summaryrefslogtreecommitdiff
path: root/src/sp_execute.c (follow)
AgeCommit message (Collapse)Author
2021-09-23config is stack allocated now + some code improvements (see details)Ben Fuhrmannek
* for easier memory manegement, the entire sp_config struct was merged into snuffleupagus_globals and allocated on stack where possible * SNUFFLEUPAGUS_G() can be written as SPG(), which is faster to type and easier to read * execution_depth is re-initialized to 0 for each request * function calls with inline string and length parameters consistently use ZEND_STRL instead of sizeof()-1 * execution is actually hooked if recursion protection is enabled * some line breaks were removed to make the code more readable
2021-09-15implemented execution depth limitBen Fuhrmannek
2021-08-16fincy new scanner/parser for config rules + fixed a few bugs along the way + ↵Ben Fuhrmannek
fixed related unittests
2021-05-09Add some guard to prevent hooking recursionjvoisin
This shouldn't be necessary, but better safe than sorry.
2020-11-12Simplify a bit a functionjvoisin
2020-08-16Remove a useless line of codejvoisin
2020-08-12Allow empty configuration (#342)jvoisin
This commit allows php to run (with a warning) if there is no specified snuffleupagus configuration, instead of refusing to start.
2020-07-22refactoring sp_log_* (#340)Giovanni
Co-authored-by: Giovanni Dante Grazioli <giovanni.dantegrazioli@nbs-system.com>
2019-06-20Fix snufflepagus_globals linking issues and one mac compatibility issuebef
2019-02-23Try to unify the includesjvoisin
2018-10-09Don't check the return values of functions that might not return (#255)jvoisin
This is due to our modifications to the logging system
2018-10-06Add a missing opcode in sp_execute_exjvoisin
2018-10-06Coverage++jvoisin
2018-10-06Bump coverage againjvoisin
2018-10-06Bump coverage againjvoisin
2018-10-06Bump a bit the coveragejvoisin
* `setcookie` doesn't always return `true` anymore * clang-format * Cookies with invalid decryption are dropped, but the request isn't anymore * faulty unserialize are now dumpable
2018-10-06Remove sp_terminate and bump a bit the coveragejvoisin
2018-08-30Minor code cleanupxXx-caillou-xXx
2018-08-30Match on ret improvementsxXx-caillou-xXx
This commit does two things: - Implement matching on calltraces for ret - Implement matching on ret of user functions if the return value is not used.
2018-08-28Fix a SIGSEGV on user-created function's return valuexXx-caillou-xXx
2018-08-09Fix yet an other hang/crashjvoisin
There are valid reasons for `orig_zend_execute_internal` to be `NULL`, we we're not checking if it is, well, `NULL`.
2018-08-09Fix a typo in the previous commitsjvoisin
2018-08-09Fix a crash/hang when using fpm's poolsjvoisin
We might have ended up in infinite loops when using php-fpm, if several different process hooked some functions twice. Thanks to @sriccio for reporting the issue
2018-07-13Yet an other pass of clang-formatjvoisin
2018-07-13Reduce call to get_complete_function_pathxXx-caillou-xXx
2018-07-13Massively optimize how rules are handledxXx-caillou-xXx
This commit does a lot of things: - Use hashtables instead of lists to store the rules - Rules that can be applied at launch time won't be tried at runtime - Improve feedback when writing nonsensical rules - Make intensive use of `zend_string` instead of `char*`
2018-07-09Trying to fix sloppy comparison (#186)jvoisin
* Trying to fix sloppy comparison https://github.com/nbs-system/snuffleupagus/issues/10 by modifying php's opcode
2018-03-12Bump the changelogv0.2.2jvoisin
2018-03-08Marginally improve the performances when dealing with evaljvoisin
2018-03-05Improve performances by a significant factorjvoisin
Only check if a function should be disabled when we're after a `*CALL` opcode, end not on every single opcode. Based on @blotus ideas ♥
2018-03-02Add .dump() for eval whitelist/blacklist + simulation mode for whitelistkkadosh
2018-03-02Implement dump() for execution of writable PHP fileskkadosh
2018-01-19Fix a possible double-executejvoisin
Some extensions might hook `zend_execute_internal` for various reason, although few are doing it. We're not supposed to call the original function in our hook if someone else is hooking it. Thanks to @remicollet for the bug report and troubleshooting
2018-01-18Minor code improvements in sp_execute.cjvoisin
2018-01-17Remove useless "head" member in our linked lists implementationsimon MAGNIN-FEYSOT
This should close #85
2018-01-10Rework the priority of bl/wl in evaljvoisin
2018-01-10Minor constificationjvoisin
2018-01-10Eval whitelistjvoisin
Implement whitelist in eval
2018-01-05Fix a bypass in our eval blacklistjvoisin
2018-01-04Eval blacklistjvoisin
Add support for eval filtering, only blacklist for now
2017-12-28Clang-format passThibault "bui" Koechlin
- `clang-format --style="{BasedOnStyle: google, SortIncludes: false}" -i snuffleu*.c sp_*.c sp_*.h` - Update the documentation accordingly
2017-12-28Implement hooking on user-defined functions return valuesjvoisin
This should close #99, thanks to @blotus for the implementation idea!
2017-12-21Rename sp_node_t to sp_list_nodejvoisin
Since we now have sp_list and sp_tree, it makes sense to specify that nodes are only for lists.
2017-11-30Minor refactoring and clarificationjvoisin
2017-11-29Implement eval hookingjvoisin
It's not possible to hook the `eval` builtin like other functions.
2017-10-30Fix the segfault?jvoisin
2017-10-25.drop() is now bailoutjvoisin
Courtesy of @buixor
2017-10-13Rename a confusing structure memberjvoisin
`regexp` is more confusing than `value_r`
2017-10-13Maybe this will address #35jvoisin
- We shouldn't assume that people are only using regexps - Make an internal function a bit more obvious
2017-10-13Fix some pedantic warningsjvoisin