Initial import

author: Sebastien Blot 2017-09-20 10:11:01 +0200
committer: Sebastien Blot 2017-09-20 10:11:01 +0200
commit: 868f96c759b6650d88ff9f4fbc5c048302134248 (patch)
tree: c0de0af318bf77a8959164ef11aeeeb2b7bab294 /src/sp_execute.c
1 files changed, 100 insertions, 0 deletions
diff --git a/src/sp_execute.c b/src/sp_execute.c
new file mode 100644
index 0000000..faf126c
--- /dev/null
+++ b/src/sp_execute.c
@@ -0,0 +1,100 @@
+#include "php_snuffleupagus.h"
+#include <errno.h>
+#include <string.h>
+ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus);
+static void (*orig_execute_ex)(zend_execute_data *execute_data);
+static int (*orig_zend_stream_open)(const char *filename,
+                                             zend_file_handle *handle);
+// FIXME handle symlink
+ZEND_COLD static inline void terminate_if_writable(const char *filename) {
+  if (0 == access(filename, W_OK)) {
+    if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->simulation) {
+      sp_log_msg("readonly_exec", LOG_NOTICE,
+        "Attempted execution of a writable file (%s).", filename);
+    } else {
+      sp_log_msg("readonly_exec", LOG_DROP,
+        "Attempted execution of a writable file (%s).", filename);
+      sp_terminate();
+    }
+  } else {
+    if (EACCES != errno) {
+      sp_log_err("Writable execution", "Error while accessing %s: %s", filename,
+        strerror(errno));
+    }
+  }
+}
+static void check_inclusion_regexp(const char * const filename) {
+  if (SNUFFLEUPAGUS_G(config).config_regexp_inclusion->regexp_inclusion) {
+    const sp_node_t* config = SNUFFLEUPAGUS_G(config).config_regexp_inclusion->regexp_inclusion;
+    if (!config || !config->data) {
+      return;
+    }
+    while (config) {
+      pcre *config_node = (pcre*)(config->data);
+      if (false == is_regexp_matching(config_node, filename)) {
+        sp_log_msg("include", LOG_DROP, "Inclusion of a forbidden file (%s).", filename);
+        sp_terminate();
+      }
+      config = config->next;
+    }
+  }
+}
+static void sp_execute_ex(zend_execute_data *execute_data) {
+  if (NULL == execute_data->func->common.function_name) {
+    goto execute;
+  }
+  if (true == should_disable(execute_data)) {
+    return;
+  }
+  if (execute_data->func->op_array.type == ZEND_EVAL_CODE) {
+    sp_log_debug("Currently in an eval\n");
+  }
+  if (NULL != execute_data->func->op_array.filename) {
+    if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
+      terminate_if_writable(ZSTR_VAL(execute_data->func->op_array.filename));
+    }
+}
+execute:
+  orig_execute_ex(execute_data);
+}
+static int sp_stream_open(const char *filename,
+                                   zend_file_handle *handle) {
+  const zend_execute_data *data = EG(current_execute_data);
+  if ((NULL != data) && (NULL != data->opline) && 
+      (ZEND_INCLUDE_OR_EVAL == data->opline->opcode)) {
+    if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
+      terminate_if_writable(filename);
+    }
+    check_inclusion_regexp(filename);
+  }
+  return orig_zend_stream_open(filename, handle);
+}
+int hook_execute(void) {
+  TSRMLS_FETCH();
+  /* zend_execute_ex is used for "classic" function calls */
+  orig_execute_ex = zend_execute_ex;
+  zend_execute_ex = sp_execute_ex;
+  /* zend_stream_open_function is used FIXME */
+  orig_zend_stream_open = zend_stream_open_function;
+  zend_stream_open_function = sp_stream_open;
+  /* zend_execute_internal is used for "indirect" functions call,
+   * like array_map or call_user_func. */
+  return SUCCESS;
+}
author	Sebastien Blot	2017-09-20 10:11:01 +0200
committer	Sebastien Blot	2017-09-20 10:11:01 +0200
commit	868f96c759b6650d88ff9f4fbc5c048302134248 (patch)
tree	c0de0af318bf77a8959164ef11aeeeb2b7bab294 /src/sp_execute.c

diff --git a/src/sp_execute.c b/src/sp_execute.c new file mode 100644 index 0000000..faf126c --- /dev/null +++ b/src/sp_execute.c
@@ -0,0 +1,100 @@
	1	#include "php_snuffleupagus.h"
	2
	3	#include <errno.h>
	4	#include <string.h>
	5
	6	ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus);
	7
	8	static void (orig_execute_ex)(zend_execute_data execute_data);
	9	static int (orig_zend_stream_open)(const char filename,
	10	zend_file_handle *handle);
	11
	12	// FIXME handle symlink
	13	ZEND_COLD static inline void terminate_if_writable(const char *filename) {
	14	if (0 == access(filename, W_OK)) {
	15	if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->simulation) {
	16	sp_log_msg("readonly_exec", LOG_NOTICE,
	17	"Attempted execution of a writable file (%s).", filename);
	18	} else {
	19	sp_log_msg("readonly_exec", LOG_DROP,
	20	"Attempted execution of a writable file (%s).", filename);
	21	sp_terminate();
	22	}
	23	} else {
	24	if (EACCES != errno) {
	25	sp_log_err("Writable execution", "Error while accessing %s: %s", filename,
	26	strerror(errno));
	27	}
	28	}
	29	}
	30
	31	static void check_inclusion_regexp(const char * const filename) {
	32	if (SNUFFLEUPAGUS_G(config).config_regexp_inclusion->regexp_inclusion) {
	33	const sp_node_t* config = SNUFFLEUPAGUS_G(config).config_regexp_inclusion->regexp_inclusion;
	34	if (!config \|\| !config->data) {
	35	return;
	36	}
	37	while (config) {
	38	pcre config_node = (pcre)(config->data);
	39	if (false == is_regexp_matching(config_node, filename)) {
	40	sp_log_msg("include", LOG_DROP, "Inclusion of a forbidden file (%s).", filename);
	41	sp_terminate();
	42	}
	43	config = config->next;
	44	}
	45	}
	46	}
	47
	48	static void sp_execute_ex(zend_execute_data *execute_data) {
	49	if (NULL == execute_data->func->common.function_name) {
	50	goto execute;
	51	}
	52
	53	if (true == should_disable(execute_data)) {
	54	return;
	55	}
	56
	57	if (execute_data->func->op_array.type == ZEND_EVAL_CODE) {
	58	sp_log_debug("Currently in an eval\n");
	59	}
	60
	61	if (NULL != execute_data->func->op_array.filename) {
	62	if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
	63	terminate_if_writable(ZSTR_VAL(execute_data->func->op_array.filename));
	64	}
	65	}
	66
	67	execute:
	68	orig_execute_ex(execute_data);
	69	}
	70
	71	static int sp_stream_open(const char *filename,
	72	zend_file_handle *handle) {
	73	const zend_execute_data *data = EG(current_execute_data);
	74
	75	if ((NULL != data) && (NULL != data->opline) &&
	76	(ZEND_INCLUDE_OR_EVAL == data->opline->opcode)) {
	77	if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
	78	terminate_if_writable(filename);
	79	}
	80	check_inclusion_regexp(filename);
	81	}
	82	return orig_zend_stream_open(filename, handle);
	83	}
	84
	85	int hook_execute(void) {
	86	TSRMLS_FETCH();
	87
	88	/* zend_execute_ex is used for "classic" function calls */
	89	orig_execute_ex = zend_execute_ex;
	90	zend_execute_ex = sp_execute_ex;
	91
	92	/* zend_stream_open_function is used FIXME */
	93	orig_zend_stream_open = zend_stream_open_function;
	94	zend_stream_open_function = sp_stream_open;
	95
	96	/* zend_execute_internal is used for "indirect" functions call,
	97	* like array_map or call_user_func. */
	98
	99	return SUCCESS;
	100	}