diff options
| author | jvoisin | 2022-12-07 21:02:22 +0100 |
|---|---|---|
| committer | jvoisin | 2022-12-08 20:55:46 +0100 |
| commit | ccfaf3e4713b1878241f1235a6fcb66ad0582d47 (patch) | |
| tree | 97dcd84aed33b1d98095d0cf3f467e9dfb975f0c /src/sp_unserialize.c | |
| parent | 5966fefb9a291bd0eecd0fff9396b2b6cea4a62e (diff) | |
Add unserialize_noclass
Diffstat (limited to 'src/sp_unserialize.c')
| -rw-r--r-- | src/sp_unserialize.c | 30 |
1 files changed, 22 insertions, 8 deletions
diff --git a/src/sp_unserialize.c b/src/sp_unserialize.c index e57ef9c..641d989 100644 --- a/src/sp_unserialize.c +++ b/src/sp_unserialize.c | |||
| @@ -61,6 +61,10 @@ PHP_FUNCTION(sp_serialize) { | |||
| 61 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); | 61 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); |
| 62 | } | 62 | } |
| 63 | 63 | ||
| 64 | if (!SPCFG(unserialize).enable) { | ||
| 65 | return; | ||
| 66 | } | ||
| 67 | |||
| 64 | /* Compute the HMAC of the textual representation of the serialized data*/ | 68 | /* Compute the HMAC of the textual representation of the serialized data*/ |
| 65 | zend_string *hmac = sp_do_hash_hmac_sha256(Z_STRVAL_P(return_value), Z_STRLEN_P(return_value), ZSTR_VAL(SPCFG(encryption_key)), ZSTR_LEN(SPCFG(encryption_key))); | 69 | zend_string *hmac = sp_do_hash_hmac_sha256(Z_STRVAL_P(return_value), Z_STRLEN_P(return_value), ZSTR_VAL(SPCFG(encryption_key)), ZSTR_LEN(SPCFG(encryption_key))); |
| 66 | 70 | ||
| @@ -84,29 +88,37 @@ PHP_FUNCTION(sp_serialize) { | |||
| 84 | } | 88 | } |
| 85 | 89 | ||
| 86 | PHP_FUNCTION(sp_unserialize) { | 90 | PHP_FUNCTION(sp_unserialize) { |
| 87 | zif_handler orig_handler; | ||
| 88 | |||
| 89 | char *buf = NULL; | 91 | char *buf = NULL; |
| 90 | char *serialized_str = NULL; | ||
| 91 | char *hmac = NULL; | ||
| 92 | size_t buf_len = 0; | 92 | size_t buf_len = 0; |
| 93 | HashTable *opts = NULL; | 93 | HashTable *opts = NULL; |
| 94 | 94 | ||
| 95 | const sp_config_unserialize *config_unserialize = &(SPCFG(unserialize)); | ||
| 96 | |||
| 97 | ZEND_PARSE_PARAMETERS_START(1, 2) | 95 | ZEND_PARSE_PARAMETERS_START(1, 2) |
| 98 | Z_PARAM_STRING(buf, buf_len) | 96 | Z_PARAM_STRING(buf, buf_len) |
| 99 | Z_PARAM_OPTIONAL | 97 | Z_PARAM_OPTIONAL |
| 100 | Z_PARAM_ARRAY_HT(opts) | 98 | Z_PARAM_ARRAY_HT(opts) |
| 101 | ZEND_PARSE_PARAMETERS_END(); | 99 | ZEND_PARSE_PARAMETERS_END(); |
| 102 | 100 | ||
| 101 | if (SPCFG(unserialize_noclass).enable) { | ||
| 102 | #if PHP_VERSION_ID > 80000 | ||
| 103 | HashTable ht; | ||
| 104 | zend_hash_init(&ht, 1, NULL, NULL, 0); | ||
| 105 | zval zv; | ||
| 106 | ZVAL_FALSE(&zv); | ||
| 107 | zend_hash_str_add(&ht, "allowed_classes", sizeof("allowed_classes")-1, &zv); | ||
| 108 | php_unserialize_with_options(return_value, buf, buf_len, &ht, "unserialize"); | ||
| 109 | return; | ||
| 110 | #else | ||
| 111 | sp_log_drop("unserialize_noclass", "unserialize_noclass is only supported on PHP8+"); | ||
| 112 | #endif | ||
| 113 | } | ||
| 114 | |||
| 103 | /* 64 is the length of HMAC-256 */ | 115 | /* 64 is the length of HMAC-256 */ |
| 104 | if (buf_len < 64) { | 116 | if (buf_len < 64) { |
| 105 | sp_log_drop("unserialize", "The serialized object is too small."); | 117 | sp_log_drop("unserialize", "The serialized object is too small."); |
| 106 | } | 118 | } |
| 107 | 119 | ||
| 108 | hmac = buf + buf_len - 64; | 120 | char* hmac = buf + buf_len - 64; |
| 109 | serialized_str = ecalloc(buf_len - 64 + 1, 1); | 121 | char* serialized_str = ecalloc(buf_len - 64 + 1, 1); |
| 110 | memcpy(serialized_str, buf, buf_len - 64); | 122 | memcpy(serialized_str, buf, buf_len - 64); |
| 111 | 123 | ||
| 112 | zend_string *expected_hmac = sp_do_hash_hmac_sha256(serialized_str, strlen(serialized_str), ZSTR_VAL(SPCFG(encryption_key)), ZSTR_LEN(SPCFG(encryption_key))); | 124 | zend_string *expected_hmac = sp_do_hash_hmac_sha256(serialized_str, strlen(serialized_str), ZSTR_VAL(SPCFG(encryption_key)), ZSTR_LEN(SPCFG(encryption_key))); |
| @@ -118,11 +130,13 @@ PHP_FUNCTION(sp_unserialize) { | |||
| 118 | } | 130 | } |
| 119 | } else { status = 1; } | 131 | } else { status = 1; } |
| 120 | 132 | ||
| 133 | zif_handler orig_handler; | ||
| 121 | if (0 == status) { | 134 | if (0 == status) { |
| 122 | if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) { | 135 | if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) { |
| 123 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); | 136 | orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); |
| 124 | } | 137 | } |
| 125 | } else { | 138 | } else { |
| 139 | const sp_config_unserialize *config_unserialize = &(SPCFG(unserialize)); | ||
| 126 | if (config_unserialize->dump) { | 140 | if (config_unserialize->dump) { |
| 127 | sp_log_request(config_unserialize->dump, | 141 | sp_log_request(config_unserialize->dump, |
| 128 | config_unserialize->textual_representation); | 142 | config_unserialize->textual_representation); |