diff options
| author | Ben Fuhrmannek | 2021-12-14 14:29:43 +0100 |
|---|---|---|
| committer | Ben Fuhrmannek | 2021-12-14 14:29:43 +0100 |
| commit | 4a45ba42b609d48c8297456d67cc8d955073b567 (patch) | |
| tree | 947bd03955cd9e8c141f133ab12d3a84bd62611e /src/sp_execute.c | |
| parent | 1746eb1013af60d8524a42fb3431446a5933a646 (diff) | |
fix: include class name in eval whitelist matching
Diffstat (limited to 'src/sp_execute.c')
| -rw-r--r-- | src/sp_execute.c | 29 |
1 files changed, 11 insertions, 18 deletions
diff --git a/src/sp_execute.c b/src/sp_execute.c index f540119..0474fc8 100644 --- a/src/sp_execute.c +++ b/src/sp_execute.c | |||
| @@ -48,8 +48,7 @@ inline static void is_builtin_matching( | |||
| 48 | should_disable_ht(EG(current_execute_data), function_name, param_value, param_name, SPCFG(disabled_functions_reg).disabled_functions, ht); | 48 | should_disable_ht(EG(current_execute_data), function_name, param_value, param_name, SPCFG(disabled_functions_reg).disabled_functions, ht); |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | static void ZEND_HOT | 51 | static void ZEND_HOT is_in_eval_and_whitelisted(const zend_execute_data *execute_data) { |
| 52 | is_in_eval_and_whitelisted(const zend_execute_data *execute_data) { | ||
| 53 | const sp_config_eval *config_eval = &(SPCFG(eval)); | 52 | const sp_config_eval *config_eval = &(SPCFG(eval)); |
| 54 | 53 | ||
| 55 | if (EXPECTED(0 == SPG(in_eval))) { | 54 | if (EXPECTED(0 == SPG(in_eval))) { |
| @@ -60,35 +59,29 @@ is_in_eval_and_whitelisted(const zend_execute_data *execute_data) { | |||
| 60 | return; | 59 | return; |
| 61 | } | 60 | } |
| 62 | 61 | ||
| 63 | if (zend_is_executing() && !EG(current_execute_data)->func) { | 62 | if (zend_is_executing() && !EX(func)) { |
| 64 | return; // LCOV_EXCL_LINE | 63 | return; // LCOV_EXCL_LINE |
| 65 | } | 64 | } |
| 66 | 65 | ||
| 67 | if (UNEXPECTED(!(execute_data->func->common.function_name))) { | 66 | char *function_name = get_complete_function_path(execute_data); |
| 67 | if (!function_name) { | ||
| 68 | return; | 68 | return; |
| 69 | } | 69 | } |
| 70 | 70 | ||
| 71 | zend_string const *const current_function = EX(func)->common.function_name; | 71 | if (UNEXPECTED(false == check_is_in_eval_whitelist(function_name))) { |
| 72 | |||
| 73 | if (EXPECTED(NULL != current_function)) { | ||
| 74 | if (UNEXPECTED(false == check_is_in_eval_whitelist(current_function))) { | ||
| 75 | if (config_eval->dump) { | 72 | if (config_eval->dump) { |
| 76 | sp_log_request(config_eval->dump, config_eval->textual_representation); | 73 | sp_log_request(config_eval->dump, config_eval->textual_representation); |
| 77 | } | 74 | } |
| 78 | if (config_eval->simulation) { | 75 | if (config_eval->simulation) { |
| 79 | sp_log_simulation( | 76 | sp_log_simulation("Eval_whitelist", "The function '%s' isn't in the eval whitelist, logging its call.", function_name); |
| 80 | "Eval_whitelist", | 77 | goto out; |
| 81 | "The function '%s' isn't in the eval whitelist, logging its call.", | ||
| 82 | ZSTR_VAL(current_function)); | ||
| 83 | return; | ||
| 84 | } else { | 78 | } else { |
| 85 | sp_log_drop( | 79 | sp_log_drop("Eval_whitelist", "The function '%s' isn't in the eval whitelist, dropping its call.", function_name); |
| 86 | "Eval_whitelist", | ||
| 87 | "The function '%s' isn't in the eval whitelist, dropping its call.", | ||
| 88 | ZSTR_VAL(current_function)); | ||
| 89 | } | 80 | } |
| 90 | } | 81 | } |
| 91 | } | 82 | // } |
| 83 | out: | ||
| 84 | efree(function_name); | ||
| 92 | } | 85 | } |
| 93 | 86 | ||
| 94 | /* This function gets the filename in which `eval()` is called from, | 87 | /* This function gets the filename in which `eval()` is called from, |