Add sp.log_max_len

author: jvoisin 2023-01-31 20:16:21 +0100
committer: jvoisin 2023-01-31 20:25:14 +0100
commit: 78e451eaf99e8f239867def2d8220dfa348cc167 (patch)
tree: dcd1f1964634919bd0b9784d3546fd3690f389a1 /src
parent: 26f9987a538dc68d5a825b1712d3456a2d7aa109 (diff)
8 files changed, 24 insertions, 2 deletions
diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h
index 7af4da2..229c1b9 100644
--- a/src/php_snuffleupagus.h
+++ b/src/php_snuffleupagus.h
@@ -131,6 +131,7 @@ sp_config_wrapper config_wrapper;
 sp_config_session config_session;
 sp_config_ini config_ini;
 char config_log_media;
+int config_log_max_len;
 u_long config_max_execution_depth;
 bool config_server_encode;
 bool config_server_strip;
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c
index 8454fc1..c957cf6 100644
--- a/src/snuffleupagus.c
+++ b/src/snuffleupagus.c
@@ -89,6 +89,7 @@ static PHP_GINIT_FUNCTION(snuffleupagus) {
  sp_load_other_modules();
  snuffleupagus_globals->is_config_valid = SP_CONFIG_NONE;
  snuffleupagus_globals->in_eval = 0;
+  snuffleupagus_globals->config_log_max_len = 255;
 #define SP_INIT_HT(F)                                                          \
  snuffleupagus_globals->F = pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \
@@ -355,6 +356,7 @@ static void dump_config() {
  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_ENCRYPTION_KEY, SPCFG(encryption_key) && ZSTR_LEN(SPCFG(encryption_key)));
  ADD_ASSOC_ZSTR(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_ENV_VAR, SPCFG(cookies_env_var));
  add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_LOG_MEDIA, SPCFG(log_media));
+  add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_LOG_MAX_LEN, SPCFG(log_max_len));
  add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_MAX_EXECUTION_DEPTH, SPCFG(max_execution_depth));
  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SERVER_ENCODE, SPCFG(server_encode));
  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SERVER_STRIP, SPCFG(server_strip));
diff --git a/src/sp_config.c b/src/sp_config.c
index 8bd238a..5db511e 100644
--- a/src/sp_config.c
+++ b/src/sp_config.c
@@ -11,6 +11,7 @@ static zend_result sp_process_config_root(sp_parsed_keyword *parsed_rule) {
    {parse_unserialize_noclass, SP_TOKEN_UNSERIALIZE_NOCLASS, &(SPCFG(unserialize_noclass))},
    {parse_enable,              SP_TOKEN_HARDEN_RANDOM, &(SPCFG(random).enable)},
    {parse_log_media,           SP_TOKEN_LOG_MEDIA, &(SPCFG(log_media))},
+    {parse_ulong,               SP_TOKEN_LOG_MAX_LEN, &(SPCFG(log_max_len))},
    {parse_disabled_functions,  SP_TOKEN_DISABLE_FUNC, NULL},
    {parse_readonly_exec,       SP_TOKEN_READONLY_EXEC, &(SPCFG(readonly_exec))},
    {parse_enable,              SP_TOKEN_GLOBAL_STRICT, &(SPCFG(global_strict).enable)},
diff --git a/src/sp_config.h b/src/sp_config.h
index cddf816..f957d15 100644
--- a/src/sp_config.h
+++ b/src/sp_config.h
@@ -264,6 +264,7 @@ typedef struct {
 #define SP_TOKEN_ENCRYPTION_KEY "secret_key"
 #define SP_TOKEN_ENV_VAR "cookie_env_var"
 #define SP_TOKEN_LOG_MEDIA "log_media"
+#define SP_TOKEN_LOG_MAX_LEN "log_max_len"
 #define SP_TOKEN_MAX_EXECUTION_DEPTH "max_execution_depth"
 #define SP_TOKEN_SERVER_ENCODE "server_encode"
 #define SP_TOKEN_SERVER_STRIP "server_strip"
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index ff834dd..e7ff3e6 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -144,6 +144,7 @@ SP_PARSE_FN(parse_global) {
      {parse_str, SP_TOKEN_ENCRYPTION_KEY, &(SPCFG(encryption_key))},
      {parse_str, SP_TOKEN_ENV_VAR, &(SPCFG(cookies_env_var))},
      {parse_log_media, SP_TOKEN_LOG_MEDIA, &(SPCFG(log_media))},
+      {parse_ulong, SP_TOKEN_LOG_MAX_LEN, &(SPCFG(log_max_len))},
      {parse_ulong, SP_TOKEN_MAX_EXECUTION_DEPTH, &(SPCFG(max_execution_depth))},
      {parse_enable, SP_TOKEN_SERVER_ENCODE, &(SPCFG(server_encode))},
      {parse_enable, SP_TOKEN_SERVER_STRIP, &(SPCFG(server_strip))},
diff --git a/src/sp_utils.c b/src/sp_utils.c
index 3107f77..0fae9ba 100644
--- a/src/sp_utils.c
+++ b/src/sp_utils.c
@@ -300,7 +300,7 @@ void sp_log_disable(const char* restrict path, const char* restrict arg_name,
    char* char_repr = NULL;
    if (arg_value) {
      char_repr = zend_string_to_char(arg_value);
-      sp_sanitize_charstring(char_repr, 255);
+      sp_sanitize_charstring(char_repr, SPCFG(log_max_len));
    }
    if (alias) {
      sp_log_auto(
@@ -341,7 +341,7 @@ void sp_log_disable_ret(const char* restrict path,
  }
  if (ret_value) {
    char_repr = zend_string_to_char(ret_value);
-    sp_sanitize_charstring(char_repr, 255);
+    sp_sanitize_charstring(char_repr, SPCFG(log_max_len));
  }
  if (alias) {
    sp_log_auto(
diff --git a/src/tests/config/phplog_max_len.ini b/src/tests/config/phplog_max_len.ini
new file mode 100644
index 0000000..3465d17
--- /dev/null
+++ b/src/tests/config/phplog_max_len.ini
@@ -0,0 +1,2 @@
+sp.disable_function.function("ini_set").param("option").value("1234567890abcdefghijklmnopqrstuvwxyz").drop();
+sp.log_max_len("16");
diff --git a/src/tests/phplog_max_len.phpt b/src/tests/phplog_max_len.phpt
new file mode 100644
index 0000000..6294f4e
--- /dev/null
+++ b/src/tests/phplog_max_len.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Check the phplog output with a log_max_len
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/phplog_max_len.ini
+--FILE--
+<?php 
+var_dump(ini_set("1234567890abcdefghijklmnopqrstuvwxyz", "value"));
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'ini_set', because its argument '$option' content (1234567890abcdef) matched a rule in %s/tests/phplog_max_len.php on line 2
author	jvoisin	2023-01-31 20:16:21 +0100
committer	jvoisin	2023-01-31 20:25:14 +0100
commit	78e451eaf99e8f239867def2d8220dfa348cc167 (patch)
tree	dcd1f1964634919bd0b9784d3546fd3690f389a1 /src
parent	26f9987a538dc68d5a825b1712d3456a2d7aa109 (diff)