8 files changed, 32 insertions, 21 deletions
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index c5cc950..dad538c 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -336,7 +336,18 @@ int parse_disabled_functions(char *line) {
  }
  if (param) {
-    df->param = parse_var(param);
+    if (strlen(param) > 0) {
+                        /* This is an ugly hack. We're prefixing with a `$` because otherwise
+                         * the parser treats this as a constant.
+                         * FIXME: Remote this, and improve our (weird) parser. */
+      char *new = pecalloc(strlen(param) + 2, 1, 1);
+      new[0] = '$';
+      memcpy(new + 1, param, strlen(param));
+      df->param = parse_var(new);
+      free(new);
+    } else {
+      df->param = parse_var(param);
+    }
    if (!df->param) {
      sp_log_err("config", "Invalid value '%s' for `param` on line %zu.", param,
                 sp_line_no);
diff --git a/src/tests/config/config_disabled_functions_name_type.ini b/src/tests/config/config_disabled_functions_name_type.ini
index c25b92c..25bdf98 100644
--- a/src/tests/config/config_disabled_functions_name_type.ini
+++ b/src/tests/config/config_disabled_functions_name_type.ini
@@ -1 +1 @@
-sp.disable_function.function_r("^strcmp$").param("$str1").param_type("array").drop();
+sp.disable_function.function_r("^strcmp$").param("str1").param_type("array").drop();
diff --git a/src/tests/config/config_disabled_functions_nul_byte.ini b/src/tests/config/config_disabled_functions_nul_byte.ini
index e664cba..9ead077 100644
--- a/src/tests/config/config_disabled_functions_nul_byte.ini
+++ b/src/tests/config/config_disabled_functions_nul_byte.ini
@@ -1 +1 @@
-sp.disable_function.function("system").param("$command").value_r("id").drop();
+sp.disable_function.function("system").param("command").value_r("id").drop();
diff --git a/src/tests/config/config_disabled_functions_param.ini b/src/tests/config/config_disabled_functions_param.ini
index dc1c949..87f1b3c 100644
--- a/src/tests/config/config_disabled_functions_param.ini
+++ b/src/tests/config/config_disabled_functions_param.ini
@@ -1,6 +1,6 @@
-sp.disable_function.function("system").param("$command").value_r("^id$").alias("1").drop();
+sp.disable_function.function("system").param("command").value_r("^id$").alias("1").drop();
-sp.disable_function.function("array_sum").param("$array").value_r("^8$").alias("2").drop();
+sp.disable_function.function("array_sum").param("array").value_r("^8$").alias("2").drop();
-sp.disable_function.function("shell_exec").param("$cmd").value("id").alias("3").drop();
+sp.disable_function.function("shell_exec").param("cmd").value("id").alias("3").drop();
-sp.disable_function.function("shell_exec").param("$cmd").value("bla").alias("4").drop();
+sp.disable_function.function("shell_exec").param("cmd").value("bla").alias("4").drop();
-sp.disable_function.function("strcmp").param("$str1").value("bla").alias("5").drop().simulation();
+sp.disable_function.function("strcmp").param("str1").value("bla").alias("5").drop().simulation();
-sp.disable_function.function("strncmp").param("$str1").value("bla").drop().simulation();
+sp.disable_function.function("strncmp").param("str1").value("bla").drop().simulation();
diff --git a/src/tests/config/config_disabled_functions_param_allow.ini b/src/tests/config/config_disabled_functions_param_allow.ini
index 27d919a..8e139e4 100644
--- a/src/tests/config/config_disabled_functions_param_allow.ini
+++ b/src/tests/config/config_disabled_functions_param_allow.ini
@@ -1,3 +1,3 @@
-sp.disable_function.function("system").param("$command").value("echo win").filename("/test.php").drop();
+sp.disable_function.function("system").param("command").value("echo win").filename("/test.php").drop();
-sp.disable_function.function("system").param("$command").value("echo win").allow();
+sp.disable_function.function("system").param("command").value("echo win").allow();
 sp.disable_function.function("system").drop();
diff --git a/src/tests/config/config_disabled_functions_param_array.ini b/src/tests/config/config_disabled_functions_param_array.ini
index 6fe0615..f676d76 100644
--- a/src/tests/config/config_disabled_functions_param_array.ini
+++ b/src/tests/config/config_disabled_functions_param_array.ini
@@ -1,7 +1,7 @@
-sp.disable_function.function("foo").param("$arr[a]").value("abcd").alias("1").drop();
+sp.disable_function.function("foo").param("arr[a]").value("abcd").alias("1").drop();
-sp.disable_function.function("foo").param("$arr[bla]").value("abcdef").alias("2").drop();
+sp.disable_function.function("foo").param("arr[bla]").value("abcdef").alias("2").drop();
-sp.disable_function.function("foo").param("$arr[test]").alias("3").drop();
+sp.disable_function.function("foo").param("arr[test]").alias("3").drop();
-sp.disable_function.function("foo").param("$arr[test2][foo]").value("aaa").alias("4").drop();
+sp.disable_function.function("foo").param("arr[test2][foo]").value("aaa").alias("4").drop();
-sp.disable_function.function("foo").param("$arr[test2][bar]").key("lol").alias("5").drop();
+sp.disable_function.function("foo").param("arr[test2][bar]").key("lol").alias("5").drop();
-sp.disable_function.function("foo").param("$arr[test2][bar]").key("123").alias("6").drop();
+sp.disable_function.function("foo").param("arr[test2][bar]").key("123").alias("6").drop();
-sp.disable_function.function("foo").param("$qwe[a]").value("abcd").alias("7").drop();
+sp.disable_function.function("foo").param("qwe[a]").value("abcd").alias("7").drop();
diff --git a/src/tests/config/config_disabled_functions_param_int.ini b/src/tests/config/config_disabled_functions_param_int.ini
index 2a7d962..1c93c2f 100644
--- a/src/tests/config/config_disabled_functions_param_int.ini
+++ b/src/tests/config/config_disabled_functions_param_int.ini
@@ -1,2 +1,2 @@
-sp.disable_function.function("foobar").param("$id").value("42").drop();
+sp.disable_function.function("foobar").param("id").value("42").drop();
-sp.disable_function.function("foobar").param("$id").value_r("^1337").drop();
+sp.disable_function.function("foobar").param("id").value_r("^1337").drop();
diff --git a/src/tests/config/config_disabled_functions_param_runtime.ini b/src/tests/config/config_disabled_functions_param_runtime.ini
index e9d44a2..e7a011f 100644
--- a/src/tests/config/config_disabled_functions_param_runtime.ini
+++ b/src/tests/config/config_disabled_functions_param_runtime.ini
@@ -1 +1 @@
-sp.disable_function.function("test").param("$param").value_r("1337").drop();
+sp.disable_function.function("test").param("param").value_r("1337").drop();

diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c index c5cc950..dad538c 100644 --- a/src/sp_config_keywords.c +++ b/src/sp_config_keywords.c
@@ -336,7 +336,18 @@ int parse_disabled_functions(char *line) {
336	}	336	}
337		337
338	if (param) {	338	if (param) {
339	df->param = parse_var(param);	339	if (strlen(param) > 0) {
		340	/* This is an ugly hack. We're prefixing with a `$` because otherwise
		341	* the parser treats this as a constant.
		342	* FIXME: Remote this, and improve our (weird) parser. */
		343	char *new = pecalloc(strlen(param) + 2, 1, 1);
		344	new[0] = '$';
		345	memcpy(new + 1, param, strlen(param));
		346	df->param = parse_var(new);
		347	free(new);
		348	} else {
		349	df->param = parse_var(param);
		350	}
340	if (!df->param) {	351	if (!df->param) {
341	sp_log_err("config", "Invalid value '%s' for `param` on line %zu.", param,	352	sp_log_err("config", "Invalid value '%s' for `param` on line %zu.", param,
342	sp_line_no);	353	sp_line_no);


diff --git a/src/tests/config/config_disabled_functions_name_type.ini b/src/tests/config/config_disabled_functions_name_type.ini index c25b92c..25bdf98 100644 --- a/src/tests/config/config_disabled_functions_name_type.ini +++ b/src/tests/config/config_disabled_functions_name_type.ini
@@ -1 +1 @@
	sp.disable_function.function_r("^strcmp$").param("$str1").param_type("array").drop();		sp.disable_function.function_r("^strcmp$").param("str1").param_type("array").drop();


diff --git a/src/tests/config/config_disabled_functions_nul_byte.ini b/src/tests/config/config_disabled_functions_nul_byte.ini index e664cba..9ead077 100644 --- a/src/tests/config/config_disabled_functions_nul_byte.ini +++ b/src/tests/config/config_disabled_functions_nul_byte.ini
@@ -1 +1 @@
	sp.disable_function.function("system").param("$command").value_r("id").drop();		sp.disable_function.function("system").param("command").value_r("id").drop();


diff --git a/src/tests/config/config_disabled_functions_param.ini b/src/tests/config/config_disabled_functions_param.ini index dc1c949..87f1b3c 100644 --- a/src/tests/config/config_disabled_functions_param.ini +++ b/src/tests/config/config_disabled_functions_param.ini
@@ -1,6 +1,6 @@
1	sp.disable_function.function("system").param("$command").value_r("^id$").alias("1").drop();	1	sp.disable_function.function("system").param("command").value_r("^id$").alias("1").drop();
2	sp.disable_function.function("array_sum").param("$array").value_r("^8$").alias("2").drop();	2	sp.disable_function.function("array_sum").param("array").value_r("^8$").alias("2").drop();
3	sp.disable_function.function("shell_exec").param("$cmd").value("id").alias("3").drop();	3	sp.disable_function.function("shell_exec").param("cmd").value("id").alias("3").drop();
4	sp.disable_function.function("shell_exec").param("$cmd").value("bla").alias("4").drop();	4	sp.disable_function.function("shell_exec").param("cmd").value("bla").alias("4").drop();
5	sp.disable_function.function("strcmp").param("$str1").value("bla").alias("5").drop().simulation();	5	sp.disable_function.function("strcmp").param("str1").value("bla").alias("5").drop().simulation();
6	sp.disable_function.function("strncmp").param("$str1").value("bla").drop().simulation();	6	sp.disable_function.function("strncmp").param("str1").value("bla").drop().simulation();


diff --git a/src/tests/config/config_disabled_functions_param_allow.ini b/src/tests/config/config_disabled_functions_param_allow.ini index 27d919a..8e139e4 100644 --- a/src/tests/config/config_disabled_functions_param_allow.ini +++ b/src/tests/config/config_disabled_functions_param_allow.ini
@@ -1,3 +1,3 @@
1	sp.disable_function.function("system").param("$command").value("echo win").filename("/test.php").drop();	1	sp.disable_function.function("system").param("command").value("echo win").filename("/test.php").drop();
2	sp.disable_function.function("system").param("$command").value("echo win").allow();	2	sp.disable_function.function("system").param("command").value("echo win").allow();
3	sp.disable_function.function("system").drop();	3	sp.disable_function.function("system").drop();


diff --git a/src/tests/config/config_disabled_functions_param_array.ini b/src/tests/config/config_disabled_functions_param_array.ini index 6fe0615..f676d76 100644 --- a/src/tests/config/config_disabled_functions_param_array.ini +++ b/src/tests/config/config_disabled_functions_param_array.ini
@@ -1,7 +1,7 @@
1	sp.disable_function.function("foo").param("$arr[a]").value("abcd").alias("1").drop();	1	sp.disable_function.function("foo").param("arr[a]").value("abcd").alias("1").drop();
2	sp.disable_function.function("foo").param("$arr[bla]").value("abcdef").alias("2").drop();	2	sp.disable_function.function("foo").param("arr[bla]").value("abcdef").alias("2").drop();
3	sp.disable_function.function("foo").param("$arr[test]").alias("3").drop();	3	sp.disable_function.function("foo").param("arr[test]").alias("3").drop();
4	sp.disable_function.function("foo").param("$arr[test2][foo]").value("aaa").alias("4").drop();	4	sp.disable_function.function("foo").param("arr[test2][foo]").value("aaa").alias("4").drop();
5	sp.disable_function.function("foo").param("$arr[test2][bar]").key("lol").alias("5").drop();	5	sp.disable_function.function("foo").param("arr[test2][bar]").key("lol").alias("5").drop();
6	sp.disable_function.function("foo").param("$arr[test2][bar]").key("123").alias("6").drop();	6	sp.disable_function.function("foo").param("arr[test2][bar]").key("123").alias("6").drop();
7	sp.disable_function.function("foo").param("$qwe[a]").value("abcd").alias("7").drop();	7	sp.disable_function.function("foo").param("qwe[a]").value("abcd").alias("7").drop();


diff --git a/src/tests/config/config_disabled_functions_param_int.ini b/src/tests/config/config_disabled_functions_param_int.ini index 2a7d962..1c93c2f 100644 --- a/src/tests/config/config_disabled_functions_param_int.ini +++ b/src/tests/config/config_disabled_functions_param_int.ini
@@ -1,2 +1,2 @@
1	sp.disable_function.function("foobar").param("$id").value("42").drop();	1	sp.disable_function.function("foobar").param("id").value("42").drop();
2	sp.disable_function.function("foobar").param("$id").value_r("^1337").drop();	2	sp.disable_function.function("foobar").param("id").value_r("^1337").drop();


diff --git a/src/tests/config/config_disabled_functions_param_runtime.ini b/src/tests/config/config_disabled_functions_param_runtime.ini index e9d44a2..e7a011f 100644 --- a/src/tests/config/config_disabled_functions_param_runtime.ini +++ b/src/tests/config/config_disabled_functions_param_runtime.ini
@@ -1 +1 @@
	sp.disable_function.function("test").param("$param").value_r("1337").drop();		sp.disable_function.function("test").param("param").value_r("1337").drop();