Log `eval` content when matching on its parameter

author: jvoisin 2022-07-12 20:57:19 +0200
committer: jvoisin 2022-07-12 21:15:07 +0200
commit: 423e133c569b7d749cba3e1b97e9e138e5f0f892 (patch)
tree: 34d169dc6bf6543a8dcfba9de498650d5b7f512f /src
parent: d310283dd5b2dbd74d5077c436911fce4e2d2b7e (diff)
3 files changed, 20 insertions, 3 deletions
diff --git a/src/sp_execute.c b/src/sp_execute.c
index a8798e4..2b8bb2e 100644
--- a/src/sp_execute.c
+++ b/src/sp_execute.c
@@ -136,9 +136,11 @@ static inline void sp_execute_handler(INTERNAL_FUNCTION_PARAMETERS, bool interna
    if (UNEXPECTED(EX(func)->op_array.type == ZEND_EVAL_CODE)) {
      const sp_list_node *config = zend_hash_str_find_ptr(SPCFG(disabled_functions), ZEND_STRL("eval"));
-      zend_string *filename = get_eval_filename(zend_get_executed_filename());
+#if PHP_VERSION_ID >= 80000
-      is_builtin_matching(filename, "eval", NULL, config, SPCFG(disabled_functions));
+      is_builtin_matching(SPG(eval_source_string), "eval", "code", config, SPCFG(disabled_functions));
-      zend_string_release(filename);
+#else
+      is_builtin_matching(Z_STR_P(SPG(eval_source_string)), "eval", "code", config, SPCFG(disabled_functions));
+#endif
      SPG(in_eval)++;
      sp_orig_execute(execute_data);
diff --git a/src/tests/disable_function/config/config_disabled_functions_eval_param.ini b/src/tests/disable_function/config/config_disabled_functions_eval_param.ini
new file mode 100644
index 0000000..b43faf1
--- /dev/null
+++ b/src/tests/disable_function/config/config_disabled_functions_eval_param.ini
@@ -0,0 +1 @@
+sp.disable_function.function("eval").param("code").drop();
diff --git a/src/tests/disable_function/disabled_functions_eval_param.phpt b/src/tests/disable_function/disabled_functions_eval_param.phpt
new file mode 100644
index 0000000..4f3f1ef
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_eval_param.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - eval, on matching parameter
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_eval_param.ini
+--FILE--
+<?php 
+$var = 123456789;
+eval('$var = 1337 + 1337;');
+print("Variable: $var\n");
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'eval', because its argument 'code' content ($var = 1337 + 1337;) matched a rule in %s/tests/disable_function/disabled_functions_eval_param.php(3) : eval()'d code on line 1
author	jvoisin	2022-07-12 20:57:19 +0200
committer	jvoisin	2022-07-12 21:15:07 +0200
commit	423e133c569b7d749cba3e1b97e9e138e5f0f892 (patch)
tree	34d169dc6bf6543a8dcfba9de498650d5b7f512f /src
parent	d310283dd5b2dbd74d5077c436911fce4e2d2b7e (diff)

diff --git a/src/sp_execute.c b/src/sp_execute.c index a8798e4..2b8bb2e 100644 --- a/src/sp_execute.c +++ b/src/sp_execute.c
@@ -136,9 +136,11 @@ static inline void sp_execute_handler(INTERNAL_FUNCTION_PARAMETERS, bool interna
136	if (UNEXPECTED(EX(func)->op_array.type == ZEND_EVAL_CODE)) {	136	if (UNEXPECTED(EX(func)->op_array.type == ZEND_EVAL_CODE)) {
137	const sp_list_node *config = zend_hash_str_find_ptr(SPCFG(disabled_functions), ZEND_STRL("eval"));	137	const sp_list_node *config = zend_hash_str_find_ptr(SPCFG(disabled_functions), ZEND_STRL("eval"));
138		138
139	zend_string *filename = get_eval_filename(zend_get_executed_filename());	139	#if PHP_VERSION_ID >= 80000
140	is_builtin_matching(filename, "eval", NULL, config, SPCFG(disabled_functions));	140	is_builtin_matching(SPG(eval_source_string), "eval", "code", config, SPCFG(disabled_functions));
141	zend_string_release(filename);	141	#else
		142	is_builtin_matching(Z_STR_P(SPG(eval_source_string)), "eval", "code", config, SPCFG(disabled_functions));
		143	#endif
142		144
143	SPG(in_eval)++;	145	SPG(in_eval)++;
144	sp_orig_execute(execute_data);	146	sp_orig_execute(execute_data);


diff --git a/src/tests/disable_function/config/config_disabled_functions_eval_param.ini b/src/tests/disable_function/config/config_disabled_functions_eval_param.ini new file mode 100644 index 0000000..b43faf1 --- /dev/null +++ b/src/tests/disable_function/config/config_disabled_functions_eval_param.ini
@@ -0,0 +1 @@
			sp.disable_function.function("eval").param("code").drop();


diff --git a/src/tests/disable_function/disabled_functions_eval_param.phpt b/src/tests/disable_function/disabled_functions_eval_param.phpt new file mode 100644 index 0000000..4f3f1ef --- /dev/null +++ b/src/tests/disable_function/disabled_functions_eval_param.phpt
@@ -0,0 +1,14 @@
		1	--TEST--
		2	Disable functions - eval, on matching parameter
		3	--SKIPIF--
		4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
		5	--INI--
		6	sp.configuration_file={PWD}/config/config_disabled_functions_eval_param.ini
		7	--FILE--
		8	<?php
		9	$var = 123456789;
		10	eval('$var = 1337 + 1337;');
		11	print("Variable: $var\n");
		12	?>
		13	--EXPECTF--
		14	Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'eval', because its argument 'code' content ($var = 1337 + 1337;) matched a rule in %s/tests/disable_function/disabled_functions_eval_param.php(3) : eval()'d code on line 1