diff options
| author | jvoisin | 2018-10-06 16:15:00 +0000 |
|---|---|---|
| committer | GitHub | 2018-10-06 16:15:00 +0000 |
| commit | aa550b9abadc109a2c89a7cd6dd047ac2a953027 (patch) | |
| tree | 1892e9ce8f833f3f13278cd424368fe1b5e26d91 /src/sp_crypt.c | |
| parent | 228fadf307b167a22ad6ec760f3b2ee2e9f2fee3 (diff) | |
Bump a bit the coverage
* `setcookie` doesn't always return `true` anymore
* clang-format
* Cookies with invalid decryption are dropped, but the request isn't anymore
* faulty unserialize are now dumpable
Diffstat (limited to 'src/sp_crypt.c')
| -rw-r--r-- | src/sp_crypt.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/sp_crypt.c b/src/sp_crypt.c index 96a0cc0..b6eaa59 100644 --- a/src/sp_crypt.c +++ b/src/sp_crypt.c | |||
| @@ -27,11 +27,10 @@ void generate_key(unsigned char *key) { | |||
| 27 | if (env_var) { | 27 | if (env_var) { |
| 28 | PHP_SHA256Update(&ctx, (unsigned char *)env_var, strlen(env_var)); | 28 | PHP_SHA256Update(&ctx, (unsigned char *)env_var, strlen(env_var)); |
| 29 | } else { | 29 | } else { |
| 30 | sp_log_warn( | 30 | sp_log_warn("cookie_encryption", |
| 31 | "cookie_encryption", | 31 | "The environment variable '%s' " |
| 32 | "The environment variable '%s' " | 32 | "is empty, cookies are weakly encrypted", |
| 33 | "is empty, cookies are weakly encrypted", | 33 | ZSTR_VAL(env_var_zend)); |
| 34 | ZSTR_VAL(env_var_zend)); | ||
| 35 | } | 34 | } |
| 36 | 35 | ||
| 37 | if (encryption_key) { | 36 | if (encryption_key) { |
| @@ -61,14 +60,16 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) { | |||
| 61 | hash_key ? ZSTR_VAL(hash_key->key) : "the session"); | 60 | hash_key ? ZSTR_VAL(hash_key->key) : "the session"); |
| 62 | return ZEND_HASH_APPLY_KEEP; | 61 | return ZEND_HASH_APPLY_KEEP; |
| 63 | } else { | 62 | } else { |
| 63 | // LCOV_EXCL_START | ||
| 64 | sp_log_msg( | 64 | sp_log_msg( |
| 65 | "cookie_encryption", SP_LOG_DROP, | 65 | "cookie_encryption", SP_LOG_DROP, |
| 66 | "Buffer underflow tentative detected in cookie encryption handling"); | 66 | "Buffer underflow tentative detected in cookie encryption handling"); |
| 67 | return ZEND_HASH_APPLY_REMOVE; | 67 | return ZEND_HASH_APPLY_REMOVE; |
| 68 | // LCOV_EXCL_STOP | ||
| 68 | } | 69 | } |
| 69 | } | 70 | } |
| 70 | 71 | ||
| 71 | // LCOV_EXCL_START | 72 | // LCOV_EXCL_START |
| 72 | if (ZSTR_LEN(debase64) + (size_t)crypto_secretbox_ZEROBYTES < | 73 | if (ZSTR_LEN(debase64) + (size_t)crypto_secretbox_ZEROBYTES < |
| 73 | ZSTR_LEN(debase64)) { | 74 | ZSTR_LEN(debase64)) { |
| 74 | if (true == simulation) { | 75 | if (true == simulation) { |
| @@ -85,7 +86,7 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) { | |||
| 85 | return ZEND_HASH_APPLY_REMOVE; | 86 | return ZEND_HASH_APPLY_REMOVE; |
| 86 | } | 87 | } |
| 87 | } | 88 | } |
| 88 | // LCOV_EXCL_END | 89 | // LCOV_EXCL_STOP |
| 89 | 90 | ||
| 90 | generate_key(key); | 91 | generate_key(key); |
| 91 | 92 | ||
| @@ -106,7 +107,7 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) { | |||
| 106 | hash_key ? ZSTR_VAL(hash_key->key) : "the session"); | 107 | hash_key ? ZSTR_VAL(hash_key->key) : "the session"); |
| 107 | return ZEND_HASH_APPLY_KEEP; | 108 | return ZEND_HASH_APPLY_KEEP; |
| 108 | } else { | 109 | } else { |
| 109 | sp_log_msg("cookie_encryption", SP_LOG_DROP, | 110 | sp_log_msg("cookie_encryption", SP_LOG_WARN, |
| 110 | "Something went wrong with the decryption of %s", | 111 | "Something went wrong with the decryption of %s", |
| 111 | hash_key ? ZSTR_VAL(hash_key->key) : "the session"); | 112 | hash_key ? ZSTR_VAL(hash_key->key) : "the session"); |
| 112 | return ZEND_HASH_APPLY_REMOVE; | 113 | return ZEND_HASH_APPLY_REMOVE; |