 | return SUCCESS; | 39 | return SUCCESS; |
| 43 | } | 40 | } |
| 44 | #else | ||
| 45 | int hook_libxml_disable_entity_loader() { | ||
| 46 | sp_log_warn("xxe", "Cannot enable XXE protection. XML support is disabled in PHP."); | ||
| 47 | } | ||
| 48 | #endif \ No newline at end of file | ||