The filename filter is now matching on callsite instead of implemsite (#167)

* Add match on the file where the function is called * Add the test * Constify some params * Fix potentiel null deref * Return more before if execute_data is NULL
author: kkadosh 2018-03-19 16:39:47 +0000
committer: blotus 2018-03-19 17:39:47 +0100
commit: 39929ce509361ee72746a9b971bdc531fbf0b843 (patch)
tree: c3455c4e4428d3b613e926b28619396960a2713e /src/sp_disabled_functions.c
parent: 3659eb1542270d25c36fb3f38600e85cb8b6a22b (diff)
1 files changed, 50 insertions, 9 deletions
diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c
index 0e05f4e..eeee007 100644
--- a/src/sp_disabled_functions.c
+++ b/src/sp_disabled_functions.c
@@ -213,12 +213,53 @@ static bool is_param_matching(zend_execute_data* execute_data,
  return false;
 }
+static zend_execute_data* is_file_matching(
+    zend_execute_data* const execute_data,
+    sp_disabled_function const* const config_node,
+    char const* const current_filename) {
+#define ITERATE(ex)                                            \
+  ex = ex->prev_execute_data;                                  \
+  while (ex && (!ex->func || !ZEND_USER_CODE(ex->func->type))) \
+    ex = ex->prev_execute_data;                                \
+  if (!ex) return NULL;
+  zend_execute_data* ex = execute_data;
+  if (config_node->filename) {
+    if (0 == strcmp(current_filename, config_node->filename)) {
+      return ex;
+    }
+    ITERATE(ex);
+    if (0 ==
+        strcmp(ZSTR_VAL(ex->func->op_array.filename), config_node->filename)) {
+      return ex;
+    }
+  } else if (config_node->r_filename) {
+    if (true ==
+        sp_is_regexp_matching(config_node->r_filename, current_filename)) {
+      return ex;
+    }
+    ITERATE(ex);
+    if (true == sp_is_regexp_matching(config_node->r_filename,
+                                      ZSTR_VAL(ex->func->op_array.filename))) {
+      return ex;
+    }
+  }
+  return NULL;
+#undef ITERATE
+}
 bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
                    const char* builtin_param, const char* builtin_param_name) {
  char current_file_hash[SHA256_SIZE * 2 + 1] = {0};
  const sp_list_node* config = get_config_node(builtin_name);
  char* complete_path_function = NULL;
  const char* current_filename = NULL;
+  unsigned int line = 0;
+  char* filename = NULL;
+  if (!execute_data) {
+    return false;
+  }
  if (!config || !config->data) {
    return false;
@@ -269,14 +310,14 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
      }
    }
-    if (config_node->filename) { /* Check the current file name. */
+    if (config_node->filename || config_node->r_filename) {
-      if (0 != strcmp(current_filename, config_node->filename)) {
+      zend_execute_data* ex =
-        goto next;
+          is_file_matching(execute_data, config_node, current_filename);
-      }
+      if (!ex) {
-    } else if (config_node->r_filename) {
-      if (false ==
-          sp_is_regexp_matching(config_node->r_filename, current_filename)) {
        goto next;
+      } else if (ex != execute_data) {
+        line = ex->opline->lineno;
+        filename = ZSTR_VAL(ex->func->op_array.filename);
      }
    }
@@ -327,10 +368,10 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
    if (config_node->functions_list) {
      sp_log_disable(config_node->function, arg_name, arg_value_str,
-                     config_node);
+                     config_node, line, filename);
    } else {
      sp_log_disable(complete_path_function, arg_name, arg_value_str,
-                     config_node);
+                     config_node, line, filename);
    }
    if (true == config_node->simulation) {
      goto next;
author	kkadosh	2018-03-19 16:39:47 +0000
committer	blotus	2018-03-19 17:39:47 +0100
commit	39929ce509361ee72746a9b971bdc531fbf0b843 (patch)
tree	c3455c4e4428d3b613e926b28619396960a2713e /src/sp_disabled_functions.c
parent	3659eb1542270d25c36fb3f38600e85cb8b6a22b (diff)

diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c index 0e05f4e..eeee007 100644 --- a/src/sp_disabled_functions.c +++ b/src/sp_disabled_functions.c
@@ -213,12 +213,53 @@ static bool is_param_matching(zend_execute_data* execute_data,
213	return false;	213	return false;
214	}	214	}
215		215
		216	static zend_execute_data* is_file_matching(
		217	zend_execute_data* const execute_data,
		218	sp_disabled_function const* const config_node,
		219	char const* const current_filename) {
		220	#define ITERATE(ex) \
		221	ex = ex->prev_execute_data; \
		222	while (ex && (!ex->func \|\| !ZEND_USER_CODE(ex->func->type))) \
		223	ex = ex->prev_execute_data; \
		224	if (!ex) return NULL;
		225
		226	zend_execute_data* ex = execute_data;
		227	if (config_node->filename) {
		228	if (0 == strcmp(current_filename, config_node->filename)) {
		229	return ex;
		230	}
		231	ITERATE(ex);
		232	if (0 ==
		233	strcmp(ZSTR_VAL(ex->func->op_array.filename), config_node->filename)) {
		234	return ex;
		235	}
		236	} else if (config_node->r_filename) {
		237	if (true ==
		238	sp_is_regexp_matching(config_node->r_filename, current_filename)) {
		239	return ex;
		240	}
		241	ITERATE(ex);
		242	if (true == sp_is_regexp_matching(config_node->r_filename,
		243	ZSTR_VAL(ex->func->op_array.filename))) {
		244	return ex;
		245	}
		246	}
		247	return NULL;
		248	#undef ITERATE
		249	}
		250
216	bool should_disable(zend_execute_data* execute_data, const char* builtin_name,	251	bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
217	const char* builtin_param, const char* builtin_param_name) {	252	const char* builtin_param, const char* builtin_param_name) {
218	char current_file_hash[SHA256_SIZE * 2 + 1] = {0};	253	char current_file_hash[SHA256_SIZE * 2 + 1] = {0};
219	const sp_list_node* config = get_config_node(builtin_name);	254	const sp_list_node* config = get_config_node(builtin_name);
220	char* complete_path_function = NULL;	255	char* complete_path_function = NULL;
221	const char* current_filename = NULL;	256	const char* current_filename = NULL;
		257	unsigned int line = 0;
		258	char* filename = NULL;
		259
		260	if (!execute_data) {
		261	return false;
		262	}
222		263
223	if (!config \|\| !config->data) {	264	if (!config \|\| !config->data) {
224	return false;	265	return false;
@@ -269,14 +310,14 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
269	}	310	}
270	}	311	}
271		312
272	if (config_node->filename) { /* Check the current file name. */	313	if (config_node->filename \|\| config_node->r_filename) {
273	if (0 != strcmp(current_filename, config_node->filename)) {	314	zend_execute_data* ex =
274	goto next;	315	is_file_matching(execute_data, config_node, current_filename);
275	}	316	if (!ex) {
276	} else if (config_node->r_filename) {
277	if (false ==
278	sp_is_regexp_matching(config_node->r_filename, current_filename)) {
279	goto next;	317	goto next;
		318	} else if (ex != execute_data) {
		319	line = ex->opline->lineno;
		320	filename = ZSTR_VAL(ex->func->op_array.filename);
280	}	321	}
281	}	322	}
282		323
@@ -327,10 +368,10 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
327		368
328	if (config_node->functions_list) {	369	if (config_node->functions_list) {
329	sp_log_disable(config_node->function, arg_name, arg_value_str,	370	sp_log_disable(config_node->function, arg_name, arg_value_str,
330	config_node);	371	config_node, line, filename);
331	} else {	372	} else {
332	sp_log_disable(complete_path_function, arg_name, arg_value_str,	373	sp_log_disable(complete_path_function, arg_name, arg_value_str,
333	config_node);	374	config_node, line, filename);
334	}	375	}
335	if (true == config_node->simulation) {	376	if (true == config_node->simulation) {
336	goto next;	377	goto next;