summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/php_snuffleupagus.h1
-rw-r--r--src/snuffleupagus.c2
-rw-r--r--src/sp_config.h2
-rw-r--r--src/sp_config_keywords.c1
-rw-r--r--src/sp_execute.c17
5 files changed, 19 insertions, 4 deletions
diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h
index e11f976..0c7dc4b 100644
--- a/src/php_snuffleupagus.h
+++ b/src/php_snuffleupagus.h
@@ -108,6 +108,7 @@ ZEND_BEGIN_MODULE_GLOBALS(snuffleupagus)
108size_t in_eval; 108size_t in_eval;
109sp_config config; 109sp_config config;
110int is_config_valid; // 1 = valid, 0 = invalid, -1 = none 110int is_config_valid; // 1 = valid, 0 = invalid, -1 = none
111u_long execution_depth;
111bool allow_broken_configuration; 112bool allow_broken_configuration;
112HashTable *disabled_functions_hook; 113HashTable *disabled_functions_hook;
113HashTable *sp_internal_functions_hook; 114HashTable *sp_internal_functions_hook;
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c
index dab5dca..d2f81ff 100644
--- a/src/snuffleupagus.c
+++ b/src/snuffleupagus.c
@@ -251,6 +251,8 @@ static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) {
251} 251}
252 252
253PHP_RINIT_FUNCTION(snuffleupagus) { 253PHP_RINIT_FUNCTION(snuffleupagus) {
254 SNUFFLEUPAGUS_G(execution_depth) = 0;
255
254 const sp_config_wrapper *const config_wrapper = 256 const sp_config_wrapper *const config_wrapper =
255 SNUFFLEUPAGUS_G(config).config_wrapper; 257 SNUFFLEUPAGUS_G(config).config_wrapper;
256#if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS) 258#if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS)
diff --git a/src/sp_config.h b/src/sp_config.h
index fd6dc15..ccf2318 100644
--- a/src/sp_config.h
+++ b/src/sp_config.h
@@ -196,6 +196,7 @@ typedef struct {
196 sp_config_ini *config_ini; 196 sp_config_ini *config_ini;
197 bool hook_execute; 197 bool hook_execute;
198 char log_media; 198 char log_media;
199 u_long max_execution_depth;
199 200
200 HashTable *config_disabled_functions; 201 HashTable *config_disabled_functions;
201 HashTable *config_disabled_functions_hooked; 202 HashTable *config_disabled_functions_hooked;
@@ -286,6 +287,7 @@ typedef struct {
286#define SP_TOKEN_ENCRYPTION_KEY "secret_key" 287#define SP_TOKEN_ENCRYPTION_KEY "secret_key"
287#define SP_TOKEN_ENV_VAR "cookie_env_var" 288#define SP_TOKEN_ENV_VAR "cookie_env_var"
288#define SP_TOKEN_LOG_MEDIA "log_media" 289#define SP_TOKEN_LOG_MEDIA "log_media"
290#define SP_TOKEN_MAX_EXECUTION_DEPTH "max_execution_depth"
289 291
290// upload_validator 292// upload_validator
291#define SP_TOKEN_UPLOAD_SCRIPT "script" 293#define SP_TOKEN_UPLOAD_SCRIPT "script"
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index 3b6bc0b..632f9bd 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -128,6 +128,7 @@ SP_PARSE_FN(parse_global) {
128 {parse_str, SP_TOKEN_ENCRYPTION_KEY, &(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)}, 128 {parse_str, SP_TOKEN_ENCRYPTION_KEY, &(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)},
129 {parse_str, SP_TOKEN_ENV_VAR, &(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var)}, 129 {parse_str, SP_TOKEN_ENV_VAR, &(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var)},
130 {parse_log_media, SP_TOKEN_LOG_MEDIA, &(SNUFFLEUPAGUS_G(config).log_media)}, 130 {parse_log_media, SP_TOKEN_LOG_MEDIA, &(SNUFFLEUPAGUS_G(config).log_media)},
131 {parse_ulong, SP_TOKEN_MAX_EXECUTION_DEPTH, &(SNUFFLEUPAGUS_G(config).max_execution_depth)},
131 {0, 0, 0}}; 132 {0, 0, 0}};
132 133
133 SP_PROCESS_CONFIG_KEYWORDS_ERR(); 134 SP_PROCESS_CONFIG_KEYWORDS_ERR();
diff --git a/src/sp_execute.c b/src/sp_execute.c
index 8795e5f..41257ad 100644
--- a/src/sp_execute.c
+++ b/src/sp_execute.c
@@ -112,6 +112,15 @@ zend_string *get_eval_filename(const char *const filename) {
112 return clean_filename; 112 return clean_filename;
113} 113}
114 114
115static inline void sp_orig_execute(zend_execute_data *execute_data) {
116 SNUFFLEUPAGUS_G(execution_depth)++;
117 if (SNUFFLEUPAGUS_G(execution_depth) > SNUFFLEUPAGUS_G(config).max_execution_depth && SNUFFLEUPAGUS_G(config).max_execution_depth > 0) {
118 sp_log_drop("execute", "Maximum recursion limit reached. Script terminated.");
119 }
120 orig_execute_ex(execute_data);
121 SNUFFLEUPAGUS_G(execution_depth)--;
122}
123
115static void sp_execute_ex(zend_execute_data *execute_data) { 124static void sp_execute_ex(zend_execute_data *execute_data) {
116 is_in_eval_and_whitelisted(execute_data); 125 is_in_eval_and_whitelisted(execute_data);
117 const HashTable *config_disabled_functions = 126 const HashTable *config_disabled_functions =
@@ -131,7 +140,7 @@ static void sp_execute_ex(zend_execute_data *execute_data) {
131 zend_string_release(filename); 140 zend_string_release(filename);
132 141
133 SNUFFLEUPAGUS_G(in_eval)++; 142 SNUFFLEUPAGUS_G(in_eval)++;
134 orig_execute_ex(execute_data); 143 sp_orig_execute(execute_data);
135 SNUFFLEUPAGUS_G(in_eval)--; 144 SNUFFLEUPAGUS_G(in_eval)--;
136 return; 145 return;
137 } 146 }
@@ -150,7 +159,7 @@ static void sp_execute_ex(zend_execute_data *execute_data) {
150 .config_disabled_functions_reg->disabled_functions; 159 .config_disabled_functions_reg->disabled_functions;
151 160
152 if (!function_name) { 161 if (!function_name) {
153 orig_execute_ex(execute_data); 162 sp_orig_execute(execute_data);
154 return; 163 return;
155 } 164 }
156 165
@@ -184,7 +193,7 @@ static void sp_execute_ex(zend_execute_data *execute_data) {
184 EX(return_value) = &ret_val; 193 EX(return_value) = &ret_val;
185 } 194 }
186 195
187 orig_execute_ex(execute_data); 196 sp_orig_execute(execute_data);
188 197
189 should_drop_on_ret_ht( 198 should_drop_on_ret_ht(
190 EX(return_value), function_name, 199 EX(return_value), function_name,
@@ -197,7 +206,7 @@ static void sp_execute_ex(zend_execute_data *execute_data) {
197 EX(return_value) = NULL; 206 EX(return_value) = NULL;
198 } 207 }
199 } else { 208 } else {
200 orig_execute_ex(execute_data); 209 sp_orig_execute(execute_data);
201 } 210 }
202} 211}
203 212