diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/php_snuffleupagus.h | 2 | ||||
| -rw-r--r-- | src/snuffleupagus.c | 2 | ||||
| -rw-r--r-- | src/sp_disabled_functions.c | 2 | ||||
| -rw-r--r-- | src/sp_execute.c | 4 | ||||
| -rw-r--r-- | src/tests/nested_eval_blacklist2.phpt | 28 |
5 files changed, 33 insertions, 5 deletions
diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h index fb90d1c..ca39bb8 100644 --- a/src/php_snuffleupagus.h +++ b/src/php_snuffleupagus.h | |||
| @@ -58,7 +58,7 @@ extern zend_module_entry snuffleupagus_module_entry; | |||
| 58 | #endif | 58 | #endif |
| 59 | 59 | ||
| 60 | ZEND_BEGIN_MODULE_GLOBALS(snuffleupagus) | 60 | ZEND_BEGIN_MODULE_GLOBALS(snuffleupagus) |
| 61 | bool in_eval; | 61 | size_t in_eval; |
| 62 | sp_config config; | 62 | sp_config config; |
| 63 | bool is_config_valid; | 63 | bool is_config_valid; |
| 64 | HashTable *disabled_functions_hook; | 64 | HashTable *disabled_functions_hook; |
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c index a3a2fa8..4f11e1e 100644 --- a/src/snuffleupagus.c +++ b/src/snuffleupagus.c | |||
| @@ -53,7 +53,7 @@ ZEND_DLEXPORT zend_extension zend_extension_entry = { | |||
| 53 | STANDARD_ZEND_EXTENSION_PROPERTIES}; | 53 | STANDARD_ZEND_EXTENSION_PROPERTIES}; |
| 54 | 54 | ||
| 55 | PHP_GINIT_FUNCTION(snuffleupagus) { | 55 | PHP_GINIT_FUNCTION(snuffleupagus) { |
| 56 | snuffleupagus_globals->in_eval = false; | 56 | snuffleupagus_globals->in_eval = 0; |
| 57 | 57 | ||
| 58 | #define SP_INIT(F) F = pecalloc(sizeof(*F), 1, 1); | 58 | #define SP_INIT(F) F = pecalloc(sizeof(*F), 1, 1); |
| 59 | #define SP_INIT_HT(F) \ | 59 | #define SP_INIT_HT(F) \ |
diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c index 45b8954..d59dd93 100644 --- a/src/sp_disabled_functions.c +++ b/src/sp_disabled_functions.c | |||
| @@ -464,7 +464,7 @@ ZEND_FUNCTION(eval_filter_callback) { | |||
| 464 | void (*orig_handler)(INTERNAL_FUNCTION_PARAMETERS); | 464 | void (*orig_handler)(INTERNAL_FUNCTION_PARAMETERS); |
| 465 | const char* current_function_name = get_active_function_name(TSRMLS_C); | 465 | const char* current_function_name = get_active_function_name(TSRMLS_C); |
| 466 | 466 | ||
| 467 | if (SNUFFLEUPAGUS_G(in_eval) == true) { | 467 | if (SNUFFLEUPAGUS_G(in_eval) > 0) { |
| 468 | const char* filename = get_eval_filename(zend_get_executed_filename()); | 468 | const char* filename = get_eval_filename(zend_get_executed_filename()); |
| 469 | const int line_number = zend_get_executed_lineno(TSRMLS_C); | 469 | const int line_number = zend_get_executed_lineno(TSRMLS_C); |
| 470 | if (1 == SNUFFLEUPAGUS_G(config).config_eval->simulation) { | 470 | if (1 == SNUFFLEUPAGUS_G(config).config_eval->simulation) { |
diff --git a/src/sp_execute.c b/src/sp_execute.c index a50bfd5..3ce6643 100644 --- a/src/sp_execute.c +++ b/src/sp_execute.c | |||
| @@ -68,7 +68,7 @@ static void sp_execute_ex(zend_execute_data *execute_data) { | |||
| 68 | } | 68 | } |
| 69 | 69 | ||
| 70 | if (execute_data->func->op_array.type == ZEND_EVAL_CODE) { | 70 | if (execute_data->func->op_array.type == ZEND_EVAL_CODE) { |
| 71 | SNUFFLEUPAGUS_G(in_eval) = true; | 71 | SNUFFLEUPAGUS_G(in_eval)++; |
| 72 | sp_list_node *config = | 72 | sp_list_node *config = |
| 73 | SNUFFLEUPAGUS_G(config).config_disabled_constructs->construct_eval; | 73 | SNUFFLEUPAGUS_G(config).config_disabled_constructs->construct_eval; |
| 74 | char *filename = get_eval_filename((char *)zend_get_executed_filename()); | 74 | char *filename = get_eval_filename((char *)zend_get_executed_filename()); |
| @@ -88,7 +88,7 @@ static void sp_execute_ex(zend_execute_data *execute_data) { | |||
| 88 | sp_terminate(); | 88 | sp_terminate(); |
| 89 | } | 89 | } |
| 90 | 90 | ||
| 91 | SNUFFLEUPAGUS_G(in_eval) = false; | 91 | SNUFFLEUPAGUS_G(in_eval)--; |
| 92 | } | 92 | } |
| 93 | 93 | ||
| 94 | static int sp_stream_open(const char *filename, zend_file_handle *handle) { | 94 | static int sp_stream_open(const char *filename, zend_file_handle *handle) { |
diff --git a/src/tests/nested_eval_blacklist2.phpt b/src/tests/nested_eval_blacklist2.phpt new file mode 100644 index 0000000..3b13e30 --- /dev/null +++ b/src/tests/nested_eval_blacklist2.phpt | |||
| @@ -0,0 +1,28 @@ | |||
| 1 | --TEST-- | ||
| 2 | Eval blacklist - nested eval, with a twist | ||
| 3 | --SKIPIF-- | ||
| 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> | ||
| 5 | --INI-- | ||
| 6 | sp.configuration_file={PWD}/config/eval_backlist.ini | ||
| 7 | --FILE-- | ||
| 8 | <?php | ||
| 9 | $a = strlen("1337 1337 1337"); | ||
| 10 | echo "Outside of eval: $a\n"; | ||
| 11 | eval( | ||
| 12 | "echo 'Inception lvl 1...\n'; | ||
| 13 | eval( | ||
| 14 | 'echo \"Inception lvl 2...\n\"; | ||
| 15 | eval( | ||
| 16 | \"echo \'Inception lvl 3...\n\'; | ||
| 17 | \"); | ||
| 18 | strlen(\'Limbo!\'); | ||
| 19 | '); | ||
| 20 | "); | ||
| 21 | echo "After eval: $a\n"; | ||
| 22 | ?> | ||
| 23 | --EXPECTF-- | ||
| 24 | Outside of eval: 14 | ||
| 25 | Inception lvl 1... | ||
| 26 | Inception lvl 2... | ||
| 27 | Inception lvl 3... | ||
| 28 | [snuffleupagus][0.0.0.0][eval][drop] A call to strlen was tried in eval, in %a/tests/nested_eval_blacklist2.php(5) : eval()'d code:7, dropping it. | ||