diff options
| author | Ben Fuhrmannek | 2021-08-06 20:23:52 +0200 |
|---|---|---|
| committer | Ben Fuhrmannek | 2021-08-06 20:23:52 +0200 |
| commit | 2392c46836ceea520fa2a45369c8d638aadb943c (patch) | |
| tree | fe4b5eb10a49b2b45c4d7bc24de54fd3888c168e /src/snuffleupagus.c | |
| parent | 260f17f112e2d081783c6dc102f81666ac2435d9 (diff) | |
implemented ini settings protection
Diffstat (limited to 'src/snuffleupagus.c')
| -rw-r--r-- | src/snuffleupagus.c | 46 |
1 files changed, 34 insertions, 12 deletions
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index 8c7ecbf..2ee94a1 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c | |||
| @@ -81,18 +81,6 @@ static PHP_GINIT_FUNCTION(snuffleupagus) { | |||
| 81 | snuffleupagus_globals->is_config_valid = SP_CONFIG_NONE; | 81 | snuffleupagus_globals->is_config_valid = SP_CONFIG_NONE; |
| 82 | snuffleupagus_globals->in_eval = 0; | 82 | snuffleupagus_globals->in_eval = 0; |
| 83 | 83 | ||
| 84 | #define SP_INIT_HT(F) \ | ||
| 85 | snuffleupagus_globals->F = pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \ | ||
| 86 | zend_hash_init(snuffleupagus_globals->F, 10, NULL, NULL, 1); | ||
| 87 | SP_INIT_HT(disabled_functions_hook); | ||
| 88 | SP_INIT_HT(sp_internal_functions_hook); | ||
| 89 | SP_INIT_HT(sp_eval_blacklist_functions_hook); | ||
| 90 | SP_INIT_HT(config.config_disabled_functions); | ||
| 91 | SP_INIT_HT(config.config_disabled_functions_hooked); | ||
| 92 | SP_INIT_HT(config.config_disabled_functions_ret); | ||
| 93 | SP_INIT_HT(config.config_disabled_functions_ret_hooked); | ||
| 94 | #undef SP_INIT_HT | ||
| 95 | |||
| 96 | #define SP_INIT(F) \ | 84 | #define SP_INIT(F) \ |
| 97 | snuffleupagus_globals->config.F = \ | 85 | snuffleupagus_globals->config.F = \ |
| 98 | pecalloc(sizeof(*(snuffleupagus_globals->config.F)), 1, 1); | 86 | pecalloc(sizeof(*(snuffleupagus_globals->config.F)), 1, 1); |
| @@ -109,10 +97,24 @@ static PHP_GINIT_FUNCTION(snuffleupagus) { | |||
| 109 | SP_INIT(config_eval); | 97 | SP_INIT(config_eval); |
| 110 | SP_INIT(config_wrapper); | 98 | SP_INIT(config_wrapper); |
| 111 | SP_INIT(config_session); | 99 | SP_INIT(config_session); |
| 100 | SP_INIT(config_ini); | ||
| 112 | SP_INIT(config_disabled_functions_reg); | 101 | SP_INIT(config_disabled_functions_reg); |
| 113 | SP_INIT(config_disabled_functions_reg_ret); | 102 | SP_INIT(config_disabled_functions_reg_ret); |
| 114 | #undef SP_INIT | 103 | #undef SP_INIT |
| 115 | 104 | ||
| 105 | #define SP_INIT_HT(F) \ | ||
| 106 | snuffleupagus_globals->F = pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \ | ||
| 107 | zend_hash_init(snuffleupagus_globals->F, 10, NULL, NULL, 1); | ||
| 108 | SP_INIT_HT(disabled_functions_hook); | ||
| 109 | SP_INIT_HT(sp_internal_functions_hook); | ||
| 110 | SP_INIT_HT(sp_eval_blacklist_functions_hook); | ||
| 111 | SP_INIT_HT(config.config_disabled_functions); | ||
| 112 | SP_INIT_HT(config.config_disabled_functions_hooked); | ||
| 113 | SP_INIT_HT(config.config_disabled_functions_ret); | ||
| 114 | SP_INIT_HT(config.config_disabled_functions_ret_hooked); | ||
| 115 | SP_INIT_HT(config.config_ini->entries); | ||
| 116 | #undef SP_INIT_HT | ||
| 117 | |||
| 116 | #define SP_INIT_NULL(F) snuffleupagus_globals->config.F = NULL; | 118 | #define SP_INIT_NULL(F) snuffleupagus_globals->config.F = NULL; |
| 117 | SP_INIT_NULL(config_disabled_functions_reg->disabled_functions); | 119 | SP_INIT_NULL(config_disabled_functions_reg->disabled_functions); |
| 118 | SP_INIT_NULL(config_disabled_functions_reg_ret->disabled_functions); | 120 | SP_INIT_NULL(config_disabled_functions_reg_ret->disabled_functions); |
| @@ -131,6 +133,11 @@ PHP_MINIT_FUNCTION(snuffleupagus) { | |||
| 131 | } | 133 | } |
| 132 | 134 | ||
| 133 | PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { | 135 | PHP_MSHUTDOWN_FUNCTION(snuffleupagus) { |
| 136 | sp_log_debug("(MSHUTDOWN)"); | ||
| 137 | unhook_functions(SNUFFLEUPAGUS_G(sp_internal_functions_hook)); | ||
| 138 | unhook_functions(SNUFFLEUPAGUS_G(disabled_functions_hook)); | ||
| 139 | unhook_functions(SNUFFLEUPAGUS_G(sp_eval_blacklist_functions_hook)); | ||
| 140 | if (SNUFFLEUPAGUS_G(config).config_ini->enable) { sp_unhook_ini(); } | ||
| 134 | UNREGISTER_INI_ENTRIES(); | 141 | UNREGISTER_INI_ENTRIES(); |
| 135 | 142 | ||
| 136 | return SUCCESS; | 143 | return SUCCESS; |
| @@ -142,6 +149,12 @@ static inline void free_disabled_functions_hashtable(HashTable *const ht) { | |||
| 142 | ZEND_HASH_FOREACH_END(); | 149 | ZEND_HASH_FOREACH_END(); |
| 143 | } | 150 | } |
| 144 | 151 | ||
| 152 | static inline void free_config_ini_entries(HashTable *const ht) { | ||
| 153 | void *ptr = NULL; | ||
| 154 | ZEND_HASH_FOREACH_PTR(ht, ptr) { sp_free_ini_entry(ptr); pefree(ptr, 1); } | ||
| 155 | ZEND_HASH_FOREACH_END(); | ||
| 156 | } | ||
| 157 | |||
| 145 | static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) { | 158 | static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) { |
| 146 | sp_log_debug("(GSHUTDOWN)"); | 159 | sp_log_debug("(GSHUTDOWN)"); |
| 147 | #define FREE_HT(F) \ | 160 | #define FREE_HT(F) \ |
| @@ -158,6 +171,9 @@ static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) { | |||
| 158 | FREE_HT_LIST(config_disabled_functions_ret); | 171 | FREE_HT_LIST(config_disabled_functions_ret); |
| 159 | FREE_HT_LIST(config_disabled_functions_ret_hooked); | 172 | FREE_HT_LIST(config_disabled_functions_ret_hooked); |
| 160 | #undef FREE_HT_LIST | 173 | #undef FREE_HT_LIST |
| 174 | |||
| 175 | free_config_ini_entries(snuffleupagus_globals->config.config_ini->entries); | ||
| 176 | FREE_HT(config.config_ini->entries); | ||
| 161 | #undef FREE_HT | 177 | #undef FREE_HT |
| 162 | 178 | ||
| 163 | #define FREE_LST_DISABLE(L) \ | 179 | #define FREE_LST_DISABLE(L) \ |
| @@ -174,6 +190,7 @@ static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) { | |||
| 174 | FREE_LST(config_wrapper->whitelist); | 190 | FREE_LST(config_wrapper->whitelist); |
| 175 | #undef FREE_LST | 191 | #undef FREE_LST |
| 176 | 192 | ||
| 193 | |||
| 177 | #define FREE_CFG(C) pefree(snuffleupagus_globals->config.C, 1); | 194 | #define FREE_CFG(C) pefree(snuffleupagus_globals->config.C, 1); |
| 178 | #define FREE_CFG_ZSTR(C) sp_free_zstr(snuffleupagus_globals->config.C); | 195 | #define FREE_CFG_ZSTR(C) sp_free_zstr(snuffleupagus_globals->config.C); |
| 179 | FREE_CFG(config_random); | 196 | FREE_CFG(config_random); |
| @@ -194,6 +211,7 @@ static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) { | |||
| 194 | FREE_CFG(config_eval); | 211 | FREE_CFG(config_eval); |
| 195 | FREE_CFG(config_wrapper); | 212 | FREE_CFG(config_wrapper); |
| 196 | FREE_CFG(config_session); | 213 | FREE_CFG(config_session); |
| 214 | FREE_CFG(config_ini); | ||
| 197 | FREE_CFG(config_disabled_functions_reg); | 215 | FREE_CFG(config_disabled_functions_reg); |
| 198 | FREE_CFG(config_disabled_functions_reg_ret); | 216 | FREE_CFG(config_disabled_functions_reg_ret); |
| 199 | #undef FREE_CFG | 217 | #undef FREE_CFG |
| @@ -332,6 +350,10 @@ static PHP_INI_MH(OnUpdateConfiguration) { | |||
| 332 | hook_execute(); | 350 | hook_execute(); |
| 333 | hook_cookies(); | 351 | hook_cookies(); |
| 334 | 352 | ||
| 353 | if (SNUFFLEUPAGUS_G(config).config_ini->enable) { | ||
| 354 | sp_hook_ini(); | ||
| 355 | } | ||
| 356 | |||
| 335 | if (true == SNUFFLEUPAGUS_G(config).config_global_strict->enable) { | 357 | if (true == SNUFFLEUPAGUS_G(config).config_global_strict->enable) { |
| 336 | if (!zend_get_extension(PHP_SNUFFLEUPAGUS_EXTNAME)) { | 358 | if (!zend_get_extension(PHP_SNUFFLEUPAGUS_EXTNAME)) { |
| 337 | zend_extension_entry.startup = NULL; | 359 | zend_extension_entry.startup = NULL; |