diff options
| author | jvoisin | 2022-03-20 18:20:45 +0100 |
|---|---|---|
| committer | jvoisin | 2022-03-20 18:20:45 +0100 |
| commit | 81dd7f2ef07af306fe83d7755cbac4529aa9fc8d (patch) | |
| tree | 32cc44c6231b30db5ac7b15699297863460784aa /src/sp_upload_validation.c | |
| parent | 83b01942dfc80474cc05e09aeef4b44307a7120b (diff) | |
| parent | c38df1077a6c1dfbca1baca049214d053e2e7684 (diff) | |
Merge remote-tracking branch 'sektioneins/master'
Diffstat (limited to 'src/sp_upload_validation.c')
| -rw-r--r-- | src/sp_upload_validation.c | 34 |
1 files changed, 11 insertions, 23 deletions
diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c index cebab3e..38b4cb3 100644 --- a/src/sp_upload_validation.c +++ b/src/sp_upload_validation.c | |||
| @@ -32,28 +32,21 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) { | |||
| 32 | 32 | ||
| 33 | if (event == MULTIPART_EVENT_END) { | 33 | if (event == MULTIPART_EVENT_END) { |
| 34 | zend_string *file_key __attribute__((unused)) = NULL; | 34 | zend_string *file_key __attribute__((unused)) = NULL; |
| 35 | const sp_config_upload_validation *config_upload = | 35 | const sp_config_upload_validation *config_upload = &(SPCFG(upload_validation)); |
| 36 | SNUFFLEUPAGUS_G(config).config_upload_validation; | ||
| 37 | zval *file; | 36 | zval *file; |
| 38 | pid_t pid; | 37 | pid_t pid; |
| 39 | 38 | ||
| 40 | sp_log_debug( | 39 | sp_log_debug("Got %d files", zend_hash_num_elements(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES]))); |
| 41 | "Got %d files", | ||
| 42 | zend_hash_num_elements(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES]))); | ||
| 43 | 40 | ||
| 44 | ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES]), | 41 | ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES]), file_key, file) { // for each uploaded file |
| 45 | file_key, file) { // for each uploaded file | ||
| 46 | 42 | ||
| 47 | char *filename = Z_STRVAL_P( | 43 | char *filename = Z_STRVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), ZEND_STRL("name"))); |
| 48 | zend_hash_str_find(Z_ARRVAL_P(file), "name", sizeof("name") - 1)); | 44 | char *tmp_name = Z_STRVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), ZEND_STRL("tmp_name"))); |
| 49 | char *tmp_name = Z_STRVAL_P(zend_hash_str_find( | 45 | size_t filesize = Z_LVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), ZEND_STRL("size"))); |
| 50 | Z_ARRVAL_P(file), "tmp_name", sizeof("tmp_name") - 1)); | ||
| 51 | size_t filesize = Z_LVAL_P( | ||
| 52 | zend_hash_str_find(Z_ARRVAL_P(file), "size", sizeof("size") - 1)); | ||
| 53 | char *cmd[3] = {0}; | 46 | char *cmd[3] = {0}; |
| 54 | char *env[5] = {0}; | 47 | char *env[5] = {0}; |
| 55 | 48 | ||
| 56 | sp_log_debug("Filename: %s\nTmpname: %s\nSize: %d\nError: %d\nScript: %s", | 49 | sp_log_debug("Filename: %s\nTmpname: %s\nSize: %zd\nError: %lld\nScript: %s", |
| 57 | filename, tmp_name, filesize, | 50 | filename, tmp_name, filesize, |
| 58 | Z_LVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), "error", 5)), | 51 | Z_LVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), "error", 5)), |
| 59 | ZSTR_VAL(config_upload->script)); | 52 | ZSTR_VAL(config_upload->script)); |
| @@ -64,22 +57,19 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) { | |||
| 64 | 57 | ||
| 65 | spprintf(&env[0], 0, "SP_FILENAME=%s", filename); | 58 | spprintf(&env[0], 0, "SP_FILENAME=%s", filename); |
| 66 | spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", getenv("REMOTE_ADDR")); | 59 | spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", getenv("REMOTE_ADDR")); |
| 67 | spprintf(&env[2], 0, "SP_CURRENT_FILE=%s", | 60 | spprintf(&env[2], 0, "SP_CURRENT_FILE=%s", zend_get_executed_filename(TSRMLS_C)); |
| 68 | zend_get_executed_filename(TSRMLS_C)); | ||
| 69 | spprintf(&env[3], 0, "SP_FILESIZE=%zu", filesize); | 61 | spprintf(&env[3], 0, "SP_FILESIZE=%zu", filesize); |
| 70 | env[4] = NULL; | 62 | env[4] = NULL; |
| 71 | 63 | ||
| 72 | if ((pid = fork()) == 0) { | 64 | if ((pid = fork()) == 0) { |
| 73 | if (execve(ZSTR_VAL(config_upload->script), cmd, env) == -1) { | 65 | if (execve(ZSTR_VAL(config_upload->script), cmd, env) == -1) { |
| 74 | sp_log_warn("upload_validation", "Could not call '%s' : %s", | 66 | sp_log_warn("upload_validation", "Could not call '%s' : %s", ZSTR_VAL(config_upload->script), strerror(errno)); |
| 75 | ZSTR_VAL(config_upload->script), strerror(errno)); | ||
| 76 | EFREE_3(env); | 67 | EFREE_3(env); |
| 77 | exit(1); | 68 | exit(1); |
| 78 | } | 69 | } |
| 79 | } else if (pid == -1) { | 70 | } else if (pid == -1) { |
| 80 | // LCOV_EXCL_START | 71 | // LCOV_EXCL_START |
| 81 | sp_log_err("upload_validation", "Could not fork process : %s\n", | 72 | sp_log_err("upload_validation", "Could not fork process : %s\n", strerror(errno)); |
| 82 | strerror(errno)); | ||
| 83 | EFREE_3(env); | 73 | EFREE_3(env); |
| 84 | continue; | 74 | continue; |
| 85 | // LCOV_EXCL_STOP | 75 | // LCOV_EXCL_STOP |
| @@ -91,9 +81,7 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) { | |||
| 91 | if (WEXITSTATUS(waitstatus) != 0) { // Nope | 81 | if (WEXITSTATUS(waitstatus) != 0) { // Nope |
| 92 | char *uri = getenv("REQUEST_URI"); | 82 | char *uri = getenv("REQUEST_URI"); |
| 93 | int sim = config_upload->simulation; | 83 | int sim = config_upload->simulation; |
| 94 | sp_log_auto("upload_validation", sim, | 84 | sp_log_auto("upload_validation", sim, "The upload of %s on %s was rejected.", filename, uri ? uri : "?"); |
| 95 | "The upload of %s on %s was rejected.", filename, | ||
| 96 | uri ? uri : "?"); | ||
| 97 | } | 85 | } |
| 98 | } | 86 | } |
| 99 | ZEND_HASH_FOREACH_END(); | 87 | ZEND_HASH_FOREACH_END(); |