summaryrefslogtreecommitdiff
path: root/src/sp_execute.c
diff options
context:
space:
mode:
authorjvoisin2018-01-10 17:38:24 +0100
committerjvoisin2018-01-10 17:38:24 +0100
commit6f21bff1d40326f69bc3b75b1b83b03623180365 (patch)
tree09cc459ca549693d69f35098046d8ad64f3cde91 /src/sp_execute.c
parent773c9b94c6978ccd41c5a46f0d03448fd0c039a7 (diff)
Rework the priority of bl/wl in eval
Diffstat (limited to 'src/sp_execute.c')
-rw-r--r--src/sp_execute.c34
1 files changed, 13 insertions, 21 deletions
diff --git a/src/sp_execute.c b/src/sp_execute.c
index e6df1b6..ac7cee3 100644
--- a/src/sp_execute.c
+++ b/src/sp_execute.c
@@ -44,7 +44,8 @@ static void is_builtin_matching(const char *restrict const filename,
44 } 44 }
45} 45}
46 46
47static void is_in_eval_and_whitelisted(const zend_execute_data *execute_data) { 47static void ZEND_HOT
48is_in_eval_and_whitelisted(const zend_execute_data *execute_data) {
48 if (EXPECTED(0 == SNUFFLEUPAGUS_G(in_eval))) { 49 if (EXPECTED(0 == SNUFFLEUPAGUS_G(in_eval))) {
49 return; 50 return;
50 } 51 }
@@ -61,25 +62,16 @@ static void is_in_eval_and_whitelisted(const zend_execute_data *execute_data) {
61 return; 62 return;
62 } 63 }
63 64
64 char const* const current_function = ZSTR_VAL(EX(func)->common.function_name); 65 char const *const current_function = ZSTR_VAL(EX(func)->common.function_name);
65 66
66 if (EXPECTED(current_function)) { 67 if (EXPECTED(NULL != current_function)) {
67 const sp_list_node *it = SNUFFLEUPAGUS_G(config).config_eval->whitelist; 68 if (false == check_is_in_eval_whitelist(current_function)) {
68 /* yes, we could use a HashTable instead, but since the list is pretty 69 sp_log_msg(
69 * small, it doesn't maka a difference in practise. */ 70 "Eval_whitelist", SP_LOG_DROP,
70 while (it) { 71 "The function '%s' isn't in the eval whitelist, dropping its call.",
71 if (0 == strcmp(current_function, (char *)(it->data))) { 72 current_function);
72 /* We've got a match, the function is whiteslited. */ 73 sp_terminate();
73 return;
74 }
75 it = it->next;
76 } 74 }
77
78 sp_log_msg(
79 "Eval_whitelist", SP_LOG_DROP,
80 "The function '%s' isn't in the eval whitelist, dropping its call.",
81 current_function);
82 sp_terminate();
83 } 75 }
84} 76}
85 77
@@ -104,6 +96,8 @@ char *get_eval_filename(const char *filename) {
104} 96}
105 97
106static void sp_execute_ex(zend_execute_data *execute_data) { 98static void sp_execute_ex(zend_execute_data *execute_data) {
99 is_in_eval_and_whitelisted(execute_data);
100
107 if (true == should_disable(execute_data, NULL, NULL, NULL)) { 101 if (true == should_disable(execute_data, NULL, NULL, NULL)) {
108 sp_terminate(); 102 sp_terminate();
109 } 103 }
@@ -117,8 +111,6 @@ static void sp_execute_ex(zend_execute_data *execute_data) {
117 efree(filename); 111 efree(filename);
118 } 112 }
119 113
120 is_in_eval_and_whitelisted(execute_data);
121
122 if (NULL != EX(func)->op_array.filename) { 114 if (NULL != EX(func)->op_array.filename) {
123 if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) { 115 if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
124 terminate_if_writable(ZSTR_VAL(EX(func)->op_array.filename)); 116 terminate_if_writable(ZSTR_VAL(EX(func)->op_array.filename));
@@ -176,7 +168,7 @@ static int sp_stream_open(const char *filename, zend_file_handle *handle) {
176 is_builtin_matching(filename, "include_once", "inclusion path", 168 is_builtin_matching(filename, "include_once", "inclusion path",
177 config); 169 config);
178 break; 170 break;
179 EMPTY_SWITCH_DEFAULT_CASE(); 171 EMPTY_SWITCH_DEFAULT_CASE();
180 } 172 }
181 } 173 }
182 174