diff options
| author | Ben Fuhrmannek | 2021-09-23 12:23:40 +0200 |
|---|---|---|
| committer | Ben Fuhrmannek | 2021-09-23 12:23:40 +0200 |
| commit | 54c352c1b5aa08b187dd1e52e544709cad2b0fee (patch) | |
| tree | d15bf0f484c6baa1f2718e625e0d49f6fb488507 /src/sp_unserialize.c | |
| parent | 887e1c9d44fbcf5f23a928269034593b8521aaba (diff) | |
config is stack allocated now + some code improvements (see details)
* for easier memory manegement, the entire sp_config struct was merged into snuffleupagus_globals and allocated on stack where possible
* SNUFFLEUPAGUS_G() can be written as SPG(), which is faster to type and easier to read
* execution_depth is re-initialized to 0 for each request
* function calls with inline string and length parameters consistently use ZEND_STRL instead of sizeof()-1
* execution is actually hooked if recursion protection is enabled
* some line breaks were removed to make the code more readable
Diffstat (limited to 'src/sp_unserialize.c')
| -rw-r--r-- | src/sp_unserialize.c | 23 |
1 files changed, 9 insertions, 14 deletions
diff --git a/src/sp_unserialize.c b/src/sp_unserialize.c index 82b2cef..1c9f731 100644 --- a/src/sp_unserialize.c +++ b/src/sp_unserialize.c | |||
| @@ -4,10 +4,10 @@ PHP_FUNCTION(sp_serialize) { | |||
| 4 | zif_handler orig_handler; | 4 | zif_handler orig_handler; |
| 5 | 5 | ||
| 6 | /* Call the original `serialize` function. */ | 6 | /* Call the original `serialize` function. */ |
| 7 | orig_handler = | 7 | orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("serialize")); |
| 8 | zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook), | 8 | if (orig_handler) { |
| 9 | "serialize", sizeof("serialize") - 1); | 9 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); |
| 10 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); | 10 | } |
| 11 | 11 | ||
| 12 | /* Compute the HMAC of the textual representation of the serialized data*/ | 12 | /* Compute the HMAC of the textual representation of the serialized data*/ |
| 13 | zval func_name; | 13 | zval func_name; |
| @@ -19,7 +19,7 @@ PHP_FUNCTION(sp_serialize) { | |||
| 19 | params[1] = *return_value; | 19 | params[1] = *return_value; |
| 20 | ZVAL_STRING( | 20 | ZVAL_STRING( |
| 21 | ¶ms[2], | 21 | ¶ms[2], |
| 22 | ZSTR_VAL(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)); | 22 | ZSTR_VAL(SPCFG(encryption_key))); |
| 23 | call_user_function(CG(function_table), NULL, &func_name, &hmac, 3, params); | 23 | call_user_function(CG(function_table), NULL, &func_name, &hmac, 3, params); |
| 24 | 24 | ||
| 25 | size_t len = Z_STRLEN_P(return_value) + Z_STRLEN(hmac); | 25 | size_t len = Z_STRLEN_P(return_value) + Z_STRLEN(hmac); |
| @@ -46,8 +46,7 @@ PHP_FUNCTION(sp_unserialize) { | |||
| 46 | size_t buf_len = 0; | 46 | size_t buf_len = 0; |
| 47 | zval *opts = NULL; | 47 | zval *opts = NULL; |
| 48 | 48 | ||
| 49 | const sp_config_unserialize *config_unserialize = | 49 | const sp_config_unserialize *config_unserialize = &(SPCFG(unserialize)); |
| 50 | SNUFFLEUPAGUS_G(config).config_unserialize; | ||
| 51 | 50 | ||
| 52 | if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|a", &buf, &buf_len, &opts) == | 51 | if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|a", &buf, &buf_len, &opts) == |
| 53 | FAILURE) { | 52 | FAILURE) { |
| @@ -71,7 +70,7 @@ PHP_FUNCTION(sp_unserialize) { | |||
| 71 | ZVAL_STRING(¶ms[1], serialized_str); | 70 | ZVAL_STRING(¶ms[1], serialized_str); |
| 72 | ZVAL_STRING( | 71 | ZVAL_STRING( |
| 73 | ¶ms[2], | 72 | ¶ms[2], |
| 74 | ZSTR_VAL(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)); | 73 | ZSTR_VAL(SPCFG(encryption_key))); |
| 75 | call_user_function(CG(function_table), NULL, &func_name, &expected_hmac, 3, | 74 | call_user_function(CG(function_table), NULL, &func_name, &expected_hmac, 3, |
| 76 | params); | 75 | params); |
| 77 | 76 | ||
| @@ -81,9 +80,7 @@ PHP_FUNCTION(sp_unserialize) { | |||
| 81 | } | 80 | } |
| 82 | 81 | ||
| 83 | if (0 == status) { | 82 | if (0 == status) { |
| 84 | if ((orig_handler = zend_hash_str_find_ptr( | 83 | if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) { |
| 85 | SNUFFLEUPAGUS_G(sp_internal_functions_hook), "unserialize", | ||
| 86 | sizeof("unserialize") - 1))) { | ||
| 87 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); | 84 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); |
| 88 | } | 85 | } |
| 89 | } else { | 86 | } else { |
| @@ -93,9 +90,7 @@ PHP_FUNCTION(sp_unserialize) { | |||
| 93 | } | 90 | } |
| 94 | if (true == config_unserialize->simulation) { | 91 | if (true == config_unserialize->simulation) { |
| 95 | sp_log_simulation("unserialize", "Invalid HMAC for %s", serialized_str); | 92 | sp_log_simulation("unserialize", "Invalid HMAC for %s", serialized_str); |
| 96 | if ((orig_handler = zend_hash_str_find_ptr( | 93 | if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) { |
| 97 | SNUFFLEUPAGUS_G(sp_internal_functions_hook), "unserialize", | ||
| 98 | sizeof("unserialize") - 1))) { | ||
| 99 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); | 94 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); |
| 100 | } | 95 | } |
| 101 | } else { | 96 | } else { |