| Age | Commit message (Collapse) | Author |
|---|
|
No need to use an ulong, an uint is more than enough for our usecases.
This fixes the following warning:
```
src/sp_config.c:207:20: runtime error: store to misaligned address 0x796d1f9a78d4 for type 'u_long', which requires 8 byte alignment
0x796d1f9a78d4: note: pointer points here
00 00 00 00 ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x796d1f92251a in parse_ulong src/sp_config.c:207
#1 0x796d1f9239a9 in sp_process_rule src/sp_config.c:76
#2 0x796d1f92404f in sp_process_config_root src/sp_config.c:31
#3 0x796d1f96770d in sp_config_scan src/sp_config_scanner.c:1482
#4 0x796d1f922cd3 in sp_parse_config src/sp_config.c:62
#5 0x796d1f91e6cf in OnUpdateConfiguration src/snuffleupagus.c:522
#6 0x598aae727646 in zend_register_ini_entries_ex (/usr/bin/php8.2+0x36d646) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
#7 0x796d1f91cae1 in zm_startup_snuffleupagus src/snuffleupagus.c:121
#8 0x598aae6b70df in zend_startup_module_ex (/usr/bin/php8.2+0x2fd0df) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
#9 0x598aae6b717f (/usr/bin/php8.2+0x2fd17f) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
#10 0x598aae6c566a in zend_hash_apply (/usr/bin/php8.2+0x30b66a) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
#11 0x598aae64c0b5 in php_module_startup (/usr/bin/php8.2+0x2920b5) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
#12 0x598aae4e2265 (/usr/bin/php8.2+0x128265) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
#13 0x796d21b4dc89 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
#14 0x796d21b4dd44 in __libc_start_main_impl ../csu/libc-start.c:360
#15 0x598aae4e3550 in _start (/usr/bin/php8.2+0x129550) (BuildId: 5228f916ded87172ddf0f3eca448f1e43874d60f)
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/sp_config.c:207:20 in
```
|
|
Annotate the common logging function sp_log_msgf() with the format
attribute so compilers can check the used format string and passed
arguments for discrepancies.
Adjust the lineno printing by using %zu and the type size_t
consistently.
|
|
Please GCC:
In file included from /usr/include/php/20220829/Zend/zend.h:30,
from /usr/include/php/20220829/main/php.h:31,
from /usr/include/php/20220829/main/SAPI.h:20,
from src/php_snuffleupagus.h:37,
from src/sp_ifilter.c:1:
src/sp_pcre_compat.h: In function 'sp_regexp_compile':
src/sp_pcre_compat.h:38:36: warning: '__zend_calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Wcalloc-transposed-args]
38 | sp_regexp *ret = pecalloc(sizeof(sp_regexp), 1, 1);
| ^~~~~~~~~
/usr/include/php/20220829/Zend/zend_alloc.h:199:72: note: in definition of macro 'pecalloc'
199 | #define pecalloc(nmemb, size, persistent) ((persistent)?__zend_calloc((nmemb), (size)):ecalloc((nmemb), (size)))
| ^~~~~
src/sp_pcre_compat.h:38:36: note: earlier argument should specify number of elements, later size of each element
38 | sp_regexp *ret = pecalloc(sizeof(sp_regexp), 1, 1);
| ^~~~~~~~~
/usr/include/php/20220829/Zend/zend_alloc.h:199:72: note: in definition of macro 'pecalloc'
199 | #define pecalloc(nmemb, size, persistent) ((persistent)?__zend_calloc((nmemb), (size)):ecalloc((nmemb), (size)))
| ^~~~~
|
|
|
|
|
|
|
|
This reverts commit 90bdf39000d2f09534b387d39203819995fb948e.
Caused compilation failure with PHP compiled with ZTS.
|
|
|
|
|
|
|
|
Bug introduced in https://github.com/jvoisin/snuffleupagus/commit/7c2d1d7d2713c0fa6bda63c376baf25d9f3d712c
|
|
|
|
|
|
|
|
|
|
* for easier memory manegement, the entire sp_config struct was merged into snuffleupagus_globals and allocated on stack where possible
* SNUFFLEUPAGUS_G() can be written as SPG(), which is faster to type and easier to read
* execution_depth is re-initialized to 0 for each request
* function calls with inline string and length parameters consistently use ZEND_STRL instead of sizeof()-1
* execution is actually hooked if recursion protection is enabled
* some line breaks were removed to make the code more readable
|
|
fixed related unittests
|
|
|
|
|
|
|
|
keywords
|
|
|
|
|
|
|
|
|
|
Add the possibility to log directly into the syslog, instead of using php's log system.
|
|
|
|
|
|
This should fix the following:
```C
snuffleupagus/src/sp_config.c:193:10: warning: implicit declaration of function 'getline' is invalid in C99 [-Wimplicit-function-declaration]
while (getline(&lineptr, &n, fd) > 0) {
^
1 warning generated.
```
|
|
|
|
|
|
Ensure that certificates are verified in curl
should close #47
|
|
This commit replace our usage of `php_log_err` with `zend_error`. This should
allow administrators to display errors in the webpage, should they want to;
and to properly manipulate the verbosity's level.
This should close #217
|
|
|
|
This commit does a lot of things:
- Use hashtables instead of lists to store the rules
- Rules that can be applied at launch time won't be tried at runtime
- Improve feedback when writing nonsensical rules
- Make intensive use of `zend_string` instead of `char*`
|
|
* Trying to fix sloppy comparison https://github.com/nbs-system/snuffleupagus/issues/10 by
modifying php's opcode
|
|
Implement session encryption.
|
|
|
|
This should close #129
|
|
|
|
Implement whitelist in eval
|
|
Add support for eval filtering, only blacklist for now
|
|
Thanks to @fr33tux for the bug report ♥
|
|
- `clang-format --style="{BasedOnStyle: google, SortIncludes: false}" -i snuffleu*.c sp_*.c sp_*.h`
- Update the documentation accordingly
|
|
It's now possible to encrypt cookies matching a specific regexp.
This should close #106
|
|
Since we now have sp_list and sp_tree, it makes sense to specify that
nodes are only for lists.
|
|
Thanks to this huge commit from @xXx-caillou-xXx, we can now write amazingly flexible rules.
|
|
This is done by using the "samesite" cookie attribute.
|
|
References #43.
|
|
|
