1 files changed, 222 insertions, 0 deletions
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c
new file mode 100644
index 0000000..52b975e
--- /dev/null
+++ b/src/snuffleupagus.c
@@ -0,0 +1,222 @@
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+#include "php_snuffleupagus.h"
+#ifndef ZEND_EXT_API
+#define ZEND_EXT_API ZEND_DLEXPORT
+#endif
+static PHP_INI_MH(OnUpdateConfiguration);
+static inline int zend_auto_start(zend_extension *extension);
+static inline void sp_op_array_handler(zend_op_array *op);
+ZEND_EXTENSION();
+ZEND_DLEXPORT int sp_zend_startup(zend_extension *extension) {
+  return zend_startup_module(&snuffleupagus_module_entry);
+}
+static inline void sp_op_array_handler(zend_op_array *op) {
+  if (NULL == op->filename) {
+    return;
+  } else {
+    op->fn_flags |= ZEND_ACC_STRICT_TYPES;
+  }
+}
+ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus)
+PHP_INI_BEGIN()
+PHP_INI_ENTRY("sp.configuration_file", "", PHP_INI_SYSTEM,
+  OnUpdateConfiguration)
+PHP_INI_END()
+ZEND_DLEXPORT zend_extension zend_extension_entry = {
+    PHP_SNUFFLEUPAGUS_EXTNAME,
+    PHP_SNUFFLEUPAGUS_VERSION,
+    PHP_SNUFFLEUPAGUS_AUTHOR,
+    PHP_SNUFFLEUPAGUS_URL,
+    PHP_SNUFFLEUPAGUS_COPYRIGHT,
+    sp_zend_startup,
+    NULL,
+    NULL,               /* activate_func_t */
+    NULL,               /* deactivate_func_t */
+    NULL,               /* message_handler_func_t */
+    sp_op_array_handler,//zend_global_strict, /* op_array_handler_func_t */
+    NULL,               /* statement_handler_func_t */
+    NULL,               /* fcall_begin_handler_func_t */
+    NULL,               /* fcall_end_handler_func_t */
+    NULL,               /* op_array_ctor_func_t */
+    NULL,               /* op_array_dtor_func_t */
+    STANDARD_ZEND_EXTENSION_PROPERTIES};
+/* Uncomment this function if you have INI entries
+static void php_snuffleupagus_init_globals(zend_snuffleupagus_globals
+*snuffleupagus_globals)
+{
+        snuffleupagus_globals->global_value = 0;
+        snuffleupagus_globals->global_string = NULL;
+}
+*/
+PHP_GINIT_FUNCTION(snuffleupagus) {
+#define SP_INIT(F) F = pecalloc(sizeof(*F), 1, 1);
+#define SP_INIT_HT(F) \
+        F = pemalloc(sizeof(*F), 1); \
+        zend_hash_init(F, 10, NULL, NULL, 1);
+  SP_INIT_HT(snuffleupagus_globals->disabled_functions_hook);
+  SP_INIT_HT(snuffleupagus_globals->sp_internal_functions_hook);
+  SP_INIT(snuffleupagus_globals->config.config_unserialize);
+  SP_INIT(snuffleupagus_globals->config.config_random);
+  SP_INIT(snuffleupagus_globals->config.config_readonly_exec);
+  SP_INIT(snuffleupagus_globals->config.config_global_strict);
+  SP_INIT(snuffleupagus_globals->config.config_auto_cookie_secure);
+  SP_INIT(snuffleupagus_globals->config.config_snuffleupagus);
+  SP_INIT(snuffleupagus_globals->config.config_disable_xxe);
+  SP_INIT(snuffleupagus_globals->config.config_upload_validation);
+  SP_INIT(snuffleupagus_globals->config.config_disabled_functions);
+  SP_INIT(snuffleupagus_globals->config.config_disabled_functions_ret);
+  SP_INIT(snuffleupagus_globals->config.config_cookie_encryption);
+  SP_INIT(snuffleupagus_globals->config.config_regexp_inclusion);
+  snuffleupagus_globals->config.config_regexp_inclusion->regexp_inclusion = sp_new_list();
+  snuffleupagus_globals->config.config_disabled_functions->disabled_functions = sp_new_list();
+  snuffleupagus_globals->config.config_disabled_functions_ret->disabled_functions = sp_new_list();
+  SP_INIT_HT(snuffleupagus_globals->config.config_cookie_encryption->names);
+#undef SP_INIT
+#undef SP_INIT_HT
+}
+PHP_MINIT_FUNCTION(snuffleupagus) {
+  REGISTER_INI_ENTRIES();
+  return SUCCESS;
+}
+PHP_MSHUTDOWN_FUNCTION(snuffleupagus) {
+#define FREE_HT(F) \
+  zend_hash_destroy(SNUFFLEUPAGUS_G(F)); \
+  pefree(SNUFFLEUPAGUS_G(F), 1);
+  FREE_HT(disabled_functions_hook);
+  FREE_HT(config.config_cookie_encryption->names);
+#undef FREE_HT
+  pefree(SNUFFLEUPAGUS_G(config.config_unserialize), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_random), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_readonly_exec), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_global_strict), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_auto_cookie_secure), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_snuffleupagus), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_disable_xxe), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_upload_validation), 1);
+  pefree(SNUFFLEUPAGUS_G(config.config_cookie_encryption), 1);
+  sp_list_free(SNUFFLEUPAGUS_G(config.config_disabled_functions->disabled_functions));
+  pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions), 1);
+  sp_list_free(SNUFFLEUPAGUS_G(config.config_disabled_functions_ret->disabled_functions));
+  pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions_ret), 1);
+  UNREGISTER_INI_ENTRIES();
+  return SUCCESS;
+}
+PHP_RINIT_FUNCTION(snuffleupagus) {
+#if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS)
+  ZEND_TSRMLS_CACHE_UPDATE();
+#endif
+  if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) {
+    if (NULL != SNUFFLEUPAGUS_G(config).config_cookie_encryption->names) {
+      zend_hash_apply_with_arguments(
+          Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]), decrypt_cookie, 0);
+    }
+  }
+  return SUCCESS;
+}
+PHP_RSHUTDOWN_FUNCTION(snuffleupagus) { return SUCCESS; }
+PHP_MINFO_FUNCTION(snuffleupagus) {
+  php_info_print_table_start();
+  php_info_print_table_header(2, "snuffleupagus support", "enabled");
+  php_info_print_table_end();
+  /* Remove comments if you have entries in php.ini
+  DISPLAY_INI_ENTRIES();
+  */
+}
+static PHP_INI_MH(OnUpdateConfiguration) {
+  TSRMLS_FETCH();
+  if (!new_value || !new_value->len) {
+    return FAILURE;
+  }
+  if (sp_parse_config(new_value->val) != SUCCESS) {
+    return FAILURE;
+  }
+  if (SNUFFLEUPAGUS_G(config).config_random->enable) {
+    hook_rand();
+  }
+  if (SNUFFLEUPAGUS_G(config).config_upload_validation->enable) {
+    hook_upload();
+  }
+  if (SNUFFLEUPAGUS_G(config).config_disable_xxe->enable == 0) {
+    hook_libxml_disable_entity_loader();
+  }
+  hook_disabled_functions();
+  hook_execute();
+  if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) {
+    if (SNUFFLEUPAGUS_G(config).config_unserialize->enable) {
+      hook_serialize();
+    }
+    hook_cookies();
+  }
+  if (true == SNUFFLEUPAGUS_G(config).config_global_strict->enable) {
+    if (!zend_get_extension(PHP_SNUFFLEUPAGUS_EXTNAME)) {
+      zend_extension_entry.startup = NULL;
+      zend_register_extension(&zend_extension_entry, NULL);
+    }
+    // This is needed to implement the global strict mode
+    CG(compiler_options) |= ZEND_COMPILE_HANDLE_OP_ARRAY;
+  }
+  return SUCCESS;
+}
+const zend_function_entry snuffleupagus_functions[] = {PHP_FE_END};
+zend_module_entry snuffleupagus_module_entry =
+    {STANDARD_MODULE_HEADER,
+     PHP_SNUFFLEUPAGUS_EXTNAME,
+     snuffleupagus_functions,
+     PHP_MINIT(snuffleupagus),
+     PHP_MSHUTDOWN(snuffleupagus),
+     PHP_RINIT(snuffleupagus),
+     PHP_RSHUTDOWN(snuffleupagus),
+     PHP_MINFO(snuffleupagus),
+     PHP_SNUFFLEUPAGUS_VERSION,
+     PHP_MODULE_GLOBALS(snuffleupagus),
+     PHP_GINIT(snuffleupagus),
+     NULL,
+     NULL,
+     STANDARD_MODULE_PROPERTIES_EX};
+#ifdef COMPILE_DL_SNUFFLEUPAGUS
+#ifdef ZTS
+ZEND_TSRMLS_CACHE_DEFINE()
+#endif
+ZEND_GET_MODULE(snuffleupagus)
+#endif

diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c new file mode 100644 index 0000000..52b975e --- /dev/null +++ b/src/snuffleupagus.c
@@ -0,0 +1,222 @@
	1	#ifdef HAVE_CONFIG_H
	2	#include "config.h"
	3	#endif
	4
	5	#include "php_snuffleupagus.h"
	6
	7	#ifndef ZEND_EXT_API
	8	#define ZEND_EXT_API ZEND_DLEXPORT
	9	#endif
	10
	11	static PHP_INI_MH(OnUpdateConfiguration);
	12	static inline int zend_auto_start(zend_extension *extension);
	13	static inline void sp_op_array_handler(zend_op_array *op);
	14
	15	ZEND_EXTENSION();
	16
	17	ZEND_DLEXPORT int sp_zend_startup(zend_extension *extension) {
	18	return zend_startup_module(&snuffleupagus_module_entry);
	19	}
	20
	21	static inline void sp_op_array_handler(zend_op_array *op) {
	22	if (NULL == op->filename) {
	23	return;
	24	} else {
	25	op->fn_flags \|= ZEND_ACC_STRICT_TYPES;
	26	}
	27	}
	28
	29	ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus)
	30
	31	PHP_INI_BEGIN()
	32	PHP_INI_ENTRY("sp.configuration_file", "", PHP_INI_SYSTEM,
	33	OnUpdateConfiguration)
	34	PHP_INI_END()
	35
	36	ZEND_DLEXPORT zend_extension zend_extension_entry = {
	37	PHP_SNUFFLEUPAGUS_EXTNAME,
	38	PHP_SNUFFLEUPAGUS_VERSION,
	39	PHP_SNUFFLEUPAGUS_AUTHOR,
	40	PHP_SNUFFLEUPAGUS_URL,
	41	PHP_SNUFFLEUPAGUS_COPYRIGHT,
	42	sp_zend_startup,
	43	NULL,
	44	NULL, /* activate_func_t */
	45	NULL, /* deactivate_func_t */
	46	NULL, /* message_handler_func_t */
	47	sp_op_array_handler,//zend_global_strict, /* op_array_handler_func_t */
	48	NULL, /* statement_handler_func_t */
	49	NULL, /* fcall_begin_handler_func_t */
	50	NULL, /* fcall_end_handler_func_t */
	51	NULL, /* op_array_ctor_func_t */
	52	NULL, /* op_array_dtor_func_t */
	53	STANDARD_ZEND_EXTENSION_PROPERTIES};
	54
	55	/* Uncomment this function if you have INI entries
	56	static void php_snuffleupagus_init_globals(zend_snuffleupagus_globals
	57	*snuffleupagus_globals)
	58	{
	59	snuffleupagus_globals->global_value = 0;
	60	snuffleupagus_globals->global_string = NULL;
	61	}
	62	*/
	63
	64	PHP_GINIT_FUNCTION(snuffleupagus) {
	65	#define SP_INIT(F) F = pecalloc(sizeof(*F), 1, 1);
	66	#define SP_INIT_HT(F) \
	67	F = pemalloc(sizeof(*F), 1); \
	68	zend_hash_init(F, 10, NULL, NULL, 1);
	69
	70	SP_INIT_HT(snuffleupagus_globals->disabled_functions_hook);
	71	SP_INIT_HT(snuffleupagus_globals->sp_internal_functions_hook);
	72
	73	SP_INIT(snuffleupagus_globals->config.config_unserialize);
	74	SP_INIT(snuffleupagus_globals->config.config_random);
	75	SP_INIT(snuffleupagus_globals->config.config_readonly_exec);
	76	SP_INIT(snuffleupagus_globals->config.config_global_strict);
	77	SP_INIT(snuffleupagus_globals->config.config_auto_cookie_secure);
	78	SP_INIT(snuffleupagus_globals->config.config_snuffleupagus);
	79	SP_INIT(snuffleupagus_globals->config.config_disable_xxe);
	80	SP_INIT(snuffleupagus_globals->config.config_upload_validation);
	81	SP_INIT(snuffleupagus_globals->config.config_disabled_functions);
	82	SP_INIT(snuffleupagus_globals->config.config_disabled_functions_ret);
	83	SP_INIT(snuffleupagus_globals->config.config_cookie_encryption);
	84	SP_INIT(snuffleupagus_globals->config.config_regexp_inclusion);
	85
	86	snuffleupagus_globals->config.config_regexp_inclusion->regexp_inclusion = sp_new_list();
	87	snuffleupagus_globals->config.config_disabled_functions->disabled_functions = sp_new_list();
	88	snuffleupagus_globals->config.config_disabled_functions_ret->disabled_functions = sp_new_list();
	89
	90	SP_INIT_HT(snuffleupagus_globals->config.config_cookie_encryption->names);
	91
	92	#undef SP_INIT
	93	#undef SP_INIT_HT
	94	}
	95
	96	PHP_MINIT_FUNCTION(snuffleupagus) {
	97	REGISTER_INI_ENTRIES();
	98
	99	return SUCCESS;
	100	}
	101
	102	PHP_MSHUTDOWN_FUNCTION(snuffleupagus) {
	103	#define FREE_HT(F) \
	104	zend_hash_destroy(SNUFFLEUPAGUS_G(F)); \
	105	pefree(SNUFFLEUPAGUS_G(F), 1);
	106
	107	FREE_HT(disabled_functions_hook);
	108	FREE_HT(config.config_cookie_encryption->names);
	109
	110	#undef FREE_HT
	111
	112	pefree(SNUFFLEUPAGUS_G(config.config_unserialize), 1);
	113	pefree(SNUFFLEUPAGUS_G(config.config_random), 1);
	114	pefree(SNUFFLEUPAGUS_G(config.config_readonly_exec), 1);
	115	pefree(SNUFFLEUPAGUS_G(config.config_global_strict), 1);
	116	pefree(SNUFFLEUPAGUS_G(config.config_auto_cookie_secure), 1);
	117	pefree(SNUFFLEUPAGUS_G(config.config_snuffleupagus), 1);
	118	pefree(SNUFFLEUPAGUS_G(config.config_disable_xxe), 1);
	119	pefree(SNUFFLEUPAGUS_G(config.config_upload_validation), 1);
	120	pefree(SNUFFLEUPAGUS_G(config.config_cookie_encryption), 1);
	121
	122	sp_list_free(SNUFFLEUPAGUS_G(config.config_disabled_functions->disabled_functions));
	123	pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions), 1);
	124	sp_list_free(SNUFFLEUPAGUS_G(config.config_disabled_functions_ret->disabled_functions));
	125	pefree(SNUFFLEUPAGUS_G(config.config_disabled_functions_ret), 1);
	126
	127	UNREGISTER_INI_ENTRIES();
	128
	129	return SUCCESS;
	130	}
	131
	132	PHP_RINIT_FUNCTION(snuffleupagus) {
	133	#if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS)
	134	ZEND_TSRMLS_CACHE_UPDATE();
	135	#endif
	136	if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) {
	137	if (NULL != SNUFFLEUPAGUS_G(config).config_cookie_encryption->names) {
	138	zend_hash_apply_with_arguments(
	139	Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]), decrypt_cookie, 0);
	140	}
	141	}
	142	return SUCCESS;
	143	}
	144
	145	PHP_RSHUTDOWN_FUNCTION(snuffleupagus) { return SUCCESS; }
	146
	147	PHP_MINFO_FUNCTION(snuffleupagus) {
	148	php_info_print_table_start();
	149	php_info_print_table_header(2, "snuffleupagus support", "enabled");
	150	php_info_print_table_end();
	151
	152	/* Remove comments if you have entries in php.ini
	153	DISPLAY_INI_ENTRIES();
	154	*/
	155	}
	156
	157	static PHP_INI_MH(OnUpdateConfiguration) {
	158	TSRMLS_FETCH();
	159
	160	if (!new_value \|\| !new_value->len) {
	161	return FAILURE;
	162	}
	163
	164	if (sp_parse_config(new_value->val) != SUCCESS) {
	165	return FAILURE;
	166	}
	167
	168	if (SNUFFLEUPAGUS_G(config).config_random->enable) {
	169	hook_rand();
	170	}
	171	if (SNUFFLEUPAGUS_G(config).config_upload_validation->enable) {
	172	hook_upload();
	173	}
	174	if (SNUFFLEUPAGUS_G(config).config_disable_xxe->enable == 0) {
	175	hook_libxml_disable_entity_loader();
	176	}
	177	hook_disabled_functions();
	178	hook_execute();
	179
	180	if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) {
	181	if (SNUFFLEUPAGUS_G(config).config_unserialize->enable) {
	182	hook_serialize();
	183	}
	184	hook_cookies();
	185	}
	186
	187	if (true == SNUFFLEUPAGUS_G(config).config_global_strict->enable) {
	188	if (!zend_get_extension(PHP_SNUFFLEUPAGUS_EXTNAME)) {
	189	zend_extension_entry.startup = NULL;
	190	zend_register_extension(&zend_extension_entry, NULL);
	191	}
	192	// This is needed to implement the global strict mode
	193	CG(compiler_options) \|= ZEND_COMPILE_HANDLE_OP_ARRAY;
	194	}
	195
	196	return SUCCESS;
	197	}
	198
	199	const zend_function_entry snuffleupagus_functions[] = {PHP_FE_END};
	200
	201	zend_module_entry snuffleupagus_module_entry =
	202	{STANDARD_MODULE_HEADER,
	203	PHP_SNUFFLEUPAGUS_EXTNAME,
	204	snuffleupagus_functions,
	205	PHP_MINIT(snuffleupagus),
	206	PHP_MSHUTDOWN(snuffleupagus),
	207	PHP_RINIT(snuffleupagus),
	208	PHP_RSHUTDOWN(snuffleupagus),
	209	PHP_MINFO(snuffleupagus),
	210	PHP_SNUFFLEUPAGUS_VERSION,
	211	PHP_MODULE_GLOBALS(snuffleupagus),
	212	PHP_GINIT(snuffleupagus),
	213	NULL,
	214	NULL,
	215	STANDARD_MODULE_PROPERTIES_EX};
	216
	217	#ifdef COMPILE_DL_SNUFFLEUPAGUS
	218	#ifdef ZTS
	219	ZEND_TSRMLS_CACHE_DEFINE()
	220	#endif
	221	ZEND_GET_MODULE(snuffleupagus)
	222	#endif