diff options
| author | xXx-caillou-xXx | 2018-08-27 13:56:44 +0200 |
|---|---|---|
| committer | jvoisin | 2018-08-27 11:56:44 +0000 |
| commit | 096e7faa6a5e21e5416a7c8c484e27acd4636a66 (patch) | |
| tree | 3dd11a05c4406280238459be917b8f47d22400f7 /src/snuffleupagus.c | |
| parent | 6abdd9abca50c92390b94fbebb3e7065d5d532da (diff) | |
Add whitelist support for php's wrappers
Diffstat (limited to 'src/snuffleupagus.c')
| -rw-r--r-- | src/snuffleupagus.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index ff0c6c3..1a92f11 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c | |||
| @@ -95,6 +95,7 @@ PHP_GINIT_FUNCTION(snuffleupagus) { | |||
| 95 | SP_INIT(snuffleupagus_globals->config.config_cookie); | 95 | SP_INIT(snuffleupagus_globals->config.config_cookie); |
| 96 | SP_INIT(snuffleupagus_globals->config.config_session); | 96 | SP_INIT(snuffleupagus_globals->config.config_session); |
| 97 | SP_INIT(snuffleupagus_globals->config.config_eval); | 97 | SP_INIT(snuffleupagus_globals->config.config_eval); |
| 98 | SP_INIT(snuffleupagus_globals->config.config_wrapper); | ||
| 98 | 99 | ||
| 99 | snuffleupagus_globals->config.config_disabled_functions_reg | 100 | snuffleupagus_globals->config.config_disabled_functions_reg |
| 100 | ->disabled_functions = NULL; | 101 | ->disabled_functions = NULL; |
| @@ -103,6 +104,7 @@ PHP_GINIT_FUNCTION(snuffleupagus) { | |||
| 103 | snuffleupagus_globals->config.config_cookie->cookies = NULL; | 104 | snuffleupagus_globals->config.config_cookie->cookies = NULL; |
| 104 | snuffleupagus_globals->config.config_eval->blacklist = NULL; | 105 | snuffleupagus_globals->config.config_eval->blacklist = NULL; |
| 105 | snuffleupagus_globals->config.config_eval->whitelist = NULL; | 106 | snuffleupagus_globals->config.config_eval->whitelist = NULL; |
| 107 | snuffleupagus_globals->config.config_wrapper->whitelist = NULL; | ||
| 106 | 108 | ||
| 107 | #undef SP_INIT | 109 | #undef SP_INIT |
| 108 | #undef SP_INIT_HT | 110 | #undef SP_INIT_HT |
| @@ -160,12 +162,14 @@ PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { | |||
| 160 | sp_list_free(SNUFFLEUPAGUS_G(config).config_cookie->cookies); | 162 | sp_list_free(SNUFFLEUPAGUS_G(config).config_cookie->cookies); |
| 161 | sp_list_free(SNUFFLEUPAGUS_G(config).config_eval->blacklist); | 163 | sp_list_free(SNUFFLEUPAGUS_G(config).config_eval->blacklist); |
| 162 | sp_list_free(SNUFFLEUPAGUS_G(config).config_eval->whitelist); | 164 | sp_list_free(SNUFFLEUPAGUS_G(config).config_eval->whitelist); |
| 165 | sp_list_free(SNUFFLEUPAGUS_G(config).config_wrapper->whitelist); | ||
| 163 | 166 | ||
| 164 | #undef FREE_LST_DISABLE | 167 | #undef FREE_LST_DISABLE |
| 165 | 168 | ||
| 166 | pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions_reg), 1); | 169 | pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions_reg), 1); |
| 167 | pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions_reg_ret), 1); | 170 | pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions_reg_ret), 1); |
| 168 | pefree(SNUFFLEUPAGUS_G(config.config_cookie), 1); | 171 | pefree(SNUFFLEUPAGUS_G(config.config_cookie), 1); |
| 172 | pefree(SNUFFLEUPAGUS_G(config.config_wrapper), 1); | ||
| 169 | 173 | ||
| 170 | UNREGISTER_INI_ENTRIES(); | 174 | UNREGISTER_INI_ENTRIES(); |
| 171 | 175 | ||
| @@ -176,6 +180,14 @@ PHP_RINIT_FUNCTION(snuffleupagus) { | |||
| 176 | #if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS) | 180 | #if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS) |
| 177 | ZEND_TSRMLS_CACHE_UPDATE(); | 181 | ZEND_TSRMLS_CACHE_UPDATE(); |
| 178 | #endif | 182 | #endif |
| 183 | |||
| 184 | // We need to disable wrappers loaded by extensions loaded after SNUFFLEUPAGUS. | ||
| 185 | if (SNUFFLEUPAGUS_G(config).config_wrapper->enabled && | ||
| 186 | zend_hash_num_elements(php_stream_get_url_stream_wrappers_hash()) != | ||
| 187 | SNUFFLEUPAGUS_G(config).config_wrapper->num_wrapper) { | ||
| 188 | sp_disable_wrapper(); | ||
| 189 | } | ||
| 190 | |||
| 179 | if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) { | 191 | if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) { |
| 180 | if (NULL != SNUFFLEUPAGUS_G(config).config_cookie->cookies) { | 192 | if (NULL != SNUFFLEUPAGUS_G(config).config_cookie->cookies) { |
| 181 | zend_hash_apply_with_arguments( | 193 | zend_hash_apply_with_arguments( |
| @@ -243,6 +255,9 @@ static PHP_INI_MH(OnUpdateConfiguration) { | |||
| 243 | if (SNUFFLEUPAGUS_G(config).config_disable_xxe->enable == 0) { | 255 | if (SNUFFLEUPAGUS_G(config).config_disable_xxe->enable == 0) { |
| 244 | hook_libxml_disable_entity_loader(); | 256 | hook_libxml_disable_entity_loader(); |
| 245 | } | 257 | } |
| 258 | if (SNUFFLEUPAGUS_G(config).config_wrapper->enabled) { | ||
| 259 | hook_stream_wrappers(); | ||
| 260 | } | ||
| 246 | hook_disabled_functions(); | 261 | hook_disabled_functions(); |
| 247 | hook_execute(); | 262 | hook_execute(); |
| 248 | 263 | ||